cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.4.9.51 par Nicolas Coolman, Update du 09/04/2013
Run by Bureau at 11/04/2013 15:44:40
State : Nouvelle version disponible
High Elevated Privileges : OK
UAC : Not Found


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 15.0.1 v15.0.1
GCIE: Google Chrome v26.0.1410.64

---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Protection
Antivirus : avast! Free Antivirus v7.0.1466.0

---\\ System Information
~ Processor: x86 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3071 MB (74% free)
System Restore: Activ� (Enable)
System drive C: has 95 GB (63%) free of 149 GB

---\\ Logged in mode
~ Computer Name: PROPRIET-2BB9ED
~ User Name: Bureau
~ All Users Names: UpdatusUser, SUPPORT_388945a0, HelpAssistant, Bureau, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Bureau\Application Data\
~ %Desktop% : C:\Documents and Settings\Bureau\Bureau\
~ %Favorites% : C:\Documents and Settings\Bureau\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Bureau\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Bureau\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 95 Go of 149 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 61 Go of 149 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.48309E1F5ED8E72783EEFBA04898BDA1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/03/2013 - 02:55:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.FB2FCCC70F7174C7BF64F48E96D3ADF4] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:35.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [457856]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/6655
~ Mes musiques (My Musics) : 8/548
~ Mes Videos (My Videos) : 1/20
~ Mes Favoris (My Favorites) : 0/74
~ Mes Documents (My Documents) : 2/10165
~ Mon Bureau (My Desktop) : 0/125
~ Menu demarrer (Programs) : 1/101
~ Hidden Files: Scanned in 00mn 10s



---\\ Processus lanc�s
[MD5.A9FF9831AB2BFFB1CCF849BDA19D06FD] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [528192] [PID.1984]
[MD5.04AC21E821F259845BD7367CEE057290] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1456]
[MD5.927754ABF077AEB5504BE4E0F2C60C1B] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files\Fichiers communs\logishrd\LVMVFM\UMVPFSrv.exe [450848] [PID.1656]
[MD5.CD64CE62BE47DF0E9A459FD9002221FE] - (...) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [77824] [PID.2080]
[MD5.7A834424537E13AA5F2D964C9D9FA991] - (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [1935656] [PID.2808]
[MD5.2C41AE09BB51EA074069135F183DAA9C] - (.Acronis - Acronis Scheduler 2.) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [660576] [PID.3164]
[MD5.829E254AE20147EC9D3C54A5991D298E] - (...) -- C:\WINDOWS\system32\afasrv32.exe [65536] [PID.3584]
[MD5.1CC3E547FE3DEC8272780F24F3059519] - (...) -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504] [PID.3772]
[MD5.12CDB5DC7774298223099D6E41ED5CE7] - (.SEIKO EPSON CORPORATION - EPSON Printer Status Agent.) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe [94208] [PID.2104]
[MD5.999DB5F88C8E145CCA9D471E33227143] - (.Oracle Corporation - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [170912] [PID.3500]
[MD5.8FFCFE3351F51E19B856A2347E19B850] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336] [PID.3564]
[MD5.BAD0D303EF0A519409C625738F3E10A3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4282728] [PID.3572]
[MD5.258CACA1DAADE43978E2ECC9BDC94E1C] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [73728] [PID.3684]
[MD5.E774F875819DEE4A312A921A88F779FE] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576] [PID.4000]
[MD5.CFE4BD7C25A750D71A5BD2390953BEB6] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640] [PID.356]
[MD5.1B959A0614D575D0AB3B09095F0A8B83] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [9158656] [PID.352]
[MD5.E6FF299C72B5E8A4303A41662D6CF2D7] - (...) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [265240] [PID.3708]
[MD5.934BB0D23A25C8C136570800A5A149B6] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [687400] [PID.4012]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [252848] [PID.4040]
[MD5.87E3D12D74A86D75659FA808E4886D53] - (.Alcor Micro, Corp. - Drive Monitor.) -- C:\WINDOWS\system32\DrvMon.exe [53248] [PID.4092]
[MD5.B90E093E7A7250906F1054418B5339C0] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2560]
[MD5.6B665BDA473E2888A036D0BA5663B5A5] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\WINDOWS\system32\nvsvc32.exe [164200] [PID.3368]
[MD5.DA345DE3B450E9E1691E7B9956D8FFC3] - (...) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112] [PID.3468]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [185632] [PID.4024]
[MD5.800E8F1DC5F6A200B6DFCA2B3C21365E] - (...) -- C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [493200] [PID.2056]
[MD5.902054D6B4292329F9594FFF24EE02DB] - (...) -- C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe [680984] [PID.2420]
[MD5.478D9A1E760F9089DE19925616689F0D] - (.Pinnacle Systems - Media Server Host.) -- C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [49152] [PID.3384]
[MD5.85A5DB9C8DEFDDE941EC121ADB5B3175] - (.DT Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe [2744960] [PID.6076]
[MD5.B93499B1D1058C86C1A60C026C334971] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6581760] [PID.5192]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.5348]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\prefs.js
C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\user.js
M3 - MFPP: Plugins - [Bureau] -- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\searchplugins\delta.xml
M0 - MFSP: prefs.js [Bureau - ag7l5sqo.default-1360951228890] http://www1.delta-search.com =>Toolbar.DeltaSearch
M2 - MFEP: prefs.js [Bureau - ag7l5sqo.default-1360951228890\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com] [] Services x86 v (.Corporate Inc.)
M2 - MFEP: prefs.js [Bureau - ag7l5sqo.default-1360951228890\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (.IObit.)
M2 - MFEP: prefs.js [Bureau - ag7l5sqo.default-1360951228890\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (.delta-search.com.) =>Toolbar.DeltaSearch
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.27 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll
P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
~ Firefox Browser: 41 Legitimates Scanned in 00mn 01s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com =>Toolbar.DeltaSearch
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www1.delta-search.com =>Toolbar.DeltaSearch
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 9 Legitimates Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 05s
~ Nombre de lignes (Lines number): 15366



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0027096 - {11111111-1111-1111-1111-110211701196} . (.Corporate Inc - Services x86 BHO.) -- C:\Program Files\Services x86\Services x86.dll =>PUP.CrossRider
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll =>Toolbar.DeltaSearch
~ BHO: 13 Legitimates Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: WOT - [HKLM]{71576546-354D-41c9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files\WOT\WOT.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Delta Toolbar - [HKLM]{82E1477C-B154-48D3-9891-33D83C26BCD3} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.16.16\deltaTlbr.dll =>Toolbar.DeltaSearch
~ Toolbar: Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKLM\..\Run: [itype] . (.Microsoft Corporation - IType.exe.) -- c:\Program Files\Microsoft IntelliType Pro\itype.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [DrvMon.exe] . (.Alcor Micro, Corp. - Drive Monitor.) -- C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-725345543-1844823847-839522115-1003\..\Run: [DrvMon.exe] . (.Alcor Micro, Corp. - Drive Monitor.) -- C:\WINDOWS\system32\DrvMon.exe
O4 - HKUS\S-1-5-21-725345543-1844823847-839522115-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Acrobat.com.lnk . (...) -- C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe
O4 - GS\Programs: Adobe Photoshop Album 2.0.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Album 2.0.) -- C:\Photo\Photoshop\Apps\PhotoshopAlbum.exe
O4 - GS\Programs: Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Programs: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: CometBird.lnk . (.CometNetwork - CometBird.) -- C:\Program Files\CometBird\cometbird.exe
O4 - GS\Programs: MioTransfer.lnk . (...) -- D:\MIO\MioTransfer.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: MSN.lnk . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\msn.exe
O4 - GS\Programs: Objectif Tarot.lnk . (...) -- C:\Program Files\Objectif Tarot\Objectif Tarot.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - GS\Programs: WordBiz.lnk . (...) -- C:\Program Files\WordBiz\WordBiz.exe
O4 - GS\Programs: Assistance � distance.lnk . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Jouer (EasyBits GO).lnk . (.EasyBits Software AS - Game Organizer.) -- C:\Documents and Settings\All Users\Application Data\Easybits GO\EasyBitsGO.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Secunia PSI.lnk . (.Secunia - Secunia PSI.) -- C:\Program Files\Secunia\PSI\psi.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Lecteur Windows Media.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 01s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 3 Legitimates Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} ((no name)) - http://www.myheritage.fr/Genoogle/Components/ActiveX/SearchEngineQuery.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{62CD5898-7AFC-4D39-832A-08641674003F}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DDE2034-E523-4032-B1C8-48D178D3B6DA}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{922284C2-001D-4F25-9F01-FA07EAC406AF}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DDE2034-E523-4032-B1C8-48D178D3B6DA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} . (...) -- C:\Program Files\WOT\WOT.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll =>Toolbar.Babylon
~ AppInit DLL: Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 5 Legitimates Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Afa Card Reader Service (AfaService) . (...) - C:\WINDOWS\system32\afasrv32.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) . (...) - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: BOCore (BOCore) . (...) - C:\Utilitaires\BOClean\BOCORE.exe (.not file.)
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) . (.SEIKO EPSON CORPORATION - EPSON Printer Status Agent.) - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) . (...) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PC Speed Up Service (PCSUService) . (...) - C:\Program Files\Accelerer PC\PCSUService.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) . (.Pinnacle Systems - Media Server Host.) - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) . (...) - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: USBDLM (USBDLM) . (...) - C:\Program Files\USBDLM\USBDLM.exe (.not file.)
~ Services: 23 Legitimates Scanned in 00mn 14s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Bureau\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Bureau\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\ASC6_PerformanceMonitor.job [270]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\BrowserProtect.job [292] =>Toolbar.Babylon
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\EPUpdater.job [270]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job [302]
[MD5.65611587D8245CE8DB9E306D239EE22F] [APT] [EPUpdater] (...) -- C:\Documents and Settings\Bureau\Application Data\BabSolution\Shared\BabMaint.exe [9808] =>Hijacker.BabSolution
~ Scheduled Task: 18 Legitimates Scanned in 00mn 00s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 24 Legitimates Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (a2injectiondriver) . (.Emsi Software GmbH - Emsisoft Anti-Malware Behavior Blocker.) - C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
O41 - Driver: (a2util) . (.Emsi Software GmbH - a-squared Malware-IDS utility driver.) - C:\Program Files\Emsisoft Anti-Malware\a2util32.sys
O41 - Driver: (AvgArCln) . (.GRISOFT, s.r.o. - AVG7 Clean Driver.) - C:\WINDOWS\system32\DRIVERS\AvgArCln.sys
O41 - Driver: (ElRawDisk) . (.EldoS Corporation - RawDisk Driver. Allows write access to raw.) - C:\WINDOWS\system32\drivers\elrawdsk32bit.sys
O41 - Driver: (PCLEPCI) . (.Pinnacle Systems GmbH - PCLEPCI.) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: (rvsmon) . (.CJSC Returnil Software - Returnil Monitoring Core.) - C:\WINDOWS\system32\DRIVERS\rvsmon.sys
O41 - Driver: (rvsmonn) . (.CJSC Returnil Software - Returnil Network Monitoring.) - C:\WINDOWS\system32\DRIVERS\rvsmonn1.sys
O41 - Driver: (SAVRKBootTasks) . (.Sophos Plc - Sophos boot tasks for Windows 2000.) - C:\WINDOWS\system32\SAVRKBootTasks.sys
~ Drivers: 32 Legitimates Scanned in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: AVG Anti-Rootkit Free - (.GRISOFT.) [HKLM] -- AVGantiRootkit
O42 - Logiciel: Ad-aware 6 Professional - (.Lavasoft Sweden.) [HKLM] -- Ad-aware 6 Professional
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.6) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Alt CDA to MP3 Converter 7.3 - (.Nesoft Inc..) [HKLM] -- Alt CDA to MP3 Converter 7.3_is1
O42 - Logiciel: BitComet 1.29 - (.CometNetwork.) [HKLM] -- BitComet
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Toolbar.Babylon
O42 - Logiciel: Business Card Printery 3 - (...) [HKLM] -- Business Card Printery 3
O42 - Logiciel: CA eTrust PestPatrol - (.Nom de votre soci�t�.) [HKLM] -- {39586F4F-758D-4A92-A5DF-33E9DB9C09D9}
O42 - Logiciel: Carom3D - (...) [HKLM] -- Carom3D
O42 - Logiciel: CometBird 6.0.2 (x86 en-US) - (.CometNetwork.) [HKLM] -- CometBird 6.0.2 (x86 en-US)
O42 - Logiciel: Convertisseur ASCII - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: CpuBooster v3.8.2. - (.TforTech Company, Inc..) [HKLM] -- {FCB50360-6136-40C8-BF4A-84B9322C1D42}_is1
O42 - Logiciel: DATABACK DriveUtility 6.2 - (.DATABACK.) [HKLM] -- DATABACK DriveUtility 6.2_is1
O42 - Logiciel: DVD de bonus Studio 10 - (...) [HKLM] -- {6A012D9C-2E2E-405A-B87C-E909F5297C3F}
O42 - Logiciel: DVD43 v4.3.1 - (...) [HKLM] -- DVD43_is1
O42 - Logiciel: Delta Chrome Toolbar - (.Delta.) [HKLM] -- Delta Chrome Toolbar
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM] -- delta
O42 - Logiciel: Dictionnaire Freelang (liste de mots) - (.Freelang.) [HKLM] -- {14B380D6-8205-4F9D-81D8-515235929F2A}_is1
O42 - Logiciel: Dictionnaire Freelang 3.74 beta - (.Freelang.) [HKLM] -- {F53C4192-71DE-4B21-BE03-D6F8CBB5A238}_is1
O42 - Logiciel: FAST Defrag Freeware 2.3 - (.AMS.) [HKLM] -- FAST Defrag Freeware_is1
O42 - Logiciel: Find My Credit Card v2.3 - (.Smart PC Solutions.) [HKLM] -- Find My Credit Card_is1
O42 - Logiciel: GO!Suite - (.Oti.) [HKLM] -- {096FE185-BF9B-4DF1-92E5-B370E9FD4840}
O42 - Logiciel: GRWU 1.1.0.8 - (.RuntimeWare.com.) [HKLM] -- GRWU_is1
O42 - Logiciel: IP Privacy 3.5 - (.Privacy-Pro.) [HKLM] -- IP Privacy_is1
O42 - Logiciel: Java 7 Update 17 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF}
O42 - Logiciel: Kill Process 5.0.0.5 (d�sinstaller seulement) - (...) [HKLM] -- Kill Process
O42 - Logiciel: Language Pack for Ad-aware 6 - (.Lavasoft Sweden.) [HKLM] -- Language Pack for Ad-aware 6
O42 - Logiciel: MioTransfer - (...) [HKLM] -- {2F6DA398-707F-4D52-AE6A-7E812D1662D6}
O42 - Logiciel: Objectif Tarot 4 - (.Daniel Bonniot.) [HKLM] -- {078A8C00-412A-45C2-8A44-49DD736D3318}_is1
O42 - Logiciel: PIXresizer 2.0.0 - (.Bluefive software.) [HKLM] -- PIXresizer_is1
O42 - Logiciel: PcCloneEX - (...) [HKLM] -- PcCloneEX
O42 - Logiciel: Pharaon - (...) [HKLM] -- Pharaon
O42 - Logiciel: Pilote Auto - (.Vincent Leplat.) [HKLM] -- Pilote Auto_is1
O42 - Logiciel: PopUp Killer - (...) [HKLM] -- Product_Name
O42 - Logiciel: Process Liquidator - (.12Bytes.) [HKLM] -- {7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1
O42 - Logiciel: Prolific Backup - (.Prolific Technology Inc..) [HKLM] -- {D88A7919-C81E-4F6A-8B77-D1B2E42EE0CD}
O42 - Logiciel: Proxomitron v4.5 - (...) [HKLM] -- Proxomitron v4.5
O42 - Logiciel: Returnil Virtual System 2010 - (.CJSC Returnil Software.) [HKLM] -- {8D154382-D968-4C79-A51D-5BE79C2E0100}
O42 - Logiciel: SavRestaure - (...) [HKLM] -- SavRestaure
O42 - Logiciel: ScanToWeb - (...) [HKLM] -- {EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}
O42 - Logiciel: Sentinel 2.0 - (.Runtimeware.) [HKLM] -- Sentinel_is1
O42 - Logiciel: Services x86 - (.Corporate Inc.) [HKLM] -- Services x86
O42 - Logiciel: Sophos Anti-Rootkit 1.5.0 - (.Sophos Plc.) [HKLM] -- Sophos-AntiRootkit
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: USB Video Camera - (. .) [HKLM] -- {8527C3D5-BA1D-46E9-88D2-AF25544311A3}
O42 - Logiciel: USB drive letter manager - (.Uwe Sieber.) [HKLM] -- {C256573D-B3CE-4256-BEA2-217C8B211DD5}
O42 - Logiciel: USIM Editor 1.0.28.0 - (...) [HKLM] -- Card Reader Driver and USIM Editor Program_is1
O42 - Logiciel: Ultimate IP Changer version 1.1 - (.Olcinium.) [HKLM] -- {4A4472E1-2A39-432D-9455-82AE293CA601}_is1
O42 - Logiciel: WordBiz version 1.8 - (.Internet Scrabble Club.) [HKLM] -- Internet Scrabble Club_is1
O42 - Logiciel: ZipGenius 6 (6.0.3.1130) - (.M.Dev Software.) [HKLM] -- {EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1
O42 - Logiciel: avast! Free Antivirus v7.0.1466.0 - (.AVAST Software.) [HKLM] -- avast
~ Logic: 378 Legitimates Scanned in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\536d9dab23abe47]
[HKCU\Software\ACP]
[HKCU\Software\AMS]
[HKCU\Software\AlcorMicro]
[HKCU\Software\Astase]
[HKCU\Software\AvantClick]
[HKCU\Software\BitComet]
[HKCU\Software\BlueFive]
[HKCU\Software\BusinessCards]
[HKCU\Software\CT1060933]
[HKCU\Software\ComputerAssociates]
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\DVC150]
[HKCU\Software\DVD43]
[HKCU\Software\DVDx]
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\EMCO Malware Destroyer]
[HKCU\Software\Ease123]
[HKCU\Software\FilerexUpdateChecker]
[HKCU\Software\Gr]
[HKCU\Software\IEPro]
[HKCU\Software\InstalledBrowserExtensions]
[HKCU\Software\Kristian Koeltzsch]
[HKCU\Software\M.Dev Software]
[HKCU\Software\NecroSystems]
[HKCU\Software\Prolific]
[HKCU\Software\RG]
[HKCU\Software\Rising]
[HKCU\Software\Services x86]
[HKCU\Software\Smart PC Solutions]
[HKCU\Software\Thirdi Productions]
[HKCU\Software\delta LTD]
[HKLM\Software\536d9dab23abe47]
[HKLM\Software\Acorn]
[HKLM\Software\Astase]
[HKLM\Software\CometNetwork]
[HKLM\Software\ComputerAssociates]
[HKLM\Software\DVC150]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Delta]
[HKLM\Software\GO!Suite]
[HKLM\Software\IPAnonymizer]
[HKLM\Software\IPHider]
[HKLM\Software\IPPrivacy]
[HKLM\Software\InstallIQ]
[HKLM\Software\M.Dev Software]
[HKLM\Software\MediaCenterPaths]
[HKLM\Software\Mio Technology]
[HKLM\Software\Mitac]
[HKLM\Software\MovieBox USB]
[HKLM\Software\NEOACT]
[HKLM\Software\Nevron]
[HKLM\Software\Oti]
[HKLM\Software\Panicware]
[HKLM\Software\Returnil]
[HKLM\Software\Rising]
[HKLM\Software\SCDWinsysMedia]
[HKLM\Software\Terragame]
[HKLM\Software\UCRDef]
[HKLM\Software\USBDCam]
[HKLM\Software\WinMPG]
[HKLM\Software\babylontoolbar] =>Toolbar.Babylon
[HKLM\Software\mera]
~ Key Software: 499 Legitimates Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/11/2012 - 14:40:14 - [0,066] ----D C:\Program Files\AlcorMicro
O43 - CFD: 29/11/2012 - 14:29:56 - [5,747] ----D C:\Program Files\AlcorMicroData
O43 - CFD: 25/07/2010 - 10:42:10 - [15,758] ----D C:\Program Files\Alt CDA to MP3 Converter
O43 - CFD: 08/10/2010 - 11:51:14 - [25,680] ----D C:\Program Files\BitComet
O43 - CFD: 27/05/2012 - 23:54:18 - [46,741] ----D C:\Program Files\CometBird
O43 - CFD: 01/05/2011 - 14:49:20 - [0,067] ----D C:\Program Files\Convertisseur ASCII
O43 - CFD: 17/03/2012 - 18:30:32 - [6,224] ----D C:\Program Files\CpuBooster
O43 - CFD: 05/12/2012 - 17:41:22 - [5,439] ----D C:\Program Files\DATABACK DriveUtility
O43 - CFD: 07/04/2013 - 17:09:39 - [5,012] ----D C:\Program Files\Delta
O43 - CFD: 13/11/2009 - 11:24:42 - [8,603] ----D C:\Program Files\DesignPro
O43 - CFD: 10/12/2012 - 12:57:55 - [0,056] ----D C:\Program Files\DriverPack Solution Lite 12.3
O43 - CFD: 19/06/2011 - 19:26:14 - [1,459] ----D C:\Program Files\dvd43
O43 - CFD: 29/11/2012 - 14:31:52 - [44,023] ----D C:\Program Files\GO!Suite
O43 - CFD: 12/01/2009 - 10:42:00 - [0,002] ----D C:\Program Files\IEPro
O43 - CFD: 10/03/2012 - 00:47:20 - [4,833] ----D C:\Program Files\IP Privacy
O43 - CFD: 12/08/2010 - 18:17:38 - [119,899] ----D C:\Program Files\iWin.com Games
O43 - CFD: 27/01/2009 - 19:26:09 - [10,766] ----D C:\Program Files\Mio Technology
O43 - CFD: 13/03/2010 - 18:06:40 - [1,703] ----D C:\Program Files\Objectif Tarot
O43 - CFD: 10/12/2012 - 12:57:54 - [0,013] ----D C:\Program Files\PC Speed Up Extension
O43 - CFD: 29/11/2012 - 14:34:29 - [13,046] ----D C:\Program Files\PcCloneEX
O43 - CFD: 10/04/2013 - 09:18:01 - [16,920] ----D C:\Program Files\PiloteAuto
O43 - CFD: 09/11/2008 - 17:35:07 - [1,889] ----D C:\Program Files\PIXresizer
O43 - CFD: 23/01/2010 - 11:24:09 - [0,004] ----D C:\Program Files\Primedius
O43 - CFD: 26/03/2009 - 20:20:13 - [1,531] ----D C:\Program Files\Proxomitron Naoko v4.5
O43 - CFD: 29/01/2010 - 21:41:43 - [10,588] ----D C:\Program Files\Returnil
O43 - CFD: 10/10/2010 - 10:36:01 - [4,001] ----D C:\Program Files\Runtimeware.com
O43 - CFD: 10/04/2013 - 21:18:17 - [7,675] ----D C:\Program Files\Services x86
O43 - CFD: 23/09/2011 - 16:26:40 - [2,751] ----D C:\Program Files\Sophos
O43 - CFD: 09/10/2009 - 22:42:55 - [79,345] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 23/01/2010 - 11:27:17 - [0] ----D C:\Program Files\Stealther
O43 - CFD: 12/12/2012 - 10:03:37 - [0,901] ----D C:\Program Files\Ultimate IP Changer
O43 - CFD: 05/04/2013 - 18:21:06 - [0,258] ----D C:\Program Files\USBDLM
O43 - CFD: 29/11/2012 - 14:33:03 - [23,850] ----D C:\Program Files\USIM Editor
O43 - CFD: 28/09/2012 - 15:39:41 - [1,940] ----D C:\Program Files\Vidalia Bundle
O43 - CFD: 11/02/2013 - 09:32:07 - [0,494] ----D C:\Program Files\WebPlayer
O43 - CFD: 22/12/2008 - 19:30:00 - [2,104] ----D C:\Program Files\WordBiz
O43 - CFD: 04/10/2008 - 17:52:21 - [18,222] ----D C:\Program Files\ZipGenius 6
O43 - CFD: 07/04/2013 - 17:09:40 - [2,300] ----D C:\Documents and Settings\Bureau\Application Data\BabSolution =>Hijacker.BabSolution
O43 - CFD: 02/03/2013 - 17:56:39 - [0,475] ----D C:\Documents and Settings\Bureau\Application Data\BitComet
O43 - CFD: 31/03/2012 - 17:24:51 - [0] ----D C:\Documents and Settings\Bureau\Application Data\Boost Windows
O43 - CFD: 08/10/2010 - 11:53:01 - [11,405] ----D C:\Documents and Settings\Bureau\Application Data\CometNetwork
O43 - CFD: 07/04/2013 - 17:10:08 - [0,259] ----D C:\Documents and Settings\Bureau\Application Data\Delta
O43 - CFD: 06/04/2013 - 16:11:45 - [0,053] ----D C:\Documents and Settings\Bureau\Application Data\Freecorder 7 Video
O43 - CFD: 15/01/2009 - 11:32:37 - [0,000] ----D C:\Documents and Settings\Bureau\Application Data\FreshDiagnose
O43 - CFD: 08/11/2008 - 09:52:29 - [0,008] ----D C:\Documents and Settings\Bureau\Application Data\IEPro
O43 - CFD: 09/11/2008 - 20:16:18 - [0,004] ----D C:\Documents and Settings\Bureau\Application Data\MiniDm
O43 - CFD: 13/03/2010 - 18:06:43 - [0,000] ----D C:\Documents and Settings\Bureau\Application Data\Objectif Tarot
O43 - CFD: 22/09/2012 - 08:33:09 - [0] ----D C:\Documents and Settings\Bureau\Application Data\Password Generator Professional
O43 - CFD: 29/01/2010 - 21:42:08 - [0,000] ----D C:\Documents and Settings\Bureau\Application Data\Returnil
O43 - CFD: 28/09/2012 - 15:39:41 - [8,262] ----D C:\Documents and Settings\Bureau\Application Data\Tor
O43 - CFD: 28/09/2012 - 10:31:33 - [0,067] ----D C:\Documents and Settings\Bureau\Application Data\Vidalia
O43 - CFD: 29/06/2012 - 18:19:02 - [0] ----D C:\Documents and Settings\Bureau\Application Data\wtxpcom
O43 - CFD: 04/10/2008 - 17:52:36 - [0,102] ----D C:\Documents and Settings\Bureau\Application Data\ZipGenius
O43 - CFD: 08/10/2010 - 11:53:01 - [2,424] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\CometNetwork
O43 - CFD: 10/04/2013 - 17:12:44 - [12,470] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\CT1060933
O43 - CFD: 06/04/2013 - 16:12:28 - [0] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\Freecorder 7 Video
O43 - CFD: 04/10/2008 - 18:19:17 - [7,977] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\JPEG Cam
O43 - CFD: 10/12/2012 - 11:49:33 - [0,038] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\PC Speed Up Extension
O43 - CFD: 23/02/2009 - 14:21:46 - [0] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\Room Arranger
O43 - CFD: 28/09/2012 - 15:39:43 - [0,002] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\tuto4pc_fr_4 =>PUP.Eorezo
O43 - CFD: 18/12/2009 - 23:15:02 - [0,018] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\TVEnhance
O43 - CFD: 10/02/2013 - 22:41:36 - [0,197] ----D C:\Documents and Settings\Bureau\Local Settings\Application Data\Updater21810
O43 - CFD: 10/04/2013 - 21:19:41 - [0,001] ----D C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\BrowserProtect =>Toolbar.Babylon
O43 - CFD: 03/04/2011 - 14:16:31 - [0,001] ----D C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\Carom3D
O43 - CFD: 07/04/2013 - 19:00:05 - [0] ----D C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\Hasbro Interactive
O43 - CFD: 10/04/2013 - 18:25:25 - [0] ----D C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\Moovida =>Adware.SPointer
O43 - CFD: 16/03/2011 - 11:30:19 - [0,001] ----D C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\Passware
O43 - CFD: 26/03/2009 - 20:20:02 - [0,002] ----D C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\Proxomitron v4.5
O43 - CFD: 12/06/2011 - 13:27:02 - [0,001] ----D C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\WinASPI
~ Program Folder: 347 Legitimates Scanned in 01mn 37s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.D02E0C95BA2299A802571AC6AC365312] - 11/04/2013 - 13:41:24 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.F87DF80CCE989FE74A6867DDBB25FF4F] - 11/04/2013 - 13:41:21 ---A- . (...) -- C:\WINDOWS\wiaservc.log [0]
O44 - LFC:[MD5.9515AF7C0F1A77194D41B1CC9B78C7B9] - 10/04/2013 - 18:18:52 ---A- . (...) -- C:\WINDOWS\Wininit.ini [3022]
O44 - LFC:[MD5.B5C00FE50F28B18BE71ECD566E4FBA1D] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [2125]
O44 - LFC:[MD5.5B475B33CA87984424CA5CC5364B53DD] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\comsetup.log [10217]
O44 - LFC:[MD5.41238B653F0B4162A3F2EF8CD4A6A277] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\iis6.log [33377]
O44 - LFC:[MD5.4A8129B90DE1E085166E1FCC91EA5B14] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.17536DC9A427F3FAFE15B59A176DDF5E] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1515]
O44 - LFC:[MD5.47E09D9A17AE573526B93192860CDF67] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\netfxocm.log [5415]
O44 - LFC:[MD5.6DBE3CFDE5E145939715870B25F1269A] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [6181]
O44 - LFC:[MD5.9DCB0A117A2A4DE7916C4B438563342D] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\ocgen.log [14780]
O44 - LFC:[MD5.1318F327184296F04771D95A3E7EF33D] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1710]
O44 - LFC:[MD5.2269DCC24BDCC4F408F311105FEE0696] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\tabletoc.log [1555]
O44 - LFC:[MD5.A21A761134E74C7240CE054E54E94705] - 10/04/2013 - 18:17:15 ---A- . (...) -- C:\WINDOWS\tsoc.log [14105]
O44 - LFC:[MD5.D13660C0EE7D1EFDE5ACFCBE86320BEF] - 10/04/2013 - 18:17:14 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [30917]
O44 - LFC:[MD5.858D23B62976B554B5678E82601186F7] - 10/04/2013 - 18:17:14 ---A- . (...) -- C:\WINDOWS\msmqinst.log [9532]
O44 - LFC:[MD5.D3D39F02139596F3F664C670B723DEEE] - 10/04/2013 - 18:16:48 ---A- . (...) -- C:\WINDOWS\updspapi.log [3651]
O44 - LFC:[MD5.F939295BA46150363783D3B54F7C0CF2] - 10/04/2013 - 18:15:55 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.BEC8A163A7A3AC714B82097270551F50] - 10/04/2013 - 09:42:14 ---A- . (...) -- C:\WINDOWS\system32\package.lst [19]
O44 - LFC:[MD5.3D59A64C9355D53E8992341E363F91A3] - 07/04/2013 - 16:33:45 ---A- . (...) -- C:\RstHosts.txt [681]
O44 - LFC:[MD5.3C0311459866C5078715AB14358322D3] - 03/04/2013 - 18:40:07 ---A- . (...) -- C:\PhysicalMBR.bin [512]
O44 - LFC:[MD5.4B12684ABCD23C36F2D7B69A00B811B3] - 02/04/2013 - 20:41:08 ---A- . (...) -- C:\AdwCleaner[S1].txt [76004]
O44 - LFC:[MD5.F15F78D95B41F6F1C646C73E46E75C4F] - 13/03/2013 - 21:52:48 ---A- . (.SafeApp Software, LLC - Computer Up-dater License Manager.) -- C:\WINDOWS\system32\ComputerUpdaterLM.ocx [421888]
O44 - LFC:[MD5.1A88CF526A1928929E45CC484E5140E8] - 13/03/2013 - 21:52:48 ---A- . (.SafeApp Software, LLC - Computer Up-dater Update Component.) -- C:\WINDOWS\system32\CUUpdateComponent.ocx [69632]
O44 - LFC:[MD5.5E5B6B69F9E18A12CA28FE57D23E45D2] - 13/03/2013 - 21:52:48 ---A- . (.SafeApp Software, LLC - SafeAppRichList.) -- C:\WINDOWS\system32\SafeAppRichList.ocx [131072]
~ Files: 55 Legitimates Scanned in 00mn 15s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.2AC739FF5A6789AF8C7696E32CEE410F] - 11/04/2013 - 08:41:41 ---A- - C:\WINDOWS\Prefetch\SQLSERVR.EXE-12F63EFF.pf
O45 - LFCP:[MD5.BD51C35802382B4E81CE04F81E9C086D] - 11/04/2013 - 12:06:44 ---A- - C:\WINDOWS\Prefetch\SERVICES X86-BG.EXE-33FFFA1C.pf
O45 - LFCP:[MD5.3B39DDDB9E0134332579403137440533] - 11/04/2013 - 13:39:42 ---A- - C:\WINDOWS\Prefetch\A2SERVICE.EXE-1FA759FF.pf
O45 - LFCP:[MD5.D153C61E9F86FAB06AED3ECB907EA38E] - 11/04/2013 - 13:41:14 ---A- - C:\WINDOWS\Prefetch\NBSERVICE.EXE-03973CF1.pf
O45 - LFCP:[MD5.FEED0CC5D4C8CD5357EF24B77FBD9D2A] - 11/04/2013 - 13:41:59 ---A- - C:\WINDOWS\Prefetch\PMSHOST.EXE-1D4AC9E6.pf
O45 - LFCP:[MD5.E7EA6A0B8C2E7A74434614A60A5E7A64] - 11/04/2013 - 14:35:31 ---A- - C:\WINDOWS\Prefetch\KL-DETECTOR.EXE-0B995332.pf
O45 - LFCP:[MD5.431FA9B3E98B79536E23FABA192F4428] - 11/04/2013 - 14:39:05 ---A- - C:\WINDOWS\Prefetch\1.EXE-10BAB2F3.pf
O45 - LFCP:[MD5.91C0E830EB25FF25EE75AF711BE71714] - 11/04/2013 - 14:47:03 ---A- - C:\WINDOWS\Prefetch\ADM.EXE-2C658B8A.pf
~ Prefetcher: 46 Legitimates Scanned in 00mn 00s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Sony\Media Go\MediaGo.exe" [Enabled] .(.Sony Creative Software Inc..) -- C:\Program Files\Sony\Media Go\MediaGo.exe
O47 - AAKE:Key Export SP - "C:\Program Files\BitComet\BitComet.exe" [Enabled] .(.www.BitComet.com.) -- C:\Program Files\BitComet\BitComet.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Veetle\Player\VeetleNet.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files\Veetle\Player\VeetleNet.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IP Privacy\IP Privacy.exe" [Enabled] .(.Privacy-Pro.) -- C:\Program Files\IP Privacy\IP Privacy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\Uninstaller.exe" [Enabled] .(.ashampoo GmbH & Co. KG.) -- C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\Uninstaller.exe
O47 - AAKE:Key Export SP - "C:\Program Files\scrabbleproB1.1\scrabblepro.exe" [Enabled] .(..) -- C:\Program Files\scrabbleproB1.1\scrabblepro.exe
O47 - AAKE:Key Export SP - "C:\Program Files\scrabbleproB1.0.8\scrabblepro.exe" [Enabled] .(.Scrabblepro.) -- C:\Program Files\scrabbleproB1.0.8\scrabblepro.exe
O47 - AAKE:Key Export SP - "C:\Utilitaires\FrozenWay 1.5.5\FrozenWay 1.5.5\FrozenWay 1.5.5\FrozenWay.exe" [Disabled] .(.Pas de propri�taire.) -- C:\Utilitaires\FrozenWay 1.5.5\FrozenWay 1.5.5\FrozenWay 1.5.5\FrozenWay.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Veetle\Player\VeetleNet.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files\Veetle\Player\VeetleNet.exe
~ Keys Export: 22 Legitimates Scanned in 00mn 00s



---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Acronis - Acronis Relogon Authentication Package.) -- C:\WINDOWS\system32\relog_ap.dll
~ LSA: 7 Legitimates Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 23 Legitimates Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{5525d6fe-5d68-11de-a569-001fc6c0e5c3}\AutoRun\command. (...) -- H:\setup_vmc_lite.exe (.not file.)
O51 - MPSK:{98933c59-5e3a-11de-a56b-001fc6c0e5c3}\AutoRun\command. (...) -- G:\setup_vmc_lite.exe (.not file.)
O51 - MPSK:{98933c5b-5e3a-11de-a56b-001fc6c0e5c3}\AutoRun\command. (...) -- G:\setup_vmc_lite.exe (.not file.)
O51 - MPSK:{d307c848-b064-11df-a0dc-001fc6c0e5c3}\AutoRun\command. (...) -- E:\Startme.exe (.not file.)
O51 - MPSK:{fd5e3660-57e9-11de-a567-001fc6c0e5c3}\AutoRun\command. (...) -- G:\setup_vmc_lite.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.scg726"="scg726.acm" . (.SHARP Corporation - SHARP G.726 ACM Audio Decoder.) -- C:\WINDOWS\system32\scg726.acm
O52 - TDSD: \Drivers32\"vidc.xvid"="xvid.dll" . (...) -- C:\WINDOWS\system32\xvid.dll
O52 - TDSD: \Drivers32\"VIDC.MJPG"="Pvmjpg30.dll" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\system32\Pvmjpg30.dll
O52 - TDSD: \Drivers32\"msacm.alf2cd"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\WINDOWS\system32\alf2cd.acm
O52 - TDSD: \Drivers32\"vidc.dvsd"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\WINDOWS\system32\mcdvd_32.dll
O52 - TDSD: \drivers.desc\"xvid.dll"="XviD codec (Neodivx Version)" . (...) -- C:\WINDOWS\system32\xvid.dll
O52 - TDSD: \drivers.desc\"pvmjpg30.dll"="PICVideo 3 M-JPEG VfW Codec" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\system32\pvmjpg30.dll
O52 - TDSD: \drivers.desc\"alf2cd.acm"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\WINDOWS\system32\alf2cd.acm
O52 - TDSD: \drivers.desc\"mcdvd_32.dll"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\WINDOWS\system32\mcdvd_32.dll
~ TDSD: 29 Legitimates Scanned in 00mn 01s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Acronis Scheduler2 Service [Key] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
O53 - SMSR:HKLM\...\startupreg\AcronisTimounterMonitor [Key] . (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O53 - SMSR:HKLM\...\startupreg\adm_tray.exe [Key] . (.Acronis - ADM System Tray Application.) -- C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
O53 - SMSR:HKLM\...\startupreg\ApnTBMon [Key] . (...) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Ashampoo Core Tuner 2 [Key] . (...) -- C:\Program Files\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Ashampoo HDD-Control 2 Guard [Key] . (.Ashampoo Development GmbH & Co. KG - Ashampoo HDDControl Guard.) -- C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
O53 - SMSR:HKLM\...\startupreg\CloneCDTray [Key] . (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
O53 - SMSR:HKLM\...\startupreg\Computer Updater [Key] . (...) -- C:\Program Files\Computer Updater\ComputerUp-dater.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\dvd43 [Key] . (...) -- C:\Program Files\dvd43\dvd43_tray.exe
O53 - SMSR:HKLM\...\startupreg\eTrustPPAP [Key] . (.Computer Associates - eTrust PestPatrol background protection app.) -- C:\Program Files\CA\eTrust PestPatrol\PPActiveDetection.exe
O53 - SMSR:HKLM\...\startupreg\FileREX Update Checker [Key] . (...) -- C:\DOCUME~1\Bureau\LOCALS~1\Temp\ZGTemp\rar\Application Files\FileREX_2_0_0_0\FileREX.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Freecorder FLV Service [Key] . (.Applian Technologies, Inc. - FLV Service for Freecorder.) -- C:\Program Files\Freecorder\FLVSrvc.exe
O53 - SMSR:HKLM\...\startupreg\OMEA [Key] . (.Ours Technology Inc. - Oti Motherboard Embedded Agent.) -- C:\Program Files\GO!Suite\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
O53 - SMSR:HKLM\...\startupreg\PCSpeedUp [Key] . (...) -- C:\Program Files\Accelerer PC\PCSpeedUp.lnk
O53 - SMSR:HKLM\...\startupreg\PopUpKiller [Key] . (.xFX JumpStart - Pas de description.) -- C:\Utilitaires\PopUp Killer\PopUpKiller.exe
O53 - SMSR:HKLM\...\startupreg\Prolific_OneButton [Key] . (.Prolific Technology Inc. - One Button Launch Application for PL2x7x.) -- C:\Program Files\Prolific Technology Inc.\Prolific Backup\OneBtn.exe
O53 - SMSR:HKLM\...\startupreg\RUSB3MON [Key] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
O53 - SMSR:HKLM\...\startupreg\Service Planificateur2 Acronis [Key] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
O53 - SMSR:HKLM\...\startupreg\SlimDrivers [Key] . (.SlimWare Utilities, Inc. - SlimDrivers.) -- C:\Program Files\SlimDrivers\SlimDrivers.exe
O53 - SMSR:HKLM\...\startupreg\SuperCopier2.exe [Key] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O53 - SMSR:HKLM\...\startupreg\TrueImageMonitor.exe [Key] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O53 - SMSR:HKLM\...\startupreg\UIWatcher [Key] . (.ashampoo GmbH & Co. KG - ashampoo UnInstaller Watcher.) -- C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
O53 - SMSR:HKLM\...\startupreg\USBestCR [Key] . (.Pas de propri�taire - IconCS card reader Application.) -- C:\Program Files\USIM Editor\iconcs1347578.exe
O53 - SMSR:HKLM\...\startupreg\VirtualDrive [Key] . (...) -- C:\Program Files\FarStone\VDPBS\VDP\vdtask.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\WahOO [Key] . (...) -- C:\Documents and Settings\Bureau\Local Settings\Application Data\WahOO\WahOO.exe (.not file.)
~ SMSR Keys: 47 Legitimates Scanned in 00mn 01s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 3 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "verbosestatus"=0
~ MWPS: 6 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewOnDrive"=0
~ MWPE Keys: 7 Legitimates Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.0352A73CD6B1782EA3ED7A03A8268F55] - 21/08/2012 - 11:13:13 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\Drivers\aavmker4.sys [25256]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 08/04/2013 - 06:44:18 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bookmarkbackups\bookmarks-2013-04-08.json [3407]
O61 - LFC: 09/04/2013 - 17:32:45 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bookmarkbackups\bookmarks-2013-04-09.json [3407]
O61 - LFC: 10/04/2013 - 08:13:04 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bookmarkbackups\bookmarks-2013-04-10.json [3407]
O61 - LFC: 10/04/2013 - 08:18:01 ---A- C:\Documents and Settings\Bureau\Bureau\Pilote Auto.lnk [712]
O61 - LFC: 10/04/2013 - 10:30:39 ---A- C:\Documents and Settings\Bureau\Bureau\MBRCheck_04.10.13_11.30.32.txt [5086]
O61 - LFC: 10/04/2013 - 10:56:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\thumbnails\bbb6c8a316ae45fc0d3bd1d0f59bba74.png [79680]
O61 - LFC: 10/04/2013 - 10:58:04 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\thumbnails\4566a52590b1e825e22f8895d1921471.png [8514]
O61 - LFC: 10/04/2013 - 12:19:41 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\background.html [3017]
O61 - LFC: 10/04/2013 - 12:19:41 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\BabMaint.x [9800]
O61 - LFC: 10/04/2013 - 12:19:41 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\background.html [400]
O61 - LFC: 10/04/2013 - 12:19:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\ChromeUtilPlugin.dll [45568]
O61 - LFC: 10/04/2013 - 12:19:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\background.js [17782]
O61 - LFC: 10/04/2013 - 12:19:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\browser-action.js [1305]
O61 - LFC: 10/04/2013 - 12:19:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\bg.html [210]
O61 - LFC: 10/04/2013 - 12:19:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\ci.bg.pack.js [7653]
O61 - LFC: 10/04/2013 - 12:19:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\ci.browser.helper.js [341]
O61 - LFC: 10/04/2013 - 12:19:42 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\ci.content.pack.js [2403]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\000008.sst [925]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007 [389]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\cookies.js [1311]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\feeds.js [2851]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\fixup-jquery-for-ie.js [706]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\history.js [2289]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\ie-bg-shim.js [8394]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\init-bg-messaging.js [81]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\keywordSearch.js [5004]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\lifecycle.js [10705]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\localStorage.js [2785]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\BUSolution.dll [701000]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\Delta [0]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\DeltaChromeToolbar.dll [93184]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\redirect.html [189]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\jquery-1.7.2.min.js [94840]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\jquery.uuid.js [454]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup.js [68]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\arrow-dn.gif [53]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\jquery-1.7.2.min.js [94840]
O61 - LFC: 10/04/2013 - 12:19:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\settings.json [215]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\popup.js [4775]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\preference.js [2530]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\rebuttal.js [2458]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\registry.js [27546]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\reporting.js [7428]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\search.js [4892]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\security.js [12457]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\sideByside.js [6749]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\tabs.js [6972]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\background\utils.js [11344]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\build.json [662]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\delta128.png [12964]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\delta48.png [3435]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\redirect.js [301]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\clipper.png [1331]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\convert.png [1681]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\help.png [2422]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\lock.png [1050]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\popup.html [314]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\popup.js [2457]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\style.css [946]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\PluginExtension.pem [916]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\ASCPlugin_Protect.dll [571392]
O61 - LFC: 10/04/2013 - 12:19:44 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db [7168]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\build.json [198]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\lang-config.js [29117]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\logo-24.png [3700]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\logo.png [8134]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\mp3_editor.png [968]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\music.png [2148]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Ex.js [42666]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.html [13685]
O61 - LFC: 10/04/2013 - 12:19:45 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db-journal [5672]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\chrome-options.html [2257]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\content-script.xul [2321]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\css\chrome-options.css [777]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\css\containers.css [408]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\play-flv.png [1089]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\play.png [2322]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\radio.png [961]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\screen.png [1707]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.html [9679]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\tips.js [3885]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.bak [7139]
O61 - LFC: 10/04/2013 - 12:19:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.html [7307]
O61 - LFC: 10/04/2013 - 12:19:47 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\css\new-tab.css [4605]
O61 - LFC: 10/04/2013 - 12:19:47 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\search.png [933]
O61 - LFC: 10/04/2013 - 12:19:47 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\triangle-1-s.png [995]
O61 - LFC: 10/04/2013 - 12:19:47 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\popbox_btn_close.png [1144]
O61 - LFC: 10/04/2013 - 12:19:47 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\popbox_btn_ok.png [1153]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\css\plain.css [794]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\css\searchbox.css [4124]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\css\toolbar.css [7184]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\css\v5parity.css [928]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\IDR_WEBSTORE_ICON.png [7070]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\logo\ask_flat_20x.png [667]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\tv.png [1012]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\upgrade.png [1432]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\upgrade2.png [1250]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\vid-history.png [1093]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\video-history.png [1292]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\video.png [2151]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\video_encryptor.png [1305]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\vpl.png [1314]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\youtube-square.png [1456]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\popup\images\youtube.png [3080]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\risk.png [1617]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\risk_logo.png [2673]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\safe_logo.png [2786]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\tip_details.png [1398]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\window_risk.png [4075]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\window_safe.png [3955]
O61 - LFC: 10/04/2013 - 12:19:48 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\wraningBg.png [24342]
O61 - LFC: 10/04/2013 - 12:19:49 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\logo\logo_19x_grey.png [678]
O61 - LFC: 10/04/2013 - 12:19:49 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\js\bg.js [1878]
O61 - LFC: 10/04/2013 - 12:19:49 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\js\content.js [1706]
O61 - LFC: 10/04/2013 - 12:19:49 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\plugins\npFreeCoder.dll [86528]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\logo\toolbar-icons.png [6025]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\search\logo_cobrand_18px.png [741]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\search\logo_cobrand_24px.png [891]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\search\new-search-button-mid.png [136]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\css\content.css [665]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\asc.png [4307]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\img\safe.png [777]
O61 - LFC: 10/04/2013 - 12:19:50 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\manifest.json [1079]
O61 - LFC: 10/04/2013 - 12:19:51 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\search\new-search-button-sides.png [153]
O61 - LFC: 10/04/2013 - 12:19:51 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\search\search-button-mid.png [136]
O61 - LFC: 10/04/2013 - 12:19:51 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\search\search-button-sides.png [153]
O61 - LFC: 10/04/2013 - 12:19:51 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\img\fc7_toolbar_icon-128.png [20848]
O61 - LFC: 10/04/2013 - 12:19:51 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\img\fc7_toolbar_icon-18.png [979]
O61 - LFC: 10/04/2013 - 12:19:51 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\img\fc7_toolbar_icon-48.png [5328]
O61 - LFC: 10/04/2013 - 12:19:51 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm\7.0.0.13_0\manifest.json [1418]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_1.png [340]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_10.png [374]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_10plus.png [415]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_2.png [346]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_3.png [348]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_4.png [354]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_5.png [348]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_6.png [344]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_7.png [343]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_8.png [347]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_9.png [366]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_exclaim.png [340]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\badge_numbers.png [400]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\bdg-gradient.png [144]
O61 - LFC: 10/04/2013 - 12:19:52 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\bg.png [135]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\curved-divider.png [526]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\vanilla\left-bg.png [684]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\init-tb-stuff.js [119]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\new-tab-page.html [4005]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\new-tab.html [626]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\newtab-overlay.xul [5102]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\toolbar.html [4483]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\toolbar.xul [902]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widget-bundled.xul [1207]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widget-hosted.xul [1040]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\amazon-navigation\button.png [1228]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\ask-homepage-oasis\button.png [698]
O61 - LFC: 10/04/2013 - 12:19:53 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\cnn\1.0\button.png [1598]
O61 - LFC: 10/04/2013 - 12:19:54 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\BubbleTown.png [2313]
O61 - LFC: 10/04/2013 - 12:19:54 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\blackjack_32.png [1325]
O61 - LFC: 10/04/2013 - 12:19:54 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\button.png [1645]
O61 - LFC: 10/04/2013 - 12:19:54 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-3in1checkers-01.png [3862]
O61 - LFC: 10/04/2013 - 12:19:54 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-4balls-01.png [4301]
O61 - LFC: 10/04/2013 - 12:19:54 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-cubefield-01.png [4564]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\SlingoSupreme.png [2378]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-doublewires-01.png [3824]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-fishdom.png [2605]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-goldminer-01.png [5271]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-jewelsolitare-01.png [5267]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-pacxon-01.png [4884]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-supercollapse.png [2517]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\game-tropix-01.png [5325]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\games.png [558]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\games-feed\sudoku_32.png [552]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\map\1.0\button.png [1121]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-abc\button.png [1215]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-ascom\button.png [1144]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-bbc\button.png [869]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-bbcsports\button.png [2038]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-beppegrillo\button.png [555]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-corrieredellasera\button.png [882]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-elmundo\button.png [1386]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-expansion\button.png [437]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-financialtimes.de\button.png [389]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-financialtimes\button.png [389]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-folha\button.png [1144]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-g1\button.png [925]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-kicker\button.png [944]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-lagazzettadellosport\button.png [1385]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-lemonde\button.png [842]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-lequipe\button.png [667]
O61 - LFC: 10/04/2013 - 12:19:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-mtv.it\button.png [1073]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-newsru\button.png [1135]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-nu-nl\button.png [808]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-pbkdaily\button.png [1712]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-programmetv\button.png [336]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-sportsnl\button.png [1218]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-sportsru\button.png [1080]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-todayinhistory\button.png [2181]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-uol\button.png [2188]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\netvibes-voici\button.png [757]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\orkut\button.png [519]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\radio\2.0\button.png [1050]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\simple-email-list\button.png [823]
O61 - LFC: 10/04/2013 - 12:19:56 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\simple-email-list\gmail.png [4979]
O61 - LFC: 10/04/2013 - 12:19:57 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\simple-email-list\hotmail.png [5268]
O61 - LFC: 10/04/2013 - 12:19:57 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\ultimosegundo\button.png [2170]
O61 - LFC: 10/04/2013 - 12:19:57 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\video\2.0\button.png [2048]
O61 - LFC: 10/04/2013 - 12:19:57 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\vk\button.png [1763]
O61 - LFC: 10/04/2013 - 12:19:57 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\weather\3.0\button.png [1488]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\wordoftheday\button.png [2018]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\widgets\youtube\1.0\button.png [2048]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\tb-config.js [1642]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\test-widget-config.js [4117]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\widget-config.js [30719]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\content-script.js [12942]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\hack\relative.css [46]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\hack\static.css [44]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\injector.js [4202]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\inline-html.js [2695]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\toolbar.js [25403]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\widget-hosted.js [5498]
O61 - LFC: 10/04/2013 - 12:19:58 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\content_script\widget.js [17526]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\icon.png [2014]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\browser-shim.js [9575]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\constant.js [3391]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\default-config.js [13650]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\i18n.js [1336]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\jquery.js [94021]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\json.js [17412]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\polyfill.js [8404]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\protocol.js [23022]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\security.js [10730]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\shims\console.js [4516]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\state-machine.js [8074]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\tb-message.js [5615]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\widget-messaging.js [45281]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\lib\window-position.js [1855]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\IFrameButton.js [5061]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\chrome-options.js [2644]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\ieCS.js [7198]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\init-toolbar.js [722]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\new-tab-page.js [12676]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\new-tab.js [244]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\rebuttal.js [2478]
O61 - LFC: 10/04/2013 - 12:19:59 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_cnmdgidklhhnmppphpohildcefnaaflp_0\6 [696320]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\SimpleButton.js [6679]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\reel.js [5706]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\searchbox.js [9630]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\shimIE.js [4378]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\tb_ux\toolbar.js [16824]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\images\button-blue-1x20.png [155]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\images\button-grey-1x26.png [146]
O61 - LFC: 10/04/2013 - 12:20:00 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\images\button.png [1035]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\images\icons.png [10729]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\images\lightblue-1x43.png [181]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\options.css [12443]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\options.html [6244]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\options\options.js [16644]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\rebuttal\images\warning.png [25921]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\rebuttal\rebuttal.css [873]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\rebuttal\rebuttal.html [2256]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\rebuttal\rebuttal.js [1993]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\search-suggestion\search-suggestion.css [1583]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\search-suggestion\search-suggestion.html [2059]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\search-suggestion\search-suggestion.js [9802]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cnmdgidklhhnmppphpohildcefnaaflp_0.localstorage [3072]
O61 - LFC: 10/04/2013 - 12:20:01 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cnmdgidklhhnmppphpohildcefnaaflp_0.localstorage-journal [3608]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\css\images\footer_gradient.png [2841]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\css\images\footer_shadow.png [2807]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\css\images\image_placeholder.png [3039]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\css\images\item-bg.png [163]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\css\menu.css [788]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\feed.html [1396]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\js\api.js [3736]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\js\feed.js [2823]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\js\menu.js [1071]
O61 - LFC: 10/04/2013 - 12:20:02 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\widgets\templates\menu.html [1535]
O61 - LFC: 10/04/2013 - 12:20:04 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\logo\logo_128x.png [3305]
O61 - LFC: 10/04/2013 - 12:20:04 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\logo\logo_19x.png [519]
O61 - LFC: 10/04/2013 - 12:20:04 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\logo\logo_24x.png [681]
O61 - LFC: 10/04/2013 - 12:20:04 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\config\skin\images\logo\logo_32x.png [889]
O61 - LFC: 10/04/2013 - 12:20:20 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [7168]
O61 - LFC: 10/04/2013 - 12:20:20 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs-journal [3608]
O61 - LFC: 10/04/2013 - 12:20:21 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [24576]
O61 - LFC: 10/04/2013 - 12:20:21 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 10/04/2013 - 12:20:38 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000008.sst [159]
O61 - LFC: 10/04/2013 - 12:20:47 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [259]
O61 - LFC: 10/04/2013 - 12:20:47 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [259]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [13312]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager-journal [8768]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000011.sst [352]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [261]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000010 [401]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [8]
O61 - LFC: 10/04/2013 - 12:39:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Local State [24779]
O61 - LFC: 10/04/2013 - 12:39:29 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaalnlbjohpcogiifplhmlcdgfgamnh_0.localstorage [9216]
O61 - LFC: 10/04/2013 - 12:39:29 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaalnlbjohpcogiifplhmlcdgfgamnh_0.localstorage-journal [4640]
O61 - LFC: 10/04/2013 - 12:39:29 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings [8]
O61 - LFC: 10/04/2013 - 12:39:30 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
O61 - LFC: 10/04/2013 - 13:04:33 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\content-prefs.sqlite [229376]
O61 - LFC: 10/04/2013 - 16:16:18 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\pluginreg.dat [18627]
O61 - LFC: 10/04/2013 - 17:25:21 -SHA- C:\Documents and Settings\Bureau\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768]
O61 - LFC: 10/04/2013 - 17:25:43 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\History [102400]
O61 - LFC: 10/04/2013 - 18:38:24 ---A- C:\Documents and Settings\Bureau\Application Data\BabSolution\CR\delta1.crx [391258] =>Hijacker.BabSolution
O61 - LFC: 10/04/2013 - 19:51:40 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\addons.sqlite [524288]
O61 - LFC: 10/04/2013 - 19:51:40 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\addons.sqlite-journal [295496]
O61 - LFC: 10/04/2013 - 19:53:38 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\blocklist.xml [62160]
O61 - LFC: 10/04/2013 - 20:06:52 ---A- C:\Documents and Settings\Bureau\Recent\ZHPDiag.lnk [480]
O61 - LFC: 10/04/2013 - 20:16:40 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\downloads.sqlite [98304]
O61 - LFC: 10/04/2013 - 20:17:33 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\permissions.sqlite [1867776]
O61 - LFC: 10/04/2013 - 20:17:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cnmdgidklhhnmppphpohildcefnaaflp\1.23.36_0\crossriderManifest.json [476] =>PUP.CrossRider
O61 - LFC: 10/04/2013 - 20:17:55 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_cnmdgidklhhnmppphpohildcefnaaflp_0\5 [15360]
O61 - LFC: 10/04/2013 - 20:19:06 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [10240]
O61 - LFC: 10/04/2013 - 20:19:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage [3072]
O61 - LFC: 10/04/2013 - 20:19:36 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [83968]
O61 - LFC: 10/04/2013 - 20:19:36 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data [83968]
O61 - LFC: 10/04/2013 - 20:19:37 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bProtector_prefs.js [826264]
O61 - LFC: 10/04/2013 - 20:19:38 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bProtector_extensions.sqlite [458752]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaalnlbjohpcogiifplhmlcdgfgamnh\12.40914_0\manifest.json [3779]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\manifest.json [732]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\background.html [95]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\background.js [1827]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\manifest.json [571]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0\spext.dll [72704]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [38625]
O61 - LFC: 10/04/2013 - 20:19:39 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtectorPreferences [40187]
O61 - LFC: 10/04/2013 - 20:19:41 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\searchplugins\delta.xml [1294]
O61 - LFC: 10/04/2013 - 20:19:41 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\user.js [1037]
O61 - LFC: 10/04/2013 - 20:19:41 ---A- C:\Documents and Settings\Bureau\Menu D�marrer\Programmes\BrowserProtect\Uninstall BrowserProtect.lnk [1424] =>Toolbar.Babylon
O61 - LFC: 10/04/2013 - 20:21:03 ---A- C:\Documents and Settings\Bureau\Application Data\BabSolution\Shared\chu.js [486] =>Hijacker.BabSolution
O61 - LFC: 10/04/2013 - 20:21:05 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\extensions.sqlite [458752]
O61 - LFC: 10/04/2013 - 20:21:39 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\webappsstore.sqlite [360448]
O61 - LFC: 10/04/2013 - 21:25:08 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\thumbnails\ab9e3dc4e10e5726a37d0de82985b926.png [20753]
O61 - LFC: 11/04/2013 - 09:09:56 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bookmarkbackups\bookmarks-2013-04-11.json [3407]
O61 - LFC: 11/04/2013 - 11:54:46 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\thumbnails\1c70585c410ac4fdd15f4d909073f9b9.png [9644]
O61 - LFC: 11/04/2013 - 11:55:17 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\thumbnails\6ab899b7b26f32da507da6135a5d31fd.png [31887]
O61 - LFC: 11/04/2013 - 12:05:02 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\sessionstore.bak [5644]
O61 - LFC: 11/04/2013 - 12:06:32 -SHA- C:\Documents and Settings\Bureau\PrivacIE\index.dat [16187392]
O61 - LFC: 11/04/2013 - 13:38:50 -SHA- C:\Documents and Settings\Bureau\Application Data\Microsoft\Credentials\S-1-5-21-725345543-1844823847-839522115-1003\Credentials [812]
O61 - LFC: 11/04/2013 - 14:39:23 ---A- C:\Documents and Settings\Bureau\Recent\KL Detector.lnk [606]
O61 - LFC: 11/04/2013 - 14:39:23 ---A- C:\Documents and Settings\Bureau\Recent\ReadMe.lnk [783]
O61 - LFC: 11/04/2013 - 14:40:01 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\parent.lock [0]
O61 - LFC: 11/04/2013 - 14:40:05 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\webapps\webapps.json [2]
O61 - LFC: 11/04/2013 - 14:40:08 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\search.json [10826]
O61 - LFC: 11/04/2013 - 14:40:11 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\urlclassifierkey3.txt [154]
O61 - LFC: 11/04/2013 - 14:40:11 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\test-malware-simple.cache [44]
O61 - LFC: 11/04/2013 - 14:40:11 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\test-malware-simple.pset [16]
O61 - LFC: 11/04/2013 - 14:40:11 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\test-malware-simple.sbstore [232]
O61 - LFC: 11/04/2013 - 14:40:11 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\test-phish-simple.cache [44]
O61 - LFC: 11/04/2013 - 14:40:11 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\test-phish-simple.pset [16]
O61 - LFC: 11/04/2013 - 14:40:11 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\test-phish-simple.sbstore [232]
O61 - LFC: 11/04/2013 - 14:40:14 -SHA- C:\Documents and Settings\Bureau\IETldCache\index.dat [262144]
O61 - LFC: 11/04/2013 - 14:40:19 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\thumbnails\a016aae29c24a1867e6b7952bfcadf7e.png [24937]
O61 - LFC: 11/04/2013 - 14:40:21 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\formhistory.sqlite [294912]
O61 - LFC: 11/04/2013 - 14:42:20 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\startupCache\startupCache.4.little [1241793]
O61 - LFC: 11/04/2013 - 14:43:08 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\places.sqlite [10485760]
O61 - LFC: 11/04/2013 - 14:43:15 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\thumbnails\24c49b63f9f3f90fa20fedc189f91bfe.png [39804]
O61 - LFC: 11/04/2013 - 14:44:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\goog-malware-shavar.cache [12]
O61 - LFC: 11/04/2013 - 14:44:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\goog-malware-shavar.pset [843024]
O61 - LFC: 11/04/2013 - 14:44:28 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\goog-malware-shavar.sbstore [1639747]
O61 - LFC: 11/04/2013 - 14:44:29 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\goog-phish-shavar.cache [12]
O61 - LFC: 11/04/2013 - 14:44:29 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\goog-phish-shavar.pset [654574]
O61 - LFC: 11/04/2013 - 14:44:29 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\safebrowsing\goog-phish-shavar.sbstore [570892]
O61 - LFC: 11/04/2013 - 14:44:36 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\sessionstore.js [9516]
O61 - LFC: 11/04/2013 - 14:44:37 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\cert8.db [131072]
O61 - LFC: 11/04/2013 - 14:44:37 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\cookies.sqlite [2097152]
O61 - LFC: 11/04/2013 - 14:44:37 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\key3.db [16384]
O61 - LFC: 11/04/2013 - 14:44:37 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\localstore.rdf [2512]
O61 - LFC: 11/04/2013 - 14:44:37 ---A- C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\prefs.js [826088]
O61 - LFC: 11/04/2013 - 14:44:37 ---A- C:\Documents and Settings\Bureau\Local Settings\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\_CACHE_CLEAN_ [1]
~ 28 Fichiers temporaires (Temporary files)
~ 13 Fichiers cookies (Cookies files)
~ Files: 928 Legitimates Scanned in 01mn 25s



---\\ Alternate Data Stream File (O62)
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\system32\Drivers\tap0901.sys:Zone.Identifier
~ ADS: Scanned in 00mn 02s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - SosVirus.org.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 25/08/2010 - C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (a2acc) .(.Emsi Software GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC
O64 - Services: CurCS - 25/08/2010 - C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys (a2injectiondriver) .(.Emsi Software GmbH - Emsisoft Anti-Malware Behavior Blocker.) - LEGACY_A2INJECTIONDRIVER
O64 - Services: CurCS - 05/05/2010 - C:\Program Files\Emsisoft Anti-Malware\a2util32.sys (a2util) .(.Emsi Software GmbH - a-squared Malware-IDS utility driver.) - LEGACY_A2UTIL
O64 - Services: CurCS - 13/08/2010 - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (AcrSch2Svc) .(.Acronis - Acronis Scheduler 2.) - LEGACY_ACRSCH2SVC
O64 - Services: CurCS - 25/02/2013 - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (AdvancedSystemCareService6) .(.IObit - Advanced SystemCare Service.) - LEGACY_ADVANCEDSYSTEMCARESERVICE6
O64 - Services: CurCS - 29/11/2012 - Pas de propri�taire (AfaService) .(...) - LEGACY_AFASERVICE
O64 - Services: CurCS - 30/07/2012 - Pas de propri�taire (AHDDC2) .(...) - LEGACY_AHDDC2
O64 - Services: CurCS - 10/09/1999 - C:\WINDOWS\system32\DRIVERS\ASPI32.sys (ASPI) .(.Adaptec - ASPI for WIN32 Kernel Driver.) - LEGACY_ASPI
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (AVFSFilter) .(...) - LEGACY_AVFSFILTER
O64 - Services: CurCS - 18/01/2007 - C:\WINDOWS\system32\DRIVERS\AvgArCln.sys (AvgArCln) .(.GRISOFT, s.r.o. - AVG7 Clean Driver.) - LEGACY_AVGARCLN
O64 - Services: CurCS - 31/01/2007 - C:\WINDOWS\system32\DRIVERS\avgarkt.sys (AVG Anti-Rootkit) .(.GRISOFT, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVG_ANTI-ROOTKIT
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (BOCDRIVE) .(...) - LEGACY_BOCDRIVE
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (BOCore) .(...) - LEGACY_BOCORE
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (BVCSPBIRU) .(...) - LEGACY_BVCSPBIRU
O64 - Services: CurCS - 24/08/2009 - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe (DfSdkS) .(.mst software GmbH, Germany - mst Defrag SDK Service.) - LEGACY_DFSDKS
O64 - Services: CurCS - 01/11/2008 - Pas de propri�taire (dkjhirkhjopo) .(...) - LEGACY_DKJHIRKHJOPO
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (EAGEAVP) .(...) - LEGACY_EAGEAVP
O64 - Services: CurCS - 26/07/2008 - C:\WINDOWS\system32\drivers\elrawdsk32bit.sys (ElRawDisk) .(.EldoS Corporation - RawDisk Driver. Allows write access to raw.) - LEGACY_ELRAWDISK
O64 - Services: CurCS - 29/01/2002 - Pas de propri�taire (EpsonBidirectionalService) .(...) - LEGACY_EPSONBIDIRECTIONALSERVICE
O64 - Services: CurCS - 17/07/2002 - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (EPSONStatusAgent2) .(.SEIKO EPSON CORPORATION - EPSON Printer Status Agent.) - LEGACY_EPSONSTATUSAGENT2
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (FQEOH) .(...) - LEGACY_FQEOH
O64 - Services: CurCS - 02/03/2007 - C:\WINDOWS\system32\DRIVERS\fvxscsi.sys (FVXSCSI) .(.FarStone Inc. - FarStone SCSI Miniport.) - LEGACY_FVXSCSI
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (IB) .(...) - LEGACY_IB
O64 - Services: CurCS - 06/03/2013 - C:\Program Files\Java\jre7\bin\jqs.exe (JavaQuickStarterService) .(.Oracle Corporation - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (LOW) .(...) - LEGACY_LOW
O64 - Services: CurCS - 17/04/2009 - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe (Nero BackItUp Scheduler 4.0) .(.Nero AG - Nero BackItUp.) - LEGACY_NERO_BACKITUP_SCHEDULER_4.0
O64 - Services: CurCS - 30/04/2009 - Pas de propri�taire (OMSI download service) .(...) - LEGACY_OMSI_DOWNLOAD_SERVICE
O64 - Services: CurCS - 09/02/2005 - C:\WINDOWS\system32\drivers\pclepci.sys (PCLEPCI) .(.Pinnacle Systems GmbH - PCLEPCI.) - LEGACY_PCLEPCI
O64 - Services: CurCS - 20/07/2011 - Pas de propri�taire (PCSUService) .(...) - LEGACY_PCSUSERVICE
O64 - Services: CurCS - 19/01/2006 - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe (PinnacleSys.MediaServer) .(.Pinnacle Systems - Media Server Host.) - LEGACY_PINNACLESYS.MEDIASERVER
O64 - Services: CurCS - 24/07/2007 - C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe (PSI_SVC_2) .(.Protexis Inc. - PsiService PsiService.) - LEGACY_PSI_SVC_2
O64 - Services: CurCS - 13/01/2010 - C:\WINDOWS\system32\DRIVERS\rvsmon.sys (rvsmon) .(.CJSC Returnil Software - Returnil Monitoring Core.) - LEGACY_RVSMON
O64 - Services: CurCS - 22/01/2010 - C:\WINDOWS\system32\Returnil\RVS3\rvsmon.exe (RVSMONBL) .(.CJSC Returnil Software - Returnil Virtual System Core Service.) - LEGACY_RVSMONBL
O64 - Services: CurCS - 13/01/2010 - C:\WINDOWS\system32\DRIVERS\rvsmonf.sys (rvsmonf) .(.CJSC Returnil Software - Returnil File Monitoring.) - LEGACY_RVSMONF
O64 - Services: CurCS - 13/01/2010 - C:\WINDOWS\system32\DRIVERS\rvsmonn1.sys (rvsmonn) .(.CJSC Returnil Software - Returnil Network Monitoring.) - LEGACY_RVSMONN
O64 - Services: CurCS - 29/01/2010 - C:\WINDOWS\system32\Drivers\RVsystem.sys (RVSystem) .(.CJSC Returnil Software - Returnil Virtualization Engine.) - LEGACY_RVSYSTEM
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (RXANXWYEV) .(...) - LEGACY_RXANXWYEV
O64 - Services: CurCS - 18/06/2009 - C:\WINDOWS\system32\SAVRKBootTasks.sys (SAVRKBootTasks) .(.Sophos Plc - Sophos boot tasks for Windows 2000.) - LEGACY_SAVRKBOOTTASKS
O64 - Services: CurCS - 13/07/2001 - Pas de propri�taire (SBKUPNT) .(...) - LEGACY_SBKUPNT
O64 - Services: CurCS - 08/10/2007 - Pas de propri�taire (TryAndDecideService) .(...) - LEGACY_TRYANDDECIDESERVICE
O64 - Services: CurCS - 19/08/2011 - C:\Program Files\Fichiers communs\logishrd\LVMVFM\UMVPFSrv.exe (UMVPFSrv) .(.Logitech Inc. - Logitech User mode UMVPF service.) - LEGACY_UMVPFSRV
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (USBDLM) .(...) - LEGACY_USBDLM
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (VG) .(...) - LEGACY_VG
O64 - Services: CurCS - ??\??\???? - Pas de propri�taire (vToolbarUpdater12.2.6) .(...) - LEGACY_VTOOLBARUPDATER12.2.6
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC
~ Legacy: 227 Legitimates Scanned in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 17 Legitimates Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.CometNetwork - CometBird.) -- C:\Program Files\CometBird\cometbird.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.crossrider.bic", "13de50c0a4d417c968ad94f6f26e32fb"); =>PUP.CrossRider
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.aflt", "babsst srcExt=def");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.bbDpng", "11");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.hdrMd5", "FE8FA01DCBC32E80D865F39356EE584B");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.id", "807366b6000000000000001fc6c0e5c3");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.instlDay", "15805");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.lastVrsnTs", "1.8.16.1621:19:33");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.smplGrp", "azb");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.vrsn", "1.8.16.16");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.vrsnTs", "1.8.16.1621:19:33");
O69 - SBI: prefs.js [Bureau - ag7l5sqo.default-1360951228890] user_pref("extensions.delta.vrsni", "1.8.16.16");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: ezGOSvc (ezGOSvc) . (...) -- C:\WINDOWS\system32\ezGOSvc.dll [73600]
~ Services: 41 Legitimates Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.BADFED2AB252A4047E41454C789C4E44] [SPRF][27/12/2009] (...) -- C:\Documents and Settings\All Users\Application Data\9BBE0A4CF5.sys [88]
[MD5.CBF470B77B2DB2F25C56E05CE391F18A] [SPRF][28/08/2010] (.Avanquest Software - IElevator Class Container.) -- C:\Documents and Settings\All Users\Application Data\hpeDA.dll [148736]
[MD5.C3CABF08701421F3CF8C9C6112EAE9BF] [SPRF][27/12/2009] (...) -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys [2828]
[MD5.CC1A55091FD96BCB624AD791CD15D179] [SPRF][09/02/2013] (...) -- C:\Documents and Settings\Bureau\Application Data\BabMaint.exe [114176]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [201648]
[MD5.DD3975246D8928C04549B31B6B49434F] [SPRF][24/03/2008] (.Adobe Systems Incorporated - Adobe� Flash� Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1527056]
[MD5.A54F3D88767BB8C7DC18D8263385DED2] [SPRF][16/05/2007] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [483328]
~ Files: Scanned in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.11496 - (09/04/2013)
Cl�s trouv�es (Keys found) : 107
Valeurs trouv�es (Values found) : 1
Dossiers trouv�s (Folders found) : 4
Fichiers trouv�s (Files found) : 3

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Services x86] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings
[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKCU\Software\Services x86] =>PUP.CrossRider
[HKLM\Software\Services x86] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\InstallIQ] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\DD88652BF1EEEB64B992F3561AF84F13] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\09540C6B8D1C56740B0E1E1861657AE0] =>Toolbar.Kiwee
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15333F6466A3A1646B590E204B1C8794] =>Toolbar.Kiwee
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B812BD0725DF36459D5BA985C9193C4] =>Toolbar.Kiwee
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2514EB7147619DA498D025C07B3421DD] =>Toolbar.Kiwee
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5FEF7DA1D0B6BAF4BA3AE8699FE83E55] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73962F57F2FA32C43A431C9C05459330] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B63FC54A3B9D36449AD536B3C29D2A97] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C512D8DDA7F6553429ACE05EC3197DAB] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8D24CD0A6EC784AA4C95D1CE0898C8] =>Toolbar.Kiwee
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3B47C0B22C8D004B86CB646D46C357E] =>Toolbar.Kiwee
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\ESRV.EXE] =>Adware.Facemoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension] =>Toolbar.Freecorder
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}] =>Riskware.Movly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}] =>Riskware.Movly
[HKLM\Software\Classes\ScriptHost.Tool.1] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHost.Tool] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\RegistryHelper.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{1917AB4C-E2E9-42ae-A51E-B5750F160BFB}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{A4341726-E922-47bb-86A6-23F4F4F67342}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CrossriderApp0027096.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\delta.deltaHlpr] =>toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaHlpr.1] =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} =>Toolbar.Babylon
C:\Program Files\Services x86 =>PUP.CrossRider
C:\Documents and Settings\Bureau\Application Data\BabSolution =>Hijacker.BabSolution
C:\Documents and Settings\Bureau\Local Settings\Application Data\\Updater21810 =>PUP.CrossRider^
C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\Extensions\ffxtlbr@delta.com =>PUP.Funmoods
C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bprotector_extensions.sqlite =>PUP.BProtector
C:\Documents and Settings\Bureau\Application Data\Mozilla\Firefox\Profiles\ag7l5sqo.default-1360951228890\bprotector_prefs.js =>PUP.BProtector
C:\Documents and Settings\Bureau\Bureau\eBay.lnk =>Toolbar.eBay
~ Additionnel: Scanned in 00mn 23s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "283451D8869D97C45AD1B57EC9E21000" . (.Returnil Virtual System 2010.) -- C:\WINDOWS\Installer\{8D154382-D968-4C79-A51D-5BE79C2E0100}\ArpIcon.ico
O90 - PUC: "8DD9566B7A0042A4BBBF1C6F89E2D566" . (.PlayStation(R)Network Downloader.) -- C:\WINDOWS\Installer\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}\ARPPRODUCTICON.exe
O90 - PUC: "AE4F430E762F1DD48BBE7C2B08D50004" . (.MioMap v3 Updater for Mio C320 C520.) -- C:\WINDOWS\Installer\{E034F4EA-F267-4DD1-B8EB-C7B2805D0040}\_294823.exe
O90 - PUC: "D2C3F77ACC0592A41ABFE110B84ECD2A" . (.DiscAPI (Studio 10).) -- C:\WINDOWS\Installer\{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}\ARPPRODUCTICON.exe
O90 - PUC: "D375652CEC3B6524EB2A12C7B812D15D" . (.USB drive letter manager.) -- C:\WINDOWS\Installer\{C256573D-B3CE-4256-BEA2-217C8B211DD5}\VRTE8.exe
~ Update Products: 135 Legitimates Scanned in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\536d9dab23abe47] =>Toolbar.Babylon^
[HKCU\Software\536d9dab23abe47]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\536d9dab23abe47]:version="2.6.1125.80"
[HKLM\Software\536d9dab23abe47] =>Toolbar.Babylon^
[HKLM\Software\536d9dab23abe47]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\536d9dab23abe47]:version="2.6.1125.80"
~ Export Key Software: Scanned in 00mn 00s



---\\ MyComputer Name Space (O92)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/07/2010 1935656 | (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 13/08/2010 660576 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
SS - | Demand 26/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 25/02/2013 528192 | (AdvancedSystemCareService6) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
SR - | Auto 65536 | (AfaService) . (...) - C:\WINDOWS\system32\afasrv32.exe
SR - | Auto 1518504 | (AHDDC2) . (...) - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
SR - | Auto 21/08/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 0 | (BOCore) . (...) - C:\Utilitaires\BOClean\BOCORE.exe
SS - | Auto 2569168 | (BrowserProtect) . (...) - C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe =>Toolbar.Babylon
SS - | Demand 0 | (BVCSPBIRU) . (...) - C:\DOCUME~1\Bureau\LOCALS~1\Temp\BVCSPBIRU.exe
SS - | Demand 24/08/2009 406016 | (DfSdkS) . (.mst software GmbH, Germany.) - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Demand 0 | (EAGEAVP) . (...) - C:\DOCUME~1\Bureau\LOCALS~1\Temp\EAGEAVP.exe
SR - | Auto 77824 | (EpsonBidirectionalService) . (...) - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
SR - | Auto 17/07/2002 94208 | (EPSONStatusAgent2) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
SS - | Demand 0 | (FQEOH) . (...) - C:\DOCUME~1\Bureau\LOCALS~1\Temp\FQEOH.exe
SS - | Auto 08/10/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/10/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/09/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 0 | (IB) . (...) - C:\DOCUME~1\Bureau\LOCALS~1\Temp\IB.exe
SR - | Auto 06/03/2013 170912 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 15/11/2005 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
SS - | Demand 0 | (LOW) . (...) - C:\DOCUME~1\Bureau\LOCALS~1\Temp\LOW.exe
SS - | Demand 12/09/2010 251248 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 0 | (MEMSWEEP2) . (...) - C:\WINDOWS\system32\1A.tmp
SS - | Demand 08/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 25/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 17/04/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 30/08/2012 164200 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Auto 01/01/2000 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 90112 | (OMSI download service) . (...) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
SS - | Auto 206336 | (PCSUService) . (...) - C:\Program Files\Accelerer PC\PCSUService.exe
SR - | Auto 19/01/2006 49152 | (PinnacleSys.MediaServer) . (.Pinnacle Systems.) - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
SR - | Auto 24/07/2007 185632 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
SS - | Demand 22/01/2010 1246560 | (RVSMONBL) . (.CJSC Returnil Software.) - C:\WINDOWS\system32\Returnil\RVS3\rvsmon.exe
SS - | Demand 0 | (RXANXWYEV) . (...) - C:\DOCUME~1\Bureau\LOCALS~1\Temp\RXANXWYEV.exe
SS - | Auto 0 | (Skype C2C Service) . (...) - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 493200 | (TryAndDecideService) . (...) - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
SR - | Auto 19/08/2011 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files\Fichiers communs\logishrd\LVMVFM\UMVPFSrv.exe
SS - | Auto 0 | (USBDLM) . (...) - C:\Program Files\USBDLM\USBDLM.exe
SS - | Demand 0 | (VG) . (...) - C:\DOCUME~1\Bureau\LOCALS~1\Temp\VG.exe
SS - | Disabled 0 | (vToolbarUpdater12.2.6) . (...) - C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Bureau at 11/04/2013 15:51:32

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys amdide.sys PCIIDEX.SYS
C:\WINDOWS\system32\drivers\sfsync02.sys Protection Technology StarForce Protection System
C:\WINDOWS\system32\drivers\amdide.sys Advanced Micro Devices AMD PCI SATA/IDE Bus Driver
1 ntkrnlpa!IofCallDriver[0x804EF200] >> \Device\Harddisk0\DR0[0x8BB89AB8]
kernel: MBR read successfully
user != kernel MBR !!!
sectors 312581748 (+3): user != kernel
~ MBR: 16 Legitimates Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Bureau at 11/04/2013 15:51:35

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 2617 Legitimates filtered by white list
End of the scan (1489 lines in 06mn 54s)(0)

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !