Rapport de ZHPDiag v1.3.5.134 par Nicolas Coolman, Update du 26/02/2013 Run by Bryan at 27/02/2013 13:54:12 State : Version à jour. High Elevated Privileges : OK UAC : Deactivate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v25.0.1364.97 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows Vista Home Premium Edition, 64-bit (Build 6000) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 7QJB7 Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4090 MB (28% free) System Restore: Activé (Enable) System drive C: has 408 GB (69%) free of 583 GB ---\\ Logged in mode ~ Computer Name: BRYAN-PC ~ User Name: Bryan ~ All Users Names: UpdatusUser, HomeGroupUser$, Bryan, Administrateur, ~ Unselected Option: O45,O61,O62 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Bryan\AppData\Roaming\ ~ %Desktop% : C:\Users\Bryan\Desktop\ ~ %Favorites% : C:\Users\Bryan\Favorites\ ~ %LocalAppData% : C:\Users\Bryan\AppData\Local\ ~ %StartMenu% : C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 408 Go of 583 Go) D:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.435E9C764E1EF70058580996452BE6A2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/01/2013 - 02:12:03.) -- C:\Windows\System32\wininet.dll [1392128] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/3 ~ Mes musiques (My Musics) : 8/9 ~ Mes Videos (My Videos) : 2/5 ~ Mes Favoris (My Favorites) : 1/39 ~ Mes Documents (My Documents) : 3/232 ~ Mon Bureau (My Desktop) : 0/495 ~ Menu demarrer (Programs) : 1/64 ~ Scan Hidden Files in 00mn 01s ---\\ Processus lancés [MD5.639838B4BD0ED95F308650B910E3EC82] - (...) -- C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2550224] [PID.1984] [MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3024] [MD5.EADCEB89DD46DA2A5560CA2AF016A6A6] - (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [206208] [PID.2544] [MD5.866930A1A34DFB101908AB031CD6E001] - (.Bogdan Sharkov - Clownfish for Skype.) -- C:\Program Files (x86)\Clownfish\Clownfish.exe [1121016] [PID.3700] [MD5.05D79AE02DAA6E9B54AA0E43B3C9E641] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe [1276712] [PID.3888] [MD5.4458989C34FA84B5A75DD3ABCFBE786A] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624] [PID.1668] [MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.3412] [MD5.C87B4E7C539CB65FE4729FB1F6710645] - (.Alexander Nikiforov - MP3 Skype Recorder.) -- C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296] [PID.4448] [MD5.EB812850F48E28B8173BBB7501E79DF2] - (.Adobe Systems Incorporated - Adobe Flash Installer.) -- C:\Users\Bryan\AppData\Local\Temp\winlogon.exe [137761] [PID.816] [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.4792] [MD5.2782D83D9B1071E28E2A4D9C6F5307C6] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608] [PID.4916] [MD5.27964C4676D0F4B34DB7332AFA2B1474] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192] [PID.4964] [MD5.D93B31DAEF7F116CE8192E266D557912] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112] [PID.4976] [MD5.7D9EDDB07E9EB30D399E630D94DFBCC7] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480] [PID.5040] [MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.5048] [MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.5080] [MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.5116] [MD5.6C695B04E2E29459CDC2E5C0970B883B] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512] [PID.248] [MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664] [PID.676] [MD5.E2FE8C8ABFC575522A37D267326F0249] - (.CamStudio Group - CamStudio Recorder.) -- C:\Program Files (x86)\CamStudio 2.6b\Recorder.exe [2130432] [PID.4448] [MD5.84F6D5FE968852C59BCD3E06A36DC356] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1274320] [PID.3240] [MD5.F89D2B0AD1A0ECD767923E7471C05142] - (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe [3944312] [PID.1820] [MD5.01CEB56BA2DFEAEEF9EE5EFC3AC3A93A] - (...) -- C:\Program Files (x86)\Dofus2\app\DofusMod.exe [142336] [PID.7008] [MD5.107EA4E532DD44BBDA04DEC24E0CD103] - (...) -- C:\Program Files (x86)\Dofus2\app\reg\Reg.exe [95232] [PID.6548] [MD5.4A4CAA5B17A420157D04903313CC9380] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5711872] [PID.3844] [MD5.7E76EED28B8B8696B7F7ED5F757AA304] - (.FileZilla Project - FileZilla Server.) -- C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [632320] [PID.1244] [MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [1150496] [PID.1404] [MD5.6382D3BBF7BFADEA7E073BFF8AD18DD7] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [536360] [PID.1612] [MD5.ADB256BE4933817EAE669E4CC7DB69A5] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [444712] [PID.1784] [MD5.881DBC18733027EFF95AABD09F8B57AF] - (...) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [389928] [PID.1856] [MD5.5B3CE960C62DBE864BE9A0BD043A3E30] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368] [PID.1580] [MD5.B5071E15D4C3F5EF5018AFF7E85A85E5] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640] [PID.1204] [MD5.205E1B699FD3F2F9B036EEA2EC30C620] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.2212] [MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.2428] [MD5.9F3E7CABE86BBDECA009DE291DB6D9E2] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [3467768] [PID.2844] [MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232] [PID.2876] [MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2988] [MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.3060] [MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384] [PID.3304] [MD5.7E22DE30E222BFDFCEC7E77032BAF3CD] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120] [PID.6136] [MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.6956] ~ Scan Processes Running in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Bryan\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] http://www.delta-search.com ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\sxc0oca5.default\prefs.js C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\sxc0oca5.default\user.js M3 - MFPP: Plugins - [Bryan] -- C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\sxc0oca5.default\searchplugins\bing.xml M3 - MFPP: Plugins - [Bryan] -- C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\sxc0oca5.default\searchplugins\BrowserProtect.xml M3 - MFPP: Plugins - [Bryan] -- C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\sxc0oca5.default\searchplugins\delta.xml M3 - MFPP: Plugins - [Bryan] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml M0 - MFSP: prefs.js [Bryan - sxc0oca5.default] http://www.delta-search.com M2 - MFEP: prefs.js [Bryan - sxc0oca5.default\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (.delta-search.com.) M2 - MFEP: prefs.js [Bryan - sxc0oca5.default\NPCamfrogWeb@camfrogweb.com] [] Camfrog Web Plugin for Mozilla Firefox v2,0,12,93 (.Camshare Inc..) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (.Ubisoft - Uplay PC Plugin.) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 4 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Bubble Dock SurfMatch [64Bits] - {23AF19F7-1D5B-442c-B14C-3D1081953C94} . (...) -- C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (.not file.) O2 - BHO: Spybot-S&D IE Protection [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: SSVHelper Class [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: delta Helper Object [64Bits] - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class [64Bits] - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} . (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKCU\..\Run: [MediaFire Tray] . (.MediaFire LLC - systray.) -- C:\Users\Bryan\AppData\Local\MediaFire Express\mf_systray.exe O4 - HKCU\..\Run: [Clownfish] . (.Bogdan Sharkov - Clownfish for Skype.) -- C:\Program Files (x86)\Clownfish\Clownfish.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [MP3 Skype Recorder] . (.Alexander Nikiforov - MP3 Skype Recorder.) -- C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe O4 - HKLM\..\Wow6432Node\Run: [PlayMovie] . (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe O4 - HKLM\..\Wow6432Node\Run: [Serveur.exe] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe O4 - HKLM\..\Wow6432Node\Run: [dofus2.9.exe] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [Aerial keylogger.exe] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [Dofusv14.exe] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [mes photo.exe] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [FileZilla Server Interface] . (.FileZilla Project - FileZilla Server.) -- C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe O4 - HKLM\..\Wow6432Node\Run: [Java Installer v1.25 setup.exe] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [lolol.exe] Clé orpheline O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware (cleanup)] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll O4 - HKUS\S-1-5-18\..\Run: [MP3 Skype Recorder] . (.Alexander Nikiforov - MP3 Skype Recorder.) -- C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe O4 - HKUS\S-1-5-21-3230945746-1155342929-1136497492-1006-3230945746-1155342929-1136497492-1000\..\Run: [MediaFire Tray] Clé orpheline O4 - HKUS\S-1-5-21-3230945746-1155342929-1136497492-1006-3230945746-1155342929-1136497492-1000\..\Run: [Clownfish] Clé orpheline O4 - HKUS\S-1-5-21-3230945746-1155342929-1136497492-1006-3230945746-1155342929-1136497492-1000\..\Run: [msnmsgr] Clé orpheline O4 - HKUS\S-1-5-21-3230945746-1155342929-1136497492-1006-3230945746-1155342929-1136497492-1000\..\Run: [Pando Media Booster] Clé orpheline O4 - HKUS\S-1-5-21-3230945746-1155342929-1136497492-1006-3230945746-1155342929-1136497492-1000\..\Run: [MP3 Skype Recorder] Clé orpheline O4 - HKUS\S-1-5-21-3230945746-1155342929-1136497492-1006-3230945746-1155342929-1136497492-1000\..\Run: [Spybot-S&D Cleaning] Clé orpheline O4 - HKUS\S-1-5-21-3230945746-1155342929-1136497492-1006-3230945746-1155342929-1136497492-1000\..\Run: [Skype] Clé orpheline ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\QuickLaunch: Arena.lnk . (...) -- C:\Program Files (x86)\DofusArena\UpLauncher.exe O4 - GS\QuickLaunch: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch: Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe O4 - GS\Accessories: computer.lnk - Clé orpheline O4 - GS\Accessories: Control Panel.lnk - Clé orpheline O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\eudcedit.exe O4 - GS\Desktop: Arena.lnk . (...) -- C:\Program Files (x86)\DofusArena\UpLauncher.exe O4 - GS\Desktop: Audacity.lnk . (.The Audacity Team.) -- C:\Program Files (x86)\Audacity\audacity.exe O4 - GS\Desktop: Clownfish.lnk . (.Bogdan Sharkov.) -- C:\Program Files (x86)\Clownfish\Clownfish.exe O4 - GS\Desktop: Dofus.lnk . (...) -- C:\Program Files (x86)\Dofus\UpLauncher.exe O4 - GS\Desktop: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe O4 - GS\Desktop: Dofus2Beta.lnk . (...) -- C:\Program Files (x86)\Dofus2Beta\app\UpLauncher.exe O4 - GS\Desktop: EmailSpider Gold 10.lnk . (...) -- C:\Program Files (x86)\Email-Business\EmailSpider\EmailSpider.exe (.not file.) O4 - GS\Desktop: Ground Control.lnk . (...) -- C:\Sierra\GC\gc.exe (.not file.) O4 - GS\Desktop: Installeur de World of Warcraft.lnk - Clé orpheline O4 - GS\Desktop: PhotoFiltre.lnk . (...) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe (.not file.) O4 - GS\Desktop: Smart PC Recorder.lnk . (.Freebird(http://www.voiceemotion.com).) -- C:\Program Files (x86)\freebird\SmartRecorder\SmartRecorder.exe O4 - GS\Desktop: Wakfu.lnk . (...) -- C:\Program Files (x86)\Wakfu\UpLauncher.exe O4 - GS\Desktop: XChat.lnk . (...) -- C:\Program Files (x86)\xchat\xchat.exe (.not file.) O4 - GS\TaskBar: FileZilla.lnk . (.FileZilla Project.) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar: Mélangeur de volume.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SndVol.exe O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: MP3 Skype Recorder.lnk . (...) -- C:\Users\Bryan\AppData\Roaming\Microsoft\Installer\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}\_A5FB52A5077E324DBDA19B.exe O4 - GS\Programs: PlanetSide 2 PSG.lnk . (.Sony Online Entertainment.) -- C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Sothink SWF Quicker.lnk . (.SourceTec.) -- C:\Program Files (x86)\SourceTec\Sothink SWF Quicker\SWFQuicker.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop: Alcatel PC Suite.lnk . (...) -- C:\Program Files (x86)\Alcatel PC Suite\MobMng.exe O4 - Global Startup: C:\Users\Bryan\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url . (...) -- C:\Users\Bryan\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url O4 - Global Startup: C:\Users\Bryan\Desktop\Counter-Strike Condition Zero.url . (.Bogdan Sharkov.) -- C:\Users\Bryan\Desktop\Counter-Strike Condition Zero.url O4 - Global Startup: C:\Users\Bryan\Desktop\Counter-Strike.url . (.Bogdan Sharkov.) -- C:\Users\Bryan\Desktop\Counter-Strike.url O4 - Global Startup: C:\Users\Bryan\Desktop\Day of Defeat.url . (...) -- C:\Users\Bryan\Desktop\Day of Defeat.url O4 - GS\Desktop: PlanetSide 2 PSG.lnk . (.Sony Online Entertainment.) -- C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe O4 - GS\Desktop: Skype - Raccourci.lnk . (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - GS\Desktop: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH.) -- C:\Users\Bryan\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe O4 - GS\Desktop: TERA.lnk . (.Solid State Networks.) -- C:\Program Files (x86)\TERA\TERA-Launcher.exe ~ Scan Global Startup in 00mn 01s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ Scan IE Control Panel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com ~ Scan IE Zone Confiance in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{649C065D-1261-4C51-8E90-227B6104F7B9}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{649C065D-1261-4C51-8E90-227B6104F7B9}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{649C065D-1261-4C51-8E90-227B6104F7B9}: DhcpNameServer = 212.27.40.241 212.27.40.240 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\WI3C8A~1\Datamngr\x64\datamngr.dll (.not file.) ~ Scan AppInit DLL in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) . (.FileZilla Project - FileZilla Server.) - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 285.6.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) ~ Scan Services in 00mn 15s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sdnclean64.exe) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.9942DC4CC265CDA00486504444EF521D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.13001914838576400EB9AFDE95AE71CE] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [{05B58BCD-E3FA-432F-9434-E43EDAEBDF6E}] (...) -- C:\Users\Bryan\Desktop\Nouveau dossier\Project Neptune v1.78\keykey\2 min.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{19BAC2F0-E791-4EB1-9FDF-F63DB6C12649}] (...) -- C:\Users\Bryan\Downloads\InstallWoW.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{1DCFB57B-20F4-4801-BE97-7E0E6999994F}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{2423BD36-87E7-4296-9553-3F5D7D7B2469}] (...) -- C:\Users\Bryan\Desktop\xBroak_Stealer.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{370198DF-2BD2-4CE2-BF41-CF87912C4EC1}] (...) -- C:\Users\Bryan\Downloads\Builder\Serveur.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{373EA3E4-A9CF-4AA6-A913-3F4408B2EC84}] (...) -- C:\Users\Bryan\Downloads\Builder\Serveur.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{3848CA4C-49D6-4794-AD02-FC5B120C6654}] (...) -- C:\Users\Bryan\Downloads\Builder\Serveur.exe (.not file.) [MD5.497F27E279C0F921E2130BB89C1CB5CA] [APT] [{39CD0BED-81A7-4D76-B7AB-933BEF8280E3}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [MD5.00000000000000000000000000000000] [APT] [{41C61AD0-A512-48A1-A5E7-C3D144661622}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{4690F51A-2EB4-4486-B910-3EA2688BC439}] (...) -- C:\Users\Bryan\Downloads\Builder\Serveur.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{540237CA-2EA9-4C90-9B5B-5696239576A3}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{6DCE2111-9CDF-4D68-AA17-D4212814BC58}] (...) -- C:\Users\Bryan\Desktop\test darkcomet.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{8B4FFE26-835F-45F4-AA9A-CE7B2C28AA4F}] (...) -- C:\Users\Bryan\Desktop\test darkcomet.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{8F93CC36-E9A8-4C6B-914E-B733AFE5DCBE}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{91B529DA-A953-4AFA-A486-D621305B1400}] (...) -- C:\Users\Bryan\Desktop\Nouveau dossier\Project Neptune v1.78\keykey\2 min.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{A32A8769-C55D-4145-A15A-4A94D88596EE}] (...) -- C:\Users\Bryan\Downloads\Builder\Serveur.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{A4F86021-7B64-4481-9B8A-AF84FD445E34}] (...) -- C:\Users\Bryan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DO34U265\codeblocks-8.02mingw-setup.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{A8F554FB-B868-477A-8F80-DF7C3F5D6650}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{B29DC01C-FEA8-47F3-A3D0-47ED7E068F9B}] (...) -- C:\Users\Bryan\Desktop\xBroak_Stealer.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{B6DEA8C3-6464-41FF-A06B-D5F8738D79B5}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{BD799EDB-1B61-4EE4-844B-8E71EC2F48CD}] (...) -- C:\Users\Bryan\Downloads\PhotoshopPortable.fr\PhotoshopPortable.fr\PhotoshopPortable.exe (.not file.) [MD5.9F0A78629F451BAAFE21DFCCD887F087] [APT] [{C534D18A-D471-4E07-80AD-72657FC581A4}] (.Valve Corporation.) -- C:\Program Files (x86)\Steam\steam.exe [MD5.00000000000000000000000000000000] [APT] [{C9CD4DBD-1ECB-4060-B4B7-70549DB5A57A}] (...) -- C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{CF85BDED-7E88-484C-9546-348D8A337588}] (...) -- C:\Users\Bryan\Desktop\test darkcomet.exe (.not file.) [MD5.1321DC81E317EE48C4D004775FB29AC9] [APT] [{D0D3737A-8EFD-4220-88E2-9CDE6BC57FE9}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe [MD5.00000000000000000000000000000000] [APT] [{E2AD6BBA-2CCA-49D9-A4ED-A475C7F1BCF4}] (...) -- C:\Program Files (x86)\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{F6256982-3EE1-4A82-9B40-409B06332B64}] (...) -- C:\Users\Bryan\Music\Dofus\Dofus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{FFF7CCD4-20B3-43C1-AE28-0A0B1AEED693}] (...) -- C:\Users\Bryan\Desktop\test darkcomet.exe (.not file.) [MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe ~ Scan Scheduled Task in 00mn 23s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (HssDRV6) . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) - C:\Windows\System32\DRIVERS\hssdrv6.sys O41 - Driver: (jqmjefjo) . (. - .) - C:\Windows\system32\drivers\jqmjefjo.sys (.not file.) O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: (otsxlxeq) . (. - .) - C:\Windows\system32\drivers\otsxlxeq.sys (.not file.) O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (sqrwlhdb) . (. - .) - C:\Windows\system32\drivers\sqrwlhdb.sys (.not file.) O41 - Driver: (tcyrpumi) . (. - .) - C:\Windows\system32\drivers\tcyrpumi.sys (.not file.) O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (volhpwjc) . (. - .) - C:\Windows\system32\drivers\volhpwjc.sys (.not file.) O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys ~ Scan Drivers in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: AION Free-To-Play - (.Gameforge.) [HKLM][64Bits] -- {6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05} O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93} O42 - Logiciel: Acer Crystal Eye webcam Ver:1.1.184.610 - (.Chicony Electronics Co.,Ltd..) [HKLM][64Bits] -- {D0ACE89D-EC7F-470F-80BE-4C98ED366B32} O42 - Logiciel: Acer GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1 O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Registration O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Screensaver O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA} O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964} O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {14DC0059-00F1-4F62-BD1A-AB23CD51A95E} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 9.1 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001} O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai O42 - Logiciel: Akamai NetSession Interface Service - (.Pas de propriétaire.) [HKLM][64Bits] -- Akamai O42 - Logiciel: Alcatel PC Suite V7.0.32 - (.Singularity Software Co., Ltd..) [HKLM][64Bits] -- {93DB-0E9758B0D131_PCS_Alcatel_Union}_is1 O42 - Logiciel: Amazonia - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477} O42 - Logiciel: Arena 2.70.9 - (.Ankama Games.) [HKLM][64Bits] -- Arena 2.70.9 O42 - Logiciel: Audacity 1.3.14 (Unicode) - (.Audacity Team.) [HKLM][64Bits] -- Audacity 1.3 Beta (Unicode)_is1 O42 - Logiciel: Audacity 2.0.3 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 O42 - Logiciel: Backup Manager Basic - (.NewTech Infosystems.) [HKLM][64Bits] -- {72B776E5-4530-4C4B-9453-751DF87D9D93} O42 - Logiciel: Broadcom Gigabit NetLink Controller - (.Broadcom Corporation.) [HKLM][64Bits] -- {96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9} O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} O42 - Logiciel: Bubble Dock (remove only) - (.Nosibay.) [HKCU][64Bits] -- Bubble Dock O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Call of Duty: Black Ops - Multiplayer - (.Treyarch.) [HKLM][64Bits] -- Steam App 42710 O42 - Logiciel: Call of Duty: Modern Warfare 3 - Multiplayer - (.Infinity Ward - Sledgehammer Games.) [HKLM][64Bits] -- Steam App 42690 O42 - Logiciel: CamStudio OSS Desktop Recorder - (.CamStudio Open Source Dev Team.) [HKLM][64Bits] -- {FD9C31B6-F572-414D-81E3-89368C97A125}_is1 O42 - Logiciel: Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM][64Bits] -- CFWebAdvancedU2 O42 - Logiciel: Clownfish for Skype - (.Pas de propriétaire.) [HKLM][64Bits] -- Clownfish O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Counter-Strike - (.Valve.) [HKLM][64Bits] -- Steam App 10 O42 - Logiciel: Counter-Strike: Condition Zero - (.Valve.) [HKLM][64Bits] -- Steam App 80 O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] -- Steam App 240 O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Day of Defeat - (.Valve.) [HKLM][64Bits] -- Steam App 30 O42 - Logiciel: Delta Chrome Toolbar - (.DeltaInstaller.) [HKLM][64Bits] -- {177586E7-E42E-4F38-83D1-D15B4AF5B714} O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta O42 - Logiciel: Diablo III - (.Blizzard Entertainment.) [HKLM][64Bits] -- Diablo III O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} O42 - Logiciel: Driver San Francisco - (.Ubisoft.) [HKLM][64Bits] -- Driver San Francisco O42 - Logiciel: ESN Sonar - (.ESN Social Software AB.) [HKLM][64Bits] -- ESN Sonar-0.70.4 O42 - Logiciel: FL Studio 10 - (.Image-Line.) [HKLM][64Bits] -- FL Studio 10 O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173} O42 - Logiciel: FileZilla Client 3.6.0.2 - (.FileZilla Project.) [HKLM][64Bits] -- FileZilla Client O42 - Logiciel: FileZilla Server - (.FileZilla Project.) [HKLM][64Bits] -- FileZilla Server O42 - Logiciel: FlipToast - (.W3i, LLC.) [HKLM][64Bits] -- com.w3i.FlipToast O42 - Logiciel: FlipToast - (.W3i, LLC.) [HKLM][64Bits] -- {8973AFAE-3DC7-3DB8-7E61-905DA657C23B} O42 - Logiciel: ForceDownload - (.Aedge Performance BCN SL.) [HKLM][64Bits] -- {99870497-1A9D-49FC-949F-ECF4986ABA1F} O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457} O42 - Logiciel: GamersFirst LIVE! - (.GamersFirst.) [HKLM][64Bits] -- GamersFirst LIVE! O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Granny In Paradise - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697} O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} O42 - Logiciel: Hotspot Shield 2.87 - (.AnchorFree Inc..) [HKLM][64Bits] -- HotspotShield O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- Identity Card O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: J2SE Runtime Environment 5.0 Update 21 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {3248F0A8-6813-11D6-A77B-00B0D0150210} O42 - Logiciel: Java 2 Runtime Environment, SE v1.4.1_04 - (.Pas de propriétaire.) [HKLM][64Bits] -- {ACD27BF3-7CDC-11D7-9D4D-00010240CE95} O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: King Of Kings 3 - (.Nom de votre société.) [HKLM][64Bits] -- {12D07A8E-4A92-4D76-A99E-9D2BBBFF2D88} O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM][64Bits] -- LSI Soft Modem O42 - Logiciel: La boite a couleurs version 1.6.15 - (.Pas de propriétaire.) [HKLM][64Bits] -- La boite a couleurs_is1 O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- {92606477-9366-4D3B-8AE3-6BE4B29727AB} O42 - Logiciel: MP3 Skype Recorder - (.Alexander Nikiforov.) [HKLM][64Bits] -- {CB606F47-7D0E-40DF-95BB-0E5413A1295F} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {147894EE-5ED4-11E1-A8FF-F04DA23A5C58} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes Anti-Malware version 1.65.1.1000 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MediaFire Express (beta) - (.MediaFire.) [HKLM][64Bits] -- MediaFire Express (beta) 0.9.X.2509 O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D954C6C2-544B-4091-A47F-11E77162883E} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framewo - (.Microsoft.) [HKLM][64Bits] -- {704C16B7-13DD-3656-96A0-4E456CCF75E6} O42 - Logiciel: Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 - (.Microsoft Corporation.) [HKLM][64Bits] -- {11EB1163-5761-4BC6-8F48-98DCF6A46BBF} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673} O42 - Logiciel: Mises à jour NVIDIA 1.5.20 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Help Viewer 1.0 Language Pack - FRA O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0D7CD0D9-4A88-4A63-8F91-3F4E8F371768} O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE} O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- {738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE} O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403} O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} O42 - Logiciel: NVIDIA Logiciel système PhysX 9.11.0621 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4} O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.24.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA Pilote graphique 285.62 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: No-IP DUC - (.Vitalwerks Internet Solutions LLC.) [HKLM][64Bits] -- NoIPDUC O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM][64Bits] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1} O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM][64Bits] -- Notepad++ O42 - Logiciel: One Touch Upgrade - (.TCL Communication Technology Holdings Limited.) [HKLM][64Bits] -- {C9A7E6A6-110D-4DBC-A8E2-F634613B5A8C}_is1 O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D} O42 - Logiciel: Outil de notification de cadeaux MSN - (.Microsoft Corporation.) [HKCU][64Bits] -- {CAD9C0EB-457D-49BB-A6AD-389304C38B2A} O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E} O42 - Logiciel: PlanetSide 2 - (.Sony Online Entertainment.) [HKCU][64Bits] -- soe-PlanetSide 2 PSG O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] -- Recuva O42 - Logiciel: RegOptimizer - (.IObit.) [HKLM][64Bits] -- IObit_RegOptimizer_is1 O42 - Logiciel: RewardsArcadeSuite - (.215 Apps.) [HKCU][64Bits] -- RewardsArcadeSuite O42 - Logiciel: Shredder - (.Egis Technology Inc..) [HKLM][64Bits] -- {C2695E83-CF1D-43D1-84FE-B3BEC561012A} O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120} O42 - Logiciel: Skype™ 6.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: Smart PC Recorder - by freebird - (.Freebird.) [HKLM][64Bits] -- SmartPCRecorder O42 - Logiciel: Sothink SWF Quicker - (.SourceTec Software Co., LTD.) [HKLM][64Bits] -- {D3490D20-3AE0-459D-AAD6-59195140EAC2}_is1 O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: TERA - (.Gameforge Productions GmbH.) [HKLM][64Bits] -- {A2S166A0-F031-4E27-A057-C69733219434}_is1 O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKCU][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 8 O42 - Logiciel: TmNationsForever - (.Nadeo.) [HKLM][64Bits] -- TmNationsForever_is1 O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM][64Bits] -- {888F1505-C2B3-4FDE-835D-36353EBD4754} O42 - Logiciel: VC Runtimes MSI - (.Microsoft.) [HKLM][64Bits] -- {FF29527A-44CD-3422-945E-981A13584000} O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player O42 - Logiciel: Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {D60023FA-3DF1-4537-93DD-13024CC4E366} O42 - Logiciel: Vittalia Installer - (.TELECHARGERS.net.) [HKLM][64Bits] -- Vittalia O42 - Logiciel: Wakfu - (.Ankama Games.) [HKLM][64Bits] -- Wakfu O42 - Logiciel: WampServer 2.2 - (.Hervé Leclerc (HeL).) [HKLM][64Bits] -- WampServer 2_is1 O42 - Logiciel: Warhammer® 40,000®: Dawn of War® II – Retribution™ - (.Relic.) [HKLM][64Bits] -- Steam App 56400 O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Welcome Center O42 - Logiciel: WinRAR - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM][64Bits] -- World of Warcraft O42 - Logiciel: gamelauncher-ps2-psg - (.Sony Online Entertainment.) [HKCU][64Bits] -- SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG O42 - Logiciel: nAiO version 1.5.0.43 - (.Equipe nAiO.) [HKLM][64Bits] -- nAiO_is1 O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ---\\ HKCU & HKLM Software Keys [HKCU\Software\5e538ad8e639ee48] [HKCU\Software\A Sub Name] [HKCU\Software\ASProtect] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\AhnLab] [HKCU\Software\Alps] [HKCU\Software\AnchorFree] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Audacity] [HKCU\Software\BCCP] [HKCU\Software\Blizzard Entertainment] [HKCU\Software\BrowserTemp] [HKCU\Software\Bugsplat] [HKCU\Software\CamStudioOpenSource for Nick] [HKCU\Software\CamfrogWeb] [HKCU\Software\Camfrog] [HKCU\Software\ChicaLogic, Inc.] [HKCU\Software\ChicaLogic] [HKCU\Software\ClassesB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Clownfish] [HKCU\Software\Cookie Crumble] [HKCU\Software\CyberLink] [HKCU\Software\DataMngr] [HKCU\Software\DataMngr_Toolbar] [HKCU\Software\Delta] [HKCU\Software\Digital River Mso] [HKCU\Software\DirectShow] [HKCU\Software\EA Games] [HKCU\Software\EasyBits] [HKCU\Software\EnTech] [HKCU\Software\FileZilla Server] [HKCU\Software\GamersFirst] [HKCU\Software\Google] [HKCU\Software\HmelyoffLabs] [HKCU\Software\HookNetwork] [HKCU\Software\IGA] [HKCU\Software\IM Providers] [HKCU\Software\INCAInternet] [HKCU\Software\Image-Line] [HKCU\Software\Intel\Indeo\4.1] [HKCU\Software\JavaSoft] [HKCU\Software\Jmgr.info] [HKCU\Software\Lager] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Consumer)] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaFire] [HKCU\Software\MobTime] [HKCU\Software\Modern UI Test] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Mumble] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\NetUtils] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OEM] [HKCU\Software\Oberon Media] [HKCU\Software\OpenOffice.org] [HKCU\Software\Pando Networks] [HKCU\Software\Parsec Productions] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Polipo] [HKCU\Software\PremiumSoft] [HKCU\Software\P®O Group] [HKCU\Software\Realtek] [HKCU\Software\RocketDock] [HKCU\Software\RtkPCEE3sMsg] [HKCU\Software\SOFT32] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Shindorei] [HKCU\Software\Skype] [HKCU\Software\SoftVoice] [HKCU\Software\Softonic] [HKCU\Software\Sonix] [HKCU\Software\Sony Creative Software] [HKCU\Software\SourceTec] [HKCU\Software\SplitMediaLabs] [HKCU\Software\Sysinternals] [HKCU\Software\TeamViewer] [HKCU\Software\TechSmith] [HKCU\Software\Trolltech] [HKCU\Software\UberIcon-v1.0.0] [HKCU\Software\Ubisoft] [HKCU\Software\Valve] [HKCU\Software\Vitalwerks] [HKCU\Software\W3i] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winject] [HKCU\Software\Wow6432Node] [HKCU\Software\XChat] [HKCU\Software\Xfire] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\azeazeaze] [HKCU\Software\bryan] [HKCU\Software\cnunul] [HKCU\Software\ej-technologies] [HKCU\Software\freebird] [HKCU\Software\gPotato] [HKCU\Software\letigre] [HKCU\Software\letigreee2] [HKCU\Software\letigreee] [HKCU\Software\remote] [HKCU\Software\tte] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\Acer] [HKLM\Software\ActiveState] [HKLM\Software\Agere] [HKLM\Software\Alps] [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\EgisTec Shredder] [HKLM\Software\EgisTec] [HKLM\Software\FileZilla 3] [HKLM\Software\Google] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\LSI] [HKLM\Software\Macromedia] [HKLM\Software\ManyCam] [HKLM\Software\McAfee.com] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OOBEOffer] [HKLM\Software\OemSetup] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SearchCore for Browsers] [HKLM\Software\Sonic] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node\5e538ad8e639ee48] [HKLM\Software\Wow6432Node\AGEIA Technologies] [HKLM\Software\Wow6432Node\Acer Incorporated] [HKLM\Software\Wow6432Node\Activision] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Ankama] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Babylon] [HKLM\Software\Wow6432Node\Blizzard Entertainment] [HKLM\Software\Wow6432Node\CDDB] [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Cheat Engine] [HKLM\Software\Wow6432Node\Chicony Electronics Co.,Ltd.] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\DataMngr] [HKLM\Software\Wow6432Node\Delta] [HKLM\Software\Wow6432Node\Digital River] [HKLM\Software\Wow6432Node\Dofus 2 Beta] [HKLM\Software\Wow6432Node\Dofus 2] [HKLM\Software\Wow6432Node\Dofus2Beta] [HKLM\Software\Wow6432Node\Dofus2] [HKLM\Software\Wow6432Node\ESN Launcher-1.104.0] [HKLM\Software\Wow6432Node\EgisTec IPS] [HKLM\Software\Wow6432Node\EgisTec Shredder] [HKLM\Software\Wow6432Node\Electronic Arts] [HKLM\Software\Wow6432Node\Even Balance] [HKLM\Software\Wow6432Node\FileZilla 3] [HKLM\Software\Wow6432Node\Fraps] [HKLM\Software\Wow6432Node\Gameforge] [HKLM\Software\Wow6432Node\GamersFirst] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Image-Line] [HKLM\Software\Wow6432Node\Iminent] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\McAfeeInstaller] [HKLM\Software\Wow6432Node\MediaFire] [HKLM\Software\Wow6432Node\MimarSinan] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Mumble] [HKLM\Software\Wow6432Node\NVIDIA Corporation] [HKLM\Software\Wow6432Node\NewTech Infosystems] [HKLM\Software\Wow6432Node\Nexon] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OEM] [HKLM\Software\Wow6432Node\Oberon Media] [HKLM\Software\Wow6432Node\OpenOffice.org] [HKLM\Software\Wow6432Node\Outsim] [HKLM\Software\Wow6432Node\Panda Software] [HKLM\Software\Wow6432Node\Pando Networks] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Propellerhead Software] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Riot Games] [HKLM\Software\Wow6432Node\Safer Networking Limited] [HKLM\Software\Wow6432Node\Screaming Bee] [HKLM\Software\Wow6432Node\SecureDigitalServices] [HKLM\Software\Wow6432Node\SimplyGen] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\SoftVoice] [HKLM\Software\Wow6432Node\Software] [HKLM\Software\Wow6432Node\Sony Creative Software] [HKLM\Software\Wow6432Node\SourceTec] [HKLM\Software\Wow6432Node\Swearware] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\TERA] [HKLM\Software\Wow6432Node\TeamViewer] [HKLM\Software\Wow6432Node\UBISOFT] [HKLM\Software\Wow6432Node\VST] [HKLM\Software\Wow6432Node\Valve] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\W3i] [HKLM\Software\Wow6432Node\WON] [HKLM\Software\Wow6432Node\WinRAR] [HKLM\Software\Wow6432Node\Yahoo] [HKLM\Software\Wow6432Node\gPotato.eu] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node\nFlavor] [HKLM\Software\Wow6432Node\xchat] [HKLM\Software\Wow6432Node] ~ Scan Softwares in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 10/02/2012 - 18:10:01 - [3,455] ----D C:\Program Files (x86)\Accelerer PC O43 - CFD: 19/08/2010 - 12:23:20 - [42,067] ----D C:\Program Files (x86)\Acer O43 - CFD: 19/08/2010 - 12:26:59 - [155,148] ----D C:\Program Files (x86)\Acer Arcade Deluxe O43 - CFD: 30/08/2012 - 01:09:45 - [689,175] ----D C:\Program Files (x86)\Acer GameZone O43 - CFD: 25/12/2010 - 18:25:51 - [653,490] ----D C:\Program Files (x86)\Adobe O43 - CFD: 26/01/2013 - 23:38:29 - [51,759] ----D C:\Program Files (x86)\Alcatel PC Suite O43 - CFD: 23/01/2013 - 22:07:43 - [44,316] ----D C:\Program Files (x86)\Audacity O43 - CFD: 20/01/2012 - 17:06:42 - [40,720] ----D C:\Program Files (x86)\Audacity 1.3 Beta (Unicode) O43 - CFD: 31/01/2012 - 12:05:20 - [10,706] ----D C:\Program Files (x86)\Battlelog Web Plugins O43 - CFD: 27/02/2013 - 02:04:03 - [2,796] ----D C:\Program Files (x86)\CamStudio O43 - CFD: 27/02/2013 - 13:18:10 - [311,740] ----D C:\Program Files (x86)\CamStudio 2.6b O43 - CFD: 20/12/2012 - 19:51:59 - [9,801] ----D C:\Program Files (x86)\CFWebAdvancedU2 O43 - CFD: 22/09/2012 - 09:25:54 - [1,150] ----D C:\Program Files (x86)\Clownfish O43 - CFD: 25/01/2013 - 21:10:24 - [502,973] ----D C:\Program Files (x86)\Common Files O43 - CFD: 08/04/2011 - 20:04:59 - [0] ----D C:\Program Files (x86)\Convar O43 - CFD: 19/08/2010 - 12:25:58 - [0,064] ----D C:\Program Files (x86)\Cyberlink O43 - CFD: 24/02/2013 - 13:54:18 - [2,767] ----D C:\Program Files (x86)\Delta O43 - CFD: 15/02/2013 - 19:53:00 - [1120,880] ----D C:\Program Files (x86)\Diablo III O43 - CFD: 16/07/2012 - 01:00:52 - [172,114] ----D C:\Program Files (x86)\Dofus O43 - CFD: 15/12/2012 - 17:31:47 - [1153,280] ----D C:\Program Files (x86)\Dofus2 O43 - CFD: 25/11/2011 - 21:51:26 - [1084,985] ----D C:\Program Files (x86)\Dofus2Beta O43 - CFD: 13/09/2012 - 16:39:39 - [83,687] ----D C:\Program Files (x86)\DofusArena O43 - CFD: 12/04/2010 - 21:48:33 - [3,439] ----D C:\Program Files (x86)\EgisTec IPS O43 - CFD: 12/04/2010 - 21:47:41 - [47,644] ----D C:\Program Files (x86)\EgisTec MyWinLocker O43 - CFD: 12/04/2010 - 21:47:00 - [2,139] ----D C:\Program Files (x86)\EgisTec MyWinLockerSuite O43 - CFD: 12/04/2010 - 21:48:38 - [5,037] ----D C:\Program Files (x86)\EgisTec Shredder O43 - CFD: 18/02/2012 - 11:00:18 - [0,055] ----D C:\Program Files (x86)\Email-Business O43 - CFD: 03/02/2013 - 13:21:59 - [16,769] ----D C:\Program Files (x86)\FileZilla FTP Client O43 - CFD: 03/02/2013 - 13:20:00 - [3,103] ----D C:\Program Files (x86)\FileZilla Server O43 - CFD: 22/01/2012 - 22:25:03 - [10,114] ----D C:\Program Files (x86)\fliptoast O43 - CFD: 23/01/2013 - 22:11:24 - [0,629] ----D C:\Program Files (x86)\freebird O43 - CFD: 16/05/2012 - 19:13:51 - [1,665] ----D C:\Program Files (x86)\Gameforge O43 - CFD: 13/02/2012 - 13:40:18 - [34,312] ----D C:\Program Files (x86)\GamersFirst O43 - CFD: 25/02/2013 - 03:16:35 - [277,416] ----D C:\Program Files (x86)\Google O43 - CFD: 16/07/2012 - 01:43:42 - [0,265] ----D C:\Program Files (x86)\Hi-Rez Studios O43 - CFD: 17/02/2013 - 16:57:27 - [14,716] ----D C:\Program Files (x86)\Hotspot Shield O43 - CFD: 10/11/2012 - 15:27:20 - [607,587] ----D C:\Program Files (x86)\Image-Line O43 - CFD: 09/02/2013 - 16:00:10 - [183,575] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 12/04/2010 - 21:36:59 - [10,585] ----D C:\Program Files (x86)\Intel O43 - CFD: 16/02/2013 - 20:51:13 - [5,121] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 18/02/2012 - 11:01:17 - [188,299] ----D C:\Program Files (x86)\Java O43 - CFD: 26/08/2012 - 12:25:31 - [2,362] ----D C:\Program Files (x86)\LaBoiteACouleurs O43 - CFD: 30/11/2012 - 23:57:31 - [12,674] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 21/02/2012 - 16:04:29 - [1,125] ----D C:\Program Files (x86)\MediaFire Express O43 - CFD: 16/07/2012 - 00:51:15 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 06/02/2012 - 09:06:14 - [0,311] ----D C:\Program Files (x86)\Microsoft Games O43 - CFD: 21/10/2011 - 18:00:55 - [563,294] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 12/04/2010 - 21:37:19 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant O43 - CFD: 30/01/2012 - 00:47:54 - [25,782] ----D C:\Program Files (x86)\Microsoft SDKs O43 - CFD: 24/02/2013 - 03:02:13 - [1,252] ----D C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 10/05/2012 - 11:02:15 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 13/11/2012 - 23:09:53 - [6,831] ----D C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 16/07/2012 - 12:43:33 - [5,695] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 30/01/2012 - 00:52:16 - [0,620] ----D C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 11/10/2012 - 17:36:02 - [139,669] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 29/12/2010 - 11:13:28 - [7,886] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 31/07/2012 - 17:20:38 - [7,110] ----D C:\Program Files (x86)\Movie Maker O43 - CFD: 31/07/2012 - 17:25:00 - [8,904] ----D C:\Program Files (x86)\Movie Maker 2.6 O43 - CFD: 24/02/2013 - 13:46:42 - [0,029] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 22/11/2012 - 16:12:02 - [5,535] ----D C:\Program Files (x86)\MP3 Skype Recorder O43 - CFD: 16/07/2012 - 14:02:34 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 26/12/2010 - 12:21:15 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 12/04/2010 - 21:38:20 - [1178,213] ----D C:\Program Files (x86)\NewTech Infosystems O43 - CFD: 20/01/2013 - 16:25:33 - [0,392] ----D C:\Program Files (x86)\No-IP O43 - CFD: 02/07/2012 - 00:35:15 - [11,772] ----D C:\Program Files (x86)\Notepad++ O43 - CFD: 08/11/2011 - 19:14:11 - [82,334] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 09/01/2013 - 19:39:21 - [288,773] ----D C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 10/11/2012 - 15:27:02 - [4,957] ----D C:\Program Files (x86)\Outsim O43 - CFD: 16/07/2012 - 12:34:04 - [0] ----D C:\Program Files (x86)\Panda Security O43 - CFD: 25/12/2010 - 14:24:48 - [7,234] ----D C:\Program Files (x86)\Pando Networks O43 - CFD: 19/08/2010 - 12:21:00 - [11,235] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 06:32:38 - [59,108] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 05/10/2011 - 19:26:56 - [10,366] ----D C:\Program Files (x86)\SearchCore for Browsers O43 - CFD: 25/01/2013 - 21:10:24 - [34,469] R---D C:\Program Files (x86)\Skype O43 - CFD: 11/04/2011 - 17:45:32 - [37,831] ----D C:\Program Files (x86)\SourceTec O43 - CFD: 29/11/2012 - 13:06:54 - [152,647] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2 O43 - CFD: 16/02/2013 - 23:08:21 - [1800,780] ----D C:\Program Files (x86)\Steam O43 - CFD: 12/04/2010 - 21:46:35 - [2,100] ----D C:\Program Files (x86)\Symantec O43 - CFD: 17/06/2012 - 17:30:10 - [49,673] ----D C:\Program Files (x86)\TeamSpeak 3 Client O43 - CFD: 06/12/2012 - 21:01:57 - [31,845] ----D C:\Program Files (x86)\TeamViewer O43 - CFD: 19/08/2010 - 12:21:38 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 11/02/2013 - 20:40:13 - [-682,992] ----D C:\Program Files (x86)\TERA O43 - CFD: 10/02/2013 - 13:04:44 - [744,651] ----D C:\Program Files (x86)\TmNationsForever O43 - CFD: 09/02/2013 - 16:00:12 - [1764,028] ----D C:\Program Files (x86)\Ubisoft O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 07/03/2011 - 20:35:40 - [76,802] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 19/10/2012 - 15:23:09 - [0,347] ----D C:\Program Files (x86)\Vittalia O43 - CFD: 10/11/2012 - 15:27:30 - [1,785] ----D C:\Program Files (x86)\VstPlugins O43 - CFD: 30/10/2012 - 19:51:28 - [297,676] ----D C:\Program Files (x86)\Wakfu O43 - CFD: 19/08/2010 - 22:01:07 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 19/10/2012 - 15:30:25 - [105,870] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 01/05/2011 - 14:23:11 - [5,895] ----D C:\Program Files (x86)\Windows Mail O43 - CFD: 25/05/2012 - 22:13:22 - [4,791] ----D C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 01/05/2011 - 14:23:10 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 01/05/2011 - 14:23:11 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 25/05/2012 - 22:13:22 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 04/07/2012 - 01:34:26 - [3,694] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 06/01/2013 - 20:35:20 - [1694,069] ----D C:\Program Files (x86)\World of Warcraft O43 - CFD: 16/07/2012 - 01:38:53 - [0,058] ----D C:\Program Files (x86)\Yahoo! O43 - CFD: 03/07/2011 - 22:36:10 - [0,496] ----D C:\Program Files (x86)\Yuna Software O43 - CFD: 27/02/2013 - 13:54:22 - [17,773] ----D C:\Program Files (x86)\ZHPDiag O43 - CFD: 07/11/2011 - 19:57:18 - [9,543] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 27/10/2012 - 19:24:34 - [40,070] ----D C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 27/02/2013 - 13:02:12 - [30,471] ----D C:\Program Files (x86)\Common Files\Akamai O43 - CFD: 19/09/2012 - 11:02:33 - [3,722] ----D C:\Program Files (x86)\Common Files\Blizzard Entertainment O43 - CFD: 12/04/2010 - 21:08:37 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 16/07/2012 - 00:49:48 - [0] --H-D C:\Program Files (x86)\Common Files\EAInstaller O43 - CFD: 19/08/2010 - 12:26:13 - [3,102] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 11/04/2011 - 17:46:15 - [30,085] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 09/01/2013 - 19:42:51 - [297,848] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 12/04/2010 - 21:39:12 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media O43 - CFD: 12/04/2010 - 23:11:27 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 25/01/2013 - 21:10:24 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 11/04/2011 - 17:45:50 - [3,100] ----D C:\Program Files (x86)\Common Files\SourceTec O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 20/11/2012 - 21:22:12 - [0,505] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 18/02/2012 - 11:01:35 - [0] ----D C:\Program Files (x86)\Common Files\SWF Studio O43 - CFD: 12/07/2012 - 09:35:59 - [42,841] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 19/08/2010 - 12:29:37 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 19/08/2010 - 12:27:10 - [2,493] ----D C:\ProgramData\Acer O43 - CFD: 17/09/2012 - 18:40:48 - [0,001] ----D C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Application Data O43 - CFD: 10/02/2013 - 19:06:39 - [0] ----D C:\ProgramData\Babylon O43 - CFD: 12/04/2010 - 21:38:46 - [0,093] ----D C:\ProgramData\BackupManager O43 - CFD: 20/04/2012 - 11:56:57 - [129,746] ----D C:\ProgramData\Battle.net O43 - CFD: 18/02/2011 - 16:51:32 - [0,002] ----D C:\ProgramData\Blizzard O43 - CFD: 07/03/2012 - 19:03:02 - [7,947] ----D C:\ProgramData\Blizzard Entertainment O43 - CFD: 27/02/2013 - 13:04:41 - [0] ----D C:\ProgramData\boost_interprocess O43 - CFD: 10/02/2013 - 19:08:33 - [8,778] ----D C:\ProgramData\BrowserProtect O43 - CFD: 09/12/2010 - 23:03:41 - [0] ----D C:\ProgramData\Bureau O43 - CFD: 26/06/2012 - 18:08:11 - [0,000] --H-D C:\ProgramData\Common Files O43 - CFD: 19/08/2010 - 12:25:58 - [0,094] ----D C:\ProgramData\CyberLink O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Documents O43 - CFD: 08/11/2011 - 18:37:58 - [0] ----D C:\ProgramData\EA Core O43 - CFD: 19/08/2010 - 12:20:06 - [0,128] ----D C:\ProgramData\EgisTec IPS O43 - CFD: 08/11/2011 - 18:38:01 - [0,002] ----D C:\ProgramData\Electronic Arts O43 - CFD: 12/04/2010 - 20:56:14 - [0,000] ----D C:\ProgramData\eSobi O43 - CFD: 09/12/2010 - 23:03:41 - [0] ----D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Favorites O43 - CFD: 24/02/2013 - 13:45:59 - [0,502] ----D C:\ProgramData\Google O43 - CFD: 20/05/2012 - 20:36:06 - [6,912] ----D C:\ProgramData\Hi-Rez Studios O43 - CFD: 29/01/2013 - 18:52:16 - [0,012] ----D C:\ProgramData\Hotspot Shield O43 - CFD: 20/01/2011 - 16:17:10 - [16,618] ----D C:\ProgramData\Malwarebytes O43 - CFD: 24/03/2011 - 19:25:05 - [0,011] ----D C:\ProgramData\McAfee O43 - CFD: 09/12/2010 - 23:03:41 - [0] ----D C:\ProgramData\Menu Démarrer O43 - CFD: 29/11/2012 - 13:06:52 - [530,898] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/02/2013 - 12:30:54 - [60,976] ----D C:\ProgramData\Microsoft Help O43 - CFD: 09/12/2010 - 23:03:41 - [0] ----D C:\ProgramData\Modèles O43 - CFD: 18/05/2012 - 01:24:07 - [0,007] ----D C:\ProgramData\Mozilla O43 - CFD: 09/09/2011 - 11:32:29 - [4,816] ----D C:\ProgramData\Nexon O43 - CFD: 16/07/2012 - 12:25:46 - [0,001] ----D C:\ProgramData\NexonEU O43 - CFD: 16/07/2012 - 12:25:53 - [0] ----D C:\ProgramData\NexonUS O43 - CFD: 06/01/2013 - 21:47:58 - [0,920] ----D C:\ProgramData\NortonInstaller O43 - CFD: 08/11/2011 - 19:16:57 - [0,635] ----D C:\ProgramData\NVIDIA O43 - CFD: 08/11/2011 - 19:12:07 - [0,909] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 12/04/2010 - 21:43:48 - [27,642] ----D C:\ProgramData\OberonGameConsole O43 - CFD: 09/12/2010 - 23:05:14 - [0,001] ----D C:\ProgramData\OEM O43 - CFD: 16/07/2012 - 12:34:30 - [0,145] ----D C:\ProgramData\Origin O43 - CFD: 10/02/2013 - 20:06:25 - [0,003] ----D C:\ProgramData\PMB Files O43 - CFD: 08/08/2011 - 12:43:43 - [0,038] ----D C:\ProgramData\Sandlot Games O43 - CFD: 25/01/2013 - 21:10:38 - [112,761] ----D C:\ProgramData\Skype O43 - CFD: 16/10/2011 - 09:58:41 - [0,001] ----D C:\ProgramData\Sony O43 - CFD: 09/06/2012 - 21:27:07 - [0,332] ----D C:\ProgramData\SplitMediaLabs O43 - CFD: 05/12/2012 - 12:06:28 - [6,996] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Start Menu O43 - CFD: 29/01/2011 - 01:07:51 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 12/04/2010 - 21:46:35 - [0,001] ----D C:\ProgramData\Symantec O43 - CFD: 25/08/2011 - 01:53:22 - [0,086] ---AD C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Templates O43 - CFD: 11/02/2013 - 20:39:13 - [1,984] ----D C:\ProgramData\TERA O43 - CFD: 27/01/2013 - 11:26:05 - [605,181] ----D C:\ProgramData\TmForever O43 - CFD: 16/07/2012 - 01:38:53 - [0] ----D C:\ProgramData\Yahoo! O43 - CFD: 06/10/2011 - 18:37:23 - [64,769] ----D C:\Users\Bryan\AppData\Roaming\.minecraft O43 - CFD: 23/12/2011 - 11:21:49 - [38,490] ----D C:\Users\Bryan\AppData\Roaming\Adobe O43 - CFD: 08/02/2013 - 14:57:01 - [0,000] ----D C:\Users\Bryan\AppData\Roaming\Aerial Keylogger O43 - CFD: 16/02/2013 - 23:03:30 - [0] ----D C:\Users\Bryan\AppData\Roaming\AnkamaCertificates O43 - CFD: 17/02/2012 - 03:08:06 - [0,005] ----D C:\Users\Bryan\AppData\Roaming\app O43 - CFD: 23/01/2013 - 22:09:29 - [0,001] ----D C:\Users\Bryan\AppData\Roaming\Audacity O43 - CFD: 10/02/2013 - 19:06:39 - [0,016] ----D C:\Users\Bryan\AppData\Roaming\Babylon O43 - CFD: 26/01/2013 - 23:52:32 - [2,419] ----D C:\Users\Bryan\AppData\Roaming\Camfrog Web O43 - CFD: 17/02/2012 - 19:48:12 - [0,023] ----D C:\Users\Bryan\AppData\Roaming\codeblocks O43 - CFD: 24/02/2013 - 13:54:27 - [0,017] ----D C:\Users\Bryan\AppData\Roaming\Delta O43 - CFD: 28/12/2012 - 15:03:58 - [0,967] ----D C:\Users\Bryan\AppData\Roaming\Dofus 2 O43 - CFD: 27/02/2013 - 13:54:57 - [18,821] ----D C:\Users\Bryan\AppData\Roaming\Dofus2 O43 - CFD: 25/02/2013 - 15:27:23 - [20,361] ----D C:\Users\Bryan\AppData\Roaming\dofus2beta O43 - CFD: 25/01/2013 - 12:26:48 - [0] ----D C:\Users\Bryan\AppData\Roaming\DofusTesting O43 - CFD: 24/01/2013 - 18:37:16 - [0] ----D C:\Users\Bryan\AppData\Roaming\DofusTesting-2 O43 - CFD: 24/01/2013 - 19:43:03 - [0] ----D C:\Users\Bryan\AppData\Roaming\DofusTesting-3 O43 - CFD: 29/01/2013 - 18:10:00 - [0] ----D C:\Users\Bryan\AppData\Roaming\DofusTesting-4 O43 - CFD: 24/02/2013 - 10:30:54 - [0] ----D C:\Users\Bryan\AppData\Roaming\DofusTesting-5 O43 - CFD: 27/02/2013 - 13:32:01 - [0,029] ----D C:\Users\Bryan\AppData\Roaming\FileZilla O43 - CFD: 03/07/2012 - 23:12:20 - [0] ----D C:\Users\Bryan\AppData\Roaming\GetRightToGo O43 - CFD: 25/12/2010 - 09:32:17 - [0] ----D C:\Users\Bryan\AppData\Roaming\Google O43 - CFD: 25/04/2012 - 19:14:19 - [0,000] ----D C:\Users\Bryan\AppData\Roaming\gtk-2.0 O43 - CFD: 13/01/2013 - 21:19:29 - [1,064] ----D C:\Users\Bryan\AppData\Roaming\Hotspot Shield O43 - CFD: 10/11/2012 - 15:28:45 - [1,025] ----D C:\Users\Bryan\AppData\Roaming\Image-Line O43 - CFD: 26/06/2012 - 20:33:02 - [0,006] ----D C:\Users\Bryan\AppData\Roaming\IObit O43 - CFD: 09/12/2010 - 23:05:13 - [3,037] ----D C:\Users\Bryan\AppData\Roaming\Macromedia O43 - CFD: 20/01/2011 - 16:17:25 - [2,953] ----D C:\Users\Bryan\AppData\Roaming\Malwarebytes O43 - CFD: 22/11/2012 - 18:09:30 - [25,343] -S--D C:\Users\Bryan\AppData\Roaming\Microsoft O43 - CFD: 18/02/2012 - 23:01:29 - [25,267] ----D C:\Users\Bryan\AppData\Roaming\Mozilla O43 - CFD: 22/11/2012 - 16:12:29 - [0] ----D C:\Users\Bryan\AppData\Roaming\MP3SkypeRecorder O43 - CFD: 16/05/2012 - 19:18:40 - [0,120] ----D C:\Users\Bryan\AppData\Roaming\Mumble O43 - CFD: 02/07/2012 - 11:34:33 - [0,416] ----D C:\Users\Bryan\AppData\Roaming\Notepad++ O43 - CFD: 31/03/2012 - 23:22:48 - [2,049] ----D C:\Users\Bryan\AppData\Roaming\NVIDIA O43 - CFD: 22/11/2012 - 18:29:04 - [12,365] ----D C:\Users\Bryan\AppData\Roaming\OpenOffice.org O43 - CFD: 08/11/2011 - 17:16:54 - [0,001] ----D C:\Users\Bryan\AppData\Roaming\Origin O43 - CFD: 14/11/2012 - 10:34:04 - [68,294] ----D C:\Users\Bryan\AppData\Roaming\Redox O43 - CFD: 24/01/2013 - 18:37:18 - [0] ----D C:\Users\Bryan\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 21/02/2013 - 17:47:42 - [0] ----D C:\Users\Bryan\AppData\Roaming\RegBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 O43 - CFD: 27/02/2013 - 13:50:54 - [255,323] ----D C:\Users\Bryan\AppData\Roaming\Skype O43 - CFD: 12/10/2011 - 10:08:01 - [0,038] ----D C:\Users\Bryan\AppData\Roaming\skypePM O43 - CFD: 31/03/2012 - 23:23:32 - [0,712] ----D C:\Users\Bryan\AppData\Roaming\Sony O43 - CFD: 03/02/2013 - 20:23:45 - [1,050] ----D C:\Users\Bryan\AppData\Roaming\TeamViewer O43 - CFD: 01/12/2012 - 22:04:19 - [6,135] ----D C:\Users\Bryan\AppData\Roaming\TS3Client O43 - CFD: 07/03/2011 - 20:36:40 - [0,001] ----D C:\Users\Bryan\AppData\Roaming\vlc O43 - CFD: 23/01/2011 - 10:52:06 - [0,000] ----D C:\Users\Bryan\AppData\Roaming\Windows Live Writer O43 - CFD: 28/01/2011 - 21:51:31 - [0,000] ----D C:\Users\Bryan\AppData\Roaming\WinRAR O43 - CFD: 14/03/2012 - 21:04:27 - [0,177] ----D C:\Users\Bryan\AppData\Roaming\X-Chat 2 O43 - CFD: 17/05/2012 - 14:20:19 - [138,714] ----D C:\Users\Bryan\AppData\Local\Activision O43 - CFD: 23/12/2011 - 11:19:59 - [22,795] ----D C:\Users\Bryan\AppData\Local\Adobe O43 - CFD: 20/06/2012 - 10:48:36 - [34,580] ----D C:\Users\Bryan\AppData\Local\Akamai O43 - CFD: 22/11/2012 - 16:12:30 - [0,001] ----D C:\Users\Bryan\AppData\Local\Alexander_Nikiforov O43 - CFD: 09/12/2010 - 23:03:53 - [0] ----D C:\Users\Bryan\AppData\Local\Application Data O43 - CFD: 20/03/2011 - 13:41:14 - [0] ----D C:\Users\Bryan\AppData\Local\Apps O43 - CFD: 20/05/2012 - 20:36:29 - [0] ----D C:\Users\Bryan\AppData\Local\Chromium O43 - CFD: 03/07/2012 - 23:12:55 - [1,607] ----D C:\Users\Bryan\AppData\Local\CRE O43 - CFD: 24/03/2011 - 18:19:09 - [0,092] ----D C:\Users\Bryan\AppData\Local\CurseClient O43 - CFD: 10/04/2011 - 10:59:35 - [0] ----D C:\Users\Bryan\AppData\Local\Deployment O43 - CFD: 03/12/2012 - 11:16:42 - [0] ----D C:\Users\Bryan\AppData\Local\Diagnostics O43 - CFD: 12/02/2011 - 10:39:11 - [0] ----D C:\Users\Bryan\AppData\Local\Downloaded Installations O43 - CFD: 09/12/2010 - 23:05:15 - [0,000] ----D C:\Users\Bryan\AppData\Local\EgisTec IPS O43 - CFD: 27/02/2013 - 13:11:57 - [0,093] ----D C:\Users\Bryan\AppData\Local\ElevatedDiagnostics O43 - CFD: 11/11/2011 - 20:45:55 - [0,027] ----D C:\Users\Bryan\AppData\Local\ESN Sonar O43 - CFD: 13/02/2012 - 13:40:49 - [0,007] ----D C:\Users\Bryan\AppData\Local\GamersFirst LIVE! O43 - CFD: 24/02/2013 - 13:45:59 - [101,692] ----D C:\Users\Bryan\AppData\Local\Google O43 - CFD: 09/12/2010 - 23:03:53 - [0] ----D C:\Users\Bryan\AppData\Local\Historique O43 - CFD: 16/07/2012 - 01:21:44 - [0,559] ----D C:\Users\Bryan\AppData\Local\LogMeIn Hamachi O43 - CFD: 26/06/2012 - 20:34:25 - [0] ----D C:\Users\Bryan\AppData\Local\Macromedia O43 - CFD: 14/07/2012 - 14:19:02 - [64,218] ----D C:\Users\Bryan\AppData\Local\MediaFire Express O43 - CFD: 22/11/2012 - 18:09:26 - [632,411] ----D C:\Users\Bryan\AppData\Local\Microsoft O43 - CFD: 27/03/2012 - 20:27:46 - [0,316] ----D C:\Users\Bryan\AppData\Local\Microsoft Games O43 - CFD: 18/02/2012 - 00:22:47 - [0,023] ----D C:\Users\Bryan\AppData\Local\Microsoft Help O43 - CFD: 22/11/2012 - 18:14:44 - [1,310] ----D C:\Users\Bryan\AppData\Local\MicrosoftStore O43 - CFD: 18/02/2012 - 23:01:29 - [279,228] ----D C:\Users\Bryan\AppData\Local\Mozilla O43 - CFD: 12/03/2011 - 20:59:00 - [0] ----D C:\Users\Bryan\AppData\Local\Mumble O43 - CFD: 13/10/2012 - 12:30:43 - [0,006] ----D C:\Users\Bryan\AppData\Local\Neptune O43 - CFD: 05/10/2011 - 19:26:28 - [0] ----D C:\Users\Bryan\AppData\Local\PackageAware O43 - CFD: 27/02/2013 - 13:55:29 - [0,308] ----D C:\Users\Bryan\AppData\Local\PMB Files O43 - CFD: 29/11/2012 - 13:06:18 - [0] ----D C:\Users\Bryan\AppData\Local\Programs O43 - CFD: 17/05/2012 - 14:24:35 - [11,604] ----D C:\Users\Bryan\AppData\Local\PunkBuster O43 - CFD: 31/12/2012 - 00:18:53 - [0] ----D C:\Users\Bryan\AppData\Local\SCE O43 - CFD: 29/04/2012 - 13:01:37 - [0,066] ----D C:\Users\Bryan\AppData\Local\SkinSoft O43 - CFD: 16/10/2011 - 09:59:54 - [2,979] ----D C:\Users\Bryan\AppData\Local\Sony O43 - CFD: 09/06/2012 - 21:30:52 - [12,493] ----D C:\Users\Bryan\AppData\Local\SplitMediaLabs O43 - CFD: 11/04/2011 - 17:46:03 - [13,227] ----D C:\Users\Bryan\AppData\Local\Sun O43 - CFD: 04/02/2012 - 21:09:05 - [95,070] ----D C:\Users\Bryan\AppData\Local\TeamSpeak 3 Client O43 - CFD: 28/04/2012 - 14:07:48 - [0] ----D C:\Users\Bryan\AppData\Local\TechSmith O43 - CFD: 27/02/2013 - 13:55:19 - [171,841] -SH-D C:\Users\Bryan\AppData\Local\Temp O43 - CFD: 09/12/2010 - 23:03:53 - [0] ----D C:\Users\Bryan\AppData\Local\Temporary Internet Files O43 - CFD: 09/02/2013 - 16:14:14 - [0,001] ----D C:\Users\Bryan\AppData\Local\Ubisoft Game Launcher O43 - CFD: 26/08/2012 - 12:26:41 - [3,757] ----D C:\Users\Bryan\AppData\Local\VirtualStore O43 - CFD: 20/01/2013 - 16:25:36 - [0,002] ----D C:\Users\Bryan\AppData\Local\Vitalwerks O43 - CFD: 10/07/2012 - 18:55:50 - [0,137] ----D C:\Users\Bryan\AppData\Local\Windows Live O43 - CFD: 23/01/2011 - 10:51:44 - [0,618] ----D C:\Users\Bryan\AppData\Local\Windows Live Writer O43 - CFD: 27/02/2013 - 13:23:02 - [0] ----D C:\Users\Bryan\AppData\Local\WMTools Downloaded Files O43 - CFD: 17/02/2012 - 13:02:04 - [0] ----D C:\Users\Bryan\AppData\Local\Xenocode O43 - CFD: 28/01/2013 - 12:26:33 - [0] ----D C:\Users\Bryan\AppData\Local\{14916A44-062A-4743-AB97-443C9DA2FF1A} O43 - CFD: 11/01/2013 - 12:56:25 - [0] ----D C:\Users\Bryan\AppData\Local\{3040442F-E907-4D9B-BDEF-5D8F463AB989} O43 - CFD: 12/12/2012 - 16:53:58 - [0] ----D C:\Users\Bryan\AppData\Local\{418196A3-B9F5-4BB3-AED9-D6945B84D89B} O43 - CFD: 10/12/2012 - 08:45:58 - [0] ----D C:\Users\Bryan\AppData\Local\{7178B89C-5A0F-460C-816B-0E7A2AD95D8E} O43 - CFD: 02/12/2012 - 12:26:12 - [0] ----D C:\Users\Bryan\AppData\Local\{72E9D5D0-F4DB-4407-9614-2D252C264253} O43 - CFD: 03/02/2013 - 00:58:45 - [0] ----D C:\Users\Bryan\AppData\Local\{79BB06D3-41AE-40BB-A942-A6C8771EB1A7} O43 - CFD: 09/12/2012 - 10:24:41 - [0] ----D C:\Users\Bryan\AppData\Local\{83DA88AE-0917-475C-9D04-AA14F9B095F3} O43 - CFD: 07/12/2012 - 12:06:32 - [0] ----D C:\Users\Bryan\AppData\Local\{8435483A-6CDE-493F-8000-89C261AE465D} O43 - CFD: 11/12/2012 - 16:54:05 - [0] ----D C:\Users\Bryan\AppData\Local\{96FE6404-D776-4308-850E-AFCD9412FF78} O43 - CFD: 27/01/2013 - 10:49:01 - [0] ----D C:\Users\Bryan\AppData\Local\{A4EAD5FC-93C3-4B9B-8509-E263382AF8A0} O43 - CFD: 03/02/2013 - 12:58:59 - [0] ----D C:\Users\Bryan\AppData\Local\{A82B69C1-6269-4644-AC99-D2C33E73AB27} O43 - CFD: 09/02/2013 - 12:42:43 - [0] ----D C:\Users\Bryan\AppData\Local\{B932C544-F0C9-4621-8834-360F0B98784D} O43 - CFD: 08/12/2012 - 22:24:29 - [0] ----D C:\Users\Bryan\AppData\Local\{BD896F42-9A73-44DE-BF0E-07670F9AEBDD} O43 - CFD: 13/12/2012 - 20:32:06 - [0] ----D C:\Users\Bryan\AppData\Local\{C9C6D32E-3D82-4EAE-BB9F-2EABCC835483} O43 - CFD: 29/01/2013 - 12:09:17 - [0] ----D C:\Users\Bryan\AppData\Local\{D11389D3-4DF2-4C0D-B2A2-8543EDEB816D} O43 - CFD: 26/01/2013 - 22:48:49 - [0] ----D C:\Users\Bryan\AppData\Local\{D46832A0-9DF7-413F-93B0-B9C9A6914D03} O43 - CFD: 10/12/2012 - 20:46:11 - [0] ----D C:\Users\Bryan\AppData\Local\{E926C9E5-0EEB-4D6E-BABB-A16B3B800BB3} O43 - CFD: 08/12/2012 - 10:24:16 - [0] ----D C:\Users\Bryan\AppData\Local\{FB98E457-312E-448C-9CDA-F6ECBCA5E46D} O43 - CFD: 13/02/2011 - 12:07:06 - [0,014] R---D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 15/07/2012 - 20:08:07 - [0,000] R---D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 13/09/2012 - 16:39:05 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arena O43 - CFD: 10/02/2013 - 19:09:12 - [0,001] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect O43 - CFD: 01/07/2012 - 00:39:42 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus O43 - CFD: 15/12/2012 - 17:31:47 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus2 O43 - CFD: 09/02/2012 - 12:13:22 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus2Beta O43 - CFD: 14/02/2012 - 12:41:13 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client O43 - CFD: 31/01/2013 - 15:47:48 - [0,001] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 10/11/2012 - 15:27:24 - [0,018] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line O43 - CFD: 13/02/2011 - 12:07:06 - [0,001] R---D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 21/02/2012 - 16:04:29 - [0,004] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaFire Express O43 - CFD: 20/01/2013 - 16:25:34 - [0,003] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC O43 - CFD: 02/07/2012 - 00:35:12 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 23/01/2013 - 22:11:25 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart PC Recorder O43 - CFD: 22/11/2012 - 18:29:25 - [0,003] R---D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 11/02/2013 - 18:12:18 - [0,002] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 30/10/2012 - 19:50:22 - [0] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wakfu O43 - CFD: 03/07/2012 - 23:16:49 - [0,003] ----D C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Scan Program Folder in 00mn 44s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.17B03B6535A764752662F00A1C15FE80] - 27/02/2013 - 13:54:57 ---A- . (...) -- C:\dof.png [926298] O44 - LFC:[MD5.92A8416D0D74B4C15FC97C95852DAAB5] - 27/02/2013 - 13:12:14 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1782582] O44 - LFC:[MD5.221C60821C27D7A9714BDCF56EA7FF66] - 27/02/2013 - 13:01:26 ---A- . (...) -- C:\Windows\setupact.log [7804] O44 - LFC:[MD5.C1AB501E0A2CD51D10444D3478BFC438] - 27/02/2013 - 13:01:11 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.875F1BF8E1A5C0F979C142BF0AB9E947] - 27/02/2013 - 02:00:37 ---A- . (.CamStudio Group - CamStudio Lossless Video Codec.) -- C:\Windows\SysNative\CamCodec.dll [49664] O44 - LFC:[MD5.F35C45C9A494D9B1BB49A894AED8A6A4] - 25/02/2013 - 03:16:36 ---A- . (...) -- C:\Windows\PFRO.log [6658] O44 - LFC:[MD5.E661880B6BAB45C9C70A7B090E2B95D4] - 24/02/2013 - 13:53:23 ---A- . (...) -- C:\Windows\Instaler Setup Log.txt [5117] O44 - LFC:[MD5.9FFBB8A29E2DCC69A6DC5B034C7C7654] - 24/02/2013 - 03:03:17 ---A- . (...) -- C:\Windows\epplauncher.mif [2155] O44 - LFC:[MD5.BFE5894973307E16D8DA19BD1B443BC2] - 16/02/2013 - 22:12:09 . (...) -- C:\Windows\System32\FNTCACHE.DAT [] O44 - LFC:[MD5.BFE5894973307E16D8DA19BD1B443BC2] - 16/02/2013 - 22:12:09 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [372704] O44 - LFC:[MD5.5A2BA7155C1237A7D70748C2801A87E6] - 09/02/2013 - 16:04:18 ---A- . (...) -- C:\Windows\DirectX.log [122081] O44 - LFC:[MD5.A2BA2467FA1AA0AE9492A097ED9E81D7] - 08/02/2013 - 15:03:38 ---A- . (...) -- C:\aspx.text [9] O44 - LFC:[MD5.098F6BCD4621D373CADE4E832627B4F6] - 08/02/2013 - 14:57:01 ---A- . (...) -- C:\file.aspx [4] O44 - LFC:[MD5.875F1BF8E1A5C0F979C142BF0AB9E947] - 24/10/2010 - 00:56:50 . (...) -- C:\Windows\System32\CamCodec.dll [] ~ Scan Files in 00mn 22s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\xchat\xchat.exe" [Enabled] .(...) -- C:\Program Files (x86)\xchat\xchat.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe ~ Scan Keys in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) (None) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.XFR1"="xfcodec64.dll" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\System32\xfcodec64.dll O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"xfcodec64.dll"="Xfire video codec [XFR1]" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\System32\xfcodec64.dll O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Akamai NetSession Interface [Key] . (.Akamai Technologies, Inc - Akamai NetSession Client.) -- C:\Users\Bryan\AppData\Local\Akamai\netsession_win.exe O53 - SMSR:HKLM\...\startupreg\Browser Infrastructure Helper [Key] . (...) -- C:\Users\Bryan\AppData\Local\Smartbar\Application\Linkury.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\EADM [Key] . (...) -- C:\Program Files (x86)\Origin\Origin.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\InstallIQUpdater [Key] . (...) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\LogMeIn Hamachi Ui [Key] . (...) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\mwlDaemon [Key] . (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe O53 - SMSR:HKLM\...\startupreg\Pando Media Booster [Key] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O53 - SMSR:HKLM\...\startupreg\PlusService [Key] . (...) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\steam.exe O53 - SMSR:HKLM\...\startupreg\SuiteTray [Key] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKCU\...\Policies\System] - "disableregistrytools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 18/03/2009 - 16:35:42 --HA- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\hamachi.sys [33856] O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 04/01/2005 - 01:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\SysWOW64\npptNT2.sys [4682] ~ Scan Drivers in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 12/02/2013 - C:\Windows\System32\DRIVERS\hssdrv6.sys (HssDRV6) .(.AnchorFree Inc. - Hotspot Shield Routing Driver.) - LEGACY_HSSDRV6 O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys (mwlPSDFilter) .(.Egis Technology Inc. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys (mwlPSDNServ) .(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys (mwlPSDVDisk) .(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\SysWow64\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\SysWow64\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Bryan - sxc0oca5.default] user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119531&babsrc=HP_ss&mntrId=5ed1b52900000000000000ffeb9[...] O69 - SBI: prefs.js [Bryan - sxc0oca5.default] user_pref("avg.install.userSPSettings", "Delta Search"); O69 - SBI: prefs.js [Bryan - sxc0oca5.default] user_pref("extensions.BabylonToolbar_i.newTab", true); O69 - SBI: prefs.js [Bryan - sxc0oca5.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119531&babsrc=NT_ss&mntrId=5ed1b52900000000[...] ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ~ Scan Services in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.223D9F4052D07A7BFF350B925442DA2E] [SPRF][14/01/2011] (...) -- C:\ProgramData\ezsidmv.dat [56] [MD5.6ACBD475647D7A160657CB3E460F0F35] [SPRF][27/01/2010] (...) -- C:\ProgramData\FullRemove.exe [131472] [MD5.84913B8293E3812E62183A06992B9918] [SPRF][27/02/2013] (.Umbrella Corporation - Aerial Keylogger Builder.) -- C:\Users\Bryan\AppData\Local\Temp\Aerial Keylogger Builder.exe [2359808] [MD5.0F6381D1336EC3ABCEFBCD6F14730D22] [SPRF][27/02/2013] (.Pas de propriétaire - Aerial Keylogger Decryptor.) -- C:\Users\Bryan\AppData\Local\Temp\Aerial Keylogger Decryptor.exe [1142784] [MD5.87261BAA742606C8D47B8259811D0FCC] [SPRF][10/02/2013] (.Iminent - Iminent Setup.) -- C:\Users\Bryan\AppData\Local\Temp\bootstrapper.exe [853976] [MD5.3D7CDC3E67A97110321BF7453C649B1F] [SPRF][10/02/2013] (...) -- C:\Users\Bryan\AppData\Local\Temp\DeltaTB.exe [775664] [MD5.12915C4FE98CDC33ACFA6A2B9F15B8F5] [SPRF][22/01/2013] (.AnchorFree Inc. - Pas de description.) -- C:\Users\Bryan\AppData\Local\Temp\HssInstaller.exe [266536] [MD5.3AE0F11F3D91179443113CAB0F94F944] [SPRF][22/02/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Bryan\AppData\Local\Temp\uninst1.exe [372736] [MD5.EB812850F48E28B8173BBB7501E79DF2] [SPRF][21/02/2013] (.Adobe Systems Incorporated - Adobe Flash Installer.) -- C:\Users\Bryan\AppData\Local\Temp\winlogon.exe [137761] [MD5.AE28E31C6A0259D0CF99D2758829B180] [SPRF][27/02/2013] (.Adobe Systems Incorporated - Adobe Flash Installer.) -- C:\Users\Bryan\AppData\Roaming\Black-Rose.exe [137216] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{422C8528-D4A7-4F3E-B81A-20FCAC9D9A46}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{AA4D9122-98EA-4C63-8E74-D610FF5275AF}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{80D91C33-202D-4FD7-83AB-F8BC78CC5557}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{00865F85-A69C-4822-BE04-72D0D0A630A8}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{175E024F-4F2A-42D4-A01E-FA89F67D0F70}" | In - None - P17 - TRUE | .(.Acer Incorporated - Acer Arcade Deluxe.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe O87 - FAEL: "{BDD841A2-1AB4-452C-9B93-3DDDE3A232E2}" | In - None - P17 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe O87 - FAEL: "{BAA682B3-CA7E-4354-98D6-138872FFEE87}" | In - None - P17 - TRUE | .(.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe O87 - FAEL: "{E2FC9904-BF8F-408C-839D-99D3B4B38E2D}" | In - None - P17 - TRUE | .(.Acer Incorporated - Acer HomeMedia.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe O87 - FAEL: "{80DA14A7-739A-44DF-A219-21E88B45EAA6}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{682D01E6-7CFE-4341-9731-C69C154BCEBC}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O87 - FAEL: "{8B69AAED-4B71-4708-A93A-EFFC213BF325}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{D06083F8-2D26-44AD-807E-1A44FFD8ACD0}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{119C1A56-496B-4F4E-9D97-6B89A6BDEC75}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{1C906C88-7B5A-4834-B2E4-768EBE1DE690}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{130C873B-0A6A-477A-9D53-29B87CD70E78}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{0C0C130A-B628-4162-8D1F-C1900219B3F8}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "TCP Query User{D89A6FD5-E5CD-48F3-BD64-34D4317EE32E}C:\program files (x86)\java\jre6\bin\java.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\java.exe O87 - FAEL: "UDP Query User{2CECA090-331C-4660-8908-915E3BC43D5C}C:\program files (x86)\java\jre6\bin\java.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\java.exe O87 - FAEL: "{DC354BE8-3FF2-4D87-AFD6-77DF63BBF350}" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\java.exe O87 - FAEL: "{2B9681D2-DE13-4BE7-834E-3CD18E45F73C}" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\java.exe O87 - FAEL: "{AF88FA88-0314-483E-ACAC-4FFF98C7CF8D}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "TCP Query User{8BE8B4EF-DA41-421D-B0FB-CF5C48CCAC35}C:\users\bryan\appdata\local\akamai\netsession_win.exe" | In - Private - P6 - TRUE | .(.Akamai Technologies, Inc.) -- C:\users\bryan\appdata\local\akamai\netsession_win.exe O87 - FAEL: "UDP Query User{0EDCF585-CDEA-4664-BBA8-06351A497254}C:\users\bryan\appdata\local\akamai\netsession_win.exe" | In - Private - P17 - TRUE | .(.Akamai Technologies, Inc.) -- C:\users\bryan\appdata\local\akamai\netsession_win.exe O87 - FAEL: "TCP Query User{77C36526-2C95-4B0B-92D5-524734455FCB}C:\users\bryan\appdata\local\akamai\netsession_win.exe" | In - Public - P6 - TRUE | .(.Akamai Technologies, Inc.) -- C:\users\bryan\appdata\local\akamai\netsession_win.exe O87 - FAEL: "UDP Query User{CA23CDF6-0F88-4FCF-9419-8619015DAB13}C:\users\bryan\appdata\local\akamai\netsession_win.exe" | In - Public - P17 - TRUE | .(.Akamai Technologies, Inc.) -- C:\users\bryan\appdata\local\akamai\netsession_win.exe O87 - FAEL: "{33BD9572-8758-4C5B-9556-25565B28C34E}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe O87 - FAEL: "{F421BAF6-D1B7-4C69-9483-4A73024817D9}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe O87 - FAEL: "{15ED8CE1-79F7-4CD1-B4ED-F4F97FE9A663}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe O87 - FAEL: "{A2C2C828-29A6-47AC-BF91-EBE1513532BB}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe O87 - FAEL: "{DF2448DB-964A-4757-9422-472806A3EBA2}" | In - Private - P6 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe O87 - FAEL: "{CB04E372-D2E0-48AB-A584-4BAF15E98366}" | In - Private - P17 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe O87 - FAEL: "{5DCE0250-ACC6-44AB-AF88-6713C3C60566}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{B0CFA5D8-08F0-4A9B-909E-DCC6A009AF76}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{0633DE4D-1F6C-406F-9EB1-8E61741A568A}" | In - Public - P6 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe O87 - FAEL: "{1C9A4095-3F80-409C-A460-47B5B27861E3}" | In - Public - P17 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe O87 - FAEL: "{65D4DE74-D5BE-4EE7-AFEE-31E6672CE0E3}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe O87 - FAEL: "{FBA0DE11-9C2F-42EE-94B5-B1D71A91B60E}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe O87 - FAEL: "{C7F8D4BB-D40B-4183-9F28-54FFA71BD731}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe O87 - FAEL: "{AF0937DC-CC7C-4C85-AA5C-8CA045E56F8E}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe O87 - FAEL: "{DEE79B24-515E-44F4-A84D-0AF46C595DDC}" | In - Public - P6 - TRUE | .(.Blizzard Entertainment - Diablo III Retail.) -- C:\Program Files (x86)\Diablo III\Diablo III.exe O87 - FAEL: "{6E973FEC-EAB4-4889-8B9B-09C0CB0D5980}" | In - Public - P17 - TRUE | .(.Blizzard Entertainment - Diablo III Retail.) -- C:\Program Files (x86)\Diablo III\Diablo III.exe O87 - FAEL: "{60538A58-0D89-4190-B0C8-2651E339ABE7}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe (.not file.) O87 - FAEL: "{4D3BCAB6-85BB-442B-86C6-2B9374A8134D}" |In - Public - P17 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe (.not file.) O87 - FAEL: "{DC95B43F-7042-4C14-ACD0-C2DC776E5D29}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe (.not file.) O87 - FAEL: "{5EA045DD-FE9E-4561-8470-982C0A7CE437}" |In - Public - P17 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe (.not file.) O87 - FAEL: "{ED158F37-729B-4456-BDD8-5F249C4650C8}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe O87 - FAEL: "{BA7D8AD8-38CE-4B8E-809C-7C4C46B903C5}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe O87 - FAEL: "{A9DD123C-7623-40F5-9B04-0D1FEEB8F332}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe O87 - FAEL: "{13D51499-0952-41EA-987C-6B0585DBC3E8}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe O87 - FAEL: "{B546580A-F574-4A6D-8E8A-AE85B213C8FB}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe (.not file.) O87 - FAEL: "{8F786343-41FC-4E6C-B2A2-71D54D8FEDAD}" |In - Public - P17 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe (.not file.) O87 - FAEL: "{B82225B8-C676-4396-9F09-BE65F0222C82}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{8FD2ECC3-06FA-4212-8F61-EBD988AC081A}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{53416DF0-13F0-414D-BB2C-B07D729E99E0}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{619F9CD2-2EE3-4D35-855D-02C2B99BFD36}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{0D4C0083-9CF4-44EC-A104-4849F0AF80D8}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{8BFEF358-3B54-49CF-9B60-4AA9F5126AA0}" | In - Public - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{D0DB00DD-A7DE-4352-8CAE-74F74DE11D3F}" | In - Public - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{3DBE33CA-E662-43F3-AA2E-9B7018DA9C3A}" | In - Public - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "{1F84E137-74C1-4F4A-9B4D-C07192FC1CA9}" | In - Public - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "{372C8CC3-B09A-4C0E-B2DC-857B5BEE9139}" | In - Public - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe O87 - FAEL: "{FB2D7F5E-E01F-4C0C-B77C-CEF8B631D34A}" | In - Public - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe O87 - FAEL: "{5A97C2F4-F41D-4374-AABD-10B7B47943A8}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe O87 - FAEL: "{80AB89DE-85E7-4F4C-8CF2-B4A2E87B6DBC}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe O87 - FAEL: "{F3373B0C-62C6-4E12-90C5-13D64C01F094}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{3F487E7E-ECF7-4E30-B089-CE061506AAF2}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{C39E46A2-5961-499C-8340-40FB5C092F2B}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "{DB9E39E1-EC8B-4D12-8A38-FECCF53839DE}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "{BA00AEA0-82F2-40DD-87D3-5CB2CDDB187C}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe O87 - FAEL: "{741B1324-BC07-433A-BE5C-53820F76085C}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe O87 - FAEL: "{D138E149-7EBB-4AE7-A6A7-CECFC7D7A99E}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe O87 - FAEL: "{CA023006-D2EB-4832-9870-D0094CC051DA}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe O87 - FAEL: "{2725EEA9-74C1-408E-B665-F7AA9D36D8A5}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe O87 - FAEL: "{22A640E3-EE9B-4C15-9605-52CB2491B833}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe O87 - FAEL: "{D9467976-E4B2-4600-BD87-A471AD4583CE}" | In - Private - P6 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\counter-strike\hl.exe O87 - FAEL: "{187F1256-29CB-407B-8894-32C9E8337D12}" | In - Private - P17 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\counter-strike\hl.exe O87 - FAEL: "{DC854EE6-8785-42EE-AE4C-A2257750A916}" | In - Private - P6 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\condition zero\hl.exe O87 - FAEL: "{AB03F5E9-735A-4FF7-8FDA-C44CBA2B379D}" | In - Private - P17 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\condition zero\hl.exe O87 - FAEL: "{D4BCCB52-AEFD-4ABC-A67B-0B78A3B3063D}" | In - Private - P6 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\day of defeat\hl.exe O87 - FAEL: "{AE715B27-E14D-4A1C-B909-A7D06B9236BB}" | In - Private - P17 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\day of defeat\hl.exe O87 - FAEL: "{8CA2AE03-F91C-4177-AC81-F2A2A70D6F21}" | In - Public - P6 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\day of defeat\hl.exe O87 - FAEL: "{E1651256-2641-4728-8999-2F01B7A73A3D}" | In - Public - P17 - TRUE | .(.Valve - Half-Life Launcher.) -- C:\Program Files (x86)\Steam\SteamApps\chbryan\day of defeat\hl.exe ~ Scan Firewall in 00mn 07s ---\\ Scan Additionnel (O88) Database Version : v2.10977 - (26/02/2013) Clés trouvées (Keys found) : 191 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 10 Fichiers trouvés (Files found) : 8 [HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{177586E7-E42E-4F38-83D1-D15B4AF5B714}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon [HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon [HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker [HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Trojan.Adclicker [HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo [HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo [HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing [HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods [HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods [HKLM\Software\Classes\ilivid] => [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160] =>Adware.Bandoo [HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKCU\Software\DataMngr_Toolbar] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKCU\Software\Softonic] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\SimplyGen] =>Adware.PredictAd [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch [HKLM\Software\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch [HKLM\Software\Classes\Prod.cap] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>Toolbar.DeltaSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Features\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Features\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Products\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Features\54A306F2659DB694185B057D28249467] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\54A306F2659DB694185B057D28249467] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\54A306F2659DB694185B057D28249467] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Features\54A306F2659DB694185B057D28249467] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Products\54A306F2659DB694185B057D28249467] =>PUP.SweetIM [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\delta.deltaappCore] =>toolbar.DeltaSearch [HKLM\Software\Classes\delta.deltaappCore.1] =>toolbar.DeltaSearch [HKLM\Software\Classes\delta.deltadskBnd] =>toolbar.DeltaSearch [HKLM\Software\Classes\delta.deltadskBnd.1] =>toolbar.DeltaSearch [HKLM\Software\Classes\delta.deltaHlpr] =>toolbar.DeltaSearch [HKLM\Software\Classes\delta.deltaHlpr.1] =>toolbar.DeltaSearch [HKLM\Software\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch [HKLM\Software\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch [HKLM\Software\Classes\Iminent.Business.TinyUrl.UrlTinyfier] =>Adware.IMBooster [HKLM\Software\Classes\RewardsArcadeSuite.FBApi] =>PUP.RewardsArcade [HKLM\Software\Classes\RewardsArcadeSuite.FBApi.1] =>PUP.RewardsArcade [HKLM\Software\Classes\RewardsArcadeSuite.Sandbox] =>PUP.RewardsArcade [HKLM\Software\Classes\RewardsArcadeSuite.Sandbox.1] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\delta.deltaappCore] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\delta.deltaappCore.1] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\delta.deltadskBnd.1] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\delta.deltaHlpr.1] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\Iminent.Business.TinyUrl.UrlTinyfier] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\RewardsArcadeSuite.FBApi] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\RewardsArcadeSuite.FBApi.1] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\RewardsArcadeSuite.Sandbox] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\RewardsArcadeSuite.Sandbox.1] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\escort.DLL] =>PUP.Funmoods [HKLM\Software\Classes\AppID\escortApp.DLL] =>PUP.Funmoods [HKLM\Software\Classes\AppID\escortEng.DLL] =>PUP.Funmoods [HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods [HKLM\Software\Classes\AppID\Iminent.BHO.NavigationError.DLL] =>Adware.IMBooster [HKLM\Software\Classes\AppID\Iminent.MMServer.EXE] =>Adware.IMBooster [HKLM\Software\Classes\AppID\Iminent.WebBooster.DLL] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\RewardsArcadeSuite] =>PUP.RewardsArcade [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^ C:\Program Files (x86)\Hotspot Shield =>Toolbar.Conduit C:\Program Files (x86)\SearchCore for Browsers =>Adware.SearchCore C:\ProgramData\Babylon =>Toolbar.Babylon C:\ProgramData\Hotspot Shield =>Toolbar.Conduit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield =>Toolbar.Conduit C:\Users\Bryan\AppData\Roaming\Babylon =>Toolbar.Babylon C:\Users\Bryan\AppData\Roaming\Hotspot Shield =>Toolbar.Conduit C:\Users\Bryan\AppData\Local\Temp\Iminent =>Adware.IMBooster C:\Users\Bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph =>Adware.GamePlayLabs C:\Users\Bryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\sxc0oca5.default\bprotector_extensions.sqlite =>PUP.BProtector C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\sxc0oca5.default\bprotector_prefs.js =>PUP.BProtector C:\Users\Bryan\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon C:\Users\Bryan\AppData\Local\facemoods.bmp =>Adware.Facemoods C:\Users\Bryan\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon C:\Users\Bryan\AppData\Local\Temp\bootstrapper.exe => Adware.IMBooster ~ Scan Additionnel in 01mn 52s ---\\ Recherche détournement de DNS routeur (O89) (None) ---\\ Product Upgrade Codes (O90) O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- c:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- c:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0 O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico O90 - PUC: "0D9196FA196553F4D956459F18105341" . (.Microsoft SQL Server Compact 3.5 SP2 FRA.) -- C:\Windows\Installer\{AF6919D0-5691-4F35-9D65-54F981013514}\ProductIcon O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe O90 - PUC: "144A4120BA4A8A34D8FEF2375C636437" . (.Microsoft Works.) -- c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\MSWorks.exe O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Complément Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon O90 - PUC: "1EDCB75C9BC7D7643BABE7119961DC1C" . (.Norton Online Backup.) -- C:\Windows\Installer\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}\Icon.ico O90 - PUC: "2BC4C58B253B8DB418C8CB3E35951970" . (.SweetIM for Messenger 3.6.) -- C:\Windows\Installer\{B85C4CB2-B352-4BD8-818C-BCE353599107}\ARPPRODUCTICON.exe O90 - PUC: "3611BE1116756CB4F88489CD6F4AB6FB" . (.Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32.) -- C:\Windows\Installer\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}\Icon_msi.ico O90 - PUC: "38E5962CD1FC1D3448EF3BEB5C1610A2" . (.Shredder.) -- C:\Windows\Installer\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\ARPPRODUCTICON.exe O90 - PUC: "3C5FB837B7FA0BB47BFE5E50FE7C65EB" . (.MyWinLocker Suite.) -- C:\Windows\Installer\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}\ARPPRODUCTICON.exe O90 - PUC: "487EA05EEBAFAD641A8FB7B665CD2BE2" . (.Microsoft Office Suite Activation Assistant.) -- C:\Windows\Installer\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}\ARPPRODUCTICON.exe O90 - PUC: "4A1AFE21B3CAC344183432E7ED674030" . (.NTI Backup Now Standard.) -- C:\Windows\Installer\{12EFA1A4-AC3B-443C-8143-237EDE760403}\ARPPRODUCTICON.exe O90 - PUC: "54A306F2659DB694185B057D28249467" . (.SweetPacks Toolbar for Internet Explorer 4.4.) -- C:\Windows\Installer\{2F603A45-D956-496B-81B5-50D782424976}\ARPPRODUCTICON.exe O90 - PUC: "5E677B270354B4C4493557D18FD7D939" . (.Backup Manager Basic.) -- C:\Windows\Installer\{72B776E5-4530-4C4B-9453-751DF87D9D93}\ARPPRODUCTICON.exe O90 - PUC: "613755F10CFCDB14FA7FB84CC94E447D" . (.Shredder.) -- C:\Windows\Installer\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA7FFFFB7449A0100000010" . (.Adobe Reader 9.1 MUI.) -- c:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico O90 - PUC: "743C7362DAD96D11E92A0050D5C07A16" . (.PowerCinema.) -- C:\Windows\Installer\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\ARPPRODUCTICON.exe O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco O90 - PUC: "79407899D9A1CF9449F9CE4F89A6ABF1" . (.ForceDownload.) -- C:\Windows\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe O90 - PUC: "7E685771E24E83F4381D1DB5A45F7B41" . (.Delta Chrome Toolbar.) -- C:\Windows\Installer\{177586E7-E42E-4F38-83D1-D15B4AF5B714}\Delta.ico O90 - PUC: "8FD07F69F061C9F4B9E9A2B934B9E49B" . (.Broadcom Gigabit NetLink Controller.) -- c:\Windows\Installer\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}\ARPPRODUCTICON.exe O90 - PUC: "9D0DC7D088A436A4F819F3E4F8737186" . (.MyWinLocker.) -- C:\Windows\Installer\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\ARPPRODUCTICON.exe O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico O90 - PUC: "AF32006D1FD3735439DD3120C44C3E66" . (.Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA.) -- C:\Windows\Installer\{D60023FA-3DF1-4537-93DD-13024CC4E366}\ProductIcon O90 - PUC: "B7FCE3404274B7F4A8D9CB2217E9597F" . (.Microsoft SQL Server Compact 3.5 Design Tools FRA.) -- C:\Windows\Installer\{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}\ProductIcon O90 - PUC: "C039314290386A74CB16E52FA72422CB" . (.NTI Media Maker 8.) -- C:\Windows\Installer\{2413930C-8309-47A6-BC61-5EF27A4222BC}\ARPPRODUCTICON.exe O90 - PUC: "C140F365BDFDB7341A8E1E140E090667" . (.Microsoft IntelliPoint 8.0.) -- c:\Windows\Installer\{563F041C-DFDB-437B-A1E8-E141E0906076}\Mouse.ico O90 - PUC: "CFA7A10B6530FA343A336C9521EA8ACD" . (.Objets de gestion Microsoft SQL Server 2008 R2.) -- C:\Windows\Installer\{B01A7AFC-0356-43AF-A333-C65912AEA8DC}\ARPIco O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "E50A609283D274B4582A3D84E573C2F8" . (.Microsoft SQL Server Compact 3.5 SP2 x64 FRA.) -- C:\Windows\Installer\{2906A05E-2D38-4B47-85A2-D3485E372C8F}\ProductIcon O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.1.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O90 - PUC: "E8A70D2129A467D49AE9D9B2BBFFD288" . (.King Of Kings 3.) -- C:\Windows\Installer\{12D07A8E-4A92-4D76-A99E-9D2BBBFF2D88}\ARPPRODUCTICON.exe O90 - PUC: "EBCC66208DBBC6144AF8F74CC7D65B66" . (.Microsoft SQL Server System CLR Types.) -- C:\Windows\Installer\{0266CCBE-BBD8-416C-A48F-7FC47C6DB566}\ARPIco O90 - PUC: "F60C1AD7319C7C64A8F0ADC2AB71AED1" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico O90 - PUC: "FC6FE9A6036733E4EA22D7073FFAB450" . (.AION Free-To-Play.) -- C:\Windows\Installer\{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}\ARPPRODUCTICON.exe ~ Scan Files in 00mn 00s ---\\ Random Export Key (O91) [HKCU\Software\5e538ad8e639ee48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:dllName="BrowserProtect.dll" [HKCU\Software\5e538ad8e639ee48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:exeName="BrowserProtect.exe" [HKCU\Software\5e538ad8e639ee48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:folderName="BrowserProtect" [HKCU\Software\5e538ad8e639ee48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5e538ad8e639ee48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:serviceName="BrowserProtect" [HKCU\Software\5e538ad8e639ee48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" [HKCU\Software\5e538ad8e639ee48]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5e538ad8e639ee48]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:INSTALL_FOLDER_NAME="BrowserProtect" [HKCU\Software\5e538ad8e639ee48]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" [HKCU\Software\5e538ad8e639ee48]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:PROTECTOR_DLL_NAME="BrowserProtect.dll" [HKCU\Software\5e538ad8e639ee48]:PROTECT_EXE_NAME="BrowserProtect.exe" [HKCU\Software\5e538ad8e639ee48]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKCU\Software\5e538ad8e639ee48]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKCU\Software\5e538ad8e639ee48]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKCU\Software\5e538ad8e639ee48]:SERVICE_NAME="BrowserProtect" [HKCU\Software\5e538ad8e639ee48]:usrcheckbox="0" [HKCU\Software\5e538ad8e639ee48]:version="2.6.1095.52" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:INSTALL_FOLDER_NAME="BrowserProtect" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:PROTECTOR_DLL_NAME="BrowserProtect.dll" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:PROTECT_EXE_NAME="BrowserProtect.exe" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:SERVICE_NAME="BrowserProtect" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:usrcheckbox="0" [HKLM\Software\Wow6432Node\5e538ad8e639ee48]:version="2.6.1095.52" ~ Scan Export Key Software in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 27/02/2013 251248 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 28/03/2009 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_ce5ba24.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe SR - | Auto 2550224 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe SR - | Auto 30/09/2009 844320 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe SR - | Auto 26/02/2012 632320 | (FileZilla Server) . (.FileZilla Project.) - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe SR - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe SS - | Auto 25/12/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 25/12/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 13/02/2013 536360 | (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe SR - | Auto 12/02/2013 444712 | (HssSrv) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe SS - | Demand 78512 | (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe SR - | Auto 389928 | (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe SR - | Auto 05/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe SS - | Demand 01/02/2010 305520 | (MWLService) . (.Egis Technology Inc..) - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe SS - | Demand 30/12/1899 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des SR - | Auto 09/03/2010 250368 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe SS - | Demand 06/11/2009 50432 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe SR - | Auto 06/11/2009 144640 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe SR - | Auto 15/10/2011 1640768 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 15/10/2011 2253120 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 28/10/2012 529744 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SR - | Auto 14/12/2012 3467768 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe SR - | Auto 29/01/2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe SS - | Demand 26/09/2011 18432 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe SS - | Demand 8176640 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SS - | Demand 0 | (X6va003) . (...) - C:\Users\Bryan\AppData\Local\Temp\0037C5.tmp SS - | Demand 0 | (X6va005) . (...) - C:\Users\Bryan\AppData\Local\Temp\005A7C3.tmp ~ Scan Services in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Bryan at 27/02/2013 14:05:15 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ~ Scan MBR in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Bryan at 27/02/2013 14:05:17 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 04s End of the scan (1964 lines in 11mn 05s)(0)