~ Rapport de ZHPDiag v2013.8.22.302 - Nicolas Coolman (22/08/2013) ~ Lancé par Jerry (03/10/2013 19:41:18) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16686 MFIE: Mozilla Firefox 24.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista Ultimate Edition, 64-bit (Build 6000) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : VKM6G Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 1.75.0.1300 ---\\ Logiciels d'optimisation du système CCleaner v4.02 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader XI ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8173 MB (75% free) System Restore: Activé (Enable) System drive C: has 130 GB (27%) free of 466 GB ---\\ Mode de connexion au système ~ Computer Name: JERRY-PC ~ User Name: Jerry ~ All Users Names: Jerry, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppData% : C:\Users\Jerry\AppData\Roaming\ ~ %Desktop% : C:\Users\Jerry\Desktop\ ~ %Favorites% : C:\Users\Jerry\Favorites\ ~ %LocalAppData% : C:\Users\Jerry\AppData\Local\ ~ %StartMenu% : C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C:\ Hard drive, Flash drive, Thumb drive (Free 130 Go of 466 Go) D:\ CD-ROM drive (Free 0 Go of 4 Go) E:\ CD-ROM drive (Free 0 Go of 1 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 1863 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 37 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 06:22:18.) -- C:\Windows\System32\wininet.dll [2241024] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Favoris (My Favorites) : 1/26 ~ Mes Documents (My Documents) : 1/121 ~ Mon Bureau (My Desktop) : 1/619 ~ Menu demarrer (Programs) : 1/38 ~ Hidden Files: Scanned in 00mn 02s ---\\ Processus lancés au démarrage du système [MD5.576C72830E3FD6ACE2910545B6130803] - (.ASUSTeK Computer Inc. - ASUS Routine Controller.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2931328] [PID.1148] [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2212] [MD5.AD2C5CBE2BC94AB862A96F81F30F08EE] - (.ASUSTeK Computer Inc. - TurboVHelp.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe [1097344] [PID.2944] [MD5.617B43FE89B8DF6A8BFE84DB4426E040] - (.ASUSTeK Computer Inc. - EPUHelp.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe [1214080] [PID.3060] [MD5.9815E18EF62AFAA90A56E9E7DDBAA5A0] - (.ASUSTeK Computer Inc. - AI Suite II.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe [1425536] [PID.2848] [MD5.8549F4D70BDD647DAB1562731F4E4BFB] - (.ASUSTeK Computer Inc. - AlertHelper.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe [1115776] [PID.1708] [MD5.C0C15737501D4BDD878F6A6D16A7D45E] - (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216] [PID.3800] [MD5.A5B2F530017144BE8CC08D8CC0714EBF] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe [1814440] [PID.4036] [MD5.929D2915F04473314E55223AB17E8D65] - (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe [534160] [PID.3324] [MD5.B4087F34AB2DC375679C14182704C29D] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192] [PID.3408] [MD5.581D8AD206E0DE14DB6B76884E144AF5] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704] [PID.3968] [MD5.4ADFF37E77F0ABD1D886B07F3A021C5A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7857664] [PID.3084] [MD5.9E7043F83633C612D5A3FE8FAB29ED77] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024] [PID.1408] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1572] [MD5.C2B39A72D02907798FA6EE6E4DCAD408] - (.Avira Operations GmbH & Co. KG - Avira Firewall Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [655928] [PID.1596] [MD5.2A226E2149EFB71B8C9467CD69DEED32] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088] [PID.1640] [MD5.FB03A917C1294D3E6D671F24722E1BA3] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144] [PID.1684] [MD5.A63173897EA1A73A75D0E65036DE5B15] - (...) -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584] [PID.1128] [MD5.5C31DFB196CB3A488A041881634D86D2] - (...) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880] [PID.1448] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2068] [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2088] [MD5.B90E093E7A7250906F1054418B5339C0] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2204] [MD5.539DDEE1DAAA227594E3774759FAD696] - (.Avira Operations GmbH & Co. KG - Avira MailGuard Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [622648] [PID.2860] [MD5.CA09C5DFBC6D7B0F080D487E4A3B79AC] - (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe [815160] [PID.2672] [MD5.792C6BB1F02C528095EC349DAAF4C880] - (.Valve Corporation - Steam Client Service (buildbot_winslave04_s.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [565672] [PID.4564] [MD5.7281AED93FB30FDD1CBAF07591FA453A] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344] [PID.3256] [MD5.E0E4A1F81A7D69C595A8A9DDAD084C19] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [769432] [PID.3300] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M2 - MFEP: prefs.js [Jerry - h11xr0pn.default-1378381919353\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20130924 (..) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ~ Firefox Browser: 2 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 12 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Avira SearchFree Toolbar plus Web Protection BHO [64Bits] - {41564952-412D-5637-00A7-7A786E7484D7} Clé orpheline =>Toolbar.Avira O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ~ BHO: 3 Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe O4 - HKLM\..\Run: [XboxStat] . (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe O4 - HKCU\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKLM\..\Wow6432Node\Run: [KeyScrambler] . (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files (x86)\KeyScrambler\keyscrambler.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-440345812-2725411837-4022958379-1000\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe O4 - HKUS\S-1-5-21-440345812-2725411837-4022958379-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe O4 - HKUS\S-1-5-21-440345812-2725411837-4022958379-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\TaskBar: AI Suite II 1.01.14.lnk . (.ASUSTeK Computer Inc. - AI Suite II.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe O4 - GS\TaskBar: Avira Control Center.lnk . (.Avira Operations GmbH & Co. KG - Avira Control Center.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe O4 - GS\TaskBar: Catalyst Control Center.lnk . (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe O4 - GS\TaskBar: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd O4 - GS\TaskBar: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.7.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: Social Games.lnk - Clé orpheline O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart 9 Application.) -- C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe O4 - GS\Desktop: SosVirus Forum.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.sosvirus.net O4 - GS\Desktop: SosVirus On Facebook.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.facebook.com O4 - GS\Desktop: UsbFix Faire un Don.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.usbfix.net ~ Global Startup: Scanned in 00mn 01s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll ~ Winsock: 8 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{4BB76A74-973C-465B-BCBA-751D54F4DF70}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{4BB76A74-973C-465B-BCBA-751D54F4DF70}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{4BB76A74-973C-465B-BCBA-751D54F4DF70}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 ~ Domain: Scanned in 00mn 00s ---\\ Titr_HJT34=Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: Avira FireWall (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG - Avira Firewall Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Avira MailGuard Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - Avira WebGuard Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe O23 - Service: ASUS Com Service (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe O23 - Service: ASUS HM Com Service (asHmComSvc) . (...) - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) . (...) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe ~ Services: 17 Scanned in 00mn 09s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] [MD5.3109B16A0939BA11696EEB04F345D099] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416] [MD5.518545E8CBD79EBF42891A6066578118] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3591960] =>Piriform Ltd [MD5.C155A13687144076286989EF078112C2] [APT] [{06C5F358-5EDC-480C-A346-F88E4588E2E1}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe [1917440] [MD5.C155A13687144076286989EF078112C2] [APT] [{8522178B-F6E5-486D-8531-CA001BF5AB0D}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe [1917440] [MD5.576C72830E3FD6ACE2910545B6130803] [APT] [ASUS AI Suite II Execute] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2931328] ~ Scheduled Task: 6 Scanned in 00mn 03s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 7 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (AsIO) . (...) - C:\Windows\Syswow64\drivers\AsIO.sys O41 - Driver: (AsUpIO) . (...) - C:\Windows\Syswow64\drivers\AsUpIO.sys O41 - Driver: (avfwot) . (.Avira GmbH - TDI filtering kernel driver.) - C:\Windows\System32\DRIVERS\avfwot.sys O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 81 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: AI Suite II - (.ASUSTeK.) [HKLM][64Bits] -- {34D3688E-A737-44C5-9E2A-FF73618728E1} O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {003B37AE-21F5-5BC5-F5EB-CD60A8928696} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {2748FDE2-7BA8-1D20-11A2-FF01CEB009A5} O42 - Logiciel: AMD Drag and Drop Transcoding - (.ATI Technologies Inc..) [HKLM][64Bits] -- {83ED5086-5D6B-698F-5CD4-2F631DA8FD69} O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0} O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D386FE62-CD8D-C8E0-DCA7-ED5FCAB476A5} O42 - Logiciel: APB Reloaded - (.Reloaded Productions.) [HKLM][64Bits] -- Steam App 113400 O42 - Logiciel: ATI AVIVO64 Codecs - (.ATI Technologies Inc..) [HKLM][64Bits] -- {391ED0B2-B886-A6D0-B1A6-C25A7FE5B452} O42 - Logiciel: ATI Problem Report Wizard - (.ATI Technologies.) [HKLM][64Bits] -- {4F8A27CA-6788-7965-3259-5C3B9C37FCD8} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader XI (11.0.03) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {9F3523F8-DAD7-AE52-6DA7-45CDDDF33726} O42 - Logiciel: Afterfall InSanity Extended Edition - (.Intoxicate Studios.) [HKLM][64Bits] -- Steam App 224420 O42 - Logiciel: Alien Swarm - (.Valve.) [HKLM][64Bits] -- Steam App 630 O42 - Logiciel: Application Profiles - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {63059735-CA97-FDFB-0E7A-3B8D81572EFD} O42 - Logiciel: Asmedia ASM104x USB 3.0 Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D} O42 - Logiciel: Avanquest update - (.Avanquest Software.) [HKLM][64Bits] -- {76E41F43-59D2-4F30-BA42-9A762EE1E8DE} O42 - Logiciel: Avira Internet Security v13.0.0.4042 - (.Avira.) [HKLM][64Bits] -- Avira AntiVir Desktop O42 - Logiciel: Avira SearchFree Toolbar plus Web Protection v12.2.1.477 - (.Ask Partner Network.) [HKLM][64Bits] -- {41564952-412D-5637-00A7-A758B70C0201} =>Toolbar.Avira O42 - Logiciel: Awesomenauts - (.Ronimo Games.) [HKLM][64Bits] -- Steam App 204300 O42 - Logiciel: BLAZBLUE -CALAMITY TRIGGER- - (.ARC SYSTEM WORKS.) [HKLM][64Bits] -- GFWL_{415807D5-45E8-4635-A5A9-C81000008400} O42 - Logiciel: BLAZBLUE -CALAMITY TRIGGER- - (.ARC SYSTEM WORKS.) [HKLM][64Bits] -- {415807D5-45E8-4635-A5A9-C81000008400} O42 - Logiciel: Browser Configuration Utility - (.DeviceVM, Inc..) [HKLM][64Bits] -- {BA88EE67-8974-459D-A1DB-C8281D9AC6F6} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1} O42 - Logiciel: Chivalry: Medieval Warfare - (.Torn Banner Studios.) [HKLM][64Bits] -- Steam App 219640 O42 - Logiciel: Clive Barker's Jericho - (.Codemasters.) [HKLM][64Bits] -- {BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5} O42 - Logiciel: Cry of Fear - (.Team Psykskallar.) [HKLM][64Bits] -- Steam App 223710 O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite O42 - Logiciel: Dishonored - (.Bethesda Softworks.) [HKLM][64Bits] -- Steam App 205100 O42 - Logiciel: Dungeon Defenders - (.Trendy Entertainment.) [HKLM][64Bits] -- Steam App 65800 O42 - Logiciel: Dungeonland - (.Critical Studio.) [HKLM][64Bits] -- Steam App 218130 O42 - Logiciel: Dust: An Elysian Tail - (.Humble Hearts LLC.) [HKLM][64Bits] -- Steam App 236090 O42 - Logiciel: GameMaker: Studio - (.YoYo Games Ltd..) [HKLM][64Bits] -- Steam App 214850 O42 - Logiciel: Giana Sisters: Twisted Dreams - (.Black Forest Games.) [HKLM][64Bits] -- Steam App 223220 O42 - Logiciel: Gotham City Impostors: Free To Play - (.Monolith Productions, Inc. .) [HKLM][64Bits] -- Steam App 206210 O42 - Logiciel: Hotline Miami - (.Dennaton Games.) [HKLM][64Bits] -- Steam App 219150 O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM][64Bits] -- {07BFA98D-6DB0-6D9C-95D5-7EF347AF587B} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {E83FDB2A-C81C-403D-8FD3-A816A89AF80C} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {44B72151-611E-429D-9765-9BA093D7E48A} O42 - Logiciel: Intel® Watchdog Timer Driver (Intel® WDT) - (.Intel Corporation.) [HKLM][64Bits] -- {3FD0C489-0F02-481a-A3E1-9754CD396761} O42 - Logiciel: Jet Set Radio - (.Blit Software.) [HKLM][64Bits] -- Steam App 205950 O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM][64Bits] -- KeyScrambler O42 - Logiciel: LIMBO - (.Playdead.) [HKLM][64Bits] -- Steam App 48000 O42 - Logiciel: Left 4 Dead 2 - (.Valve.) [HKLM][64Bits] -- Steam App 550 O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {50A9E459-A2CF-4109-BB73-9079702BEBF2} O42 - Logiciel: Magicka - (.Arrowhead Game Studios.) [HKLM][64Bits] -- Steam App 42910 O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Marvel Heroes - (.Gazillion Entertainment.) [HKLM][64Bits] -- Steam App 226320 O42 - Logiciel: Menu Templates - Starter Kit - (.Nero AG.) [HKLM][64Bits] -- {B78120A0-CF84-4366-A393-4D0A59BC546C} O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77} O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F} O42 - Logiciel: Microsoft XNA Framework Redistributable 3.1 - (.Microsoft Corporation.) [HKLM][64Bits] -- {19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20} O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 Refresh - (.Microsoft Corporation.) [HKLM][64Bits] -- {D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F} O42 - Logiciel: Microsoft Xbox 360 Accessories 1.2 - (.Microsoft.) [HKLM][64Bits] -- {45CD67FD-3218-4207-A0A2-BC41245189E3} O42 - Logiciel: Mortal Kombat Komplete Edition - (.NetherRealm Studios.) [HKLM][64Bits] -- Steam App 237110 O42 - Logiciel: MotioninJoy Gamepad tool 0.7.1001 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1 O42 - Logiciel: Movie Templates - Starter Kit - (.Nero AG.) [HKLM][64Bits] -- {E498385E-1C51-459A-B45F-1721E37AA1A0} O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 24.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {46ED2B64-85C7-4E1F-920C-A555B21F2E4C} O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {2fcf6fc1-4a5d-4f85-badb-4a958637b016} O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM][64Bits] -- {7829DB6F-A066-4E40-8912-CB07887C20BB} O42 - Logiciel: Nero BurnRights Help - (.Nero AG.) [HKLM][64Bits] -- {F6BDD7C5-89ED-4569-9318-469AA9732572} O42 - Logiciel: Nero Burning ROM - (.Nero AG.) [HKLM][64Bits] -- {CF508721-0E1E-4F99-A359-59E4EA8DAEC1} O42 - Logiciel: Nero Burning ROM Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {2890E324-6F3B-4975-8B95-E7D6D80E0226} O42 - Logiciel: Nero BurningROM 12 - (.Nero AG.) [HKLM][64Bits] -- {3DAFE920-1B88-4C66-A39B-D743F28AF10D} O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63} O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69} O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263} O42 - Logiciel: Nero CoverDesigner - (.Nero AG.) [HKLM][64Bits] -- {62AC81F6-BDD3-4110-9D36-3E9EAAB40999} O42 - Logiciel: Nero CoverDesigner Help - (.Nero AG.) [HKLM][64Bits] -- {CE96F5A5-584D-4F8F-AA3E-9BAED413DB72} O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200DB-287A-4DC0-B02B-2B6787FBCD4C} O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {CC019E3F-59D2-4486-8D4B-878105B62A71} O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33CF58F5-48D8-4575-83D6-96F574E4D83A} O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {E5C7D048-F9B4-4219-B323-8BDB01A2563D} O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84B3-4C50-8622-B8C0AA2D2885} O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139} O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400DBD-E6DB-45B8-9B6B-1DD7033818EC} O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E} O42 - Logiciel: Nero SharedVideoCodecs - (.Nero AG.) [HKLM][64Bits] -- {2432E589-6256-4513-B0BF-EFA8E325D5F0} O42 - Logiciel: Nero ShowTime - (.Nero AG.) [HKLM][64Bits] -- {D9DCF92E-72EB-412D-AC71-3B01276E5F8B} O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748AC8C-18E3-43BB-959B-088FAEA16FB2} O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348B586-C9AE-46CE-936C-A68E9426E214} O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} O42 - Logiciel: Nero Vision - (.Nero AG.) [HKLM][64Bits] -- {43E39830-1826-415D-8BAE-86845787B54B} O42 - Logiciel: Nero Vision Help - (.Nero AG.) [HKLM][64Bits] -- {5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1} O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595A3116-40BB-4E0F-A2E8-D7951DA56270} O42 - Logiciel: OpenAL - (...) [HKLM][64Bits] -- OpenAL O42 - Logiciel: Orcs Must Die! - (.Robot Entertainment.) [HKLM][64Bits] -- Steam App 102600 O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin O42 - Logiciel: PROTOTYPE 2 - (.Radical Entertainment.) [HKLM][64Bits] -- Steam App 115320 O42 - Logiciel: PlanetSide 2 - (.Sony Online Entertainment.) [HKLM][64Bits] -- Steam App 218230 O42 - Logiciel: Primal Carnage - (.Lukewarm Media.) [HKLM][64Bits] -- Steam App 215470 O42 - Logiciel: Prototype(TM) - (.Activision.) [HKLM][64Bits] -- InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A} O42 - Logiciel: Ravaged Zombie Apocalypse - (.2 Dawn Studios.) [HKLM][64Bits] -- Steam App 96300 O42 - Logiciel: Rayman Origins - (.Ubisoft.) [HKLM][64Bits] -- {DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller O42 - Logiciel: Rise of the Argonauts - (.Liquid Entertainment.) [HKLM][64Bits] -- Steam App 12770 O42 - Logiciel: Rusty Hearts - (.Stairway Games.) [HKLM][64Bits] -- Steam App 36630 O42 - Logiciel: Réussir son Code de la Route 2013 - (.Micro Application.) [HKLM][64Bits] -- {8000A55E-6BB3-4206-AEED-CFD25F36FBC8} O42 - Logiciel: Sanctum 2 - (.Coffee Stain Studios.) [HKLM][64Bits] -- Steam App 210770 O42 - Logiciel: Serious Sam 3: BFE - (.Croteam.) [HKLM][64Bits] -- Steam App 41070 O42 - Logiciel: Shank - (.Klei Entertainment.) [HKLM][64Bits] -- Steam App 6120 O42 - Logiciel: Shank 2 - (.Klei Entertainment.) [HKLM][64Bits] -- Steam App 102840 O42 - Logiciel: Sine Mora - (.Digital Reality.) [HKLM][64Bits] -- Steam App 207040 O42 - Logiciel: Sleeping Dogs™ - (.United Front Games.) [HKLM][64Bits] -- Steam App 202170 O42 - Logiciel: Smashmuck Champions - (.Kiz Studios.) [HKLM][64Bits] -- Steam App 218330 O42 - Logiciel: Sonic & All-Stars Racing Transformed - (.Sumo Digital.) [HKLM][64Bits] -- Steam App 212480 O42 - Logiciel: Sonic and SEGA All Stars Racing - (.Sumo Digital.) [HKLM][64Bits] -- Steam App 34190 O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: The Haunted: Hells Reach - (.KTX Software.) [HKLM][64Bits] -- Steam App 43190 O42 - Logiciel: VLC media player 2.0.7 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player O42 - Logiciel: War Thunder - (.Gaijin Entertainment.) [HKLM][64Bits] -- Steam App 236390 O42 - Logiciel: Warframe - (.Digital Extremes.) [HKLM][64Bits] -- Steam App 230410 O42 - Logiciel: WinRAR 4.20 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Worms Revolution - (.Team17 Digital Ltd..) [HKLM][64Bits] -- Steam App 200170 O42 - Logiciel: Zombie Driver HD - (.Exor Studios.) [HKLM][64Bits] -- Steam App 220820 O42 - Logiciel: Zombie Panic Source - (.Zombie Panic Team.) [HKLM][64Bits] -- Steam App 17500 O42 - Logiciel: marvell 91xx driver - (.Marvell.) [HKLM][64Bits] -- MagniDriver O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ~ Logic: 215 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AMD] [HKCU\Software\ASUS] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow] [HKCU\Software\Arkane] [HKCU\Software\Avanquest] [HKCU\Software\Avira] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Critical Studio] [HKCU\Software\Disc Soft] [HKCU\Software\Gaijin] [HKCU\Software\Intel\Indeo\4.1] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware (portable)] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Norton] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\QFX Software] [HKCU\Software\Realtek] [HKCU\Software\SecuROM] [HKCU\Software\SysInternals] [HKCU\Software\Trolltech] [HKCU\Software\Ubisoft] [HKCU\Software\Usbfix] [HKCU\Software\VSRevoGroup] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKLM\Software\] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Audible] [HKLM\Software\CBSTEST] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DTS] [HKLM\Software\Dolby] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\SonicFocus] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node\AGEIA Technologies] [HKLM\Software\Wow6432Node\AMD] [HKLM\Software\Wow6432Node\ARC SYSTEM WORKS] [HKLM\Software\Wow6432Node\ASUS] [HKLM\Software\Wow6432Node\ATI Technologies] [HKLM\Software\Wow6432Node\ATI] [HKLM\Software\Wow6432Node\Activision] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Audible] [HKLM\Software\Wow6432Node\Avanquest] [HKLM\Software\Wow6432Node\Avira] [HKLM\Software\Wow6432Node\BVRP Software] [HKLM\Software\Wow6432Node\CheckPoint] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Codemasters] [HKLM\Software\Wow6432Node\Disc Soft] [HKLM\Software\Wow6432Node\Electronic Arts] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (portable)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\Marvell] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\NVIDIA Corporation] [HKLM\Software\Wow6432Node\Nero] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\QFX Software] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\TrendyEntertainment] [HKLM\Software\Wow6432Node\Ubisoft] [HKLM\Software\Wow6432Node\Valve] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\WindyZone] [HKLM\Software\Wow6432Node\X-AVCSD] [HKLM\Software\Wow6432Node\arkane] [HKLM\Software\Wow6432Node\lukewarm media] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node\pwe] [HKLM\Software\Wow6432Node\square enix] [HKLM\Software\Wow6432Node\sumo digital] [HKLM\Software\Wow6432Node\wow6432node] [HKLM\Software\Wow6432Node] [HKLM\Software\cybelsoft] ~ Key Software: 208 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 27/07/2013 - 19:32:57 - [-223,537] ----D C:\Program Files (x86)\Activision O43 - CFD: 03/10/2013 - 19:22:36 - [120,489] ----D C:\Program Files (x86)\Adobe O43 - CFD: 14/06/2013 - 16:22:43 - [1,544] ----D C:\Program Files (x86)\AMD AVT O43 - CFD: 03/07/2013 - 21:50:24 - [-1279,200] ----D C:\Program Files (x86)\ARC SYSTEM WORKS O43 - CFD: 14/06/2013 - 16:00:28 - [2,369] ----D C:\Program Files (x86)\ASM104xUSB3 O43 - CFD: 05/08/2013 - 18:22:19 - [125,849] ----D C:\Program Files (x86)\ASUS O43 - CFD: 14/06/2013 - 18:42:16 - [100,832] ----D C:\Program Files (x86)\ATI Technologies O43 - CFD: 04/09/2013 - 12:53:15 - [2,983] ----D C:\Program Files (x86)\Avanquest update O43 - CFD: 16/07/2013 - 12:14:01 - [251,601] ----D C:\Program Files (x86)\Avira O43 - CFD: 24/08/2013 - 19:16:55 - [-91,584] ----D C:\Program Files (x86)\Codemasters O43 - CFD: 04/09/2013 - 12:15:37 - [322,320] ----D C:\Program Files (x86)\Common Files O43 - CFD: 04/09/2013 - 12:34:05 - [26,838] ----D C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 29/09/2013 - 00:18:47 - [0] ----D C:\Program Files (x86)\Dungeon Defenders O43 - CFD: 05/08/2013 - 18:21:57 - [0] ----D C:\Program Files (x86)\GPU-Z O43 - CFD: 04/09/2013 - 12:53:15 - [98,970] ----D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 05/08/2013 - 18:25:38 - [10,238] ----D C:\Program Files (x86)\Intel O43 - CFD: 12/09/2013 - 03:24:31 - [4,885] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 14/06/2013 - 15:44:19 - [4,226] ----D C:\Program Files (x86)\KeyScrambler O43 - CFD: 14/06/2013 - 15:43:00 - [13,265] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 14/06/2013 - 15:17:05 - [1,788] ----D C:\Program Files (x86)\Marvell O43 - CFD: 04/09/2013 - 12:37:55 - [1549,594] ----D C:\Program Files (x86)\Micro Application O43 - CFD: 03/07/2013 - 22:00:50 - [11,240] ----D C:\Program Files (x86)\Microsoft Games for Windows - LIVE O43 - CFD: 18/08/2013 - 16:41:19 - [11,124] ----D C:\Program Files (x86)\Microsoft XNA O43 - CFD: 14/06/2013 - 17:40:07 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 01/10/2013 - 18:35:47 - [48,682] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 03/10/2013 - 01:15:50 - [0,216] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 22/06/2013 - 03:00:32 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 09/07/2013 - 23:36:01 - [821,415] ----D C:\Program Files (x86)\Nero O43 - CFD: 10/07/2013 - 12:48:45 - [99,079] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 18/07/2013 - 11:29:44 - [0,772] ----D C:\Program Files (x86)\OpenAL O43 - CFD: 28/08/2013 - 18:44:02 - [151,128] ----D C:\Program Files (x86)\Origin O43 - CFD: 28/08/2013 - 18:45:50 - [0] ----D C:\Program Files (x86)\Origin Games O43 - CFD: 14/06/2013 - 16:02:47 - [6,380] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 03/10/2013 - 19:39:12 - [1838,293] ----D C:\Program Files (x86)\Steam O43 - CFD: 14/06/2013 - 15:12:36 - [0] ----D C:\Program Files (x86)\Temp O43 - CFD: 08/08/2013 - 03:02:04 - [-1707,657] ----D C:\Program Files (x86)\Ubisoft O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information O43 - CFD: 14/06/2013 - 15:45:16 - [101,906] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 03/10/2013 - 19:19:15 - [6,519] ----D C:\Program Files (x86)\VS Revo Group O43 - CFD: 12/07/2013 - 07:36:52 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 21/11/2010 - 08:19:00 - [5,895] ----D C:\Program Files (x86)\Windows Mail O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 21/11/2010 - 08:19:00 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 21/11/2010 - 05:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 21/11/2010 - 08:19:00 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 03/10/2013 - 19:41:25 - [16,500] ----D C:\Program Files (x86)\ZHPDiag O43 - CFD: 04/09/2013 - 12:15:38 - [6,289] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 14/06/2013 - 18:25:06 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 14/06/2013 - 15:33:07 - [2,783] ----D C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 24/08/2013 - 19:16:53 - [5,722] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 14/06/2013 - 16:20:14 - [0,179] ----D C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 18/08/2013 - 16:41:19 - [24,619] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 09/07/2013 - 23:35:47 - [170,563] ----D C:\Program Files (x86)\Common Files\Nero O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 28/09/2013 - 05:03:33 - [0,539] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 14/06/2013 - 17:11:21 - [9,767] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 24/08/2013 - 19:25:20 - [32,340] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 04/09/2013 - 12:15:37 - [146,880] ----D C:\ProgramData\Adobe O43 - CFD: 14/06/2013 - 16:22:43 - [0,890] ----D C:\ProgramData\AMD O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Application Data O43 - CFD: 03/07/2013 - 22:02:45 - [0] ----D C:\ProgramData\ASign O43 - CFD: 05/08/2013 - 18:21:00 - [12,616] ----D C:\ProgramData\ASUS O43 - CFD: 05/08/2013 - 18:28:35 - [0,000] ----D C:\ProgramData\ASUS OC Profiles O43 - CFD: 14/06/2013 - 18:25:41 - [0,000] ----D C:\ProgramData\ATI O43 - CFD: 04/09/2013 - 12:53:15 - [4,064] ----D C:\ProgramData\Avanquest O43 - CFD: 04/09/2013 - 12:43:22 - [0] ----D C:\ProgramData\Avanquest Software O43 - CFD: 16/07/2013 - 12:14:01 - [385,520] ----D C:\ProgramData\Avira O43 - CFD: 14/06/2013 - 15:06:40 - [0] ----D C:\ProgramData\Bureau O43 - CFD: 17/08/2013 - 00:02:52 - [0,004] ----D C:\ProgramData\CheckPoint O43 - CFD: 04/09/2013 - 12:35:25 - [0,002] ----D C:\ProgramData\DAEMON Tools Lite O43 - CFD: 09/07/2013 - 23:12:24 - [0,002] ----D C:\ProgramData\DAEMON Tools Ultra O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Documents O43 - CFD: 28/08/2013 - 18:41:22 - [0] ----D C:\ProgramData\Electronic Arts O43 - CFD: 14/06/2013 - 15:06:40 - [0] ----D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Favorites O43 - CFD: 24/08/2013 - 19:26:17 - [0,000] ----D C:\ProgramData\InstallShield O43 - CFD: 14/06/2013 - 16:19:21 - [9,475] ----D C:\ProgramData\Intel O43 - CFD: 14/06/2013 - 15:55:24 - [1,315] ----D C:\ProgramData\ma-config.com O43 - CFD: 14/06/2013 - 15:42:59 - [7,384] ----D C:\ProgramData\Malwarebytes O43 - CFD: 23/07/2013 - 14:34:24 - [0] ----D C:\ProgramData\Malwarebytes' Anti-Malware (portable) O43 - CFD: 24/08/2013 - 19:24:59 - [0,002] ----D C:\ProgramData\Media Center Programs O43 - CFD: 14/06/2013 - 15:06:40 - [0] ----D C:\ProgramData\Menu Démarrer O43 - CFD: 16/08/2013 - 15:35:50 - [255,685] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/06/2013 - 15:06:40 - [0] ----D C:\ProgramData\Modèles O43 - CFD: 14/06/2013 - 15:48:58 - [0,017] ----D C:\ProgramData\Mozilla O43 - CFD: 09/07/2013 - 23:36:41 - [13,105] ----D C:\ProgramData\Nero O43 - CFD: 14/06/2013 - 17:30:46 - [0,012] ----D C:\ProgramData\Norton O43 - CFD: 14/06/2013 - 15:20:38 - [16,092] ----D C:\ProgramData\NortonInstaller O43 - CFD: 28/08/2013 - 18:45:50 - [0,331] ----D C:\ProgramData\Origin O43 - CFD: 05/08/2013 - 18:21:57 - [0,000] ----D C:\ProgramData\QFX Software O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Start Menu O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Templates O43 - CFD: 07/09/2013 - 18:52:34 - [0,000] ----D C:\ProgramData\WarThunder O43 - CFD: 14/06/2013 - 18:25:07 - [2,810] ----D C:\Users\Jerry\AppData\Roaming\Adobe O43 - CFD: 14/06/2013 - 15:37:11 - [0] ----D C:\Users\Jerry\AppData\Roaming\ATI O43 - CFD: 16/07/2013 - 12:14:27 - [0,013] ----D C:\Users\Jerry\AppData\Roaming\Avira O43 - CFD: 24/08/2013 - 19:27:51 - [0,034] ----D C:\Users\Jerry\AppData\Roaming\Codemasters O43 - CFD: 04/09/2013 - 14:43:20 - [1,442] ----D C:\Users\Jerry\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 09/07/2013 - 23:14:32 - [0,615] ----D C:\Users\Jerry\AppData\Roaming\DAEMON Tools Ultra O43 - CFD: 14/06/2013 - 15:06:56 - [0] ----D C:\Users\Jerry\AppData\Roaming\Identities O43 - CFD: 24/08/2013 - 19:26:17 - [0] ----D C:\Users\Jerry\AppData\Roaming\InstallShield O43 - CFD: 14/06/2013 - 16:19:29 - [0] ----D C:\Users\Jerry\AppData\Roaming\Intel Corporation O43 - CFD: 14/06/2013 - 16:43:19 - [0,001] ----D C:\Users\Jerry\AppData\Roaming\Macromedia O43 - CFD: 14/06/2013 - 15:43:04 - [0,013] ----D C:\Users\Jerry\AppData\Roaming\Malwarebytes O43 - CFD: 21/11/2010 - 08:29:27 - [0] ----D C:\Users\Jerry\AppData\Roaming\Media Center Programs O43 - CFD: 05/08/2013 - 18:20:55 - [1,942] -S--D C:\Users\Jerry\AppData\Roaming\Microsoft O43 - CFD: 24/08/2013 - 14:54:08 - [0,025] ----D C:\Users\Jerry\AppData\Roaming\MKKE O43 - CFD: 28/09/2013 - 00:04:45 - [0,470] ----D C:\Users\Jerry\AppData\Roaming\MotioninJoy O43 - CFD: 14/06/2013 - 15:49:06 - [32,210] ----D C:\Users\Jerry\AppData\Roaming\Mozilla O43 - CFD: 09/07/2013 - 23:37:11 - [2,078] ----D C:\Users\Jerry\AppData\Roaming\Nero O43 - CFD: 28/08/2013 - 18:45:51 - [0,046] ----D C:\Users\Jerry\AppData\Roaming\Origin O43 - CFD: 05/08/2013 - 18:21:58 - [0,000] ----D C:\Users\Jerry\AppData\Roaming\QFX Software O43 - CFD: 24/08/2013 - 19:27:34 - [0] R-H-D C:\Users\Jerry\AppData\Roaming\SecuROM O43 - CFD: 01/10/2013 - 16:18:49 - [0,079] ----D C:\Users\Jerry\AppData\Roaming\vlc O43 - CFD: 02/07/2013 - 11:37:49 - [0,000] ----D C:\Users\Jerry\AppData\Roaming\WinRAR O43 - CFD: 04/09/2013 - 12:16:44 - [40,531] ----D C:\Users\Jerry\AppData\Local\Adobe O43 - CFD: 14/06/2013 - 15:06:45 - [0] ----D C:\Users\Jerry\AppData\Local\Application Data O43 - CFD: 14/06/2013 - 15:37:11 - [0,100] ----D C:\Users\Jerry\AppData\Local\ATI O43 - CFD: 03/10/2013 - 19:18:23 - [23,039] ----D C:\Users\Jerry\AppData\Local\CrashDumps O43 - CFD: 05/08/2013 - 10:02:01 - [0] ----D C:\Users\Jerry\AppData\Local\Diagnostics O43 - CFD: 09/07/2013 - 23:55:51 - [0,001] ----D C:\Users\Jerry\AppData\Local\DTClient O43 - CFD: 14/06/2013 - 15:06:45 - [0] ----D C:\Users\Jerry\AppData\Local\Historique O43 - CFD: 14/06/2013 - 16:43:19 - [0] ----D C:\Users\Jerry\AppData\Local\Macromedia O43 - CFD: 04/09/2013 - 12:42:38 - [0,003] ----D C:\Users\Jerry\AppData\Local\Micro Application O43 - CFD: 16/08/2013 - 15:35:50 - [66,010] ----D C:\Users\Jerry\AppData\Local\Microsoft O43 - CFD: 03/10/2013 - 01:10:25 - [19,758] ----D C:\Users\Jerry\AppData\Local\Mozilla O43 - CFD: 20/06/2013 - 14:49:49 - [0] ----D C:\Users\Jerry\AppData\Local\Nero O43 - CFD: 28/08/2013 - 18:45:50 - [5,973] ----D C:\Users\Jerry\AppData\Local\Origin O43 - CFD: 14/06/2013 - 15:42:47 - [0] ----D C:\Users\Jerry\AppData\Local\Programs O43 - CFD: 03/10/2013 - 19:40:14 - [2,036] ----D C:\Users\Jerry\AppData\Local\Temp O43 - CFD: 14/06/2013 - 15:06:45 - [0] ----D C:\Users\Jerry\AppData\Local\Temporary Internet Files O43 - CFD: 14/06/2013 - 18:12:58 - [0,011] ----D C:\Users\Jerry\AppData\Local\VirtualStore O43 - CFD: 07/09/2013 - 17:38:24 - [0] ----D C:\Users\Jerry\AppData\Local\WarThunder O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 12/09/2013 - 03:26:59 - [0,000] R---D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 31/08/2013 - 15:58:15 - [0,000] ----D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 14/06/2013 - 16:01:19 - [0,001] ----D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell O43 - CFD: 03/10/2013 - 19:19:16 - [0,005] ----D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 12/09/2013 - 03:26:59 - [0,000] R---D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 05/08/2013 - 18:21:58 - [0,002] ----D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 05/08/2013 - 18:21:58 - [0,003] ----D C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 146 Scanned in 01mn 03s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.FBB74991D9A5C0AA388443414E7484A7] - 03/10/2013 - 18:41:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1964087] O44 - LFC:[MD5.ADA61EB5BC74EBA8B7E5C322AFD42030] - 03/10/2013 - 18:38:22 ---A- . (...) -- C:\Windows\setupact.log [3009] O44 - LFC:[MD5.67782281A5000811E8D611B4BA8C744F] - 03/10/2013 - 18:38:21 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.0D915DFC42F777F1E2BDB114E1BFA3B5] - 03/10/2013 - 18:33:48 ---A- . (...) -- C:\UsbFix [Clean 3] JERRY-PC.txt [7058] O44 - LFC:[MD5.AAE4427D35C45899DAFACD8B0AA6F3DF] - 03/10/2013 - 18:26:47 ---A- . (...) -- C:\Windows\PFRO.log [8758] O44 - LFC:[MD5.F6EB1C2DB835C50F1C90418FAC51B9BA] - 03/10/2013 - 18:23:28 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1665132] O44 - LFC:[MD5.7EA9DB04227F56639BC79DB1C66D6410] - 03/10/2013 - 18:23:28 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [121406] O44 - LFC:[MD5.EDA6A066EFA6CEB43E6748D185563FD7] - 03/10/2013 - 18:23:28 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [149110] O44 - LFC:[MD5.B9EFD753CFDF3ADAAEB368AF3592F809] - 03/10/2013 - 18:23:28 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [652976] O44 - LFC:[MD5.CCAAA6E8821D864A55B5A333046826D1] - 03/10/2013 - 18:23:28 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [746094] O44 - LFC:[MD5.F6EB1C2DB835C50F1C90418FAC51B9BA] - 03/10/2013 - 18:23:28 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1665132] O44 - LFC:[MD5.7EA9DB04227F56639BC79DB1C66D6410] - 03/10/2013 - 18:23:28 RSHAD . (...) -- C:\Windows\System32\perfc009.dat [121406] O44 - LFC:[MD5.EDA6A066EFA6CEB43E6748D185563FD7] - 03/10/2013 - 18:23:28 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat [149110] O44 - LFC:[MD5.B9EFD753CFDF3ADAAEB368AF3592F809] - 03/10/2013 - 18:23:28 RSHAD . (...) -- C:\Windows\System32\perfh009.dat [652976] O44 - LFC:[MD5.CCAAA6E8821D864A55B5A333046826D1] - 03/10/2013 - 18:23:28 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat [746094] O44 - LFC:[MD5.17030430D2862AEA938FCB7139BC6F57] - 03/10/2013 - 17:47:49 ---A- . (...) -- C:\UsbFix [Clean 2] JERRY-PC.txt [7050] O44 - LFC:[MD5.6C9569857AC56DB6C21224E09CA354A3] - 03/10/2013 - 17:25:37 ---A- . (...) -- C:\UsbFix [Clean 1] JERRY-PC.txt [7380] O44 - LFC:[MD5.C988DAFBBE537EAC98D325B91A322B9C] - 03/10/2013 - 17:25:06 ---A- . (...) -- C:\UsbFix [Scan 2] JERRY-PC.txt [8667] O44 - LFC:[MD5.80D80D49BB3CB26319B5065ED70717C6] - 03/10/2013 - 17:10:50 ---A- . (...) -- C:\WinChk.txt [2211] O44 - LFC:[MD5.D3D743036950ABC1DC8D62C1E5A7EC43] - 03/10/2013 - 17:07:33 ---A- . (...) -- C:\UsbFix [Scan 1] JERRY-PC.txt [8921] O44 - LFC:[MD5.C3508A8D3BBD411717C0F36491158D17] - 03/10/2013 - 11:11:53 ---A- . (...) -- C:\WinUpdateFix.txt [1269] O44 - LFC:[MD5.7E686F41E4390C9FF15916D61BD2B089] - 28/09/2013 - 23:30:54 ---A- . (...) -- C:\Windows\DirectX.log [52902] O44 - LFC:[MD5.875C62057A6309BCDC9EDFE950F87AA1] - 28/09/2013 - 22:07:45 ---A- . (...) -- C:\Windows\wmsetup.log [554] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/09/2013 - 23:09:20 RSHAD . (...) -- C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf [0] O44 - LFC:[MD5.4B4050855236C4656EEBDF225E3480FA] - 27/09/2013 - 23:04:40 ---A- . (.Logicool Co. Ltd. - Logicool Force Feedback Driver.) -- C:\Windows\SysNative\MijFrc.dll [328712] O44 - LFC:[MD5.4B4050855236C4656EEBDF225E3480FA] - 27/09/2013 - 23:04:40 RSHAD . (.Logicool Co. Ltd. - Logicool Force Feedback Driver.) -- C:\Windows\System32\MijFrc.dll [328712] O44 - LFC:[MD5.9176C0822FAA649E45121875BE32F5D2] - 27/09/2013 - 23:04:40 RSHAD . (.Microsoft Corporation - Windows Common Controller.) -- C:\Windows\System32\Drivers\xusb21.sys [74960] O44 - LFC:[MD5.C030F9E822A057C1A7A9BB4EA3E8877E] - 27/09/2013 - 23:04:40 RSHAD . (.MotioninJoy - MotioninJoy DS3 driver.) -- C:\Windows\System32\Drivers\MijXfilt.sys [121416] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/09/2013 - 09:48:04 ---A- . (...) -- C:\Windows\setuperr.log [0] ~ Files: 29 Scanned in 00mn 52s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.F822C93EA3CB431B7E9D8A0B42BEA050] - 01/10/2013 - 22:24:22 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.61826255CA95D86E2E9F2E3BBFB42037] - 01/10/2013 - 22:25:22 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.88DC4073614A620CAD9783C95A2FBF43] - 03/10/2013 - 00:14:53 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf O45 - LFCP:[MD5.0CDE55BF84819369528466710FEFC7EF] - 03/10/2013 - 00:51:40 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.559BAA728E7F7A01A1E57F2CC9AE87AB] - 03/10/2013 - 01:47:18 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf O45 - LFCP:[MD5.7ACABFC47AE3701A1E995C3525CBB009] - 03/10/2013 - 01:52:44 ---A- - C:\Windows\Prefetch\AVSCAN.EXE-EDA6668B.pf O45 - LFCP:[MD5.48650E6FD8CBB9738C615758E1F92A1B] - 03/10/2013 - 03:41:36 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf O45 - LFCP:[MD5.6F1E75CA23B2FFB3377C9A46CB9E94C1] - 03/10/2013 - 03:41:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf O45 - LFCP:[MD5.3A64DF9307CF6893A282C924B8D9C18F] - 03/10/2013 - 03:48:36 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf O45 - LFCP:[MD5.92A01B27FAC41D1EB7BEEA0CD9455C76] - 03/10/2013 - 09:00:00 ---A- - C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf O45 - LFCP:[MD5.B210F997ED26F41A1EE526D71932ED4C] - 03/10/2013 - 11:03:05 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-50F8B8EA.pf O45 - LFCP:[MD5.E8AABC57988121C970CC11F20BA1177F] - 03/10/2013 - 11:11:12 ---A- - C:\Windows\Prefetch\WINUPDATEFIX.EXE-EF478A22.pf O45 - LFCP:[MD5.9DAE73741C25A5D8417F62C639A06A22] - 03/10/2013 - 11:11:31 ---A- - C:\Windows\Prefetch\WINUPDATEFIX.EXE-371256AB.pf O45 - LFCP:[MD5.81EC9513252ECD2AC5DC0FBA832C303A] - 03/10/2013 - 11:12:23 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf O45 - LFCP:[MD5.09DD1295CC9131D6B6A3A6645D951D96] - 03/10/2013 - 12:29:04 ---A- - C:\Windows\Prefetch\AVCONFIG.EXE-1AA497F0.pf O45 - LFCP:[MD5.EA1981026A621ECFD6160E2E789A22AE] - 03/10/2013 - 12:31:12 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf O45 - LFCP:[MD5.86341E0C4D00926C17309A747BE887C2] - 03/10/2013 - 12:53:20 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf O45 - LFCP:[MD5.BE2AE5558E63398AC5141F94A37E475C] - 03/10/2013 - 12:55:41 ---A- - C:\Windows\Prefetch\AWESOMENAUTSLAUNCHER.EXE-CBA62FB4.pf O45 - LFCP:[MD5.E9BAFE570A9013B8B2D0A66C8D3856BB] - 03/10/2013 - 12:55:51 ---A- - C:\Windows\Prefetch\AWESOMENAUTS.EXE-37668322.pf O45 - LFCP:[MD5.DFBC6EC0F25A57429E80EAAF2A9393B6] - 03/10/2013 - 12:55:53 ---A- - C:\Windows\Prefetch\GAMEOVERLAYUI.EXE-86F598D5.pf O45 - LFCP:[MD5.13CA84E44AC88AC5047188367C8A4BD2] - 03/10/2013 - 16:44:58 ---A- - C:\Windows\Prefetch\UPDATE.EXE-0D8A637E.pf O45 - LFCP:[MD5.62233AA18E83DF4677C078A5DCBF46E7] - 03/10/2013 - 16:45:01 ---A- - C:\Windows\Prefetch\UPDRGUI.EXE-D0FBFF97.pf O45 - LFCP:[MD5.72E3F7CF080228E895D7E36E0632998A] - 03/10/2013 - 17:01:04 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-440345812-2725411837-4022958379-1000.db O45 - LFCP:[MD5.40B99C9ABCEDBDD42AFDF3D833A0BEDE] - 03/10/2013 - 17:01:04 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-440345812-2725411837-4022958379-1000.db O45 - LFCP:[MD5.3FD79C6AFD7B02691950A3AB170647CB] - 03/10/2013 - 17:10:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf O45 - LFCP:[MD5.34EDB78B45B1D00E7E8ECD4B02CAEAD1] - 03/10/2013 - 17:10:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf O45 - LFCP:[MD5.AF0E2F76C91D338E487942D7D91F1AD4] - 03/10/2013 - 17:10:41 ---A- - C:\Windows\Prefetch\SHOWACLS.EXE-5F7CC919.pf O45 - LFCP:[MD5.97E5EFB0F8C5F130206915B1AF80A8F2] - 03/10/2013 - 17:10:41 ---A- - C:\Windows\Prefetch\STRINGS.EXE-B1847B67.pf O45 - LFCP:[MD5.D2C34AE565613986075061CDE947BB4A] - 03/10/2013 - 17:10:41 ---A- - C:\Windows\Prefetch\WINCHK0.EXE-057875E7.pf O45 - LFCP:[MD5.C68B24F12632FB4AC4603AE7329A3281] - 03/10/2013 - 17:10:50 ---A- - C:\Windows\Prefetch\FINDSTR.EXE-6C611AA6.pf O45 - LFCP:[MD5.520C71776F7E0CF9B131A7010BFEBE8E] - 03/10/2013 - 17:10:50 ---A- - C:\Windows\Prefetch\WMIC.EXE-40C98607.pf O45 - LFCP:[MD5.064353BD69669136B4DDD44E185BEFDF] - 03/10/2013 - 17:18:24 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf O45 - LFCP:[MD5.78A77B902E7682FD2E17A9CAB28E8AC2] - 03/10/2013 - 17:19:48 ---A- - C:\Windows\Prefetch\WUAPP.EXE-C6167071.pf O45 - LFCP:[MD5.9AF629ED6E449C5553700C1F729E87D9] - 03/10/2013 - 17:24:25 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf O45 - LFCP:[MD5.CC04035EBB47B2E401E7B024BCEF0E7A] - 03/10/2013 - 17:24:38 ---A- - C:\Windows\Prefetch\GREP.COM-A0F2EC80.pf O45 - LFCP:[MD5.A5A33ABC9AF9BEA6E70B6AEA39E2120D] - 03/10/2013 - 17:30:48 ---A- - C:\Windows\Prefetch\EPUHELP.EXE-4E115D4C.pf O45 - LFCP:[MD5.47FB182F5BD8F6C54E475251654D0FDA] - 03/10/2013 - 17:43:56 ---A- - C:\Windows\Prefetch\ASROUTINECONTROLLER.EXE-696A9FD5.pf O45 - LFCP:[MD5.D63580B677C5B23B8E8DD722A4450565] - 03/10/2013 - 17:45:08 ---A- - C:\Windows\Prefetch\MMC.EXE-F39CDED6.pf O45 - LFCP:[MD5.9B1B6021CD474599A8B95E1077618810] - 03/10/2013 - 17:45:47 ---A- - C:\Windows\Prefetch\MMC.EXE-E21FB123.pf O45 - LFCP:[MD5.C943CB71D8E73123951918D4B0D21A74] - 03/10/2013 - 18:02:26 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.C8BA27037AE07900FC516B68B1EC22F1] - 03/10/2013 - 18:18:33 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-1CA97248.pf O45 - LFCP:[MD5.4D304F701803B4D0BAEE3B0F58FC3C7B] - 03/10/2013 - 18:18:33 ---A- - C:\Windows\Prefetch\WLIDSVC.EXE-5514E75E.pf O45 - LFCP:[MD5.53F0E112447F787F4581B390EC966DE5] - 03/10/2013 - 18:18:33 ---A- - C:\Windows\Prefetch\WLIDSVCM.EXE-A6EF5B2F.pf O45 - LFCP:[MD5.82B5926E73E60B96C3D5707B21F13C60] - 03/10/2013 - 18:18:34 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-D6B4B613.pf O45 - LFCP:[MD5.DEF492939448BE8DA45D3E76592ED66C] - 03/10/2013 - 18:18:35 ---A- - C:\Windows\Prefetch\IASTORICONLAUNCH.EXE-7C54B6EC.pf O45 - LFCP:[MD5.D63D0C78C6263EC080275DCFFB5C400E] - 03/10/2013 - 18:18:35 ---A- - C:\Windows\Prefetch\XBOXSTAT.EXE-16DABDFB.pf O45 - LFCP:[MD5.6435C6BD2748E6CD9AE8AC98E1B38AC3] - 03/10/2013 - 18:19:24 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf O45 - LFCP:[MD5.F5266186DF38C8E10633967199DA765F] - 03/10/2013 - 18:21:40 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf O45 - LFCP:[MD5.634370D93A153920A34C32FD84BB5FEE] - 03/10/2013 - 18:21:40 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf O45 - LFCP:[MD5.87B2C838642E438ECA3505C260CBC8A2] - 03/10/2013 - 18:22:26 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf O45 - LFCP:[MD5.4BC296C14F8DA6A62AB34945D4BC278B] - 03/10/2013 - 18:23:20 ---A- - C:\Windows\Prefetch\REVOUNINSTALLER.EXE-0601D209.pf O45 - LFCP:[MD5.1ABD92442FE2A2579A3A1C9428128392] - 03/10/2013 - 18:23:28 ---A- - C:\Windows\Prefetch\REVOSETUP.EXE-E68C877C.pf O45 - LFCP:[MD5.CB7C6F4C33630F1A5ED011B6688A9855] - 03/10/2013 - 18:23:55 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf O45 - LFCP:[MD5.19B3EB982F5122150223E1023639C028] - 03/10/2013 - 18:23:57 ---A- - C:\Windows\Prefetch\CHECKT.EXE-B76954C9.pf O45 - LFCP:[MD5.D3D73831F7AF852116D5B845565FA874] - 03/10/2013 - 18:24:03 ---A- - C:\Windows\Prefetch\INSTALL.EXE-BEAE15DB.pf O45 - LFCP:[MD5.E8BCBE3ECBF753CA4DFBC332511337AF] - 03/10/2013 - 18:24:23 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf O45 - LFCP:[MD5.1448BBCB3E74206044E04B465B838203] - 03/10/2013 - 18:24:23 ---A- - C:\Windows\Prefetch\VSDRINST.EXE-711BD644.pf O45 - LFCP:[MD5.29DCF27A296BD47746AA22B0CC8FC514] - 03/10/2013 - 18:24:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A73FB9CB.pf O45 - LFCP:[MD5.6C01748A978A16999FECAC6B97CC8FE2] - 03/10/2013 - 18:24:35 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf O45 - LFCP:[MD5.8F4177EC472929D34D3429E4B648876B] - 03/10/2013 - 18:25:08 ---A- - C:\Windows\Prefetch\ZAPRIVACYSERVICE.EXE-74958EBC.pf O45 - LFCP:[MD5.6DE5721F2688370E23EF2EAFCFCDF14E] - 03/10/2013 - 18:25:26 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-E09A077A.pf O45 - LFCP:[MD5.586F298F8549FCCAC7DE4557FA0F9FBF] - 03/10/2013 - 18:25:27 ---A- - C:\Windows\Prefetch\VSDRINST64.EXE-B567AE6B.pf O45 - LFCP:[MD5.AAFCCD4D56546F738520920009890DFB] - 03/10/2013 - 18:25:49 ---A- - C:\Windows\Prefetch\CLI.EXE-BB402402.pf O45 - LFCP:[MD5.A8524511111492334027BAA3EAC208A7] - 03/10/2013 - 18:25:55 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.63693A1447CB021953E68A1F179B54BB] - 03/10/2013 - 18:25:55 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.73F356C96A4E2599F4D641E4647EE7BA] - 03/10/2013 - 18:25:56 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.B7C8E648B3476A8440E09ADEC8052F5C] - 03/10/2013 - 18:25:56 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.40F83B4693FA7945D43F8ED6DFF6B314] - 03/10/2013 - 18:25:56 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.00999F70376A472853323A02FB1EF5D6] - 03/10/2013 - 18:28:01 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-D0649312.pf O45 - LFCP:[MD5.2557830E3CB2171B2A4FACAED9C01E5A] - 03/10/2013 - 18:28:01 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf O45 - LFCP:[MD5.039A0EE200E13A183996FDDCB92DFB20] - 03/10/2013 - 18:28:07 ---A- - C:\Windows\Prefetch\HYDRADM.EXE-BDA9836C.pf O45 - LFCP:[MD5.2DA1CE8B111ED0A630C6464C6ED3DF54] - 03/10/2013 - 18:28:08 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-0E293DD6.pf O45 - LFCP:[MD5.BD29C0F01F8E49EDE072EBCAA06381E8] - 03/10/2013 - 18:28:13 ---A- - C:\Windows\Prefetch\DTLITE.EXE-368347E6.pf O45 - LFCP:[MD5.8BDC833E0FFFDDBBBAB7A97DD36172C5] - 03/10/2013 - 18:28:14 ---A- - C:\Windows\Prefetch\STEAM.EXE-D0A3496D.pf O45 - LFCP:[MD5.ECCB8DA7AAA05A6088F8BD34C1DE0E8B] - 03/10/2013 - 18:28:15 ---A- - C:\Windows\Prefetch\STEAMERRORREPORTER.EXE-C168E0F6.pf O45 - LFCP:[MD5.AAECBE63F9A1C430D4E4E4C3B6552999] - 03/10/2013 - 18:28:18 ---A- - C:\Windows\Prefetch\AVGNT.EXE-DB62B80F.pf O45 - LFCP:[MD5.BD337B571FE9E63F6215F61869588B61] - 03/10/2013 - 18:28:18 ---A- - C:\Windows\Prefetch\CLISTART.EXE-0F58A398.pf O45 - LFCP:[MD5.39F3E48802C70D6C16AAD576CF8F7AF8] - 03/10/2013 - 18:28:18 ---A- - C:\Windows\Prefetch\HYDRADM64.EXE-2194898E.pf O45 - LFCP:[MD5.D9705572D30A296C98A3D41FB21E8D61] - 03/10/2013 - 18:28:18 ---A- - C:\Windows\Prefetch\MOM.EXE-42E9F9DF.pf O45 - LFCP:[MD5.25327B5B39A04D487FF799DE85228969] - 03/10/2013 - 18:28:28 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf O45 - LFCP:[MD5.47B7D6D68E4E0774ECA73D402C084FB9] - 03/10/2013 - 18:28:31 ---A- - C:\Windows\Prefetch\CCC.EXE-B637C9BF.pf O45 - LFCP:[MD5.45143C9FC74397235E954493D496340D] - 03/10/2013 - 18:28:32 ---A- - C:\Windows\Prefetch\STEAMSERVICE.EXE-61749D82.pf O45 - LFCP:[MD5.6F1ECAA264946D19474A5F61CEA58299] - 03/10/2013 - 18:28:34 ---A- - C:\Windows\Prefetch\MMLOADDRV.EXE-4072A3B8.pf O45 - LFCP:[MD5.632E3A85E575AC19C2C9CFDE5FDF1F4B] - 03/10/2013 - 18:28:37 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf O45 - LFCP:[MD5.33341A261AD8829FF7227CFB0321AAF1] - 03/10/2013 - 18:29:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.ADF7544134BA3918B2A027632679BBC3] - 03/10/2013 - 18:29:34 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf O45 - LFCP:[MD5.A7871E45BF870CC93FDD15CE60064435] - 03/10/2013 - 18:29:43 ---A- - C:\Windows\Prefetch\MBAM.EXE-80210E2F.pf O45 - LFCP:[MD5.BB8D41482C4D5FDAF99F4EAF26AABCB8] - 03/10/2013 - 18:30:21 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1605FA5B.pf O45 - LFCP:[MD5.3E5B3C0C87D026B30930409FB3B2AF5E] - 03/10/2013 - 18:30:58 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf O45 - LFCP:[MD5.01EBC71EB4F0FD35D6C30334C09B5CA1] - 03/10/2013 - 18:31:55 ---A- - C:\Windows\Prefetch\AVCENTER.EXE-FD66D2A7.pf O45 - LFCP:[MD5.0CBE43DB5F9D0E91AABDE80C6F709EA5] - 03/10/2013 - 18:32:25 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9D876338.pf O45 - LFCP:[MD5.A10CB92125551FF4A0E1AD95FD3132EC] - 03/10/2013 - 18:32:45 ---A- - C:\Windows\Prefetch\WSCTOOL.EXE-EB22FE56.pf O45 - LFCP:[MD5.A1538B3B31550B031C298DB8251F5CA4] - 03/10/2013 - 18:33:10 ---A- - C:\Windows\Prefetch\CCUAC.EXE-3A725DBA.pf O45 - LFCP:[MD5.886E56CEFE2C563F49886697E76F8AA4] - 03/10/2013 - 18:33:32 ---A- - C:\Windows\Prefetch\USBFIX.EXE-1E644588.pf O45 - LFCP:[MD5.19D2EBF7F314E4DFD808975CEB99BFD7] - 03/10/2013 - 18:33:44 ---A- - C:\Windows\Prefetch\GO.EXE-0A7DE786.pf O45 - LFCP:[MD5.EE095260C28B3A610020AA2AC9CAA758] - 03/10/2013 - 18:33:45 ---A- - C:\Windows\Prefetch\USRREQ.EXE-D8125E51.pf O45 - LFCP:[MD5.F8AEC39D5FF55DC613FA88560A698D54] - 03/10/2013 - 18:33:46 ---A- - C:\Windows\Prefetch\WSCRIPT.EXE-9093C9D0.pf O45 - LFCP:[MD5.8E57B3284D97A524776FAE6D545F68F8] - 03/10/2013 - 18:39:16 ---A- - C:\Windows\Prefetch\AVMAILC.EXE-4AFD6698.pf O45 - LFCP:[MD5.7B277FEABAADFCB1D848F668E0CF54CD] - 03/10/2013 - 18:39:16 ---A- - C:\Windows\Prefetch\AVSHADOW.EXE-04DD2548.pf O45 - LFCP:[MD5.F4027449DA2D6955EE14941BE95E3770] - 03/10/2013 - 18:39:16 ---A- - C:\Windows\Prefetch\AVWEBGRD.EXE-615A88F1.pf O45 - LFCP:[MD5.DF127DAF3972A957B003339E470E024B] - 03/10/2013 - 18:39:16 ---A- - C:\Windows\Prefetch\FANUTILITY.EXE-37BCA610.pf O45 - LFCP:[MD5.1E516D367FD59AE9854EA1B82636E7CE] - 03/10/2013 - 18:39:16 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf O45 - LFCP:[MD5.FB5F2861CC488B26319BD89DD2154329] - 03/10/2013 - 18:39:16 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf O45 - LFCP:[MD5.E9EE694D4484E3C29305D56786B1CDFC] - 03/10/2013 - 18:39:16 ---A- - C:\Windows\Prefetch\TURBOVHELP.EXE-5F643F8E.pf O45 - LFCP:[MD5.6CFAB76BB830F40220BB724D9C0686FD] - 03/10/2013 - 18:39:18 ---A- - C:\Windows\Prefetch\KEYSCRAMBLER.EXE-40837EA1.pf O45 - LFCP:[MD5.2580943BEBA5C206AE2028EDA0943C4D] - 03/10/2013 - 18:39:32 ---A- - C:\Windows\Prefetch\READER_SL.EXE-38C1D083.pf O45 - LFCP:[MD5.815635F03F3E0F9BB1E819CB215CB7A0] - 03/10/2013 - 18:39:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf O45 - LFCP:[MD5.1526CF84BA8D5D0553BD66BC1A675380] - 03/10/2013 - 18:40:14 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf O45 - LFCP:[MD5.E10B2586BEEE86DF647D47570F380F38] - 03/10/2013 - 18:40:14 ---A- - C:\Windows\Prefetch\CSC.EXE-4C85A8F6.pf O45 - LFCP:[MD5.EB9009AD3977BE26347458D0675D6837] - 03/10/2013 - 18:40:14 ---A- - C:\Windows\Prefetch\CVTRES.EXE-CDAB491C.pf O45 - LFCP:[MD5.3046E113814109F2C02E28A9F6332F34] - 03/10/2013 - 18:40:16 ---A- - C:\Windows\Prefetch\IPMGUI.EXE-F9CAB886.pf O45 - LFCP:[MD5.B05DC8457E2D91A53A0A6904868C5383] - 03/10/2013 - 18:40:23 ---A- - C:\Windows\Prefetch\IASTORICON.EXE-6F90A965.pf O45 - LFCP:[MD5.02962EAF646B04758D707FF5293EB4C8] - 03/10/2013 - 18:40:26 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf O45 - LFCP:[MD5.C26A410EB3AD5279D08DEC6B817133FF] - 03/10/2013 - 18:40:28 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf O45 - LFCP:[MD5.72B3ADEEF9E90103867E81865F159C14] - 03/10/2013 - 18:40:33 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.EDCE7CC50B343A3AF789C5A0CF08C8CF] - 03/10/2013 - 18:40:38 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf O45 - LFCP:[MD5.BD8B2278CCA7755559B7C3AC00078BDC] - 03/10/2013 - 18:40:38 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-F2DCEF0D.pf O45 - LFCP:[MD5.2AC19D2701118612603C63B8D70BCC58] - 03/10/2013 - 18:40:58 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf O45 - LFCP:[MD5.08C9D3FAFC77322F0194AADF70B88CFD] - 03/10/2013 - 18:40:58 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf O45 - LFCP:[MD5.F66923DB888A2DE8806BF3754B017C97] - 03/10/2013 - 18:41:00 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-EBD3B8D7.pf O45 - LFCP:[MD5.F48D55EE27565F06DF662573D50B17BE] - 03/10/2013 - 18:41:08 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A8DE6D5B.pf O45 - LFCP:[MD5.83AC65BE2B01B95752F174D0B7A4EC8C] - 03/10/2013 - 18:41:09 ---A- - C:\Windows\Prefetch\IASTORDATAMGRSVC.EXE-67E8628C.pf O45 - LFCP:[MD5.CB9141701ED3B7BB83A8BFC665EA4693] - 03/10/2013 - 18:41:10 ---A- - C:\Windows\Prefetch\NASVC.EXE-B158719F.pf O45 - LFCP:[MD5.AD766F626E45058C344594DDE429CED8] - 03/10/2013 - 18:41:10 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-0D117CAF.pf O45 - LFCP:[MD5.F0B1D687AB432ACA72ABB888EF884671] - 03/10/2013 - 18:41:11 ---A- - C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf O45 - LFCP:[MD5.93923303A83862EC2B19C0C0D9B361F5] - 03/10/2013 - 18:41:11 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf O45 - LFCP:[MD5.92DD969CF5706B8C408846E760F49138] - 03/10/2013 - 18:41:12 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf O45 - LFCP:[MD5.A2CED044CDBBD7CFA2DF7FBDE52F5FB0] - 03/10/2013 - 18:41:21 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf O45 - LFCP:[MD5.4185B9C804032DCB638D4C3388ED19B8] - 03/10/2013 - 18:41:21 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-0FB3F22C.pf O45 - LFCP:[MD5.6A30F3A60EC52DE3479AE154339DE057] - 03/10/2013 - 18:41:25 ---A- - C:\Windows\Prefetch\PV.EXE-34B75B82.pf O45 - LFCP:[MD5.95D74B6F79CF2835BFD01E9770161E6F] - 03/10/2013 - 18:41:30 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-AB0CE9D9.pf O45 - LFCP:[MD5.4D24A56BCA4D66AC9E8F004F2396C26A] - 03/10/2013 - 18:41:30 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf O45 - LFCP:[MD5.5EE78FCFB72AD3D9D1ACDCDA6F4CAD85] - 03/10/2013 - 18:41:40 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-AD598958.pf O45 - LFCP:[MD5.50F877537EEED56658DF0E99B67BBEB3] - 03/10/2013 - 18:42:12 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf O45 - LFCP:[MD5.75EA2F9C35D1FE496603ECD413DA9D7F] - 03/10/2013 - 18:42:12 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf O45 - LFCP:[MD5.A0D6FC58B97C9C12FC99711882854894] - 03/10/2013 - 18:42:46 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.436367FCB3380C545BAA17E1060057FE] - 03/10/2013 - 18:42:46 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf O45 - LFCP:[MD5.4E92DAFD22BB3AF71E96AED12DB0F905] - 19/09/2013 - 23:47:12 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-440345812-2725411837-4022958379-1000.snp.db O45 - LFCP:[MD5.3964D709E0EFA40CC337EACC0C8219C1] - 19/09/2013 - 23:48:46 ---A- - C:\Windows\Prefetch\AgCx_SC3_E4C0DA4A467899CB.db O45 - LFCP:[MD5.13ED5F89D3AD179D388CFA3F0459494D] - 27/09/2013 - 12:44:56 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf ~ Prefetcher: 140 Scanned in 00mn 02s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{4dbaa163-d507-11e2-8ec6-806e6f6e6963}\AutoRun\command. (.Mercury Steam Entertainment - Launcher.) -- D:\Launcher.exe O51 - MPSK:{7c88eb3e-e661-11e2-849f-f46d0429bb59}\AutoRun\command. (...) -- E:\Launch.exe (.not file.) ~ Keys: Scanned in 00mn 01s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 ~ MWPE Keys: 7 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 04/01/2008 - 06:34:42 ----- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys [10216] O58 - SDL:[MD5.0FFE35F0B0CD5A324BBE22F02569AE3B] - 29/12/2012 - 21:59:38 ---A- . (.Almico Software - SpeedFan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [28664] ~ Drivers: Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 02/10/2013 - 01:28:39 ---A- C:\Users\Jerry\AppData\Roaming\MKKE\dxdiag.txt [25592] O61 - LFC: 03/10/2013 - 00:10:25 ---A- C:\Users\Jerry\AppData\Local\Mozilla\updates\E7CF176E110C211B\active-update.xml [57] O61 - LFC: 03/10/2013 - 00:10:25 ---A- C:\Users\Jerry\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates.xml [4476] O61 - LFC: 03/10/2013 - 01:52:15 ---A- C:\Users\Jerry\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-10-03 (01-45-41).txt [2222] O61 - LFC: 03/10/2013 - 11:11:06 ---A- C:\Users\Jerry\AppData\Local\Temp\~DF0598789B86773763.TMP [65536] O61 - LFC: 03/10/2013 - 17:25:24 ---A- C:\Users\Jerry\AppData\Local\Temp\~DF39567011297D7701.TMP [65536] O61 - LFC: 03/10/2013 - 17:30:44 ---A- C:\Users\Jerry\AppData\Local\Temp\~DF2B8916163B5C01C7.TMP [32768] O61 - LFC: 03/10/2013 - 17:31:27 ---A- C:\Users\Jerry\AppData\Local\Temp\~DF31A70375D699A93A.TMP [65536] O61 - LFC: 03/10/2013 - 17:31:43 ---A- C:\Users\Jerry\AppData\Local\Temp\hixu4l3c.0.cs [11074] O61 - LFC: 03/10/2013 - 17:31:43 ---A- C:\Users\Jerry\AppData\Local\Temp\hixu4l3c.cmdline [443] O61 - LFC: 03/10/2013 - 17:31:43 ---A- C:\Users\Jerry\AppData\Local\Temp\hixu4l3c.dll [0] O61 - LFC: 03/10/2013 - 17:31:43 ---A- C:\Users\Jerry\AppData\Local\Temp\hixu4l3c.err [0] O61 - LFC: 03/10/2013 - 17:31:52 ---A- C:\Users\Jerry\AppData\Local\Temp\hixu4l3c.out [0] O61 - LFC: 03/10/2013 - 17:47:31 ---A- C:\Users\Jerry\AppData\Local\Temp\~DF73804E19712A92EC.TMP [65536] O61 - LFC: 03/10/2013 - 18:18:23 ---A- C:\Users\Jerry\AppData\Local\CrashDumps\TurboVHelp.exe.2572.dmp [648142] O61 - LFC: 03/10/2013 - 18:25:51 --HA- C:\Users\Jerry\AppData\Local\IconCache.db [3390510] O61 - LFC: 03/10/2013 - 18:33:35 ---A- C:\Users\Jerry\AppData\Local\Temp\~DFA83EDB6DC0FAD046.TMP [65536] O61 - LFC: 03/10/2013 - 18:39:13 ---A- C:\Users\Jerry\AppData\Local\ATI\ACE\Manifest.Bin [28362] O61 - LFC: 03/10/2013 - 18:39:13 ---A- C:\Users\Jerry\AppData\Local\ATI\ACE\Manifest.xml [20471] O61 - LFC: 03/10/2013 - 18:39:58 ---A- C:\Users\Jerry\AppData\Local\ATI\ACE\Profiles.xml [55898] O61 - LFC: 30/09/2013 - 00:03:01 ---A- C:\Users\Jerry\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-09-29 (22-16-48).txt [2224] ~ 11 Fichiers temporaires (Temporary files) ~ Files: 21 Scanned in 00mn 12s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - www.usbfix.net.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 29/03/2013 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 24/08/2010 - Pas de propriétaire (AsIO) .(...) - LEGACY_ASIO O64 - Services: CurCS - 03/08/2010 - Pas de propriétaire (AsUpIO) .(...) - LEGACY_ASUPIO O64 - Services: CurCS - 16/07/2013 - C:\Windows\System32\DRIVERS\avfwot.sys (avfwot) .(.Avira GmbH - TDI filtering kernel driver.) - LEGACY_AVFWOT O64 - Services: CurCS - 10/09/2013 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 10/09/2013 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 16/07/2013 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - LEGACY_AVKMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (driverhardwarev2x64) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64 O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\msahci.sys (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\mv91xx.sys (mv91xx) .(.Marvell Semiconductor, Inc. - Marvell magni Windows Driver.) - LEGACY_MV91XX O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 84 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ FASS Keys: 19 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: prefs.js [Jerry - h11xr0pn.default-1378381919353] user_pref("weboftrust.search.ask.display", "Ask.com Web Search"); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {699B3293-8BAD-4cdd-9209-C4E060CBE0B4} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] ~ Services: 33 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][03/10/2013] (...) -- C:\Users\Jerry\AppData\Local\Temp\hixu4l3c.dll [0] [MD5.C08E905F710AF6CEB20ED4BEFCA2B1CE] [SPRF][28/09/2013] (.Thisisu - Junkware Removal Tool.) -- C:\Users\Jerry\Desktop\JRT(1).exe [1030305] [MD5.5AE1BF5713CF1F0D682561D34779214D] [SPRF][12/05/2012] (.www.motioninjoy.com - MotioninJoy Dualshock 3 driver Setup.) -- C:\Users\Jerry\Desktop\MotioninJoy_071001_signed.exe [4199240] [MD5.4F99CAE27FFD46712E65C21444AACDFC] [SPRF][04/07/2013] (.VS Revo Group Ltd. - Revo Uninstaller Setup.) -- C:\Users\Jerry\Desktop\revosetup.exe [2623656] [MD5.0187647CBDA049BB236F42CA28AF3DEA] [SPRF][03/10/2013] (.El Desaparecido - SosVirus.net - UsbFix.net - UsbFix - Remove malware from yours drive!.) -- C:\Users\Jerry\Desktop\UsbFix.exe [1539808] [MD5.AFC9904C5AF0DD48A189522703D85946] [SPRF][03/10/2013] (...) -- C:\Users\Jerry\Desktop\winchk0.exe [315000] [MD5.1F2B5E73AFA4B5AED5769E390EB15B41] [SPRF][03/10/2013] (...) -- C:\Users\Jerry\Desktop\winupdatefix.exe [548774] [MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616] [MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648] [MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][10/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272] ~ Files: Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "RemoteDesktop-UserMode-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteDesktop-UserMode-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-Out" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-In" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-McrMgr-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcrmgr.exe (.not file.) O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Prov-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\mcx2prov.exe (.not file.) O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-In-TCP" |In - None - P6 - FALSE | .(...) -- C:\Windows\ehome\ehshell.exe (.not file.) O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "{C6856DA6-BC67-4F7E-BEA0-E39BEEC321D9}" | In - Private - P6 - TRUE | .(.KTX Software Development - The Haunted: Hells Reach.) -- C:\Program Files (x86)\Steam\SteamApps\common\the-haunted-hells-reach\Binaries\Win32\HauntedGame.exe O87 - FAEL: "{BAD25DF3-CEEF-4ABD-A287-3BC8C795E97E}" | In - Private - P17 - TRUE | .(.KTX Software Development - The Haunted: Hells Reach.) -- C:\Program Files (x86)\Steam\SteamApps\common\the-haunted-hells-reach\Binaries\Win32\HauntedGame.exe O87 - FAEL: "{DE45B49B-1073-404D-BB8F-B6377B5286C3}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe O87 - FAEL: "{EBEC6A16-FE21-4286-9170-989312292A00}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe O87 - FAEL: "{8D746524-EAD1-4D6E-847E-8F9B05A97D24}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe O87 - FAEL: "{7446C108-3283-4A9A-B5D0-B0389417EDEC}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe O87 - FAEL: "{51E8F006-EB9A-4E44-8CDD-62D81F15B41B}" | In - Private - P6 - TRUE | .(.Epic Games, Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe O87 - FAEL: "{CD6E5992-692A-499A-9202-48F6C3741FAD}" | In - Private - P17 - TRUE | .(.Epic Games, Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe O87 - FAEL: "{D61C5914-2A35-4B82-A2EB-C416DB7E6628}" | In - Private - P6 - TRUE | .(.ZeniMax Media Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe O87 - FAEL: "{D8F07B1B-57CA-482B-86B0-14E0D5B5BDD8}" | In - Private - P17 - TRUE | .(.ZeniMax Media Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe O87 - FAEL: "{2F0994E9-17E2-41A8-BFC4-6CE3F681873C}" | In - Private - P6 - TRUE | .(.Devolver - HotlineLauncher.) -- C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe O87 - FAEL: "{DA2F1D62-983F-48FD-8973-D30A0B1BB642}" | In - Private - P17 - TRUE | .(.Devolver - HotlineLauncher.) -- C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe O87 - FAEL: "{ACB40C47-A703-4FFC-B0B8-3A6ED5BB798D}" | In - Private - P6 - TRUE | .(.Gaijin Entertainment - War Thunder Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe O87 - FAEL: "{F36ACBCC-0FF2-42D1-A643-ADE2E3B31194}" | In - Private - P17 - TRUE | .(.Gaijin Entertainment - War Thunder Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe O87 - FAEL: "{07F37FD6-FE8A-40F7-9ED9-648D78842071}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - PerfectWorld Co., Ltd.) -- C:\Program Files (x86)\Steam\SteamApps\common\Rusty Hearts\ClientLauncher.exe O87 - FAEL: "{2B776486-C367-48CD-91CD-7E06AE2CD3FE}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - PerfectWorld Co., Ltd.) -- C:\Program Files (x86)\Steam\SteamApps\common\Rusty Hearts\ClientLauncher.exe O87 - FAEL: "{DB9D7B27-7D4D-454D-BD3E-814FDB5D8987}" | In - Private - P6 - TRUE | .(.Humble Hearts LLC - Dust: An Elysian Tail.) -- C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe O87 - FAEL: "{B763E7E9-5517-411F-BB61-9BB4C1693203}" | In - Private - P17 - TRUE | .(.Humble Hearts LLC - Dust: An Elysian Tail.) -- C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe O87 - FAEL: "{55B02F89-C0E5-43A6-9953-39FF2B873AC3}" | In - Private - P6 - TRUE | .(.Epic Games, Inc. - Sanctum 2.) -- C:\Program Files (x86)\Steam\SteamApps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe O87 - FAEL: "{99D337A5-3A5B-4E66-AA3D-8064F9C0CF4F}" | In - Private - P17 - TRUE | .(.Epic Games, Inc. - Sanctum 2.) -- C:\Program Files (x86)\Steam\SteamApps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe O87 - FAEL: "{4D2D4DE6-45BB-4D2F-B36E-04723B5EB091}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe O87 - FAEL: "{54CFD77C-F9D2-43D4-BE00-D7F8AE4D31F9}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe O87 - FAEL: "{6EEFF8E8-5311-44AF-B873-6D498D8B196E}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe O87 - FAEL: "{1185A291-6E2A-450A-917F-25E383BE1B69}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe O87 - FAEL: "{0BCB89E7-3340-41B6-8F1A-8290E311547F}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe O87 - FAEL: "{A4779894-6ED7-4FA1-A1EA-DB0A6B696EB2}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe O87 - FAEL: "{B7F08714-C87F-478E-90F9-EE182F087EAF}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe O87 - FAEL: "{7C56FC60-22D8-41A3-991B-0BA1859CD100}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe O87 - FAEL: "{623453BE-FAD4-4B0E-ACEB-39B647B6C2A7}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Ravaged\Binaries\Win32\RavagedGame.exe O87 - FAEL: "{C8805E5E-41CF-47D5-809E-6897E9E99512}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Ravaged\Binaries\Win32\RavagedGame.exe O87 - FAEL: "{9C1DC8B1-2EB3-4550-BAC6-A8943FEB0AC7}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogs\HKShip.exe O87 - FAEL: "{8509CD44-A0EF-40FF-AF15-F2131DD54065}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogs\HKShip.exe O87 - FAEL: "{D000D69A-5806-4C6B-A470-29A806195465}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Trine\trine_launcher.exe O87 - FAEL: "{C01DF401-F044-4096-9BD1-1E72211DB6D6}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Trine\trine_launcher.exe O87 - FAEL: "{A42B7DC3-3187-42CC-91B5-FF08F38F0B8E}" | In - Private - P6 - TRUE | .(.Arrowhead Game Studios AB - Magicka.) -- C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe O87 - FAEL: "{08D7705F-4AB5-4AE9-8639-65E239291203}" | In - Private - P17 - TRUE | .(.Arrowhead Game Studios AB - Magicka.) -- C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe O87 - FAEL: "{84E60A93-285C-4B14-B20C-54580A2D68BF}" | In - Private - P6 - TRUE | .(.Trendy Entertainment LLC - Game.) -- C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe O87 - FAEL: "{13840258-8DCA-4974-8332-D178B4DD42B6}" | In - Private - P17 - TRUE | .(.Trendy Entertainment LLC - Game.) -- C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe O87 - FAEL: "{51C8EF77-E806-4920-A2EC-7CFF61C9366F}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe O87 - FAEL: "{BA72C85C-F265-4BEF-8BDB-D63CE747E79E}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe O87 - FAEL: "{3FFABC00-EAF4-4B4A-903D-7F7A8245EED2}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Dungeonland\dungeonland.exe O87 - FAEL: "{95FA992B-12FF-4398-8A45-05DF4671493E}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Dungeonland\dungeonland.exe O87 - FAEL: "{CD10C741-18C6-4746-B087-278D0C35E1F6}" | In - Private - P6 - TRUE | .(.Playdead - Limbo.) -- C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe O87 - FAEL: "{7B3897E7-A4CA-4DE5-91C0-1E13F21EAC50}" | In - Private - P17 - TRUE | .(.Playdead - Limbo.) -- C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe O87 - FAEL: "{CBE87A46-5E55-4C3B-B395-6C7A769A6FD3}" | In - Private - P6 - TRUE | .(.Klei Entertainment Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\Shank 2\bin\shank2.exe O87 - FAEL: "{DE231F5A-6011-46D8-9F99-961A875EA2D7}" | In - Private - P17 - TRUE | .(.Klei Entertainment Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\Shank 2\bin\shank2.exe O87 - FAEL: "{674818F9-087A-4EA9-B1D8-E7BD981ECD17}" | In - Private - P6 - TRUE | .(.Digital Reality Software - Sine Mora.) -- C:\Program Files (x86)\Steam\SteamApps\common\Sine Mora\SineMora.exe O87 - FAEL: "{23C2542E-E369-4713-8135-880C4DFE48A1}" | In - Private - P17 - TRUE | .(.Digital Reality Software - Sine Mora.) -- C:\Program Files (x86)\Steam\SteamApps\common\Sine Mora\SineMora.exe O87 - FAEL: "{85488BD8-3344-44FF-A21D-7FF7BA823C6B}" | In - Private - P6 - TRUE | .(.Sony Online Entertainment - Sony Online Entertainment LaunchPad.) -- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe O87 - FAEL: "{7217990B-5357-4217-8FA0-F188C7275C17}" | In - Private - P17 - TRUE | .(.Sony Online Entertainment - Sony Online Entertainment LaunchPad.) -- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe O87 - FAEL: "{58E08AC9-825D-4C57-9819-7852A01D018C}" | In - Private - P6 - TRUE | .(.Monolith Productions, Inc. - Gotham City Impostors.) -- C:\Program Files (x86)\Steam\SteamApps\common\Gotham City Impostors F2P\Impostors.exe O87 - FAEL: "{45653CDD-6D59-4339-A6B9-C06AB063E8BE}" | In - Private - P17 - TRUE | .(.Monolith Productions, Inc. - Gotham City Impostors.) -- C:\Program Files (x86)\Steam\SteamApps\common\Gotham City Impostors F2P\Impostors.exe O87 - FAEL: "{B7347E3B-475F-44E6-B686-0A03AB132802}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe O87 - FAEL: "{2DBCC436-9008-45F5-B2C6-99D195A19C8C}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe O87 - FAEL: "{680B428D-C865-4675-8FE2-FF10837FD78A}" | In - Private - P6 - TRUE | .(.Epic Games, Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe O87 - FAEL: "{BAC6186B-FC4A-4D75-89F0-655B7423907C}" | In - Private - P17 - TRUE | .(.Epic Games, Inc. - Pas de description.) -- C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe ~ Firewall: 199 Scanned in 00mn 20s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "029EFAD388B166C43AB97D342FA81FD0" . (.Nero BurningROM 12.) -- C:\Windows\Installer\{3DAFE920-1B88-4C66-A39B-D743F28AF10D}\ARPPRODUCTICON.exe O90 - PUC: "058A22391909E0D42B25E328DE3A9DA4" . (.Prototype(TM).) -- C:\Windows\Installer\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\ARPPRODUCTICON.exe O90 - PUC: "0ED9D238CFA898648991D4BBEDDBE3F4" . (.Microsoft Games for Windows - LIVE Redistributable.) -- C:\Windows\Installer\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}\GameForWindowsLiveRedist.exe O90 - PUC: "127805FCE1E099F43A95954EAED8EA1C" . (.Nero Burning ROM.) -- C:\Windows\Installer\{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}\ARPPRODUCTICON.exe O90 - PUC: "1C62D0E6562420D1D4910D8A6F4A368F" . (.Catalyst Control Center.) -- C:\Windows\Installer\{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}\ARPPRODUCTICON.exe O90 - PUC: "25946514D2147365007A7A857BC02010" . (.Avira SearchFree Toolbar plus Web Protection.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0201}\ToolbarIcon.exe =>Toolbar.Avira O90 - PUC: "26EF683DD8DC0E8CCD7ADEF5AC4B675A" . (.AMD Wireless Display v3.0.) -- C:\Windows\Installer\{D386FE62-CD8D-C8E0-DCA7-ED5FCAB476A5}\ARPPRODUCTICON.exe O90 - PUC: "2B0DE193688B0D6A1B6A2CA5F75E4B25" . (.ATI AVIVO64 Codecs.) -- C:\Windows\Installer\{391ED0B2-B886-A6D0-B1A6-C25A7FE5B452}\ARPPRODUCTICON.exe O90 - PUC: "2EDF84728AB702D1112AFF10EC0B905A" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}\ARPPRODUCTICON.exe O90 - PUC: "32FA0F2EF2EF2224A934556EC34CE11F" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}\ARPPRODUCTICON.exe O90 - PUC: "35588CBA077879B44BE3A50946A7B536" . (.Nero ControlCenter.) -- C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe O90 - PUC: "3A80BAA3921F5DB44B90EA76F43957D9" . (.Prerequisite installer.) -- C:\Windows\Installer\{3AAB08A3-F129-4BD5-B409-AE674F93759D}\ARPPRODUCTICON.exe O90 - PUC: "423E0982B3F65794B8597E6D8DE02062" . (.Nero Burning ROM Help (CHM).) -- C:\Windows\Installer\{2890E324-6F3B-4975-8B95-E7D6D80E0226}\NeroHelpIcon.A2EDDB31_726D_4D40_8014_5D5F2D3EF945 O90 - PUC: "6239B35654DBEB3586A14AC9AAEEA8C3" . (.ccc-utility64.) -- C:\Windows\Installer\{653B9326-BD45-53BE-681A-A49CAAEE8A3C}\ARPPRODUCTICON.exe O90 - PUC: "647C499C0D6CABE40BE9FDB78183B196" . (.Nero ControlCenter Help (CHM).) -- C:\Windows\Installer\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D O90 - PUC: "6805DE38B6D5F896C54DF236D18ADF96" . (.AMD Drag and Drop Transcoding.) -- C:\Windows\Installer\{83ED5086-5D6B-698F-5CD4-2F631DA8FD69}\ARPPRODUCTICON.exe O90 - PUC: "687EE9C2BDD189C4F84A1B9B5B6AB677" . (.Microsoft Games for Windows - LIVE.) -- c:\Windows\Installer\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}\GameForWindowsLiveDash.exe O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.03) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe O90 - PUC: "76EE88AB4798D9541ABD8C82D1A96C6F" . (.Browser Configuration Utility.) -- C:\Windows\Installer\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}\ARPPRODUCTICON.exe O90 - PUC: "86BC29AE7669A343F1350B9385F3A2A3" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{EA92CB68-9667-343A-1F53-B039583F2A3A}\ARPPRODUCTICON.exe O90 - PUC: "93B0BF4E199C7EE459DDA1A187753DD3" . (.Asmedia ASM104x USB 3.0 Host Controller Driver.) -- C:\Windows\Installer\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}\ARPPRODUCTICON.exe O90 - PUC: "93CA946E0C96EF6CA0457425BDD5F12D" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}\ARPPRODUCTICON.exe O90 - PUC: "954E9A05FC2A9014BB37099707B2BE2F" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{50A9E459-A2CF-4109-BB73-9079702BEBF2}\maconfico O90 - PUC: "985E2342652631540BFBFE8A3E525D0F" . (.Nero SharedVideoCodecs.) -- C:\Windows\Installer\{2432E589-6256-4513-B0BF-EFA8E325D5F0}\ARPPRODUCTICON.exe O90 - PUC: "AC72A8F4887656972395C5B3C973CF8D" . (.ATI Problem Report Wizard.) -- C:\Windows\Installer\{4F8A27CA-6788-7965-3259-5C3B9C37FCD8}\ARPPRODUCTICON.exe O90 - PUC: "C3F8A12EBCA11B64EC279EFC9045D9DE" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}\ARPPRODUCTICON.exe O90 - PUC: "CA0B84B9318C4714092474A68857297C" . (.Windows Live ID Sign-in Assistant.) -- C:\Windows\Installer\{9B48B0AC-C813-4174-9042-476A887592C7}\prodicon.ico O90 - PUC: "D5ADFB912EF152F4799FA197DD40EE02" . (.Microsoft XNA Framework Redistributable 3.1.) -- C:\Windows\Installer\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}\ProductIcon O90 - PUC: "D89AFB700BD6C9D6595DE73F74FA85B7" . (.HydraVision.) -- C:\Windows\Installer\{07BFA98D-6DB0-6D9C-95D5-7EF347AF587B}\ARPPRODUCTICON.exe O90 - PUC: "DD86EFAA5D2AFBDB1E2BBC10EDDFE60B" . (.AMD Media Foundation Decoders.) -- C:\Windows\Installer\{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}\ARPPRODUCTICON.exe O90 - PUC: "DF76DC54812370240A2ACB144215983E" . (.Microsoft Xbox 360 Accessories 1.2.) -- C:\Windows\Installer\{45CD67FD-3218-4207-A0A2-BC41245189E3}\ARPIcon O90 - PUC: "EA73B3005F125CB55FBEDC068A296869" . (.AMD Accelerated Video Transcoding.) -- C:\Windows\Installer\{003B37AE-21F5-5BC5-F5EB-CD60A8928696}\ARPPRODUCTICON.exe O90 - PUC: "EDE8C96D5CBBB634E8E05C6A3D11FCF4" . (.Microsoft XNA Framework Redistributable 4.0 Refresh.) -- C:\Windows\Installer\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}\ProductIcon ~ Update Products: 109 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.D2F34AF196CCAF29A124324392FC3DFF] [WIS][19/06/2013] (.Valve Corporation - Steam.) -- C:\Windows\Installer\1cac213.msi [8532992] [MD5.D8F1DAAFC435C95C2FC4BFA1E3BB7EAE] [WIS][06/07/2010] (.ARC SYSTEM WORKS - BLAZBLUE -CALAMITY TRIGGER-.) -- C:\Windows\Installer\6bc9b2e.msi [1213952] [MD5.6523E92B7F6A9E5D7775E9AB3604F76A] [WIS][14/06/2013] (.DeviceVM Inc. - Browser Configuraion Utility.) -- C:\Windows\Installer\7d656.msi [6460928] [MD5.B75A28B635458640D2E4132FA6ECFAAF] [WIS][02/07/2013] (.Ask Partner Network - Avira SearchFree Toolbar plus Web Protection.) -- C:\Windows\Installer\a179b.msi [759296] =>Toolbar.Avira ~ WIS: 109 Scanned in 00mn 14s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 11/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 29/03/2013 241152 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 10/09/2013 655928 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe SR - | Auto 10/09/2013 622648 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe SR - | Auto 10/09/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 10/09/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 10/09/2013 815160 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe SR - | Auto 03/11/2010 918144 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe SR - | Auto 02/12/2010 915584 | (asHmComSvc) . (...) - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe SR - | Auto 21/10/2010 586880 | (AsSysCtrlService) . (...) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe SR - | Auto 30/04/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe SR - | Auto 09/06/2013 2635600 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 01/10/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 13/07/2012 769432 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe SR - | Auto 20/07/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe SS - | Demand 21/09/2013 565672 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 15s ---\\ Recherche dinfection sur le Master Boot Record (MBR)(O80) Run by Jerry at 03/10/2013 19:45:30 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche dinfection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Jerry at 03/10/2013 19:45:32 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite ~ Emulateurs: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : v2.12862 - (22/08/2013) Clés trouvées (Keys found) : 8 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 2 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}] =>Toolbar.Avira^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{41564952-412D-5637-00A7-A758B70C0201}] =>Toolbar.Avira^ [HKLM\Software\Classes\Installer\Features\25946514D2147365007A7A857BC02010] =>Toolbar.Avira [HKLM\Software\Classes\Installer\Products\25946514D2147365007A7A857BC02010] =>Toolbar.Avira [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25946514D2147365007A7A857BC02010] =>Toolbar.Avira [HKLM\Software\Wow6432Node\Classes\Installer\Features\25946514D2147365007A7A857BC02010] =>Toolbar.Avira [HKLM\Software\Wow6432Node\Classes\Installer\Products\25946514D2147365007A7A857BC02010] =>Toolbar.Avira [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41564952-412D-5637-00A7-A758B70C0201}] =>Toolbar.Avira C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0201}\ToolbarIcon.exe =>Toolbar.Avira^ C:\Windows\Installer\a179b.msi =>Toolbar.Avira^ ~ Additionnel Scan: 386016 Items scanned in 00mn 20s ---\\ Récapitulatif des détections trouvées sur votre station ~ MSI: 0 link(s) detected in 00mn 20s End of the scan (1599 lines in 04mn 35s)(0)