Ordinateur très ralenti

cloclo20100 Messages postés 115 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

depuis quelques temps je trouve mon ordi tres long, meme lorsque je me sers de word et excel.
J'aimerai que quelqu'un m'aide à faire une analyse de mon ordi, pour voir si je je n'ai pas un virus caché. Merci d'avance


c'est un Hewlett-packard cimpany modèle G5210fr
mon antivirus c'est avast
A voir également:

17 réponses

Réponse 1 / 17
Utilisateur anonyme
 
Salut



* Télécharge ZHPDiag (de Nicolas coolman)


ICI >> ZHPDiag (de Nicolas coolman)

* Une fois le téléchargement achevé,
* double clique sur ZHPDiag.exe et suis les instructions.
* /!\Utilisateurs de Windows Vista et Windows 7
>> Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
* Laisse toi guider lors de l'installation,
* coche >> créer une icône sur le bureau
* * L'outil va créer 3 icônes ZHPDiag > IMAGE ZHPDiag

* >> ZHPFix >IMAGE ZHPFix sur ton Bureau

* et >> MBRcheck
* il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic ») http://img50.xooimage.com/files/9/c/7/image1-240af68.jpg
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* Trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport

ou

ICI >> pjjoint.malekal
* Cliques sur >> Parcourir
* Trouve >> le rapport que tu viens d'enregistrer par exemple sur ton bureau
* Cliques sur >> envoyer le fichier
* Un lien te sera généré,
* il te suffit de le poster ici









@+ VIRUS/C/C
0
cloclo20100 Messages postés 115 Statut Membre 2
 
Bonsoir

Merci pour votre aide, voici le lien
http://www.cijoint.fr/cjlink.php?file=cj201108/cijwjtStb5.txt
0
Réponse 2 / 17
Utilisateur anonyme
 
Salut



* Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)

ICI >>AD-Remover


/!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

* Utilisateurs Windows XP => double clique >>sur AD-R.exe situé sur ton Bureau pour le lancer.
* Utilisateurs Windows Vista / windows 7 => * Fais un clic droit sur >> "sur [color="#0000FF"][b]AD-R.exe[/b][/color] et tu sélectionnes "[color="#FF0000"][b]executer en tant que en tant qu'administrateur[/b][/color] pour le lancer.

* Sur la page, clique sur le bouton « Nettoyer »
* ne fais qu'une fois le nettoyage
* Confirme l'opération
* Poste le rapport qui apparaît à la fin.
* (Le rapport est sauvegardé aussi sous C:\Ad-report.)
* (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)



@+ VIRUS/C/C
0
cloclo20100 Messages postés 115 Statut Membre 2
 
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:30:05 le 01/09/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium (X64)
CLAUDINE@CLAUDINE-HP (Hewlett-Packard G5210fr)

============== ACTION(S) ==============


Dossier supprimé: C:\Users\CLAUDINE\AppData\LocalLow\PriceGong
Dossier supprimé: C:\Program Files (x86)\PriceGong

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Clé supprimée: HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Clé supprimée: HKLM\Software\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Clé supprimée: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Clé supprimée: HKLM\Software\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Clé supprimée: HKLM\Software\Classes\PriceFactorIE.PriceGongBHO
Clé supprimée: HKLM\Software\Classes\PriceFactorIE.PriceGongBHO.1
Clé supprimée: HKLM\Software\Classes\PriceGongIE.PriceGongCtrl
Clé supprimée: HKLM\Software\Classes\PriceGongIE.PriceGongCtrl.1
Clé supprimée: HKLM\Software\Classes\AppID\PriceGongIE.DLL
Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\pricegong
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Valeur supprimée: HKCU\Software\Mozilla\Firefox\Extensions|{8a9386b4-e958-4c4c-adf4-8f26db3e4829}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [6.0.1 (fr)] ****

Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=5837687700000000000094445265a286&tlver=1.4.19.19&affID=17159/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Click to call with Skype)

-- C:\Users\CLAUDINE\AppData\Roaming\Mozilla\FireFox\Profiles\uoxmefud.default --
Prefs.js - browser.download.lastDir, C:\\Users\\CLAUDINE\\Documents
Prefs.js - browser.startup.homepage_override.buildID, 20110830092941
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.1

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847} - "SweetIM ToolbarURLSearchHook Class" (C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll)
HKCU_SearchScopes\{E30D16F0-B509-4F62-8F4F-CD385A640B34} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{E30D16F0-B509-4F62-8F4F-CD385A640B34} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll)
HKLM_Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files (x86)\SFR\Kit\9launch.exe (SFR)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (SweetIM Technologies Ltd.)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
BHO\{EEE6C35C-6118-11DC-9C72-001320C79847} - "SweetIM Toolbar Helper" (C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 37 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 01/09/2011 22:30:28 (5983 Octet(s))

Fin à: 22:32:46, 01/09/2011

============== E.O.F ==============
0
Réponse 3 / 17
Utilisateur anonyme
 
Salut


1) * Télécharges Malwarebytes' (mbam)

ICI >> Malwarebytes' (mbam)

* installes + mise a jour <== A faire !!
* Lances--> Malwarebytes (MBAM)
* Puis vas dans l'onglet "Recherche", coche >>Exécuter un examen complet
* puis "Rechercher"
* Sélectionnes tes disques durs" puis clique sur "Lancer l'examen"
* A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
* Si MalwareBytes' détecte des infections, clique sur ==>Afficher les résultats, puis sur ==>Supprimer la sélection
* S'il t' es demandé de redémarrer, clique sur "oui "
* aprés la suppression(s) de ou des infections trouvées --> poste le rapport ici
!!! Ne pas vider la quarantaine de MBAM sans avis !!!



seulement après



2)
* Télécharge OTL (de OldTimer) sur ton Bureau.

>> OTL (de OldTimer)

* Utilisateurs Windows XP => double clique >>sur OTL.exe pour le lancer
* Utilisateurs Windows Vista / windows 7 => clic droit "executer en tant que en tant qu'administrateur "sur OTL.exe pour le lancer.

* Coche " Rapport standard". Fais de même à côté avec " Tous les utilisateurs"
* Coches également les cases à côté de " Recherche LOP" et "Recherche Purity".
* "Age du fichier" sur 60jours .


* Copies et colles le texte en Gras çi- dessous >> dans la partie inférieure d'OTL sous >> Personalisation :




netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* Age du fichier sur >> 60jours .
* Dans la partie gauche , mets Tout sur >> tous

* Tu ne modifies pas la partie :

* Fichiers créés et fichiers Modifiés .

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le contenu de OTL.Txt dans ta prochaine réponse

* Héberge le rapport >> OTL.Txt sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport

fais aprés de même avec le rapport >> Extras.Txt




@+ VIRUS/C/C
0
Réponse 4 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
bonjour voici le 1er rapport
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7645

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

03/09/2011 22:22:00
mbam-log-2011-09-03 (22-22-00).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 372564
Temps écoulé: 38 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
voici la suite

http://www.cijoint.fr/cjlink.php?file=cj201109/cijpYuYyPr.txt

Merci pour votre aide
0
Réponse 6 / 17
Utilisateur anonyme
 
Salut



1)* Poste moi aussi le rapport Extras.txt qui doit se trouver sur ton Bureau ou que tu retrouveras dans C:\_Otl


ensuite



2) Afficher les fichiers et dossiers cachés ainsi

Cliques ==> Démarrer ==> ordinateur ==> organiser ==>Options des dossiers et de recherche ==> onglet Affichage

ensuite ==>

Active le bouton : Afficher les Fichiers et dossiers cachés
Décoche ==>Masquer les fichiers protégés du système d'exploitation (recommandé)
Décoche ==> Masquer les extensions dont le type est connu
clique sur ==> Appliquer et ==> Ok
pour valider les changements


sous Windows7 / Vista : En affichant les fichiers cachés, tu verras apparaitre sur ton bureau 2 icones (translucides) supplémentaires nommées desktop.ini,

* Ne touche surtout pas à ces Fichiers


3) analyse le(s) fichier(s) suivants sur Virustotal :

>> Virus Total


* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :
PS * *Sinon >> Colle directement le chemin des fichiers ,
dans l'espace>> " Parcourir" :



C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Installer\{9B30D1C5-229F-4934-A781-DFBFB171D91D}\controlPanelIcon.exe




* Clique maintenant sur Envoyer le fichier.
laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"),
* clique sur>> Formaté en haut à gauche (au dessus du mot "Antivirus" )
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat


tutoriel pour t aider >> Tutoriel VirusTotal



Ensuite fais de même


C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Installer\{9B30D1C5-229F-4934-A781-DFBFB171D91D}\SystemFolder_msiexec.exe



ou






4) Rétablis l'affichage des fichiers et dossiers cachés comme ceci

Cliques ==> Démarrer ==> ordinateur ==> organiser ==>Options des dossiers et de recherche ==> onglet Affichage

Active le bouton ==> Ne pas afficher les Fichiers et dossiers cachés
Coche ==> Masquer les fichiers protégés du système d'exploitation (recommandé)
Coche ==> Masquer les extensions dont le type est connu
clique sur ==> Appliquer et ==> Ok
pour valider les changements


@+ VIRUS/C/C
0
Réponse 7 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
j'ai pas reussi à le mettre sur le site voici le resultat pour le 1er

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
controlPanelIcon.exe
Submission date:
2011-09-04 07:00:11 (UTC)
Current status:
finished
Result:
0 /43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.09.03.00 2011.09.03 -
AntiVir 7.11.14.90 2011.09.02 -
Antiy-AVL 2.0.3.7 2011.09.04 -
Avast 4.8.1351.0 2011.09.02 -
Avast5 5.0.677.0 2011.09.02 -
AVG 10.0.0.1190 2011.09.04 -
BitDefender 7.2 2011.09.04 -
ByteHero 1.0.0.1 2011.09.01 -
CAT-QuickHeal 11.00 2011.09.03 -
ClamAV 0.97.0.0 2011.09.04 -
Commtouch 5.3.2.6 2011.09.03 -
Comodo 9984 2011.09.04 -
DrWeb 5.0.2.03300 2011.09.04 -
Emsisoft 5.1.0.11 2011.09.04 -
eSafe 7.0.17.0 2011.09.01 -
eTrust-Vet 36.1.8537 2011.09.02 -
F-Prot 4.6.2.117 2011.09.03 -
F-Secure 9.0.16440.0 2011.09.03 -
Fortinet 4.3.370.0 2011.09.04 -
GData 22 2011.09.04 -
Ikarus T3.1.1.107.0 2011.09.04 -
Jiangmin 13.0.900 2011.09.03 -
K7AntiVirus 9.111.5083 2011.09.02 -
Kaspersky 9.0.0.837 2011.09.04 -
McAfee-GW-Edition 2010.1D 2011.09.03 -
Microsoft 1.7604 2011.09.04 -
NOD32 6434 2011.09.04 -
Norman 6.07.11 2011.09.03 -
nProtect 2011-09-03.01 2011.09.03 -
Panda 10.0.3.5 2011.09.03 -
PCTools 8.0.0.5 2011.09.04 -
Prevx 3.0 2011.09.04 -
Rising 23.73.01.03 2011.08.30 -
Sophos 4.69.0 2011.09.04 -
SUPERAntiSpyware 4.40.0.1006 2011.09.03 -
Symantec 20111.2.0.82 2011.09.04 -
TheHacker 6.7.0.1.290 2011.09.03 -
TrendMicro 9.500.0.1008 2011.09.03 -
TrendMicro-HouseCall 9.500.0.1008 2011.09.04 -
VBA32 3.12.16.4 2011.09.02 -
VIPRE 10365 2011.09.04 -
ViRobot 2011.9.3.4655 2011.09.03 -
VirusBuster 14.0.200.0 2011.09.03 -
Additional information
MD5 : 3b9fe22053a0bb6fe05db77958ff0281
SHA1 : 6268f1b4783a04782ac182eab98c240e37b72fc7
SHA256: edff3d946741b8f0a9d023fb5a6bc75a18f51eb898f1fbef59331976b6272115

VT Community
0
Réponse 8 / 17
Utilisateur anonyme
 
Re


* Manque le rapport Extras.Txt et un rapport d ' analyse sur VirusTotal




@+ VIRUS/C/C
0
Réponse 9 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
bonsoir

voici le rapport extras.txt

OTL logfile created on: 9/3/2011 10:32:45 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\CLAUDINE\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 0.18 Gb Available Physical Memory | 4.51% Memory free
8.00 Gb Paging File | 2.98 Gb Available in Paging File | 37.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 685.29 Gb Total Space | 604.18 Gb Free Space | 88.16% Space Free | Partition Type: NTFS
Drive D: | 13.25 Gb Total Space | 1.59 Gb Free Space | 12.01% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: CLAUDINE-HP | User Name: CLAUDINE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011/09/03 22:28:06 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\CLAUDINE\Downloads\OTL.exe
PRC - [2011/08/31 22:58:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 22:58:17 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2011/07/29 12:31:22 | 017,361,032 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2011/07/25 11:41:48 | 000,433,360 | ---- | M] (Sony Ericsson) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/06/29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
PRC - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010/12/13 14:52:46 | 000,074,960 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
PRC - [2010/11/10 13:49:34 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/09/28 15:03:00 | 001,590,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
PRC - [2010/08/13 14:04:34 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
PRC - [2010/05/19 19:44:14 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/16 23:12:52 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2010/04/16 19:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
PRC - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/07/14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\notepad.exe
PRC - [2009/02/26 16:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE
PRC - [2004/10/01 15:12:18 | 000,565,309 | ---- | M] (Broadcom Corporation) -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\BTTray.exe
PRC - [2004/10/01 15:06:34 | 000,163,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\bin\btwdins.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011/09/03 22:28:06 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\CLAUDINE\Downloads\OTL.exe
MOD - [2011/08/31 22:58:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MOD - [2011/08/31 22:58:21 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MOD - [2011/08/31 22:58:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
MOD - [2011/08/31 22:58:20 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/08/31 22:58:20 | 000,719,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcpp19.dll
MOD - [2011/08/31 22:58:20 | 000,715,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozcrt19.dll
MOD - [2011/08/31 22:58:20 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
MOD - [2011/08/31 22:58:19 | 000,785,368 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
MOD - [2011/08/31 22:58:19 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MOD - [2011/08/31 22:58:19 | 000,347,096 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MOD - [2011/08/31 22:58:19 | 000,203,736 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
MOD - [2011/08/31 22:58:19 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MOD - [2011/08/31 22:58:18 | 000,089,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
MOD - [2011/08/31 22:58:18 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
MOD - [2011/08/31 22:58:17 | 000,166,872 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MOD - [2011/08/31 22:58:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
MOD - [2011/08/31 22:58:17 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
MOD - [2011/08/31 22:58:17 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
MOD - [2011/08/31 22:58:17 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MOD - [2011/08/31 22:58:16 | 015,494,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll
MOD - [2011/08/31 22:58:16 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
MOD - [2011/08/16 07:21:08 | 004,396,704 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll
MOD - [2011/08/16 07:20:32 | 004,892,320 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
MOD - [2011/08/11 03:42:13 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\7cc7d753f499e27b4bd8a45c3e81c73e\System.Management.ni.dll
MOD - [2011/08/11 03:34:43 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60aa01ac9637903f30ac346c55ce58bb\PresentationFramework.Aero.ni.dll
MOD - [2011/08/11 03:34:29 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\456d5e9d3a0a37697ab28c150e9ac5b7\System.Runtime.Remoting.ni.dll
MOD - [2011/08/11 03:34:27 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\86f429e0a23238cf277d464bd0433d86\System.Data.ni.dll
MOD - [2011/08/11 03:34:19 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\462ca53f84ff85f159d5555d91a5e28d\PresentationFramework.ni.dll
MOD - [2011/08/11 03:33:58 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\808e41877f992187276492aa2e55e909\PresentationCore.ni.dll
MOD - [2011/08/11 03:33:49 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll
MOD - [2011/08/11 03:33:45 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll
MOD - [2011/08/11 03:33:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll
MOD - [2011/08/11 03:33:41 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll
MOD - [2011/08/11 03:33:36 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll
MOD - [2011/08/06 19:15:33 | 006,162,592 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash10m.ocx
MOD - [2011/07/29 12:31:22 | 017,361,032 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
MOD - [2011/07/25 11:41:48 | 000,433,360 | ---- | M] (Sony Ericsson) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
MOD - [2011/07/22 08:38:01 | 005,989,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2011/07/21 14:13:38 | 000,952,320 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.dll
MOD - [2011/07/20 09:09:00 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\MExplorer.dll
MOD - [2011/07/16 06:30:27 | 001,048,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011/07/16 06:30:27 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011/07/13 16:01:32 | 000,755,712 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\Device.dll
MOD - [2011/07/04 13:43:59 | 000,204,424 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\1036\UILangRes.dll
MOD - [2011/07/04 13:43:58 | 000,097,280 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\1036\Base.dll
MOD - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
MOD - [2011/07/04 13:43:51 | 001,762,296 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\CommonRes.dll
MOD - [2011/07/04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2011/07/04 13:43:48 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswAux.dll
MOD - [2011/07/04 13:43:48 | 000,682,344 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\aswAux.dll
MOD - [2011/07/04 13:43:48 | 000,398,576 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
MOD - [2011/07/04 13:43:48 | 000,313,080 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
MOD - [2011/07/04 13:43:48 | 000,313,080 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\aswCmnBS.dll
MOD - [2011/07/04 13:43:48 | 000,201,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswLog.dll
MOD - [2011/07/04 13:43:48 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswProperty.dll
MOD - [2011/07/04 13:43:48 | 000,201,352 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\aswProperty.dll
MOD - [2011/07/04 13:43:48 | 000,163,200 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswData.dll
MOD - [2011/07/04 13:43:48 | 000,162,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
MOD - [2011/07/04 13:43:48 | 000,162,712 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\aswCmnIS.dll
MOD - [2011/07/04 13:43:48 | 000,046,328 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
MOD - [2011/07/04 13:43:48 | 000,046,328 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\aswEngLdr.dll
MOD - [2011/07/04 13:43:48 | 000,025,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswUtil.dll
MOD - [2011/07/04 13:43:47 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
MOD - [2011/07/04 13:43:47 | 000,095,232 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\aswCmnOS.dll
MOD - [2011/07/04 13:43:45 | 000,182,776 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashBase.dll
MOD - [2011/07/04 13:43:45 | 000,182,776 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\ashBase.dll
MOD - [2011/07/04 13:43:45 | 000,150,352 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashTask.dll
MOD - [2011/07/04 13:43:45 | 000,150,352 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\ashTask.dll
MOD - [2011/07/04 13:43:45 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
MOD - [2011/07/04 13:43:44 | 000,105,520 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AhAScr.dll
MOD - [2011/07/04 13:43:42 | 000,311,544 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
MOD - [2011/07/04 13:43:42 | 000,311,544 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\Aavm4h.dll
MOD - [2011/07/04 13:43:42 | 000,070,024 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
MOD - [2011/07/04 13:43:42 | 000,070,024 | ---- | M] (AVAST Software) -- C:\PROGRA~1\ALWILS~1\Avast5\AavmRpch.dll
MOD - [2011/06/28 21:25:39 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/06/21 07:36:36 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2011/06/21 07:36:33 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2011/06/21 07:34:49 | 002,072,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2011/06/21 07:34:48 | 010,989,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2011/06/21 07:34:48 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011/06/20 18:51:46 | 000,500,224 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PhoneUpdate.dll
MOD - [2011/06/20 09:20:00 | 000,193,536 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\WebServices.dll
MOD - [2011/06/17 06:40:51 | 000,062,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90FRA.DLL
MOD - [2011/06/17 06:40:46 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2011/06/17 06:40:41 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011/06/17 06:40:41 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011/06/17 06:39:26 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011/06/17 06:39:26 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011/06/16 06:35:50 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011/05/31 01:38:38 | 003,518,976 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\coreclr.dll
MOD - [2011/05/31 01:38:38 | 000,004,096 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\fr\mscorrc.dll
MOD - [2011/05/30 23:32:12 | 005,969,224 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\agcore.dll
MOD - [2011/05/30 23:32:12 | 001,025,864 | ---- | M] ( Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
MOD - [2011/05/30 13:01:40 | 000,337,920 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\DownloadManager.dll
MOD - [2011/05/25 12:05:26 | 000,308,224 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PluginManager.dll
MOD - [2011/05/24 12:34:20 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 12:34:20 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011/05/24 12:34:00 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/05/03 17:37:26 | 000,272,384 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\Statistics.dll
MOD - [2011/05/03 06:50:29 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\inetcomm.dll
MOD - [2011/04/29 09:47:40 | 000,586,240 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\NewUI.dll
MOD - [2011/04/28 16:12:50 | 000,685,568 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\bvrpctln.dll
MOD - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2011/04/04 14:14:46 | 000,113,664 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\WUNPACLN.dll
MOD - [2011/03/30 00:31:53 | 005,915,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2011/03/30 00:31:52 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2011/03/20 05:40:44 | 001,079,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\RICHED20.DLL
MOD - [2011/03/11 07:40:24 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011/03/11 07:39:35 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\esent.dll
MOD - [2011/03/06 17:26:46 | 004,782,592 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\MsgPlusLive.dll
MOD - [2011/03/06 17:21:12 | 000,047,616 | R--- | M] (Yuna Software) -- C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll
MOD - [2011/03/06 17:19:08 | 002,843,648 | ---- | M] (Yuna Software) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\MsgPlusRes.dll
MOD - [2011/03/03 07:29:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/03/02 10:11:20 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\Detoured.dll
MOD - [2011/02/19 07:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2011/02/19 07:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011/02/18 07:36:26 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
MOD - [2011/02/18 07:35:35 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2011/02/16 19:00:38 | 017,370,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL
MOD - [2011/01/17 07:38:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010/12/27 21:04:11 | 000,123,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/12/21 07:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010/12/21 07:38:19 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnp.dll
MOD - [2010/12/21 07:36:17 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2010/12/21 07:36:16 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010/12/21 07:34:12 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010/12/18 07:31:23 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2010/12/13 14:52:46 | 000,074,960 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
MOD - [2010/12/13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\TMonitorAPI.dll
MOD - [2010/12/03 10:17:44 | 000,639,488 | ---- | M] (Avanquest Software) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\BackupRestore.dll
MOD - [2010/11/10 13:49:34 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MOD - [2010/11/02 06:35:35 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010/11/02 06:35:34 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010/10/27 06:40:22 | 001,293,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2010/10/16 06:36:10 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2010/10/16 06:34:37 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010/10/07 10:26:02 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2010/10/07 10:26:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2010/10/07 10:22:14 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2010/10/07 10:18:00 | 001,328,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2010/10/07 10:18:00 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avifil32.dll
MOD - [2010/10/07 10:17:04 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/10/07 10:10:28 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/10/07 10:00:45 | 000,052,920 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\SysWOW64\ezUPBHook.dll
MOD - [2010/09/28 15:03:00 | 001,590,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
MOD - [2010/09/28 15:00:42 | 002,359,296 | ---- | M] (HP) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECenter.dll
MOD - [2010/09/28 15:00:36 | 000,253,952 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCHealthSecurity\PCHealthSecurityPillar.dll
MOD - [2010/09/28 15:00:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/09/28 15:00:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/09/28 15:00:28 | 000,143,360 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\SystemStatus.dll
MOD - [2010/09/28 15:00:26 | 000,040,960 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/09/28 15:00:24 | 000,036,864 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/09/28 15:00:24 | 000,032,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.dll
MOD - [2010/09/28 15:00:24 | 000,007,680 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/09/28 15:00:22 | 000,032,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonInterfaces.dll
MOD - [2010/09/28 15:00:22 | 000,005,632 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/09/28 15:00:20 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\UniversalLauncher.dll
MOD - [2010/09/28 15:00:20 | 000,018,944 | ---- | M] (Hewlett Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/09/28 15:00:16 | 000,147,456 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonUtility.dll
MOD - [2010/09/28 15:00:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/09/28 15:00:02 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Logging.dll
MOD - [2010/08/26 06:39:58 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll
MOD - [2010/08/21 07:36:24 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2010/08/21 07:33:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010/08/13 14:04:42 | 018,103,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WWLIB.DLL
MOD - [2010/08/13 14:04:34 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
MOD - [2010/07/27 16:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010/06/29 07:02:02 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/06/26 07:14:29 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010/06/19 08:23:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/05/22 04:57:10 | 009,400,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2010/05/05 08:46:55 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2010/04/16 23:12:52 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
MOD - [2010/04/16 23:12:52 | 000,366,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msgslang.14.0.8117.0416.dll
MOD - [2010/04/16 23:12:18 | 011,379,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll
MOD - [2010/04/16 23:12:18 | 002,390,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\uxcore.dll
MOD - [2010/04/16 23:12:18 | 000,541,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\uxcontacts.dll
MOD - [2010/04/16 23:12:18 | 000,441,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msgswcam.dll
MOD - [2010/04/16 23:12:18 | 000,436,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\vvpltfrm.dll
MOD - [2010/04/16 23:12:18 | 000,423,760 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\PresenceIM.dll
MOD - [2010/04/16 23:12:18 | 000,103,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\uxcalendar.dll
MOD - [2010/04/16 23:12:18 | 000,048,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\wldcore.dll
MOD - [2010/04/16 23:12:18 | 000,048,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sirenacm.dll
MOD - [2010/04/16 23:12:18 | 000,031,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\wldlog.dll
MOD - [2010/04/16 23:12:12 | 000,553,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\livetransport.dll
MOD - [2010/04/16 23:12:12 | 000,224,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\liveNatTrav.dll
MOD - [2010/04/16 20:56:32 | 006,155,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\rtmpltfm.dll
MOD - [2010/04/16 20:56:32 | 004,751,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\uccapi.dll
MOD - [2010/04/16 19:36:42 | 000,058,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\conproxy.dll
MOD - [2010/04/16 19:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
MOD - [2010/04/16 19:36:40 | 000,646,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\contact.dll
MOD - [2010/04/16 19:36:40 | 000,580,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\lmcdata.dll
MOD - [2010/04/16 19:36:40 | 000,531,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\abssm.dll
MOD - [2010/04/16 19:36:40 | 000,128,368 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\consync.dll
MOD - [2010/04/16 19:36:40 | 000,031,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wldlog.dll
MOD - [2010/03/18 15:55:52 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\Report.dll
MOD - [2010/03/18 14:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2010/01/11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\VObject.dll
MOD - [2009/11/25 13:47:34 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2009/10/28 18:17:16 | 000,161,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Common.dll
MOD - [2009/10/28 18:17:16 | 000,079,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll
MOD - [2009/10/28 18:17:16 | 000,064,352 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.ObjectBuilder.dll
MOD - [2009/10/15 00:53:20 | 001,058,336 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\officepdf.dll
MOD - [2009/10/10 00:10:46 | 002,594,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6.DLL
MOD - [2009/09/30 12:40:02 | 001,141,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msidcrl40.dll
MOD - [2009/08/18 20:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2009/07/21 17:29:44 | 000,144,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\sqmapi.dll
MOD - [2009/07/14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009/07/14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/14 03:16:21 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\zipfldr.dll
MOD - [2009/07/14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2009/07/14 03:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2009/07/14 03:16:20 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2009/07/14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/14 03:16:19 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMADMOD.DLL
MOD - [2009/07/14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009/07/14 03:16:19 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMASF.DLL
MOD - [2009/07/14 03:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2009/07/14 03:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2009/07/14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009/07/14 03:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009/07/14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/07/14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009/07/14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009/07/14 03:16:18 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2009/07/14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009/07/14 03:16:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WcnApi.dll
MOD - [2009/07/14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/07/14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009/07/14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll
MOD - [2009/07/14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009/07/14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009/07/14 03:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2009/07/14 03:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2009/07/14 03:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tapi32.dll
MOD - [2009/07/14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/07/14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009/07/14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009/07/14 03:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll
MOD - [2009/07/14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009/07/14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009/07/14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009/07/14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009/07/14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009/07/14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2009/07/14 03:16:13 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009/07/14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009/07/14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009/07/14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/14 03:16:12 | 002,504,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMVCORE.DLL
MOD - [2009/07/14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009/07/14 03:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2009/07/14 03:16:12 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\prnfldr.dll
MOD - [2009/07/14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/14 03:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2009/07/14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceTypes.dll
MOD - [2009/07/14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009/07/14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009/07/14 03:16:12 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll
MOD - [2009/07/14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009/07/14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/14 03:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2009/07/14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009/07/14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/14 03:16:03 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netshell.dll
MOD - [2009/07/14 03:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009/07/14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009/07/14 03:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\newdev.dll
MOD - [2009/07/14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2009/07/14 03:16:03 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkitemfactory.dll
MOD - [2009/07/14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009/07/14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009/07/14 03:16:02 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2009/07/14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009/07/14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009/07/14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009/07/14 03:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp60.dll
MOD - [2009/07/14 03:15:50 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll
MOD - [2009/07/14 03:15:46 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msoert2.dll
MOD - [2009/07/14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2009/07/14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2009/07/14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009/07/14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009/07/14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/07/14 03:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2009/07/14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2009/07/14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/14 03:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009/07/14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOAV.dll
MOD - [2009/07/14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/07/14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009/07/14 03:15:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2009/07/14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/14 03:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009/07/14 03:15:32 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
MOD - [2009/07/14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2009/07/14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009/07/14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009/07/14 03:15:24 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll
MOD - [2009/07/14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2009/07/14 03:15:22 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2009/07/14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009/07/14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2009/07/14 03:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2009/07/14 03:15:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fundisc.dll
MOD - [2009/07/14 03:15:20 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Faultrep.dll
MOD - [2009/07/14 03:15:20 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fdWCN.dll
MOD - [2009/07/14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009/07/14 03:15:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fdProxy.dll
MOD - [2009/07/14 03:15:20 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fdWNet.dll
MOD - [2009/07/14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\es.dll
MOD - [2009/07/14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009/07/14 03:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2009/07/14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009/07/14 03:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2009/07/14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009/07/14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009/07/14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/14 03:15:13 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dtsh.dll
MOD - [2009/07/14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009/07/14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009/07/14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dfscli.dll
MOD - [2009/07/14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009/07/14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009/07/14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009/07/14 03:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009/07/14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009/07/14 03:15:08 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2009/07/14 03:15:08 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dim700.dll
MOD - [2009/07/14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009/07/14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009/07/14 03:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2009/07/14 03:15:07 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009/07/14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009/07/14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009/07/14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009/07/14 03:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2009/07/14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/14 03:15:00 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2009/07/14 03:15:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll
MOD - [2009/07/14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/14 03:14:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2009/07/14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009/07/14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009/07/14 03:14:52 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcSpecfc.dll
MOD - [2009/07/14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2009/07/14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\notepad.exe
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm
MOD - [2009/07/14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009/07/14 03:14:08 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2009/07/14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/07/14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009/07/14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009/07/14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009/07/14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009/07/14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009/07/14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009/07/14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/14 03:06:08 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\INETRES.dll
MOD - [2009/07/14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009/06/13 02:15:00 | 001,661,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OGL.DLL
MOD - [2009/06/10 23:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 23:23:08 | 000,074,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2009/06/10 23:22:51 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2009/06/10 23:14:52 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2009/04/03 19:46:38 | 000,034,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\MSOSTYLE.DLL
MOD - [2009/04/03 19:21:42 | 016,037,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\OART.DLL
MOD - [2009/04/02 22:07:42 | 010,619,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\1036\MSOINTL.DLL
MOD - [2009/04/02 20:31:32 | 001,061,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\1036\WWINTL.DLL
MOD - [2009/04/02 13:01:58 | 006,637,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSORES.DLL
MOD - [2009/03/06 04:31:26 | 000,160,616 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\MSOCF.DLL
MOD - [2009/02/26 16:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
MOD - [2009/02/14 06:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2008/11/21 00:42:30 | 000,732,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\msproof6.dll
MOD - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
MOD - [2008/11/10 11:50:30 | 000,076,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\MSOHEV.DLL
MOD - [2008/11/04 05:21:14 | 000,400,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\CDLMSO.DLL
MOD - [2008/11/04 02:24:48 | 000,998,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\OISAPP.DLL
MOD - [2008/11/04 02:24:48 | 000,285,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\OISGRAPH.DLL
MOD - [2008/11/04 02:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE
MOD - [2008/10/25 13:20:36 | 002,907,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\1036\ONINTL.DLL
MOD - [2008/10/25 10:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
MOD - [2008/10/25 00:45:14 | 002,684,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\NLSDATA000C.DLL
MOD - [2008/09/17 23:17:08 | 001,425,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\msxml5.dll
MOD - [2006/09/22 01:24:02 | 000,191,304 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\1036\VBE6INTL.DLL
MOD - [2006/08/21 15:08:18 | 000,551,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSSP3FR.DLL
MOD - [2006/08/19 02:40:14 | 002,933,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSSP3FR.LEX
MOD - [2006/07/26 17:27:18 | 000,576,320 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\PROOF\MSLID.DLL
MOD - [2006/07/25 14:20:22 | 006,317,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\PROOF\1036\MSGR3FR.DLL
MOD - [2006/07/13 14:33:08 | 003,152,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\PROOF\1033\MSGR3EN.DLL
MOD - [2004/10/01 23:56:24 | 000,049,152 | ---- | M] (Broadcom Corporation) -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\BtBalloon.dll
MOD - [2004/10/01 15:13:12 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\BTKeyInd.dll
MOD - [2004/10/01 15:12:18 | 000,565,309 | ---- | M] (Broadcom Corporation) -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\BTTray.exe
MOD - [2004/10/01 14:59:06 | 000,118,784 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysWOW64\btosif.dll
MOD - [2004/10/01 14:56:16 | 000,557,117 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysWOW64\wbtapi.dll
MOD - [2004/10/01 14:49:44 | 003,051,520 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysWOW64\btrez.dll
MOD - [2002/07/15 15:58:00 | 000,050,176 | ---- | M] (Blue Sky Software Corporation) -- C:\Windows\SysWOW64\CSH.DLL


[color=#E56717]========== Win32 Services (All) ==========[/color]

SRV:[b]64bit:[/b] - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011/05/24 13:21:59 | 000,404,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2011/05/04 07:24:09 | 000,593,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:[b]64bit:[/b] - [2011/03/03 08:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2011/02/19 08:37:44 | 001,135,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2010/12/28 02:03:36 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:[b]64bit:[/b] - [2010/12/21 08:16:27 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/12/21 08:16:09 | 000,258,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:[b]64bit:[/b] - [2010/11/02 07:16:53 | 001,114,624 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/09/14 08:45:57 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:[b]64bit:[/b] - [2010/08/27 08:14:02 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/08/21 08:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2010/05/22 04:43:00 | 000,159,336 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysNative\nvvsvc.exe -- (nvsvc)
SRV:[b]64bit:[/b] - [2009/08/18 21:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:59 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:58 | 002,418,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:58 | 002,018,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:57 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:[b]64bi
0
Réponse 10 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
et voici le rapport total

Virus Total
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
SystemFolder_msiexec.exe
Submission date:
2011-08-09 08:21:55 (UTC)
Current status:
finished
Result:
1 /43 (2.3%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.08.08.00 2011.08.08 -
AntiVir 7.11.12.247 2011.08.09 -
Antiy-AVL 2.0.3.7 2011.08.09 -
Avast 4.8.1351.0 2011.08.09 -
Avast5 5.0.677.0 2011.08.09 -
AVG 10.0.0.1190 2011.08.09 -
BitDefender 7.2 2011.08.09 -
CAT-QuickHeal 11.00 2011.08.09 -
ClamAV 0.97.0.0 2011.08.09 -
Commtouch 5.3.2.6 2011.08.09 -
Comodo 9682 2011.08.09 -
DrWeb 5.0.2.03300 2011.08.09 -
Emsisoft 5.1.0.8 2011.08.09 -
eSafe 7.0.17.0 2011.08.08 -
eTrust-Vet 36.1.8491 2011.08.08 -
F-Prot 4.6.2.117 2011.08.09 -
F-Secure 9.0.16440.0 2011.08.09 -
Fortinet 4.2.257.0 2011.08.09 -
GData 22 2011.08.09 -
Ikarus T3.1.1.104.0 2011.08.09 -
Jiangmin 13.0.900 2011.08.08 -
K7AntiVirus 9.109.4973 2011.08.02 -
Kaspersky 9.0.0.837 2011.08.09 -
McAfee 5.400.0.1158 2011.08.09 -
McAfee-GW-Edition 2010.1D 2011.08.09 -
Microsoft 1.7104 2011.08.09 -
NOD32 6361 2011.08.09 -
Norman 6.07.10 2011.08.08 -
nProtect 2011-08-08.02 2011.08.08 -
Panda 10.0.3.5 2011.08.08 -
PCTools 8.0.0.5 2011.08.09 -
Prevx 3.0 2011.08.09 -
Rising 23.70.00.03 2011.08.08 -
Sophos 4.67.0 2011.08.09 -
SUPERAntiSpyware 4.40.0.1006 2011.08.09 -
Symantec 20111.2.0.82 2011.08.09 -
TheHacker 6.7.0.1.272 2011.08.07 -
TrendMicro 9.500.0.1008 2011.08.09 -
TrendMicro-HouseCall 9.500.0.1008 2011.08.09 -
VBA32 3.12.16.4 2011.08.08 -
VIPRE 10112 2011.08.09 -
ViRobot 2011.8.9.4612 2011.08.09 Adware.SpyZooka.R.10134
VirusBuster 14.0.158.0 2011.08.08 -
Additional information
MD5 : 647bb3355f403c398d73cf8be8837fa6
SHA1 : ac9f5ab69e48284691506f3a699a8f925b4218fa
SHA256: 7c4e22d91293bf9ce8683e9dd395315824e36794a612b5a0dae4eecb82d13d53

VT Community

This file has never been reviewed by any VT Community member. Be the first one to comment on it!
0
Réponse 11 / 17
Utilisateur anonyme
 
Salut



* Non tu m ' as remis le rapport d' OTL , t as pas envie de me donné le rapport Extras.Txt (lol !!)



Salut



* Relance OTL ,
* Utilisateurs Windows XP => double clique >>sur OTL.exe
* Utilisateurs Windows Vista / windows 7 => clic droit "executer en tant que en tant qu'administrateur "sur OTL.exe pour le lancer.

* Copie et colle du texte en gras çi-dessous

* Tu commençes bien à : processes , les : inclus devant processes jusqu'à >>[Reboot] inclus dans la partie inférieure d'OTL sous "Personalisation"
* Cliques sur >> CORRECTION:




:processes
killallprocesses
:OTL
IE - HKU\S-1-5-21-125092764-649052313-2047455740-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-125092764-649052313-2047455740-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies
O4 - HKLM\..\Run: [] File not found
O4 - HKU\S-1-5-19\..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20\..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O33 - MountPoints2\{7d31e4a3-be7a-11e0-a6ce-d485649ac20d}\Shell - "" = AutoRun
O33 - MountPoints2\{7d31e4a3-be7a-11e0-a6ce-d485649ac20d}\Shell\AutoRun\command - "" = F:\Startme.exe
[2011/01/30 20:55:59 | 000,037,345 | R--- | M] () -- C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Installer\{9B30D1C5-229F-4934-A781-DFBFB171D91D}\controlPanelIcon.exe
[2011/01/30 20:55:59 | 000,010,134 | R--- | M] () -- C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Installer\{9B30D1C5-229F-4934-A781-DFBFB171D91D}\SystemFolder_msiexec.exe
:Files
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll
C:\Users\CLAUDINE\AppData\Roaming\mozilla\Firefox\Profiles\zpj7gfk8.default\extensions\ffxtlbr@babylon.com
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
"PDF Complete"=-
:Commands
[emptytemp]
[emptyflash]
[Reboot]





* Cliques sur >> CORRECTION:

* Le rapport texte apparait au Redémarrage de ton PC.
* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* Trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport

ou

* copie/colle le contenu du rapport texte qui apparrait au redemarrage du pc






@+ VIRUS/C/C
0
Réponse 12 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
Bonjour

voici le fichier que j avais a l'ouverture de l'ordi

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-125092764-649052313-2047455740-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-125092764-649052313-2047455740-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_USERS\S-1-5-19\\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ deleted successfully.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\widimg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA}\ deleted successfully.
File {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - Reg Error: Key error. File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d31e4a3-be7a-11e0-a6ce-d485649ac20d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d31e4a3-be7a-11e0-a6ce-d485649ac20d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d31e4a3-be7a-11e0-a6ce-d485649ac20d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d31e4a3-be7a-11e0-a6ce-d485649ac20d}\ not found.
File F:\Startme.exe not found.
C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Installer\{9B30D1C5-229F-4934-A781-DFBFB171D91D}\controlPanelIcon.exe moved successfully.
C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Installer\{9B30D1C5-229F-4934-A781-DFBFB171D91D}\SystemFolder_msiexec.exe moved successfully.
========== FILES ==========
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll moved successfully.
C:\Users\CLAUDINE\AppData\Roaming\mozilla\Firefox\Profiles\zpj7gfk8.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio\.svn folder moved successfully.
C:\Users\CLAUDINE\AppData\Roaming\mozilla\Firefox\Profiles\zpj7gfk8.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully.
C:\Users\CLAUDINE\AppData\Roaming\mozilla\Firefox\Profiles\zpj7gfk8.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Users\CLAUDINE\AppData\Roaming\mozilla\Firefox\Profiles\zpj7gfk8.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Users\CLAUDINE\AppData\Roaming\mozilla\Firefox\Profiles\zpj7gfk8.default\extensions\ffxtlbr@babylon.com folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PDF Complete deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: CLAUDINE
->Temp folder emptied: 516142375 bytes
->Temporary Internet Files folder emptied: 291507893 bytes
->Java cache emptied: 6894 bytes
->FireFox cache emptied: 68246161 bytes
->Flash cache emptied: 53408 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7226496 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50741 bytes
RecycleBin emptied: 29696 bytes

Total Files Cleaned = 842.00 mb


[EMPTYFLASH]

User: All Users

User: CLAUDINE
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.27.0 log created on 09082011_205548

Files\Folders moved on Reboot...
C:\Users\CLAUDINE\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\CLAUDINE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JM5LCZKX\ADSAdClient31[6].txt not found!
File\Folder C:\Users\CLAUDINE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JM5LCZKX\adserv[2].htm not found!
File\Folder C:\Users\CLAUDINE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JM5LCZKX\tt[1].txt not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
0
Réponse 13 / 17
Utilisateur anonyme
 
Salut


1) Comment va ton PC ??



2) * Poste un nouveau ZHPDiag

* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport


@+ VIRUS/C/C
0
Réponse 14 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
bonsoir,

je trouve qu'il est un peu plus rapide

voici le lien

http://www.cijoint.fr/cjlink.php?file=cj201109/cij6RVCFzw.txt

Merci
0
Réponse 15 / 17
Utilisateur anonyme
 
Salut


ok !!


/!\ ZHPFix /!\


* ferme toutes les applications ouvertes.
* Copies tout le texte présent en gras ci-dessous
*( tu le selectionnes avec ta souris >> Clique droit dessus et choisis "copier" ou fait Ctrl+C )



[MD5.00000000000000000000000000000000] [APT] [{A943C90C-1F2C-4CE5-9A65-02C09E9CC014}] (...) -- C:\Users\CLAUDINE\AppData\Local\Temp\Temp1_wg111v2_3_4_0.zip\Setup.exe (.not file.)
[HKLM\Software\SweetIM]
O43 - CFD: 2/4/2011 - 11:48:00 PM - [2549990] ----D- C:\Program Files (x86)\SweetIM
O87 - FAEL: "TCP Query User{495D56B9-5664-4A23-B254-B75206E77FAA}E:\autorun.exe" |In - Private - P6 - TRUE | .(...) -- E:\autorun.exe (.not file.)
O87 - FAEL: "UDP Query User{41919C4D-508D-4FB4-B96F-A38A2FCF1345}E:\autorun.exe" |In - Private - P17 - TRUE | .(...) -- E:\autorun.exe (.not file.)
O87 - FAEL: "{80ED4AC3-1D09-4BF9-925A-186921AD3A37}" |In - Private - P6 - TRUE | .(...) -- C:\Users\CLAUDINE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KDOOMU37\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "{57A12C63-88B6-46B0-9E14-954E18B7BF78}" |In - Private - P17 - TRUE | .(...) -- C:\Users\CLAUDINE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KDOOMU37\SweetImSetup[1].exe (.not file.)
O87 - FAEL: "{514FF974-B573-4502-A073-D46AF58EEE7E}" |In - Private - P6 - TRUE | .(...) -- C:\Users\CLAUDINE\AppData\Local\Temp\Update_6a72.exe (.not file.)
O87 - FAEL: "{8CFAB7A2-BA75-47C4-B675-3B40D4146A96}" |In - Private - P17 - TRUE | .(...) -- C:\Users\CLAUDINE\AppData\Local\Temp\Update_6a72.exe (.not file.)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}]
[HKLM\Software\WOW6432Node\Classes\Interface\{eee6c358-6118-11dc-9c72-001320c79847}]
[HKLM\Software\WOW6432Node\Classes\Interface\{eee6c35a-6118-11dc-9c72-001320c79847}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\TypeLib\{eee6c35e-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\TypeLib\{eee6c35f-6118-11dc-9c72-001320c79847}]
[HKLM\Software\WOW6432Node\SweetIM]
C:\Users\CLAUDINE\AppData\LocalLow\BabylonToolbar
C:\Users\CLAUDINE\AppData\LocalLow\SweetIM

EmptyFlash
Emptytemp





* Double Clique sur l'icone ZhpFix du bureau pour le lancer ( l icone en forme de seringue) .
* >> ZHPFix >IMAGE ZHPFix sur ton Bureau
* Utilisateurs de Windows7/Vista >> Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur"
* Une fois l'outil ZHPFix ouvert ,

* clique sur le bouton [ H ] ==> Image .

* Dans l'encadré principal
* tu verras donc les lignes que tu as copié précédemment apparaitre .
* Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
* cliques >> sur le Bouton " GO "
* colle le rapport obtenu .


ensuite


2) * Mets à jour ton Windows 7 en installant le Service Pack 1 (SP1)

* ICI >> Service Pack 1 (SP1)



3)* Rends toi ici pour l'installation de Java
>> Version Java
(n'installe pas la barre d'outil Ask (decohe la) si proposée lors de l'installation)



4) * Sécurise le navigateur Firefox(Utilise le en Priorité) avec AdBlock Plus
>> Securiser Firefox

* tu rajouteras aussi WOT il permet d'identifier aisément les sites dangereux dans les résultats de recherche et dans Firefox,explorer et Google Chrome
>> WOT



5) * Installe ce Soft qui te tiendra au courant des mises à jour de tes Logiciels installés

* Télécharge Update Checker


ICI >> Update Checker
* Installe le avec les paramètres par défaut en cliquant chaque fois sur Suivant.
* Une fois installé, patiente quelques secondes et tu verras apparaître une icône verte dans ta barre des tâches te signalant qu'il y a des mises à jour disponibles.
* Double-cliques sur l'icône pour être redirigé sur le site de téléchargement des mises à jour.
* Un conseil : n'installe pas les versions " BETA" qui sont listées en dessous.>> Beta Updates Detected
* Tu installes les mises à jour


6) Mets à jour la version d Avast

* Lances Avast
* Maintenance >> Mettre à jour le programme



7) Tu activeras l UAC

* Cliques >> Démarrer>> Panneau de configuration
* Clique ensuite sur >> Comptes d'utilisateurs .
* Modifier les paramétres de contrôle de compte Utilisateur
* Valide par>> oui a la demande d autorisation
* Mets le curseur sur >> Toujours m avertir quand:
* Puis clique sur >> OK .
* valide par Oui a la demande
* Redémarre le PC.




Reviens après




@+ VIRUS/C/C
0
Réponse 16 / 17
cloclo20100 Messages postés 115 Statut Membre 2
 
bonsoir

1) le rapport

Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by CLAUDINE at 9/14/2011 9:19:01 PM
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut)

---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095.2 MB (10% free)
System Restore: Activé (Enable)
System drive C: has 604 GB (88%) free of 685 GB

---\\ Logged in mode
~ Computer Name: CLAUDINE-HP
~ User Name: CLAUDINE
~ All Users Names: HomeGroupUser$, CLAUDINE, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\CLAUDINE\AppData\Roaming\
~ %Desktop% : C:\Users\CLAUDINE\Desktop\
~ %Favorites% : C:\Users\CLAUDINE\Favorites\
~ %LocalAppData% : C:\Users\CLAUDINE\AppData\Local\
~ %StartMenu% : C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 604 Go of 685 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn AMs



---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.4/28/2011 - 7:23:14 AM.) -- C:\Windows\Explorer.exe [2870272]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.7/14/2009 - 2:39:31 AM.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 - 2:39:52 AM.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.463302B41295A7FCAAC655CCB5DE79F8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.8/10/2011 - 7:20:48 AM.) -- C:\Windows\system32\wininet.dll [1197056]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/7/2010 - 9:20:18 AM.) -- C:\Windows\system32\Winlogon.exe [389632]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:52:21 AM.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.4/28/2011 - 7:23:06 AM.) -- C:\Windows\system32\drivers\ntfs.sys [1657216]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.7/14/2009 - 2:41:54 AM.) -- C:\Windows\system32\sppcomapi.dll [231936]
[MD5.F2521C3173E6027B3FBD5E44272BDF6C] - (....) (.10/7/2010 - 9:10:23 AM.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
~ Scan Generic Processes in 07mn AMs



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 33/644
~ Mes musiques (My Musics) : 62/315
~ Mes Videos (My Videos) : 5/240
~ Mes Favoris (My Favorites) : 2/31
~ Mes Documents (My Documents) : 36/2814
~ Mon Bureau (My Desktop) : 253/4670
~ Menu demarrer (Programs) : 7/27
~ Scan Hidden Files in 19mn AMs



---\\ Processus lancés
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.2244]
[MD5.63A648C5FEB5DE641E1174ACB6CF78C6] - (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888] [PID.848]
[MD5.7FBD299F14615E1CBC3BB48FB4061FB4] - (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [433360] [PID.2432]
[MD5.878C9EADC93543A3203F585F9037DBAB] - (.Broadcom Corporation - Bluetooth Tray Application.) -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\BTTray.exe [565309] [PID.1276]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.2656]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3493720] [PID.772]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.688]
[MD5.95D2D473B44D5245F87FCDD6646A89F7] - (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [800768] [PID.1284]
[MD5.FF2F087A24373FE1C6F756B99B6D5936] - (...) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe [74960] [PID.1176]
[MD5.63346640E170B63970C093F720065DAB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.4396]
[MD5.7653CD0E8F2C0052185673B574DB699E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [PID.4996]
[MD5.D9ED562A22474E673E86C0FFB0D89EB5] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840] [PID.5080]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.1936]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.5396]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.EA3CBF6EC25BEE3304557CEE21C8819C] - (.Broadcom Corporation - Bluetooth Support Server.) -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\bin\btwdins.exe [163840] [PID.]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.]
[MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.]
[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416] [PID.]
~ Scan Processes Running in 01mn AMs



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
~ Scan Firefox Browser in 00mn AMs



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKUS\S-1-5-21-125092764-649052313-2047455740-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn AMs



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn AMs



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn AMs



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn AMs



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Aide à la navigation SFR [64Bits] - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Click to Call with Skype for Internet Explo.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class [64Bits] - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
~ Scan BHO in 00mn AMs



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIADE.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIADE.exe
O4 - HKCU\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] . (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-125092764-649052313-2047455740-1000\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKUS\S-1-5-21-125092764-649052313-2047455740-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-125092764-649052313-2047455740-1000\..\Run: [Sony Ericsson PC Companion] . (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-125092764-649052313-2047455740-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
~ Scan Application in 00mn AMs



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\AVS Video Converter.lnk . (.Online Media Technologies Ltd..) -- C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\AVS4YOU Software Navigator.lnk . (.Online Media Technologies Ltd..) -- C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\Easy Audio Cutter.lnk . (.Koyote Soft.) -- C:\Program Files (x86)\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\Free CD Ripper.lnk . (.Koyote Soft.) -- C:\Program Files (x86)\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\Free Mp3 Wma Converter.lnk . (.Koyote Soft.) -- C:\Program Files (x86)\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\HP MediaSmart Video.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\MP Manager.lnk . (.MPMAN.) -- C:\Users\CLAUDINE\AppData\Roaming\MPMAN\MP Manager\MP Manager.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\Plus World.lnk . (...) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusDesktop.exe
O4 - Global Startup: C:\Users\CLAUDINE\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\CLAUDINE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk . (...) -- C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\QTPlayer.ico
~ Scan Global Startup in 02mn AMs



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Envoyer à &Bluetooth . (...) -- C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
~ Scan IE Menu Contextuel in 00mn AMs



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Scan Winsock in 00mn AMs



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{38E8C2E8-8E8E-4FBB-8DDD-53910201C800}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF48B3E2-D0D8-429E-B12B-469203962712}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{38E8C2E8-8E8E-4FBB-8DDD-53910201C800}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CF48B3E2-D0D8-429E-B12B-469203962712}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{38E8C2E8-8E8E-4FBB-8DDD-53910201C800}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CF48B3E2-D0D8-429E-B12B-469203962712}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn AMs



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn AMs



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn AMs



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation - Bluetooth Support Server.) - C:\Program Files (x86)\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.9.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
~ Scan Services in 01mn AMs



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn AMs



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForCLAUDINE.job
[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForCLAUDINE] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.00000000000000000000000000000000] [APT] [{07DAE37E-6B0F-4533-821C-6EDF441C8487}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe (.not file.)
[MD5.B69BDE13E44CFF0C44A357990C1BBE21] [APT] [{5BA30018-8390-403D-88E0-7E1BFF2A15A2}] (.SEIKO EPSON CORP..) -- C:\Windows\twain_32\escndv\escndv.exe
[MD5.00000000000000000000000000000000] [APT] [{875350B2-A7A8-4EEE-9EC5-FC80E252343C}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{95D22314-9F3D-4C7C-BA91-99249F6F1122}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe (.not file.)
[MD5.B69BDE13E44CFF0C44A357990C1BBE21] [APT] [{A7A0ABC4-F835-46DE-8E24-D5DD442FD651}] (.SEIKO EPSON CORP..) -- C:\Windows\twain_32\escndv\escndv.exe
[MD5.00000000000000000000000000000000] [APT] [{A943C90C-1F2C-4CE5-9A65-02C09E9CC014}] (...) -- C:\Users\CLAUDINE\AppData\Local\Temp\Temp1_wg111v2_3_4_0.zip\Setup.exe (.not file.)
[MD5.B69BDE13E44CFF0C44A357990C1BBE21] [APT] [{B04062C5-940E-4A6B-B120-819D4467A747}] (.SEIKO EPSON CORP..) -- C:\Windows\twain_32\escndv\escndv.exe
[MD5.00000000000000000000000000000000] [APT] [{BCEF6093-3DBB-452A-84BE-107DBE98C649}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{BD7B408D-CA49-4135-BE6C-735EEE9743D8}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E129AD59-DB16-40D8-9308-72E0871A0E6E}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe (.not file.)
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
~ Scan Scheduled Task in 09mn AMs



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (VWiFiFlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 01mn AMs



---\\ Logiciels installés (O42)
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1
O42 - Logiciel: AVS Video Converter 7 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Belkin Connect Wireless USB Adapter - (.Belkin.) [HKLM] -- InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {E86BC406-944E-41F6-ADE6-2C136734C96B}
O42 - Logiciel: EPSON Image Clip Palette - (.Pas de propriétaire.) [HKLM] -- {314F6D08-A8B7-11D8-8446-0050BA1D384D}
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
O42 - Logiciel: ESDX4800_4200 Guide util. - (.Pas de propriétaire.) [HKLM] -- ESDX4800_4200 Guide util.
O42 - Logiciel: Free Mp3 Wma Converter V 1.91 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {08DB3902-2CE0-474D-BCE3-0177766CE9F1}
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM] -- EasyBits Magic Desktop
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr)
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: PIF DESIGNER - (.Pas de propriétaire.) [HKLM] -- {B90450DF-E781-46FD-B1F1-0C86DA40E443}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}
O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Rami - (.Pas de propriétaire.) [HKLM] -- {4E5A0181-149F-4118-B28D-15862A4FDBE3}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Sony Ericsson PC Companion 2.01.217 - (.Sony Ericsson.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Sony Ericsson Update Engine - (.Sony Ericsson Mobile Communications AB.) [HKLM] -- Update Engine
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\BVRP Software]
[HKCU\Software\Belkin]
[HKCU\Software\Caphyon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EPSON]
[HKCU\Software\EasyBits]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\MPMAN]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PDFComplete]
[HKCU\Software\Policies]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Skype]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\WIDBTW]
[HKCU\Software\Widcomm]
[HKCU\Software\WildTangent]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yuna Software]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BVRP Software]
[HKLM\Software\Belkin]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Cyberlink]
[HKLM\Software\EPSON]
[HKLM\Software\EasyBits]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Micro Application]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Neuf]
[HKLM\Software\NewspaperDirect]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\PDFComplete]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Ericsson]
[HKLM\Software\Sony]
[HKLM\Software\SweetIM]
[HKLM\Software\The Silicon Realms Toolworks]
[HKLM\Software\Volatile]
[HKLM\Software\Widcomm]
[HKLM\Software\WildTangent]
[HKLM\Software\Win32 Services]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yuna Software]
[HKLM\Software\ZSMC]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn AMs



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/26/2010 - 4:24:06 PM - [177775037] ----D- C:\Program Files\Alwil Software
O43 - CFD: 1/29/2011 - 8:37:24 PM - [80333624] ----D- C:\Program Files\Common Files
O43 - CFD: 10/7/2010 - 10:11:18 AM - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 10/7/2010 - 10:12:56 AM - [9779088] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 10/7/2010 - 9:37:36 AM - [1705] ----D- C:\Program Files\hp
O43 - CFD: 8/11/2011 - 3:28:06 AM - [5176332] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 7/14/2009 - 9:45:56 AM - [149236786] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 12/27/2010 - 11:15:28 PM - [1141526] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 1/6/2011 - 11:28:58 PM - [3524223] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 1/6/2011 - 11:28:58 PM - [346631] ----D- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 12/26/2010 - 6:45:46 PM - [0] ----D- C:\Program Files\NETGEAR
O43 - CFD: 10/7/2010 - 9:32:04 AM - [52390537] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 10/7/2010 - 10:01:26 AM - [2178436] ----D- C:\Program Files\PlayReady
O43 - CFD: 10/7/2010 - 9:31:36 AM - [14738648] ----D- C:\Program Files\Realtek
O43 - CFD: 7/14/2009 - 7:32:40 AM - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 10/7/2010 - 10:11:18 AM - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 10/7/2010 - 10:11:18 AM - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 12/28/2010 - 8:46:18 PM - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 12/28/2010 - 8:46:02 PM - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 10/7/2010 - 10:11:18 AM - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 7/14/2009 - 7:32:40 AM - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 12/26/2010 - 1:13:50 PM - [10036778] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 1/29/2011 - 8:37:24 PM - [662816] ----D- C:\Program Files\Common Files\logishrd
O43 - CFD: 12/27/2010 - 11:16:38 PM - [67049367] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 12/28/2010 - 8:45:58 PM - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 1/11/2011 - 11:08:32 PM - [230513805] ----D- C:\ProgramData\Adobe
O43 - CFD: 12/26/2010 - 4:24:06 PM - [5685861] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 8/6/2011 - 7:11:20 PM - [2083840] ----D- C:\ProgramData\Apple
O43 - CFD: 8/6/2011 - 7:13:12 PM - [33387520] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 1/29/2011 - 9:03:36 PM - [0] ----D- C:\ProgramData\AVS4YOU
O43 - CFD: 1/29/2011 - 10:42:50 AM - [144940] ----D- C:\ProgramData\CyberLink
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 2/19/2011 - 4:08:34 PM - [85124] ----D- C:\ProgramData\EPSON
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 3/21/2011 - 9:34:04 PM - [0] ----D- C:\ProgramData\Google
O43 - CFD: 1/6/2011 - 11:29:00 PM - [80194545] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 9/3/2011 - 9:38:28 PM - [7325832] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 2/12/2011 - 12:52:12 PM - [924531] ----D- C:\ProgramData\Messenger Plus!
O43 - CFD: 5/3/2011 - 7:19:42 PM - [2568162404] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 8/9/2011 - 8:59:48 PM - [57688] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 10/7/2010 - 10:04:44 AM - [0] ----D- C:\ProgramData\NewspaperDirect
O43 - CFD: 1/24/2011 - 10:39:34 PM - [336] ----D- C:\ProgramData\Norton
O43 - CFD: 10/7/2010 - 10:10:24 AM - [17392914] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 10/7/2010 - 9:34:08 AM - [276886] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 9/8/2011 - 12:48:46 AM - [0] ----D- C:\ProgramData\PDFC
O43 - CFD: 8/20/2011 - 3:24:42 PM - [44402327] ----D- C:\ProgramData\Skype
O43 - CFD: 8/6/2011 - 7:15:46 PM - [0] ----D- C:\ProgramData\Sony Corporation
O43 - CFD: 8/6/2011 - 12:13:26 AM - [200896296] ----D- C:\ProgramData\Sony Ericsson
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 8/6/2011 - 12:13:16 AM - [119] ----D- C:\ProgramData\Sun
O43 - CFD: 10/7/2010 - 9:51:54 AM - [491733] ----D- C:\ProgramData\Temp
O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 12/26/2010 - 4:53:12 PM - [4085087] ----D- C:\ProgramData\UDL
O43 - CFD: 1/2/2011 - 10:31:38 PM - [8227861] ----D- C:\ProgramData\Wild Tangent
O43 - CFD: 1/24/2011 - 10:37:20 PM - [584551] ----D- C:\ProgramData\WildTangent
O43 - CFD: 10/7/2010 - 9:38:06 AM - [35063286] ----D- C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268}
O43 - CFD: 12/27/2010 - 9:03:02 PM - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 1/11/2011 - 11:07:48 PM - [1344968] ----D- C:\Users\CLAUDINE\AppData\Roaming\Adobe
O43 - CFD: 1/29/2011 - 9:03:40 PM - [0] ----D- C:\Users\CLAUDINE\AppData\Roaming\AVS4YOU
O43 - CFD: 6/26/2011 - 4:59:24 PM - [1152] ----D- C:\Users\CLAUDINE\AppData\Roaming\CyberLink
O43 - CFD: 12/26/2010 - 5:14:02 PM - [320] ----D- C:\Users\CLAUDINE\AppData\Roaming\EPSON
O43 - CFD: 1/29/2011 - 8:38:22 PM - [362] ----D- C:\Users\CLAUDINE\AppData\Roaming\FreeAudioPack
O43 - CFD: 1/10/2011 - 9:25:24 PM - [80281] ----D- C:\Users\CLAUDINE\AppData\Roaming\Hewlett-Packard
O43 - CFD: 9/12/2011 - 9:11:46 PM - [420] ----D- C:\Users\CLAUDINE\AppData\Roaming\HP Support Assistant
O43 - CFD: 12/27/2010 - 9:09:50 PM - [14811] ----D- C:\Users\CLAUDINE\AppData\Roaming\hpqLog
O43 - CFD: 9/12/2011 - 9:11:46 PM - [16907] ----D- C:\Users\CLAUDINE\AppData\Roaming\HpUpdate
O43 - CFD: 12/26/2010 - 1:19:08 PM - [0] ----D- C:\Users\CLAUDINE\AppData\Roaming\Identities
O43 - CFD: 12/26/2010 - 6:02:08 PM - [0] ----D- C:\Users\CLAUDINE\AppData\Roaming\InstallShield
O43 - CFD: 12/26/2010 - 3:52:52 PM - [1062] ----D- C:\Users\CLAUDINE\AppData\Roaming\Macromedia
O43 - CFD: 9/3/2011 - 9:38:56 PM - [1052] ----D- C:\Users\CLAUDINE\AppData\Roaming\Malwarebytes
O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\CLAUDINE\AppData\Roaming\Media Center Programs
O43 - CFD: 8/7/2011 - 9:49:12 PM - [11014951] -S--D- C:\Users\CLAUDINE\AppData\Roaming\Microsoft
O43 - CFD: 5/3/2011 - 8:59:32 PM - [17862509] ----D- C:\Users\CLAUDINE\AppData\Roaming\Mozilla
O43 - CFD: 1/30/2011 - 10:01:38 PM - [57785] ----D- C:\Users\CLAUDINE\AppData\Roaming\MP-Manager
O43 - CFD: 1/30/2011 - 8:10:24 PM - [103787456] ----D- C:\Users\CLAUDINE\AppData\Roaming\MPMAN
O43 - CFD: 1/6/2011 - 11:29:06 PM - [1085] ----D- C:\Users\CLAUDINE\AppData\Roaming\newfolder3
O43 - CFD: 1/24/2011 - 10:31:44 PM - [231600] ----D- C:\Users\CLAUDINE\AppData\Roaming\PCFix
O43 - CFD: 3/10/2011 - 11:45:58 PM - [966] ----D- C:\Users\CLAUDINE\AppData\Roaming\PhotoFiltre
O43 - CFD: 9/14/2011 - 9:13:10 PM - [1621345] ----D- C:\Users\CLAUDINE\AppData\Roaming\Skype
O43 - CFD: 8/6/2011 - 6:40:52 PM - [28548] ----D- C:\Users\CLAUDINE\AppData\Roaming\Sony
O43 - CFD: 12/27/2010 - 9:01:38 PM - [0] ----D- C:\Users\CLAUDINE\AppData\Roaming\WinBatch
O43 - CFD: 1/6/2011 - 8:30:18 PM - [4248] ----D- C:\Users\CLAUDINE\AppData\Roaming\_MDLogs
O43 - CFD: 1/11/2011 - 11:07:48 PM - [14568476] ----D- C:\Users\CLAUDINE\AppData\Local\Adobe
O43 - CFD: 8/6/2011 - 7:11:40 PM - [0] ----D- C:\Users\CLAUDINE\AppData\Local\Apple
O43 - CFD: 12/26/2010 - 1:10:46 PM - [0] -SH-D- C:\Users\CLAUDINE\AppData\Local\Application Data
O43 - CFD: 12/26/2010 - 1:57:18 PM - [183880] ----D- C:\Users\CLAUDINE\AppData\Local\CyberLink
O43 - CFD: 8/8/2011 - 11:39:42 PM - [0] ----D- C:\Users\CLAUDINE\AppData\Local\Diagnostics
O43 - CFD: 8/6/2011 - 7:15:54 PM - [23555584] ----D- C:\Users\CLAUDINE\AppData\Local\D
0
Réponse 17 / 17
Utilisateur anonyme
 
Salut



1) Manque le rapport de ZHPFix ??
* Ce rapport est sauvegardé dans ce dossier C:\Program files\ZHPDiag\ZHPFixReport.txt


2) Ce rapport de ZHPDiag est incomplet
* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* Trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport


@+ VIRUS/C/C
0