Une page qui s'ouvre toute seule

Résolu/Fermé
Signaler
-
 Loulou -
Bonjour,

Cela fait 1 semaine que j'ai cette page qui s'ouvre seule. aidez-moi SVP
http://static.icmapp.com/


21 réponses

Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Bonsoir,

Peux-tu utiliser ce logiciel de diagnostic, ça me permettra de t'aider :

▶ Télécharge ZHPDiag (de Nicolas Coolman)
▶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur)
▶ Laisse toi guider lors de l'installation (pense à cocher la case pour créer un raccourci sur le Bureau). Il se lancera automatiquement à la fin de l'installation.
▶ Clique sur configurer puis sur l'icône représentant une loupe («Diagnostic par défaut avec légitimes »)
▶ le rapport se trouve sur ton Bureau
▶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de ZHPDiag et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

Si tu as besoin d'aide, suis ce tuto : http://www.sosvirus.net/canned-speech-zhpdiag-t712.html. Confond pas ZHPFix et ZHPDiag !
~ Rapport de ZHPDiag v2013.12.26.23 - Nicolas Coolman (26/12/2013)
~ Lancé par proprietaire (29/12/2013 19:28:08)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1483.0
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 9.1 MUI
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4026 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 253 GB (55%) free of 453 GB

---\\ Mode de connexion au système
~ Computer Name: PROPRIETAIRE-PC
~ User Name: proprietaire
~ All Users Names: proprietaire, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\proprietaire\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\proprietaire\AppData\Roaming\
~ %Desktop% : C:\Users\proprietaire\Desktop\
~ %Favorites% : C:\Users\proprietaire\Favorites\
~ %LocalAppData% : C:\Users\proprietaire\AppData\Local\
~ %StartMenu% : C:\Users\proprietaire\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 253 Go of 453 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 02s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/84
~ Mes musiques (My Musics) : 396/695
~ Mes Videos (My Videos) : 2/152
~ Mes Favoris (My Favorites) : 1/37
~ Mes Documents (My Documents) : 1/10
~ Mon Bureau (My Desktop) : 3/102
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.0D6972A795995F07B6D78CA7724744FB] - (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552] [PID.3640]
[MD5.D0AC482B584F244B0E10B465CFC6DEC5] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [955712] [PID.1032]
[MD5.6AABCAB9FF3FFB26EF173153B765483D] - (...) -- C:\Users\proprietaire\AppData\Roaming\cacaoweb\cacaoweb.exe [469504] [PID.4152] =>PUP.CacaoWeb
[MD5.9ECF375A6E4E74D056F4B54E76D58721] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.4400]
[MD5.38218E47372B77DDB3C9DDD4390CB960] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [975952] [PID.4428]
[MD5.0ADF079D36B2C25E6E9BECE1BD937ACE] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.4652]
[MD5.94F80155B91B8DF7A0EAD527C853D377] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984] [PID.4764]
[MD5.F8D427DAE2984A4968E2D1CB53634784] - (.Nuance Communications, Inc. - OCR Aware.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe [79400] [PID.4948]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.4960]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3868]
[MD5.1DB860CA1C72B0B953B9555BB390E554] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [305744] [PID.5732]
[MD5.F255E48EA981E943A14CF16269F3F3AF] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584] [PID.5944]
[MD5.1C5A81304F4B3A24914E10E339E3D51A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe [900440] [PID.5876] =>P2P.BitTorrent
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.6564]
[MD5.10616CB2E16AD780B99409C9F12F7884] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe [4212512] [PID.3876] =>Toolbar.Conduit
[MD5.82771E3CCBB98642B71194F2DC3B257C] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe [2849568] [PID.6496] =>Toolbar.Conduit
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.6348]
[MD5.870DF389D7676EDBB635141336A867C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8302080] [PID.3164]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1248]
[MD5.9CF46FDF163E06B83D03FF929EF2296C] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [321104] [PID.1660]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [23584] [PID.1796]
[MD5.78DF31CDD3A380E7F9CFCC8B4E24813C] - (.Pas de propriétaire - PIXMA Extended Servey Program Service.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [99936] [PID.1824]
[MD5.3E5E20817259F7328C8F3BE5421F35B9] - (.Egis Technology Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520] [PID.1884]
[MD5.9A308FCDCCA98A15B6F62D36A272160E] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [255744] [PID.1956]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.1544]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232] [PID.2196]
[MD5.6B24D1C3096DE796D15571079EA5E98C] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.2484]
[MD5.1BBBF640BC0E0B750537BAECE8D66C18] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [641832] [PID.3008]
[MD5.417B683148EED8263721C441A4468C49] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2314016] [PID.7008] =>Toolbar.Conduit
~ Processes Running: Scanned in 00mn 07s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\proprietaire\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.conduit.com
G0 - GCSP: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [bbjciahceamgodcoidkjpchnokgfpphh] Funmoods v.1.0 (Désactivé) =>PUP.Funmoods
G2 - GCE: Preference [User Data\Default] [bfcpnihmbfoaeoakalclfalkdepgiaje] SpecialSavings v.2.0.0.1 (Désactivé) =>PUP.SpecialSavings
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [boipimhfjpakfgckhbljjengakjhkcbp] MixiDJ Toolbar v.1.2 (Désactivé) =>Toolbar.MixiDJ
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Managerr v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [clbfjfbnelcflpgpklppgplejolacbej] Browser Companion Helper v.1.0.5 (Désactivé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [dednnpigldgdbpgcdpfppmlcnnbjciel] General Crawler v.2.5 (Désactivé) =>PUP.MediaFinder
G2 - GCE: Preference [User Data\Default] [dlfienamagdnkekbbbocojppncdambda] Complitly plugin for chrome v.1.1 (Désactivé) =>Adware.PredictAd
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] WebCake v.1.0.3 (Désactivé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [gdnafjfahbdfphihncgadbegiaebehio] SquirrelWeb v.1.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [hokdglbhghcebcopdbanieangmcamaak] Windows Media Player Extension for HTML5 v.1.0 (Activé) =>.Microsoft Corporation
G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.7.0.1426 (Désactivé)
G2 - GCE: Preference [User Data\Default] [kincjchfokkeneeofpeefomkikfkiedl] VideoFileDownload v.1.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ldikpdnngdmeceeameoaannjilbjppnm] Plus-HD-3.5 v.1.26.111, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [leahdjjpjmnamomgpojikeapflgbmjab] cacaoweb v.1.13 (Désactivé) =>PUP.CacaoWeb
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.2.0.10687 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mocblcnaofikinigmceddfghppkkjbog] Smiley Bar for Facebook v.1.0.0.0 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Désactivé) =>Adware.Yontoo
G2 - GCE: Preference [User Data\Default] [nikpibnbobmbdbheedjfogjlikpgpnhp] DvdVideoSoft Free Youtube Download v.1.0.0.0, (Désactivé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [paoponfhfdfnjgddpnpjkambkcgdaaib] uTorrentBar_FR v.2.3.7.1 (Désactivé) =>P2P.µTorrent
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.8.0.1, (Désactivé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
G2 - GCE: Preference [User Data\Default] [pljcgbedjplidkdjahbaalanadmjfgop] Ask Toolbar v.26.63936, (Désactivé) =>Toolbar.Ask
~ Google Browser: 36 Scanned in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\proprietaire\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\proprietaire\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
~ Firefox Browser: 4 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.portaldosites.com =>Hijacker.PortaldoSites
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://rechercher-fr.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rechercher-fr.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.16428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
O1 - Hosts: 0.0.0.0 boxore.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.boxore.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 boxore.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.boxore.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 boxore.net =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.boxore.net =>Adware.Boxore
O1 - Hosts: 0.0.0.0 dlmanager.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.dlmanager.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 dlmanager.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.dlmanager.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 dlmanager.net =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.dlmanager.net =>Adware.Boxore
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 34



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Complitly [64Bits] - {0FB6A909-6086-458F-BD92-1F8EE10042A0} . (.SimplyGen - Complitly - Helps you search the web.) -- C:\Users\proprietaire\AppData\Roaming\Complitly\Complitly.dll =>Adware.PredictAd
O2 - BHO: CrossriderApp0037180 [64Bits] - {11111111-1111-1111-1111-110311711180} . (.Plus HD - Plus-HD-3.5 BHO.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-bho.dll =>Adware.PlusHD
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion au compte Microsoft [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SquirrelWeb [64Bits] - {dd86af49-1ef1-4532-89f7-41eda1dbbe6d} . (.SquirrelWeb - SquirrelWeb.) -- C:\Program Files (x86)\SquirrelWeb\SquirrelWebbho.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O2 - BHO: (no name) [64Bits] - {95525BD9-6136-4A26-8263-9CEE295D442D} Clé orpheline
~ BHO: 19 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{95080B13-AA71-4EE8-B951-7E98221E1ED5} Clé orpheline
O3 - Toolbar: (no name) [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BB1227AC-7A0D-4076-8C1A-51A1348F6FA8} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
O4 - GS\Desktop [Public]: Fast Media Converter.lnk . (...) -- C:\Program Files (x86)\FastMediaConverter\FastMedia Converter.exe
O4 - GS\Desktop [Public]: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop [Public]: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.7.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Program [Public]: Adobe Reader 9.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Photorécit 3 pour Windows.lnk . (.Microsoft Corp. - Photo Story 3 for Windows.) -- C:\Program Files (x86)\Photo Story 3 for Windows\PhotoStory3.exe
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Visionneuse Microsoft PowerPoint .lnk . (...) -- C:\Windows\Installer\{95140000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [proprietaire]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\QuickLaunch [proprietaire]: VSO DivxToDVD.lnk . (.VSO Software - Divx to DVD converter.) -- C:\Program Files (x86)\vso\DivxToDVD\DivxToDVD.exe
O4 - GS\QuickLaunch [proprietaire]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [proprietaire]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\TaskBar [proprietaire]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [proprietaire]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [proprietaire]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\Program [proprietaire]: WebPlayerV2.lnk . (...) -- C:\Users\proprietaire\AppData\Roaming\Microsoft\Installer\{7D41BC10-F03E-41EB-8E2D-B7006948332F}\_ADF352EEE65CC9B6695365.exe
O4 - GS\Accessories [proprietaire]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [proprietaire]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [proprietaire]: Run.lnk - Clé orpheline
O4 - GS\Accessories [proprietaire]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [proprietaire]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\SystemTools [proprietaire]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\SendTo [proprietaire]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [proprietaire]: Search.lnk . (...) -- C:\ProgramData\DSearchLink\DSearchLink.exe =>Toolbar.DeltaSearch
O4 - GS\Desktop [proprietaire]: VSO DivxToDVD.lnk . (.VSO Software - Divx to DVD converter.) -- C:\Program Files (x86)\vso\DivxToDVD\DivxToDVD.exe
O4 - GS\Desktop [proprietaire]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [proprietaire]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [proprietaire]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 61 Scanned in 00mn 06s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FastMediaConverter.lnk . (...) -- C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [mwlDaemon] . (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [OOTag] . (.Microsoft - OOTag.) -- C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe
O4 - HKLM\..\Run: [MRT] . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\system32\MRT.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.exe (.not file.)
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\proprietaire\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Bubble Dock] C:\Users\proprietaire\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\RunOnce: [Application Restart #2] . (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [OOTag] . (.Microsoft - OOTag.) -- C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
O4 - HKLM\..\Wow6432Node\Run: [OpwareSE4] . (.Nuance Communications, Inc. - OCR Aware.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe =>.ScanSoft, Inc
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [ROC_roc_ssl_v12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_30] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\RunOnce: [20131224] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\9584e010-5d6e-4c9a-a03f-e4cefb5cbcb9.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [cacaoweb] . (...) -- C:\Users\proprietaire\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Bubble Dock] C:\Users\proprietaire\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\RunOnce: [Application Restart #2] . (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 9 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8ECE5A6-F2B0-4222-80B9-A1A323A3CD22}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{A8ECE5A6-F2B0-4222-80B9-A1A323A3CD22}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{A8ECE5A6-F2B0-4222-80B9-A1A323A3CD22}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - PIXMA Extended Servey Program Service.) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe =>Hijacker.Office
O23 - Service: MyWinLocker Service (MWLService) . (.Egis Technology Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
~ Services: 16 Scanned in 00mn 21s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1076]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1080]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000Core.job [1054]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000UA.job [1106]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Happy Lyrics Update.job [402] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-chromeinstaller.job [1916] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-codedownloader.job [1208] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-enabler.job [1108] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-firefoxinstaller.job [1840] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-updater.job [1304] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [4832] (...) -- C:\Users\proprietaire\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.AB3C4A3667AEAD147F175721D8719B78] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [250248]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\proprietaire\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [Funmoods] (...) -- C:\Users\proprietaire\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.Funmoods
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000Core] (.Google Inc..) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000UA] (.Google Inc..) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [Happy Lyrics Update] (...) -- C:\Program Files (x86)\HappyLyrics\HLUpdater.exe (.not file.) [0] =>Adware.AddLyrics
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] [APT] [Java Update Scheduler] (.Oracle Corporation.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336]
[MD5.00000000000000000000000000000000] [APT] [Omiga Plus RunAsStdUser] (...) -- C:\Program Files (x86)\Omiga Plus\omigaplus.exe (.not file.) [0] =>Hijacker.OmigaPlus
[MD5.C11D7537690D388ED9D5FE83BBCA7563] [APT] [Plus-HD-3.5-chromeinstaller] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-chromeinstaller.exe [466280] =>Adware.PlusHD
[MD5.386F5060FE270EFDC629FC6FBE720055] [APT] [Plus-HD-3.5-codedownloader] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-codedownloader.exe [491880] =>Adware.PlusHD
[MD5.76AE0731AFCF8B515D8F3F3206151192] [APT] [Plus-HD-3.5-enabler] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-enabler.exe [351080] =>Adware.PlusHD
[MD5.E8F21679635FE7491D0957B966BB4E2F] [APT] [Plus-HD-3.5-firefoxinstaller] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-firefoxinstaller.exe [727400] =>Adware.PlusHD
[MD5.5A8245FC4E59011DFF180461EB877AB8] [APT] [Plus-HD-3.5-updater] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-updater.exe [367976] =>Adware.PlusHD
[MD5.846965AE55A2662B1576C0F392DD1D6E] [APT] [ScanSoft Background Update] (.Nuance Communications, Inc..) -- C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472]
[MD5.00000000000000000000000000000000] [APT] [{329118BA-AB97-4DF3-8FC2-D1F9889D35E2}] (...) -- E:\Setup\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{858AD928-CDC7-43CE-A645-E9C7F3879B9E}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe (.not file.) [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{97BBF679-6E1A-4C71-BE43-A092ED5CC20D}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe [1917440]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] [APT] [{9B60BB48-DEAE-4ED5-8F53-9FB700AFEC29}] (.Google Inc..) -- c:\users\proprietaire\appdata\local\google\chrome\application\chrome.exe [863184]
[MD5.92B476DD52794881A4B91A5529C2706B] [APT] [{D669FB41-CD44-4498-8409-58CA41AD8864}] (...) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe [107568]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 47 Scanned in 00mn 12s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (ucbpwtpb) . (. - .) - C:\Windows\system32\drivers\ucbpwtpb.sys (.not file.)
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 75 Scanned in 00mn 02s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Acer Crystal Eye webcam - (.Liteon.) [HKLM][64Bits] -- {51F026FA-5146-4232-A8BA-1364740BD053}
O42 - Logiciel: Acer GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Screensaver
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
J'avais dis de suivre mes instructions jusqu'au bout, j'ai demandé de l'heberger. Fais le sur https://www.cjoint.com/ ou http://pjjoint.malekal.com
Je l'ai fait :(
on m'a donné ce lien

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20131229_x8v12z913y12
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Bonsoir,

Effectivement.

▶ Télécharge RogueKiller (de Tigzy) sur le Bureau
▶ Quitte tous tes programmes en cours
▶ Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
▶ Patiente pendant le pre-scan, puis clique sur le bouton "Scan"
▶ A la fin, vérifie que tous les éléments sont cochés puis clique sur "Suppression"
▶ Un rapport (RKreport.txt) doit être créé sur le Bureau, poste le dans ta prochaine réponse.
▶ Redémarre le pc

▶ Puis télécharge TDSSKiller (de Kaspersky Labs) sur ton Bureau.
▶ Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
▶ Clique sur Start Scan pour démarrer l'analyse.
▶ Si des éléments néfastes sont identifiés par l'outil, vérifie que Cure est bien coché. S'il indique "suspicious", laisse l'option Skip.
▶ Ensuite, clique sur Continue puis sur Reboot Now si nécessaire.
▶ Un rapport s'ouvrira au redémarrage de l'ordinateur.
▶ Copie/colle son contenu dans ta prochaine réponse (il se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt)
j'ai fait tout les scans et dans le dernier scan il n'y a rien de detecté
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
rogue killer ? Poste les rapports !

Mon savoir repose sur un livre, mon ignorance couvre une bibliothèque.
Le rapport? je le trouve ou?
20:23:21.0544 2956 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:23:24.0910 2956 ============================================================
20:23:24.0910 2956 Current date / time: 2013/12/29 20:23:24.0910
20:23:24.0910 2956 SystemInfo:
20:23:24.0910 2956
20:23:24.0910 2956 OS Version: 6.1.7601 ServicePack: 1.0
20:23:24.0910 2956 Product type: Workstation
20:23:24.0910 2956 ComputerName: PROPRIETAIRE-PC
20:23:24.0910 2956 UserName: proprietaire
20:23:24.0910 2956 Windows directory: C:\Windows
20:23:24.0910 2956 System windows directory: C:\Windows
20:23:24.0911 2956 Running under WOW64
20:23:24.0911 2956 Processor architecture: Intel x64
20:23:24.0911 2956 Number of processors: 2
20:23:24.0911 2956 Page size: 0x1000
20:23:24.0911 2956 Boot type: Normal boot
20:23:24.0911 2956 ============================================================
20:23:26.0663 2956 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:23:26.0695 2956 ============================================================
20:23:26.0695 2956 \Device\Harddisk0\DR0:
20:23:26.0695 2956 MBR partitions:
20:23:26.0695 2956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
20:23:26.0695 2956 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
20:23:26.0695 2956 ============================================================
20:23:26.0851 2956 C: <-> \Device\Harddisk0\DR0\Partition2
20:23:26.0851 2956 ============================================================
20:23:26.0852 2956 Initialize success
20:23:26.0852 2956 ============================================================
20:23:29.0182 2708 ============================================================
20:23:29.0182 2708 Scan started
20:23:29.0182 2708 Mode: Manual;
20:23:29.0182 2708 ============================================================
20:23:30.0357 2708 ================ Scan system memory ========================
20:23:30.0357 2708 System memory - ok
20:23:30.0375 2708 ================ Scan services =============================
20:23:39.0815 2708 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:23:39.0857 2708 1394ohci - ok
20:23:40.0686 2708 ACDaemon - ok
20:23:40.0891 2708 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:23:40.0897 2708 ACPI - ok
20:23:41.0071 2708 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:23:41.0072 2708 AcpiPmi - ok
20:23:46.0830 2708 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:23:46.0838 2708 AdobeFlashPlayerUpdateSvc - ok
20:23:47.0292 2708 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:23:47.0299 2708 adp94xx - ok
20:23:47.0488 2708 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:23:47.0494 2708 adpahci - ok
20:23:47.0693 2708 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:23:47.0714 2708 adpu320 - ok
20:23:47.0937 2708 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:23:47.0939 2708 AeLookupSvc - ok
20:23:48.0191 2708 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
20:23:48.0198 2708 AFD - ok
20:23:48.0373 2708 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:23:48.0375 2708 agp440 - ok
20:23:48.0550 2708 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:23:48.0552 2708 ALG - ok
20:23:48.0728 2708 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:23:48.0770 2708 aliide - ok
20:23:48.0955 2708 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:23:48.0957 2708 amdide - ok
20:23:49.0144 2708 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:23:49.0146 2708 AmdK8 - ok
20:23:49.0253 2708 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:23:49.0254 2708 AmdPPM - ok
20:23:49.0400 2708 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:23:49.0434 2708 amdsata - ok
20:23:49.0658 2708 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:23:49.0661 2708 amdsbs - ok
20:23:49.0819 2708 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:23:49.0899 2708 amdxata - ok
20:23:50.0263 2708 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:23:50.0265 2708 AppID - ok
20:23:50.0373 2708 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:23:50.0375 2708 AppIDSvc - ok
20:23:50.0662 2708 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:23:50.0664 2708 Appinfo - ok
20:23:50.0890 2708 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:23:50.0915 2708 arc - ok
20:23:50.0981 2708 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:23:50.0984 2708 arcsas - ok
20:23:51.0297 2708 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:23:51.0329 2708 aswFsBlk - ok
20:23:51.0748 2708 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
20:23:51.0750 2708 aswKbd - ok
20:23:51.0922 2708 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:23:51.0924 2708 aswMonFlt - ok
20:23:52.0250 2708 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:23:52.0251 2708 aswRdr - ok
20:23:52.0385 2708 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:23:52.0387 2708 aswRvrt - ok
20:23:52.0847 2708 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:23:52.0889 2708 aswSnx - ok
20:23:53.0134 2708 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:23:53.0140 2708 aswSP - ok
20:23:53.0298 2708 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:23:53.0301 2708 aswTdi - ok
20:23:53.0592 2708 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:23:53.0596 2708 aswVmm - ok
20:23:53.0820 2708 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:23:53.0822 2708 AsyncMac - ok
20:23:54.0007 2708 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:23:54.0009 2708 atapi - ok
20:23:55.0322 2708 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:23:55.0443 2708 athr - ok
20:23:56.0002 2708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:23:56.0181 2708 AudioEndpointBuilder - ok
20:23:56.0210 2708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:23:56.0218 2708 AudioSrv - ok
20:23:56.0968 2708 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:23:56.0970 2708 avast! Antivirus - ok
20:23:57.0217 2708 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:23:57.0221 2708 AxInstSV - ok
20:23:57.0543 2708 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:23:57.0565 2708 b06bdrv - ok
20:23:57.0907 2708 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:23:57.0914 2708 b57nd60a - ok
20:23:59.0179 2708 [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:23:59.0320 2708 BCM43XX - ok
20:23:59.0501 2708 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:23:59.0505 2708 BDESVC - ok
20:23:59.0640 2708 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:23:59.0642 2708 Beep - ok
20:24:00.0087 2708 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:24:00.0137 2708 BFE - ok
20:24:00.0356 2708 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:24:00.0424 2708 BITS - ok
20:24:00.0518 2708 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:24:00.0521 2708 blbdrive - ok
20:24:00.0719 2708 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:00.0729 2708 Bonjour Service - ok
20:24:00.0935 2708 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:00.0938 2708 bowser - ok
20:24:01.0072 2708 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:24:01.0074 2708 BrFiltLo - ok
20:24:01.0134 2708 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:24:01.0136 2708 BrFiltUp - ok
20:24:01.0308 2708 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:24:01.0312 2708 Browser - ok
20:24:01.0759 2708 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:01.0769 2708 Brserid - ok
20:24:01.0885 2708 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:01.0888 2708 BrSerWdm - ok
20:24:01.0949 2708 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:01.0952 2708 BrUsbMdm - ok
20:24:02.0076 2708 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:02.0078 2708 BrUsbSer - ok
20:24:02.0717 2708 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:24:02.0720 2708 BTHMODEM - ok
20:24:02.0897 2708 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:24:02.0899 2708 bthserv - ok
20:24:02.0981 2708 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:02.0983 2708 cdfs - ok
20:24:03.0120 2708 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:24:03.0123 2708 cdrom - ok
20:24:03.0246 2708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:03.0249 2708 CertPropSvc - ok
20:24:03.0836 2708 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:24:03.0838 2708 circlass - ok
20:24:04.0007 2708 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:24:04.0015 2708 CLFS - ok
20:24:04.0416 2708 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:04.0419 2708 clr_optimization_v2.0.50727_32 - ok
20:24:04.0607 2708 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:04.0611 2708 clr_optimization_v2.0.50727_64 - ok
20:24:04.0842 2708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:05.0065 2708 clr_optimization_v4.0.30319_32 - ok
20:24:05.0225 2708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:05.0229 2708 clr_optimization_v4.0.30319_64 - ok
20:24:06.0415 2708 [ 417B683148EED8263721C441A4468C49 ] CltMngSvc C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
20:24:06.0702 2708 CltMngSvc - ok
20:24:06.0831 2708 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:24:06.0834 2708 CmBatt - ok
20:24:06.0900 2708 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:06.0902 2708 cmdide - ok
20:24:07.0029 2708 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:07.0185 2708 CNG - ok
20:24:07.0298 2708 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:24:07.0301 2708 Compbatt - ok
20:24:07.0509 2708 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:07.0511 2708 CompositeBus - ok
20:24:07.0534 2708 COMSysApp - ok
20:24:07.0681 2708 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:24:07.0702 2708 crcdisk - ok
20:24:07.0830 2708 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:07.0834 2708 CryptSvc - ok
20:24:08.0002 2708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:08.0017 2708 DcomLaunch - ok
20:24:08.0226 2708 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:08.0235 2708 defragsvc - ok
20:24:08.0325 2708 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:08.0328 2708 DfsC - ok
20:24:08.0496 2708 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:08.0505 2708 Dhcp - ok
20:24:08.0579 2708 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:24:08.0581 2708 discache - ok
20:24:08.0651 2708 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:24:08.0655 2708 Disk - ok
20:24:08.0792 2708 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:08.0798 2708 Dnscache - ok
20:24:08.0895 2708 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:08.0902 2708 dot3svc - ok
20:24:09.0389 2708 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:24:09.0490 2708 DPS - ok
20:24:09.0724 2708 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:09.0726 2708 drmkaud - ok
20:24:10.0647 2708 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:24:10.0653 2708 DsiWMIService - ok
20:24:11.0242 2708 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:11.0290 2708 DXGKrnl - ok
20:24:11.0482 2708 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:11.0485 2708 EapHost - ok
20:24:12.0726 2708 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:24:12.0841 2708 ebdrv - ok
20:24:12.0919 2708 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
20:24:12.0926 2708 EFS - ok
20:24:13.0210 2708 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:13.0353 2708 ehRecvr - ok
20:24:13.0457 2708 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:24:13.0460 2708 ehSched - ok
20:24:13.0722 2708 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:24:13.0774 2708 elxstor - ok
20:24:14.0031 2708 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:24:14.0045 2708 ePowerSvc - ok
20:24:14.0253 2708 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:14.0256 2708 ErrDev - ok
20:24:14.0401 2708 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:24:14.0616 2708 EventSystem - ok
20:24:14.0731 2708 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:14.0735 2708 exfat - ok
20:24:14.0797 2708 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:14.0802 2708 fastfat - ok
20:24:14.0962 2708 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:24:14.0976 2708 Fax - ok
20:24:15.0114 2708 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:24:15.0117 2708 fdc - ok
20:24:15.0169 2708 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:15.0173 2708 fdPHost - ok
20:24:15.0214 2708 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:15.0221 2708 FDResPub - ok
20:24:15.0281 2708 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:15.0286 2708 FileInfo - ok
20:24:15.0325 2708 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:15.0328 2708 Filetrace - ok
20:24:15.0693 2708 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:24:15.0752 2708 FLEXnet Licensing Service - ok
20:24:15.0825 2708 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:24:15.0828 2708 flpydisk - ok
20:24:15.0984 2708 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:15.0991 2708 FltMgr - ok
20:24:16.0220 2708 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:24:16.0461 2708 FontCache - ok
20:24:16.0566 2708 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:16.0568 2708 FontCache3.0.0.0 - ok
20:24:16.0641 2708 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:16.0643 2708 FsDepends - ok
20:24:16.0735 2708 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:16.0737 2708 Fs_Rec - ok
20:24:16.0894 2708 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:16.0900 2708 fvevol - ok
20:24:16.0980 2708 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:24:16.0983 2708 gagp30kx - ok
20:24:17.0276 2708 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:17.0333 2708 gpsvc - ok
20:24:17.0679 2708 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
20:24:17.0682 2708 GREGService - ok
20:24:17.0929 2708 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:17.0933 2708 gupdate - ok
20:24:17.0980 2708 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:17.0983 2708 gupdatem - ok
20:24:18.0048 2708 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:18.0093 2708 hcw85cir - ok
20:24:18.0285 2708 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:24:18.0295 2708 HdAudAddService - ok
20:24:18.0488 2708 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:18.0490 2708 HDAudBus - ok
20:24:18.0576 2708 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:24:18.0578 2708 HidBatt - ok
20:24:18.0620 2708 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:24:18.0623 2708 HidBth - ok
20:24:18.0709 2708 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:24:18.0711 2708 HidIr - ok
20:24:18.0759 2708 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:24:18.0763 2708 hidserv - ok
20:24:18.0916 2708 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:24:18.0918 2708 HidUsb - ok
20:24:19.0026 2708 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:19.0032 2708 hkmsvc - ok
20:24:19.0096 2708 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:19.0104 2708 HomeGroupListener - ok
20:24:19.0235 2708 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:19.0241 2708 HomeGroupProvider - ok
20:24:19.0336 2708 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:19.0339 2708 HpSAMD - ok
20:24:19.0856 2708 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:19.0870 2708 HTTP - ok
20:24:20.0025 2708 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:20.0028 2708 hwpolicy - ok
20:24:20.0198 2708 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:24:20.0201 2708 i8042prt - ok
20:24:20.0438 2708 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:24:20.0445 2708 iaStor - ok
20:24:20.0578 2708 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:24:20.0580 2708 IAStorDataMgrSvc - ok
20:24:20.0790 2708 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:20.0799 2708 iaStorV - ok
20:24:21.0045 2708 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:21.0347 2708 idsvc - ok
20:24:21.0418 2708 IEEtwCollectorService - ok
20:24:21.0888 2708 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:22.0117 2708 igfx - ok
20:24:22.0192 2708 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:24:22.0194 2708 iirsp - ok
20:24:22.0422 2708 [ 78DF31CDD3A380E7F9CFCC8B4E24813C ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
20:24:22.0425 2708 IJPLMSVC - ok
20:24:22.0602 2708 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:22.0620 2708 IKEEXT - ok
20:24:23.0061 2708 [ F5872A11EB4F6DB170D636CD4E53CA9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:23.0293 2708 IntcAzAudAddService - ok
20:24:23.0507 2708 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
20:24:23.0511 2708 IntcHdmiAddService - ok
20:24:23.0604 2708 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:23.0607 2708 intelide - ok
20:24:23.0773 2708 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:24:23.0775 2708 intelppm - ok
20:24:23.0839 2708 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:23.0845 2708 IPBusEnum - ok
20:24:23.0937 2708 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:23.0940 2708 IpFilterDriver - ok
20:24:24.0077 2708 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:24.0090 2708 iphlpsvc - ok
20:24:24.0169 2708 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:24.0173 2708 IPMIDRV - ok
20:24:24.0233 2708 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:24.0237 2708 IPNAT - ok
20:24:24.0284 2708 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:24.0286 2708 IRENUM - ok
20:24:24.0317 2708 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:24.0320 2708 isapnp - ok
20:24:24.0559 2708 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:24.0564 2708 iScsiPrt - ok
20:24:24.0800 2708 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
20:24:24.0806 2708 k57nd60a - ok
20:24:25.0012 2708 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:24:25.0015 2708 kbdclass - ok
20:24:25.0143 2708 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:24:25.0145 2708 kbdhid - ok
20:24:25.0277 2708 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
20:24:25.0280 2708 KeyIso - ok
20:24:25.0381 2708 KMService - ok
20:24:25.0482 2708 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:25.0485 2708 KSecDD - ok
20:24:25.0525 2708 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:25.0528 2708 KSecPkg - ok
20:24:25.0619 2708 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:25.0621 2708 ksthunk - ok
20:24:25.0797 2708 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:25.0804 2708 KtmRm - ok
20:24:25.0979 2708 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:24:25.0986 2708 LanmanServer - ok
20:24:26.0106 2708 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:26.0112 2708 LanmanWorkstation - ok
20:24:26.0247 2708 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:26.0249 2708 lltdio - ok
20:24:26.0357 2708 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:26.0364 2708 lltdsvc - ok
20:24:26.0413 2708 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:26.0416 2708 lmhosts - ok
20:24:26.0487 2708 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:24:26.0490 2708 LSI_FC - ok
20:24:26.0551 2708 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:24:26.0554 2708 LSI_SAS - ok
20:24:26.0638 2708 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:24:26.0640 2708 LSI_SAS2 - ok
20:24:26.0797 2708 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:24:26.0800 2708 LSI_SCSI - ok
20:24:26.0887 2708 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:26.0889 2708 luafv - ok
20:24:27.0022 2708 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:24:27.0028 2708 Mcx2Svc - ok
20:24:27.0109 2708 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:24:27.0113 2708 megasas - ok
20:24:27.0180 2708 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:24:27.0186 2708 MegaSR - ok
20:24:27.0306 2708 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:24:27.0312 2708 MMCSS - ok
20:24:27.0405 2708 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:24:27.0408 2708 Modem - ok
20:24:27.0563 2708 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:24:27.0565 2708 monitor - ok
20:24:27.0671 2708 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:24:27.0674 2708 mouclass - ok
20:24:27.0924 2708 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:24:27.0927 2708 mouhid - ok
20:24:27.0996 2708 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:24:28.0000 2708 mountmgr - ok
20:24:28.0135 2708 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:24:28.0138 2708 mpio - ok
20:24:28.0193 2708 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:24:28.0195 2708 mpsdrv - ok
20:24:28.0306 2708 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:24:28.0500 2708 MpsSvc - ok
20:24:28.0645 2708 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:24:28.0649 2708 MRxDAV - ok
20:24:28.0735 2708 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:28.0739 2708 mrxsmb - ok
20:24:28.0948 2708 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:28.0955 2708 mrxsmb10 - ok
20:24:29.0016 2708 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:29.0019 2708 mrxsmb20 - ok
20:24:29.0128 2708 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:24:29.0152 2708 msahci - ok
20:24:29.0207 2708 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:24:29.0212 2708 msdsm - ok
20:24:29.0278 2708 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:24:29.0287 2708 MSDTC - ok
20:24:29.0387 2708 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:24:29.0390 2708 Msfs - ok
20:24:29.0434 2708 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:24:29.0436 2708 mshidkmdf - ok
20:24:29.0542 2708 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:24:29.0543 2708 msisadrv - ok
20:24:29.0715 2708 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:24:29.0722 2708 MSiSCSI - ok
20:24:29.0731 2708 msiserver - ok
20:24:29.0849 2708 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:24:29.0852 2708 MSKSSRV - ok
20:24:29.0861 2708 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:29.0864 2708 MSPCLOCK - ok
20:24:29.0916 2708 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:24:29.0918 2708 MSPQM - ok
20:24:29.0996 2708 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:24:30.0001 2708 MsRPC - ok
20:24:30.0065 2708 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:24:30.0068 2708 mssmbios - ok
20:24:30.0161 2708 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:24:30.0164 2708 MSTEE - ok
20:24:30.0200 2708 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:24:30.0241 2708 MTConfig - ok
20:24:30.0278 2708 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:24:30.0280 2708 Mup - ok
20:24:30.0420 2708 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:24:30.0422 2708 mwlPSDFilter - ok
20:24:30.0472 2708 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:24:30.0475 2708 mwlPSDNServ - ok
20:24:30.0584 2708 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:24:30.0586 2708 mwlPSDVDisk - ok
20:24:31.0080 2708 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
20:24:31.0086 2708 MWLService - ok
20:24:31.0255 2708 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:24:31.0268 2708 napagent - ok
20:24:31.0577 2708 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:24:31.0599 2708 NativeWifiP - ok
20:24:31.0908 2708 [ 1BBBF640BC0E0B750537BAECE8D66C18 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:24:31.0917 2708 NAUpdate - ok
20:24:32.0034 2708 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:24:32.0057 2708 NDIS - ok
20:24:32.0175 2708 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:24:32.0179 2708 NdisCap - ok
20:24:32.0293 2708 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:32.0296 2708 NdisTapi - ok
20:24:32.0472 2708 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:32.0475 2708 Ndisuio - ok
20:24:32.0546 2708 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:32.0551 2708 NdisWan - ok
20:24:32.0630 2708 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:24:32.0633 2708 NDProxy - ok
20:24:32.0731 2708 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:24:32.0732 2708 NetBIOS - ok
20:24:32.0919 2708 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:24:32.0925 2708 NetBT - ok
20:24:33.0042 2708 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
20:24:33.0047 2708 Netlogon - ok
20:24:33.0211 2708 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:24:33.0222 2708 Netman - ok
20:24:33.0324 2708 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:24:33.0492 2708 netprofm - ok
20:24:33.0557 2708 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:24:33.0560 2708 NetTcpPortSharing - ok
20:24:33.0664 2708 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:24:33.0668 2708 nfrd960 - ok
20:24:33.0954 2708 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:24:34.0042 2708 NlaSvc - ok
20:24:34.0062 2708 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:24:34.0064 2708 Npfs - ok
20:24:34.0142 2708 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:24:34.0148 2708 nsi - ok
20:24:34.0217 2708 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:24:34.0219 2708 nsiproxy - ok
20:24:34.0466 2708 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:24:34.0526 2708 Ntfs - ok
20:24:34.0710 2708 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
20:24:34.0714 2708 NTI IScheduleSvc - ok
20:24:34.0844 2708 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
20:24:34.0847 2708 NTIDrvr - ok
20:24:34.0885 2708 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:24:34.0886 2708 Null - ok
20:24:35.0032 2708 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:24:35.0036 2708 nvraid - ok
20:24:35.0099 2708 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:24:35.0102 2708 nvstor - ok
20:24:35.0171 2708 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:24:35.0178 2708 nv_agp - ok
20:24:35.0318 2708 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:24:35.0340 2708 ohci1394 - ok
20:24:35.0590 2708 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:24:35.0594 2708 ose - ok
20:24:37.0319 2708 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:24:37.0643 2708 osppsvc - ok
20:24:37.0802 2708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:24:37.0809 2708 p2pimsvc - ok
20:24:38.0185 2708 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:24:38.0200 2708 p2psvc - ok
20:24:38.0259 2708 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:24:38.0263 2708 Parport - ok
20:24:38.0326 2708 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:24:38.0329 2708 partmgr - ok
20:24:38.0444 2708 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:24:38.0450 2708 PcaSvc - ok
20:24:38.0539 2708 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:24:38.0562 2708 pci - ok
20:24:38.0697 2708 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:24:38.0700 2708 pciide - ok
20:24:38.0840 2708 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:24:38.0844 2708 pcmcia - ok
20:24:38.0883 2708 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:24:38.0886 2708 pcw - ok
20:24:39.0074 2708 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:24:39.0083 2708 PEAUTH - ok
20:24:39.0482 2708 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:24:39.0486 2708 PerfHost - ok
20:24:39.0770 2708 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:24:39.0820 2708 pla - ok
20:24:40.0200 2708 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:24:40.0257 2708 PlugPlay - ok
20:24:40.0357 2708 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:24:40.0361 2708 PNRPAutoReg - ok
20:24:40.0536 2708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:24:40.0544 2708 PNRPsvc - ok
20:24:40.0743 2708 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:24:40.0753 2708 PolicyAgent - ok
20:24:40.0941 2708 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:24:40.0951 2708 Power - ok
20:24:41.0075 2708 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:24:41.0078 2708 PptpMiniport - ok
20:24:41.0182 2708 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:24:41.0208 2708 Processor - ok
20:24:41.0293 2708 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:24:41.0300 2708 ProfSvc - ok
20:24:41.0331 2708 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
20:24:41.0334 2708 ProtectedStorage - ok
20:24:41.0535 2708 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:24:41.0537 2708 Psched - ok
20:24:42.0062 2708 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:24:42.0120 2708 ql2300 - ok
20:24:42.0214 2708 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:24:42.0217 2708 ql40xx - ok
20:24:42.0360 2708 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:24:42.0370 2708 QWAVE - ok
20:24:42.0451 2708 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:24:42.0455 2708 QWAVEdrv - ok
20:24:42.0510 2708 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:24:42.0512 2708 RasAcd - ok
20:24:42.0665 2708 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:24:42.0668 2708 RasAgileVpn - ok
20:24:42.0738 2708 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:24:42.0743 2708 RasAuto - ok
20:24:42.0802 2708 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:24:42.0804 2708 Rasl2tp - ok
20:24:42.0915 2708 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:24:42.0928 2708 RasMan - ok
20:24:43.0016 2708 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:24:43.0020 2708 RasPppoe - ok
20:24:43.0164 2708 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:24:43.0167 2708 RasSstp - ok
20:24:43.0306 2708 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:24:43.0373 2708 rdbss - ok
20:24:43.0464 2708 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:24:43.0488 2708 rdpbus - ok
20:24:43.0539 2708 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:24:43.0540 2708 RDPCDD - ok
20:24:43.0701 2708 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:24:43.0703 2708 RDPENCDD - ok
20:24:43.0772 2708 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:24:43.0774 2708 RDPREFMP - ok
20:24:43.0888 2708 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:24:43.0892 2708 RDPWD - ok
20:24:44.0046 2708 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:24:44.0051 2708 rdyboost - ok
20:24:44.0206 2708 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:24:44.0211 2708 RemoteAccess - ok
20:24:44.0301 2708 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:24:44.0308 2708 RemoteRegistry - ok
20:24:44.0375 2708 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:24:44.0382 2708 RpcEptMapper - ok
20:24:44.0450 2708 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:24:44.0454 2708 RpcLocator - ok
20:24:44.0991 2708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:24:44.0998 2708 RpcSs - ok
20:24:45.0067 2708 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:24:45.0070 2708 rspndr - ok
20:24:45.0428 2708 [ 44ED82612403021E36998E1ECB1198F1 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:24:45.0433 2708 RSUSBSTOR - ok
20:24:45.0497 2708 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
20:24:45.0500 2708 SamSs - ok
20:24:45.0654 2708 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] Sbi_icefsm C:\Windows\system32\drivers\wimmount.sys
20:24:45.0888 2708 Sbi_icefsm - ok
20:24:45.0954 2708 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:24:45.0957 2708 sbp2port - ok
20:24:46.0083 2708 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:24:46.0088 2708 SCardSvr - ok
20:24:46.0164 2708 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:24:46.0169 2708 scfilter - ok
20:24:46.0465 2708 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:24:46.0512 2708 Schedule - ok
20:24:46.0590 2708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:24:46.0592 2708 SCPolicySvc - ok
20:24:46.0761 2708 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:24:46.0768 2708 SDRSVC - ok
20:24:46.0883 2708 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:24:46.0903 2708 secdrv - ok
20:24:46.0969 2708 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:24:46.0974 2708 seclogon - ok
20:24:47.0050 2708 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:24:47.0055 2708 SENS - ok
20:24:47.0129 2708 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:24:47.0135 2708 SensrSvc - ok
20:24:47.0178 2708 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:24:47.0181 2708 Serenum - ok
20:24:47.0519 2708 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:24:47.0524 2708 Serial - ok
20:24:47.0602 2708 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:24:47.0605 2708 sermouse - ok
20:24:47.0693 2708 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:24:47.0699 2708 SessionEnv - ok
20:24:47.0808 2708 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:24:47.0829 2708 sffdisk - ok
20:24:47.0895 2708 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:24:47.0897 2708 sffp_mmc - ok
20:24:47.0950 2708 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:24:47.0952 2708 sffp_sd - ok
20:24:48.0029 2708 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:24:48.0031 2708 sfloppy - ok
20:24:48.0271 2708 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:24:48.0313 2708 SharedAccess - ok
20:24:48.0443 2708 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:24:48.0475 2708 ShellHWDetection - ok
20:24:48.0541 2708 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:24:48.0544 2708 SiSRaid2 - ok
20:24:48.0588 2708 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:24:48.0591 2708 SiSRaid4 - ok
20:24:50.0293 2708 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:24:50.0404 2708 Skype C2C Service - ok
20:24:50.0685 2708 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:24:50.0689 2708 SkypeUpdate - ok
20:24:50.0816 2708 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:24:50.0820 2708 Smb - ok
20:24:50.0932 2708 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:24:50.0940 2708 SNMPTRAP - ok
20:24:51.0009 2708 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:24:51.0010 2708 spldr - ok
20:24:51.0138 2708 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:24:51.0328 2708 Spooler - ok
20:24:51.0913 2708 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:24:52.0003 2708 sppsvc - ok
20:24:52.0069 2708 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:24:52.0075 2708 sppuinotify - ok
20:24:52.0176 2708 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:24:52.0186 2708 srv - ok
20:24:52.0271 2708 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:24:52.0280 2708 srv2 - ok
20:24:52.0369 2708 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:24:52.0372 2708 srvnet - ok
20:24:52.0533 2708 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:24:52.0543 2708 SSDPSRV - ok
20:24:52.0604 2708 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:24:52.0610 2708 SstpSvc - ok
20:24:52.0672 2708 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:24:52.0676 2708 stexstor - ok
20:24:52.0905 2708 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:24:52.0956 2708 stisvc - ok
20:24:53.0055 2708 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:24:53.0058 2708 swenum - ok
20:24:53.0224 2708 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:24:53.0265 2708 swprv - ok
20:24:53.0509 2708 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:24:53.0518 2708 SynTP - ok
20:24:54.0160 2708 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:24:54.0329 2708 SysMain - ok
20:24:54.0403 2708 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:24:54.0412 2708 TabletInputService - ok
20:24:54.0535 2708 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:24:54.0543 2708 TapiSrv - ok
20:24:54.0617 2708 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:24:54.0621 2708 TBS - ok
20:24:55.0084 2708 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:24:55.0179 2708 Tcpip - ok
20:24:55.0618 2708 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:24:55.0631 2708 TCPIP6 - ok
20:24:55.0703 2708 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:24:55.0705 2708 tcpipreg - ok
20:24:55.0774 2708 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:24:55.0777 2708 TDPIPE - ok
20:24:55.0890 2708 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:24:55.0894 2708 TDTCP - ok
20:24:55.0968 2708 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:24:55.0971 2708 tdx - ok
20:24:56.0063 2708 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:24:56.0069 2708 TermDD - ok
20:24:56.0212 2708 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:24:56.0331 2708 TermService - ok
20:24:56.0420 2708 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:24:56.0426 2708 Themes - ok
20:24:56.0485 2708 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:24:56.0489 2708 THREADORDER - ok
20:24:56.0567 2708 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:24:56.0573 2708 TrkWks - ok
20:24:56.0737 2708 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:24:56.0741 2708 TrustedInstaller - ok
20:24:56.0831 2708 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:24:56.0833 2708 tssecsrv - ok
20:24:57.0083 2708 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:24:57.0087 2708 TsUsbFlt - ok
20:24:57.0214 2708 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:24:57.0218 2708 tunnel - ok
20:24:57.0285 2708 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:24:57.0288 2708 uagp35 - ok
20:24:57.0322 2708 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
20:24:57.0325 2708 UBHelper - ok
20:24:57.0400 2708 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:24:57.0406 2708 udfs - ok
20:24:57.0440 2708 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:24:57.0450 2708 UI0Detect - ok
20:24:57.0515 2708 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:24:57.0519 2708 uliagpkx - ok
20:24:57.0625 2708 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:24:57.0664 2708 umbus - ok
20:24:57.0806 2708 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:24:57.0810 2708 UmPass - ok
20:24:58.0130 2708 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:24:58.0135 2708 Updater Service - ok
20:24:58.0327 2708 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:24:58.0337 2708 upnphost - ok
20:24:58.0494 2708 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:24:58.0497 2708 USBAAPL64 - ok
20:24:58.0642 2708 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:24:58.0646 2708 usbaudio - ok
20:24:58.0742 2708 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:24:58.0745 2708 usbccgp - ok
20:24:58.0846 2708 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:24:58.0849 2708 usbcir - ok
20:24:58.0919 2708 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:24:58.0922 2708 usbehci - ok
20:24:59.0104 2708 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:24:59.0110 2708 usbhub - ok
20:24:59.0366 2708 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:24:59.0369 2708 usbohci - ok
20:24:59.0486 2708 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:24:59.0488 2708 usbprint - ok
20:24:59.0554 2708 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:24:59.0557 2708 usbscan - ok
20:24:59.0659 2708 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:24:59.0665 2708 USBSTOR - ok
20:24:59.0714 2708 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:24:59.0717 2708 usbuhci - ok
20:24:59.0922 2708 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:24:59.0933 2708 usbvideo - ok
20:25:00.0563 2708 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
20:25:00.0588 2708 usb_rndisx - ok
20:25:00.0661 2708 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:25:00.0666 2708 UxSms - ok
20:25:00.0697 2708 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
20:25:00.0700 2708 VaultSvc - ok
20:25:00.0792 2708 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:25:00.0794 2708 vdrvroot - ok
20:25:00.0973 2708 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:25:00.0989 2708 vds - ok
20:25:01.0137 2708 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:25:01.0141 2708 vga - ok
20:25:01.0290 2708 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:25:01.0293 2708 VgaSave - ok
20:25:01.0391 2708 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:25:01.0398 2708 vhdmp - ok
20:25:01.0467 2708 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:25:01.0470 2708 viaide - ok
20:25:01.0510 2708 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:25:01.0513 2708 volmgr - ok
20:25:01.0632 2708 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:25:01.0641 2708 volmgrx - ok
20:25:01.0709 2708 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:25:01.0714 2708 volsnap - ok
20:25:01.0785 2708 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:25:01.0791 2708 vsmraid - ok
20:25:02.0010 2708 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:25:02.0090 2708 VSS - ok
20:25:02.0156 2708 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:25:02.0183 2708 vwifibus - ok
20:25:02.0309 2708 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:25:02.0313 2708 vwififlt - ok
20:25:02.0448 2708 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:25:02.0451 2708 vwifimp - ok
20:25:02.0560 2708 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:25:02.0574 2708 W32Time - ok
20:25:02.0614 2708 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:25:02.0616 2708 WacomPen - ok
20:25:02.0779 2708 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:25:02.0786 2708 WANARP - ok
20:25:02.0796 2708 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:25:02.0800 2708 Wanarpv6 - ok
20:25:03.0543 2708 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:25:03.0663 2708 WatAdminSvc - ok
20:25:03.0999 2708 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:25:04.0089 2708 wbengine - ok
20:25:04.0180 2708 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:25:04.0187 2708 WbioSrvc - ok
20:25:04.0292 2708 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:25:04.0306 2708 wcncsvc - ok
20:25:04.0370 2708 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:25:04.0375 2708 WcsPlugInService - ok
20:25:04.0437 2708 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:25:04.0441 2708 Wd - ok
20:25:04.0595 2708 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:25:04.0647 2708 Wdf01000 - ok
20:25:04.0696 2708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:25:04.0702 2708 WdiServiceHost - ok
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
HEBERGE LE !
http://pjjoint.malekal.com/files.php?id=20131229_p57g12y12l14
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Bien, pour les prochaines fois héberge les toujours.

Désinstalle : Complitly, Free YouTube Downloader Converter, Search Protect et µTorrent

Utilise cet outil de désinfection spécifique aux logiciels publicitaires :

▶ Télécharge AdwCleaner (de Xplode) sur ton Bureau.
▶ Lance le, clique sur Nettoyer puis patiente le temps du scan.
▶ Une fois le nettoyage terminée, un message de prévention va s'afficher, je te conseille de le lire attentivement (n'hésite pas à me poser des questions si tu n'as pas compris certaines choses dans ce message).
▶ Ensuite, le rapport s'ouvrira : poste le dans ta prochaine réponse.

Ensuite télécharge Junk Removal Tool. Suis ce tuto et poste moi le rapport :
https://forum.security-x.fr/tutoriels-317/tutoriel-junkware-removal-tool

Utilise ce logiciel de désinfection généraliste :

▶ Télécharge et installe Malwarebytes' Anti-Malware
▶ A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. Par contre, il n'est pas nécessaire d'activer l'essai gratuit pour la protection.
▶ Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
▶ Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
▶ A la fin de l'analyse, clique sur Afficher les résultats
▶ Coche tous les éléments détectés puis clique sur Supprimer la sélection
▶ S'il t'est demandé de redémarrer l'ordinateur, accepte.
▶ Poste dans ta prochaine réponse le rapport apparaissant après la suppression.

Reparamètre tes navigateurs WEB :

▶ Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
▶ Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
▶ Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Complitly ? mais il est installer depuis le jours de mon achat
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
C'est un adware.

Supprime le
http://pjjoint.malekal.com/files.php?id=20131229_d12p11l5d13w7
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Vu ! on continue :)
ca scan là. on peut poster des images là?
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
ça peut durer 1 heure, faut attendre !
http://pjjoint.malekal.com/files.php?id=20131229_z11g12i12i14b11
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Le dernier dure 1h30 à peu près. A+
http://pjjoint.malekal.com/files.php?id=20131230_h610b6z12w11

Hey Bonjour, Et voila j'ai tout fait :)
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Bonjour,

Télécharge SFTGC ici http://www.archive-host.com
Enregistrez le fichier sur le bureau.
Ouvrez SFTGC.exe et patientez durant l'initialisation du logiciel :
Pour lancer le nettoyage, il suffit de cliquer sur Go.

Fais redémarrer ton ordinateur et poste un nouveau rapport ZHPDiag (pense à l'héberger sur pjjoint, comme le précédent).
http://pjjoint.malekal.com/files.php?id=20131230_w13i6q8d5e10
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Bien. Maintenant je veux le rapport ZHPDiag.
Rapport de SFTGC (Pierre13) du Lundi 30 Décembre 2013 à 16:46:05 version : 2.0.0.60
Mis à jour le 27/11/2013
Outil lancé en Mode normal et En tant qu'administrateur
Windows 7 Home Premium Service Pack 1 64 bits

Tool start in C:\Users\proprietaire\Downloads

4415 éléments supprimés => 4.51 Go libérés. (4 mn 44 s)

C:\Users\proprietaire\AppData\Local\Temp\04091609-00000ed0-izmn8rj5xv
C:\Users\proprietaire\AppData\Local\Temp\08081843-00001b10-6jm3uinlxr
C:\Users\proprietaire\AppData\Local\Temp\08081843-00001b10-8rbs35pwq9
C:\Users\proprietaire\AppData\Local\Temp\08091818-00000cf0-i7hg28myn0
C:\Users\proprietaire\AppData\Local\Temp\08091818-00000cf0-v5akkvcsua
C:\Users\proprietaire\AppData\Local\Temp\08122055-00001de4-4o8xx206yq
C:\Users\proprietaire\AppData\Local\Temp\08122055-00001de4-80y9ae687k
C:\Users\proprietaire\AppData\Local\Temp\08131356-00000fec-fyqwe5oa4s
C:\Users\proprietaire\AppData\Local\Temp\08131356-00000fec-otfok2ht1u
C:\Users\proprietaire\AppData\Local\Temp\08141047-00000f68-r1bpi26fer
C:\Users\proprietaire\AppData\Local\Temp\08141047-00000f68-vxwen4g6xe
C:\Users\proprietaire\AppData\Local\Temp\08142247-00000d10-2avvxfg1wk
C:\Users\proprietaire\AppData\Local\Temp\08142248-00000d10-cyruzzuki5
C:\Users\proprietaire\AppData\Local\Temp\10780_20954
C:\Users\proprietaire\AppData\Local\Temp\10780_9113
C:\Users\proprietaire\AppData\Local\Temp\11161514-0000144c-m0jvi4l4xg
C:\Users\proprietaire\AppData\Local\Temp\11161526-00000c6c-4o89ouq0uu
C:\Users\proprietaire\AppData\Local\Temp\11161526-00000c6c-hw4to59ent
C:\Users\proprietaire\AppData\Local\Temp\12250036-000016f4-3pff3wsxk3
C:\Users\proprietaire\AppData\Local\Temp\1232_8254
C:\Users\proprietaire\AppData\Local\Temp\1456_30173
C:\Users\proprietaire\AppData\Local\Temp\168_12283
C:\Users\proprietaire\AppData\Local\Temp\173B.tmp
C:\Users\proprietaire\AppData\Local\Temp\1832.tmp
C:\Users\proprietaire\AppData\Local\Temp\18BC.tmp
C:\Users\proprietaire\AppData\Local\Temp\18D6.tmp
C:\Users\proprietaire\AppData\Local\Temp\18FB.tmp
C:\Users\proprietaire\AppData\Local\Temp\1A3F.tmp
C:\Users\proprietaire\AppData\Local\Temp\1AA7.tmp
C:\Users\proprietaire\AppData\Local\Temp\1C8B.tmp
C:\Users\proprietaire\AppData\Local\Temp\207F.tmp
C:\Users\proprietaire\AppData\Local\Temp\214D.tmp
C:\Users\proprietaire\AppData\Local\Temp\22464f1d-e4a1-4fb8-9ada-74235082c7cf.dmp
C:\Users\proprietaire\AppData\Local\Temp\2294.tmp
C:\Users\proprietaire\AppData\Local\Temp\23B9.tmp
C:\Users\proprietaire\AppData\Local\Temp\2528_9471
C:\Users\proprietaire\AppData\Local\Temp\2880_3395
C:\Users\proprietaire\AppData\Local\Temp\28D4.tmp
C:\Users\proprietaire\AppData\Local\Temp\297A.tmp
C:\Users\proprietaire\AppData\Local\Temp\2994.tmp
C:\Users\proprietaire\AppData\Local\Temp\2DB9.tmp
C:\Users\proprietaire\AppData\Local\Temp\3116_25126
C:\Users\proprietaire\AppData\Local\Temp\3152_16071
C:\Users\proprietaire\AppData\Local\Temp\3152_172
C:\Users\proprietaire\AppData\Local\Temp\3152_9123
C:\Users\proprietaire\AppData\Local\Temp\31CB.tmp
C:\Users\proprietaire\AppData\Local\Temp\3427.tmp
C:\Users\proprietaire\AppData\Local\Temp\3581.tmp
C:\Users\proprietaire\AppData\Local\Temp\3668_31343
C:\Users\proprietaire\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42
C:\Users\proprietaire\AppData\Local\Temp\3B85.tmp
C:\Users\proprietaire\AppData\Local\Temp\3CAE.tmp
C:\Users\proprietaire\AppData\Local\Temp\4172_24979
C:\Users\proprietaire\AppData\Local\Temp\41E4.tmp
C:\Users\proprietaire\AppData\Local\Temp\4316_12238
C:\Users\proprietaire\AppData\Local\Temp\4460_29811
C:\Users\proprietaire\AppData\Local\Temp\44DC.tmp
C:\Users\proprietaire\AppData\Local\Temp\44F6.tmp
C:\Users\proprietaire\AppData\Local\Temp\4516_24113
C:\Users\proprietaire\AppData\Local\Temp\45B6.tmp
C:\Users\proprietaire\AppData\Local\Temp\4688_6428
C:\Users\proprietaire\AppData\Local\Temp\490cb248-db47-4e3a-8eca-e9938b32c767.dmp
C:\Users\proprietaire\AppData\Local\Temp\4A3.tmp
C:\Users\proprietaire\AppData\Local\Temp\4A60.tmp
C:\Users\proprietaire\AppData\Local\Temp\4C37.tmp
C:\Users\proprietaire\AppData\Local\Temp\4CCF.tmp
C:\Users\proprietaire\AppData\Local\Temp\5000_8237
C:\Users\proprietaire\AppData\Local\Temp\5004_16765
C:\Users\proprietaire\AppData\Local\Temp\5028_18348
C:\Users\proprietaire\AppData\Local\Temp\512F.tmp
C:\Users\proprietaire\AppData\Local\Temp\5332_23114
C:\Users\proprietaire\AppData\Local\Temp\5392_28790
C:\Users\proprietaire\AppData\Local\Temp\5632_174
C:\Users\proprietaire\AppData\Local\Temp\566.tmp
C:\Users\proprietaire\AppData\Local\Temp\5799.tmp
C:\Users\proprietaire\AppData\Local\Temp\5904_2540
C:\Users\proprietaire\AppData\Local\Temp\5960_28919
C:\Users\proprietaire\AppData\Local\Temp\59A8.tmp
C:\Users\proprietaire\AppData\Local\Temp\5B47.tmp
C:\Users\proprietaire\AppData\Local\Temp\5DA0.tmp
C:\Users\proprietaire\AppData\Local\Temp\5DBC.tmp
C:\Users\proprietaire\AppData\Local\Temp\5DE9.tmp
C:\Users\proprietaire\AppData\Local\Temp\5DEA.tmp
C:\Users\proprietaire\AppData\Local\Temp\5EAAFDC9-BAB0-7891-AE76-098263DE7202
C:\Users\proprietaire\AppData\Local\Temp\5FF0.tmp
C:\Users\proprietaire\AppData\Local\Temp\6080_21089
C:\Users\proprietaire\AppData\Local\Temp\6080_5780
C:\Users\proprietaire\AppData\Local\Temp\6228_10012
C:\Users\proprietaire\AppData\Local\Temp\6238.tmp
C:\Users\proprietaire\AppData\Local\Temp\627C.tmp
C:\Users\proprietaire\AppData\Local\Temp\628D.tmp
C:\Users\proprietaire\AppData\Local\Temp\6372_7353
C:\Users\proprietaire\AppData\Local\Temp\65B.tmp
C:\Users\proprietaire\AppData\Local\Temp\68DE.tmp
C:\Users\proprietaire\AppData\Local\Temp\68F2.tmp
C:\Users\proprietaire\AppData\Local\Temp\6919.tmp
C:\Users\proprietaire\AppData\Local\Temp\6977.tmp
C:\Users\proprietaire\AppData\Local\Temp\6B4D.tmp
C:\Users\proprietaire\AppData\Local\Temp\6FE.tmp
C:\Users\proprietaire\AppData\Local\Temp\7290.tmp
C:\Users\proprietaire\AppData\Local\Temp\7392_8506
C:\Users\proprietaire\AppData\Local\Temp\7404_654
C:\Users\proprietaire\AppData\Local\Temp\76AF.tmp
C:\Users\proprietaire\AppData\Local\Temp\7823.tmp
C:\Users\proprietaire\AppData\Local\Temp\7F6C.tmp
C:\Users\proprietaire\AppData\Local\Temp\8.2.30.1-EasyShrx.Dll
C:\Users\proprietaire\AppData\Local\Temp\829B.tmp
C:\Users\proprietaire\AppData\Local\Temp\8375.rra
C:\Users\proprietaire\AppData\Local\Temp\848F.tmp
C:\Users\proprietaire\AppData\Local\Temp\8499.tmp
C:\Users\proprietaire\AppData\Local\Temp\8664_31453
C:\Users\proprietaire\AppData\Local\Temp\8684.tmp
C:\Users\proprietaire\AppData\Local\Temp\88020uninstall.exe
C:\Users\proprietaire\AppData\Local\Temp\8A40.tmp
C:\Users\proprietaire\AppData\Local\Temp\8ACC.tmp
C:\Users\proprietaire\AppData\Local\Temp\8B09.tmp
C:\Users\proprietaire\AppData\Local\Temp\8B4D.tmp
C:\Users\proprietaire\AppData\Local\Temp\8C82.tmp
C:\Users\proprietaire\AppData\Local\Temp\8ECB.tmp
C:\Users\proprietaire\AppData\Local\Temp\901A.tmp
C:\Users\proprietaire\AppData\Local\Temp\93B8E2C4-BAB0-7891-B711-C36FC755320C
C:\Users\proprietaire\AppData\Local\Temp\93D5.tmp
C:\Users\proprietaire\AppData\Local\Temp\9504.tmp
C:\Users\proprietaire\AppData\Local\Temp\9668_2639
C:\Users\proprietaire\AppData\Local\Temp\98A0.tmp
C:\Users\proprietaire\AppData\Local\Temp\9928.tmp
C:\Users\proprietaire\AppData\Local\Temp\9B76.tmp
C:\Users\proprietaire\AppData\Local\Temp\9D5E.tmp
C:\Users\proprietaire\AppData\Local\Temp\A3BA.tmp
C:\Users\proprietaire\AppData\Local\Temp\A4FC.tmp
C:\Users\proprietaire\AppData\Local\Temp\a72b.rra
C:\Users\proprietaire\AppData\Local\Temp\AdwCleaner.jpg
C:\Users\proprietaire\AppData\Local\Temp\APNSetup.exe
C:\Users\proprietaire\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml
C:\Users\proprietaire\AppData\Local\Temp\AUCHECK_PARSER.txt
C:\Users\proprietaire\AppData\Local\Temp\B0F7.tmp
C:\Users\proprietaire\AppData\Local\Temp\B4CC.tmp
C:\Users\proprietaire\AppData\Local\Temp\B5B4.tmp
C:\Users\proprietaire\AppData\Local\Temp\BC0C.tmp
C:\Users\proprietaire\AppData\Local\Temp\BC35.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_005c.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_05dd.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_0c00.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_0ed7.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_0f74.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_1f3d.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_2003.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_2657.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_289e.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_298e.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_2bb8.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_32d1.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_36a6.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_3a79.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_3e50.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_44c3.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_4ada.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_4b9a.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_4d6b.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_5dfe.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_665c.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_7c0a.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_7c6a.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_7d5e.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_806b.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_811b.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_84a1.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_89f9.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_8bad.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_9500.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_9b08.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_a052.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_a323.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_ac53.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_accd.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_ad12.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_b0ad.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_b552.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_b9b4.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_b9f5.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_c0c0.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_c2cb.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_c7bf.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_cae1.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_cb77.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_ce1a.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_cf28.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_d494.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_d9ad.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_d9ef.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_e40c.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_eaff.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_ec8c.tmp
C:\Users\proprietaire\AppData\Local\Temp\bch_fc6c.tmp
C:\Users\proprietaire\AppData\Local\Temp\BE25.tmp
C:\Users\proprietaire\AppData\Local\Temp\BEA4.tmp
C:\Users\proprietaire\AppData\Local\Temp\Bla2C07.tmp
C:\Users\proprietaire\AppData\Local\Temp\Bla3996.tmp
C:\Users\proprietaire\AppData\Local\Temp\Bla43C3.tmp
C:\Users\proprietaire\AppData\Local\Temp\Bla62DE.tmp
C:\Users\proprietaire\AppData\Local\Temp\BlaD620.tmp
C:\Users\proprietaire\AppData\Local\Temp\BlaEFF8.tmp
C:\Users\proprietaire\AppData\Local\Temp\browserinfo.ini
C:\Users\proprietaire\AppData\Local\Temp\Bubble Dock.txt
C:\Users\proprietaire\AppData\Local\Temp\bundle.txt
C:\Users\proprietaire\AppData\Local\Temp\Bunndle
C:\Users\proprietaire\AppData\Local\Temp\bus2B5
C:\Users\proprietaire\AppData\Local\Temp\bus2B5.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus2B73
C:\Users\proprietaire\AppData\Local\Temp\bus2B73.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus3342
C:\Users\proprietaire\AppData\Local\Temp\bus3342.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus41D
C:\Users\proprietaire\AppData\Local\Temp\bus41D.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus4E4A
C:\Users\proprietaire\AppData\Local\Temp\bus4E4A.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus5B2D
C:\Users\proprietaire\AppData\Local\Temp\bus5B2D.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus6A43
C:\Users\proprietaire\AppData\Local\Temp\bus6A43.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus6FB
C:\Users\proprietaire\AppData\Local\Temp\bus6FB.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus7144
C:\Users\proprietaire\AppData\Local\Temp\bus7144.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus756D
C:\Users\proprietaire\AppData\Local\Temp\bus756D.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus7F88
C:\Users\proprietaire\AppData\Local\Temp\bus7F88.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus814C
C:\Users\proprietaire\AppData\Local\Temp\bus814C.tmp
C:\Users\proprietaire\AppData\Local\Temp\bus9438
C:\Users\proprietaire\AppData\Local\Temp\bus9438.tmp
C:\Users\proprietaire\AppData\Local\Temp\busA113
C:\Users\proprietaire\AppData\Local\Temp\busA113.tmp
C:\Users\proprietaire\AppData\Local\Temp\busBE94
C:\Users\proprietaire\AppData\Local\Temp\busBE94.tmp
C:\Users\proprietaire\AppData\Local\Temp\busBFDD
C:\Users\proprietaire\AppData\Local\Temp\busBFDD.tmp
C:\Users\proprietaire\AppData\Local\Temp\busC8A3
C:\Users\proprietaire\AppData\Local\Temp\busC8A3.tmp
C:\Users\proprietaire\AppData\Local\Temp\busD37C
C:\Users\proprietaire\AppData\Local\Temp\busD37C.tmp
C:\Users\proprietaire\AppData\Local\Temp\busE32D
C:\Users\proprietaire\AppData\Local\Temp\busE32D.tmp
C:\Users\proprietaire\AppData\Local\Temp\busE635
C:\Users\proprietaire\AppData\Local\Temp\busE635.tmp
C:\Users\proprietaire\AppData\Local\Temp\busE8D4
C:\Users\proprietaire\AppData\Local\Temp\busE8D4.tmp
C:\Users\proprietaire\AppData\Local\Temp\busF32
C:\Users\proprietaire\AppData\Local\Temp\busF32.tmp
C:\Users\proprietaire\AppData\Local\Temp\C073.tmp
C:\Users\proprietaire\AppData\Local\Temp\C113.tmp
C:\Users\proprietaire\AppData\Local\Temp\C1A7.tmp
C:\Users\proprietaire\AppData\Local\Temp\C34.tmp
C:\Users\proprietaire\AppData\Local\Temp\C3F.tmp
C:\Users\proprietaire\AppData\Local\Temp\C663.tmp
C:\Users\proprietaire\AppData\Local\Temp\C6F5.tmp
C:\Users\proprietaire\AppData\Local\Temp\CAE2.tmp
C:\Users\proprietaire\AppData\Local\Temp\cb2a.rra
C:\Users\proprietaire\AppData\Local\Temp\CD33.tmp
C:\Users\proprietaire\AppData\Local\Temp\CDBurnerXP-updates
C:\Users\proprietaire\AppData\Local\Temp\CE75.tmp
C:\Users\proprietaire\AppData\Local\Temp\CE7F.tmp
C:\Users\proprietaire\AppData\Local\Temp\CF0C.tmp
C:\Users\proprietaire\AppData\Local\Temp\che1B6C.tmp
C:\Users\proprietaire\AppData\Local\Temp\che29AF.tmp
C:\Users\proprietaire\AppData\Local\Temp\che2E95.tmp
C:\Users\proprietaire\AppData\Local\Temp\che30D5.tmp
C:\Users\proprietaire\AppData\Local\Temp\che6914.tmp
C:\Users\proprietaire\AppData\Local\Temp\cheA2F5.tmp
C:\Users\proprietaire\AppData\Local\Temp\cheAF39.tmp
C:\Users\proprietaire\AppData\Local\Temp\cheB57D.tmp
C:\Users\proprietaire\AppData\Local\Temp\cheDB81.tmp
C:\Users\proprietaire\AppData\Local\Temp\cheF3D5.tmp
C:\Users\proprietaire\AppData\Local\Temp\chrome_installer.log
C:\Users\proprietaire\AppData\Local\Temp\Cleaning.ico
C:\Users\proprietaire\AppData\Local\Temp\Cookies
C:\Users\proprietaire\AppData\Local\Temp\CRX_75DAF8CB7768
C:\Users\proprietaire\AppData\Local\Temp\CR_97F5C.tmp
C:\Users\proprietaire\AppData\Local\Temp\D1F1.tmp
C:\Users\proprietaire\AppData\Local\Temp\D41E.tmp
C:\Users\proprietaire\AppData\Local\Temp\D43.tmp
C:\Users\proprietaire\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B
C:\Users\proprietaire\AppData\Local\Temp\D929.tmp
C:\Users\proprietaire\AppData\Local\Temp\D94CB95F.TMP
C:\Users\proprietaire\AppData\Local\Temp\DC44.tmp
C:\Users\proprietaire\AppData\Local\Temp\DD02.tmp
C:\Users\proprietaire\AppData\Local\Temp\df66.rra
C:\Users\proprietaire\AppData\Local\Temp\dfEE9D.tmp
C:\Users\proprietaire\AppData\Local\Temp\dkdlqmdlrkqt
C:\Users\proprietaire\AppData\Local\Temp\DMI4C3C.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMI4F85.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMI663C.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMI6D29.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMI7ECF.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMIA30E.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMIBE3F.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMID8E1.tmp
C:\Users\proprietaire\AppData\Local\Temp\DMIEA29.tmp
C:\Users\proprietaire\AppData\Local\Temp\Donate.ico
C:\Users\proprietaire\AppData\Local\Temp\drmtemp04FF1982.htm
C:\Users\proprietaire\AppData\Local\Temp\E1D4.tmp
C:\Users\proprietaire\AppData\Local\Temp\EDA0.tmp
C:\Users\proprietaire\AppData\Local\Temp\EFD39405-BAB0-7891-B3B8-75CAC344D5BB
C:\Users\proprietaire\AppData\Local\Temp\etilqs_08piBsuoA8H8JIb
C:\Users\proprietaire\AppData\Local\Temp\etilqs_1enlV8FFmVDlQ0b
C:\Users\proprietaire\AppData\Local\Temp\etilqs_1QHXIDiRwrbdvEa
C:\Users\proprietaire\AppData\Local\Temp\etilqs_2WUxTfdsrvgbExD
C:\Users\proprietaire\AppData\Local\Temp\etilqs_35oicbmhxvK6fJM
C:\Users\proprietaire\AppData\Local\Temp\etilqs_3IUTMlWAQ43Yj6X
C:\Users\proprietaire\AppData\Local\Temp\etilqs_40W2X9UfP9QQff4
C:\Users\proprietaire\AppData\Local\Temp\etilqs_4oMEDzuy8EVB8zc
C:\Users\proprietaire\AppData\Local\Temp\etilqs_4reUzTf1RBhVEMq
C:\Users\proprietaire\AppData\Local\Temp\etilqs_4UHNjZ6UpcSd1ik
C:\Users\proprietaire\AppData\Local\Temp\etilqs_54FU9brSpoQw4mU
C:\Users\proprietaire\AppData\Local\Temp\etilqs_5qLMdUBF2MjmSGb
C:\Users\proprietaire\AppData\Local\Temp\etilqs_6escfiE9mbOymdg
C:\Users\proprietaire\AppData\Local\Temp\etilqs_7ytbgrcksBlcIGr
C:\Users\proprietaire\AppData\Local\Temp\etilqs_9VIfr7kM4yjikMv
C:\Users\proprietaire\AppData\Local\Temp\etilqs_9YTNUe8zlKzEn40
C:\Users\proprietaire\AppData\Local\Temp\etilqs_a1xtTNg73tRBCKH
C:\Users\proprietaire\AppData\Local\Temp\etilqs_a91llqJTVj3eT63
C:\Users\proprietaire\AppData\Local\Temp\etilqs_aaxhxwbwrZIeoZB
C:\Users\proprietaire\AppData\Local\Temp\etilqs_aCDbY1gCkQ5jNUP
C:\Users\proprietaire\AppData\Local\Temp\etilqs_aKLGZnzKQNkGqd0
C:\Users\proprietaire\AppData\Local\Temp\etilqs_alYpoLjfYr7YRqu
C:\Users\proprietaire\AppData\Local\Temp\etilqs_aq22beFTybjFOfG
C:\Users\proprietaire\AppData\Local\Temp\etilqs_aWoCdWZzCtjmMEg
C:\Users\proprietaire\AppData\Local\Temp\etilqs_B9YzkZ7OJQUHVOT
C:\Users\proprietaire\AppData\Local\Temp\etilqs_bKlXl5944HZpD0h
C:\Users\proprietaire\AppData\Local\Temp\etilqs_BzVgGJuJ2GCy4Nf
C:\Users\proprietaire\AppData\Local\Temp\etilqs_cgFdvbZZCvmwXsV
C:\Users\proprietaire\AppData\Local\Temp\etilqs_claKtb3B4eZqqE4
C:\Users\proprietaire\AppData\Local\Temp\etilqs_cRCckhVj7TEtj6x
C:\Users\proprietaire\AppData\Local\Temp\etilqs_CwcT35JUZbHhkaV
C:\Users\proprietaire\AppData\Local\Temp\etilqs_d5yyQahnsPZbyfV
C:\Users\proprietaire\AppData\Local\Temp\etilqs_dQlH6H1fSqLTPC5
C:\Users\proprietaire\AppData\Local\Temp\etilqs_dSsolYtBTLQBONC
C:\Users\proprietaire\AppData\Local\Temp\etilqs_dSxcRvPET9RkCJu
C:\Users\proprietaire\AppData\Local\Temp\etilqs_dt8revxbViJYRcf
C:\Users\proprietaire\AppData\Local\Temp\etilqs_eHNp2bGOYaf2te2
C:\Users\proprietaire\AppData\Local\Temp\etilqs_eIxjfH8A4AsJoSL
C:\Users\proprietaire\AppData\Local\Temp\etilqs_eSbVhvbcpDM1DDm
C:\Users\proprietaire\AppData\Local\Temp\etilqs_et0xAvwYqUE4gaD
C:\Users\proprietaire\AppData\Local\Temp\etilqs_eUERP8t9k9pdHvw
C:\Users\proprietaire\AppData\Local\Temp\etilqs_F7XUJHGGfEggurY
C:\Users\proprietaire\AppData\Local\Temp\etilqs_fiM2DMesmCLMZp7
C:\Users\proprietaire\AppData\Local\Temp\etilqs_fjG8qGeHloUZPUs
C:\Users\proprietaire\AppData\Local\Temp\etilqs_FLpIRanfDakiEXy
C:\Users\proprietaire\AppData\Local\Temp\etilqs_FoEjIUr68iG56JT
C:\Users\proprietaire\AppData\Local\Temp\etilqs_Fv2Lfck0jeaHL1r
C:\Users\proprietaire\AppData\Local\Temp\etilqs_geKAZNoTXekezgZ
C:\Users\proprietaire\AppData\Local\Temp\etilqs_GjOM6eqS2kfXz8w
C:\Users\proprietaire\AppData\Local\Temp\etilqs_gsjF7XzFiqE1wsb
C:\Users\proprietaire\AppData\Local\Temp\etilqs_gyP3c4toeNHQC5z
C:\Users\proprietaire\AppData\Local\Temp\etilqs_h1XfwY7C44j7qH5
C:\Users\proprietaire\AppData\Local\Temp\etilqs_hE1oqLyeCMpQCmG
C:\Users\proprietaire\AppData\Local\Temp\etilqs_he4zRBGZab13FaM
C:\Users\proprietaire\AppData\Local\Temp\etilqs_HJdQSq6HBMEqqo4
C:\Users\proprietaire\AppData\Local\Temp\etilqs_HNSwcyxrY0iAfl6
C:\Users\proprietaire\AppData\Local\Temp\etilqs_hWbT4JYRH1Mg8Fe
C:\Users\proprietaire\AppData\Local\Temp\etilqs_ITMNKRWLPxoXLOF
C:\Users\proprietaire\AppData\Local\Temp\etilqs_iuUCdCATJKpKo3n
C:\Users\proprietaire\AppData\Local\Temp\etilqs_IwehR98y6E7g2Js
C:\Users\proprietaire\AppData\Local\Temp\etilqs_IWpm66TBWBOlNH1
C:\Users\proprietaire\AppData\Local\Temp\etilqs_j8nZhJLY5zzsdCH
C:\Users\proprietaire\AppData\Local\Temp\etilqs_Jddv1iDUfcoIUAn
C:\Users\proprietaire\AppData\Local\Temp\etilqs_JGevfslKcSRP7Gp
C:\Users\proprietaire\AppData\Local\Temp\etilqs_JiMZiI2QBYAHGdj
C:\Users\proprietaire\AppData\Local\Temp\etilqs_joOZHBlA4djOeJ9
C:\Users\proprietaire\AppData\Local\Temp\etilqs_JPhuXc024eZUOns
C:\Users\proprietaire\AppData\Local\Temp\etilqs_jRUdbKs8Cp0cxPo
C:\Users\proprietaire\AppData\Local\Temp\etilqs_Kpz6lp36YmJakZf
C:\Users\proprietaire\AppData\Local\Temp\etilqs_kqEet42qXAwRJg1
C:\Users\proprietaire\AppData\Local\Temp\etilqs_KT9CCyT5eehYaor
C:\Users\proprietaire\AppData\Local\Temp\etilqs_M3tWVOzNajnawh9
C:\Users\proprietaire\AppData\Local\Temp\etilqs_m8ITV6u4y0bGjf7
C:\Users\proprietaire\AppData\Local\Temp\etilqs_MeC4SpMXdXRnltO
C:\Users\proprietaire\AppData\Local\Temp\etilqs_MJlGRyNdTSok8b7
C:\Users\proprietaire\AppData\Local\Temp\etilqs_MnDQFPtwIHQdblz
C:\Users\proprietaire\AppData\Local\Temp\etilqs_MpX2yHwZe37JrTF
C:\Users\proprietaire\AppData\Local\Temp\etilqs_mRlIvkGV0AZzHsk
C:\Users\proprietaire\AppData\Local\Temp\etilqs_mxJSMlbTi0R3TIh
C:\Users\proprietaire\AppData\Local\Temp\etilqs_MZ2hdEAUxa1HFdI
C:\Users\proprietaire\AppData\Local\Temp\etilqs_n0EJUza1zcEAvO1
C:\Users\proprietaire\AppData\Local\Temp\etilqs_NekcdPBhDFJTdN1
C:\Users\proprietaire\AppData\Local\Temp\etilqs_NMDEV2iKplToPGh
C:\Users\proprietaire\AppData\Local\Temp\etilqs_nuC4SaBj074laAb
C:\Users\proprietaire\AppData\Local\Temp\etilqs_nvtYbmIrmdBHDfP
C:\Users\proprietaire\AppData\Local\Temp\etilqs_o39zc1lSONbVFpn
C:\Users\proprietaire\AppData\Local\Temp\etilqs_OfEQmWuoBBzCEbM
C:\Users\proprietaire\AppData\Local\Temp\etilqs_ohcgG9cEuLLO6bs
C:\Users\proprietaire\AppData\Local\Temp\etilqs_PQ1UmavrEWDsbj8
C:\Users\proprietaire\AppData\Local\Temp\etilqs_PR6SLHniFzGebew
C:\Users\proprietaire\AppData\Local\Temp\etilqs_PUvIUbGaPxmVxy1
C:\Users\proprietaire\AppData\Local\Temp\etilqs_qPca34ccRZOuHhk
C:\Users\proprietaire\AppData\Local\Temp\etilqs_qQ6bzhOBEFRR57c
C:\Users\proprietaire\AppData\Local\Temp\etilqs_quHeaYPTv9Vxf4v
C:\Users\proprietaire\AppData\Local\Temp\etilqs_r55GYXSHB06ebru
C:\Users\proprietaire\AppData\Local\Temp\etilqs_r71TD4Npuj5wIP3
C:\Users\proprietaire\AppData\Local\Temp\etilqs_R86gac1XmQBpicN
C:\Users\proprietaire\AppData\Local\Temp\etilqs_RgFvtO1270HpTv9
C:\Users\proprietaire\AppData\Local\Temp\etilqs_rSCYAuHM230vzAj
C:\Users\proprietaire\AppData\Local\Temp\etilqs_sFmgv9gmaX3y6eB
C:\Users\proprietaire\AppData\Local\Temp\etilqs_SgDvsWDEFTed9Sp
C:\Users\proprietaire\AppData\Local\Temp\etilqs_T3sHGvCE03dJ1CG
C:\Users\proprietaire\AppData\Local\Temp\etilqs_t5bdpWX2Ymf0vwg
C:\Users\proprietaire\AppData\Local\Temp\etilqs_TeNlkHRN4IalL0V
C:\Users\proprietaire\AppData\Local\Temp\etilqs_TggPyIeOol6HJ6C
C:\Users\proprietaire\AppData\Local\Temp\etilqs_TJRx3dNOJKtPr3S
C:\Users\proprietaire\AppData\Local\Temp\etilqs_tXfHDyOgzJGZWqD
C:\Users\proprietaire\AppData\Local\Temp\etilqs_tXM9XFvjdWOjWJK
C:\Users\proprietaire\AppData\Local\Temp\etilqs_u1TjWhalUsWNTZh
C:\Users\proprietaire\AppData\Local\Temp\etilqs_UB25EjGhM2Vaa7x
C:\Users\proprietaire\AppData\Local\Temp\etilqs_udaJcFkd8gNJFPZ
C:\Users\proprietaire\AppData\Local\Temp\etilqs_utaAzXJFp5LfjrE
C:\Users\proprietaire\AppData\Local\Temp\etilqs_uvb8Hl9QCFhQq3k
C:\Users\proprietaire\AppData\Local\Temp\etilqs_vfkfVVFEV3rVlBr
C:\Users\proprietaire\AppData\Local\Temp\etilqs_Vfuq8dZam8z2chj
C:\Users\proprietaire\AppData\Local\Temp\etilqs_VK24t85Tu4WFO8R
C:\Users\proprietaire\AppData\Local\Temp\etilqs_VpzOSXy2xf1R9jh
C:\Users\proprietaire\AppData\Local\Temp\etilqs_W7cYB1syrws0ArH
C:\Users\proprietaire\AppData\Local\Temp\etilqs_w8zzAxGofza78Lj
C:\Users\proprietaire\AppData\Local\Temp\etilqs_WFH5YEBpyVU43sW
C:\Users\proprietaire\AppData\Local\Temp\etilqs_WjWN8ElydsqVD1d
C:\Users\proprietaire\AppData\Local\Temp\etilqs_WLkW7DTpjYP0ggb
C:\Users\proprietaire\AppData\Local\Temp\etilqs_XkbtL3L2wCSpgu9
C:\Users\proprietaire\AppData\Local\Temp\etilqs_xN8ODkQgp8jKEk3
C:\Users\proprietaire\AppData\Local\Temp\etilqs_XPY23abUCJVpF8g
C:\Users\proprietaire\AppData\Local\Temp\etilqs_XRnBAQOeJlgNLbO
C:\Users\proprietaire\AppData\Local\Temp\etilqs_xydP0cdP6MruoqS
C:\Users\proprietaire\AppData\Local\Temp\etilqs_y8hSd8pT0c743mM
C:\Users\proprietaire\AppData\Local\Temp\etilqs_yb9tOL0dC2diIbY
C:\Users\proprietaire\AppData\Local\Temp\etilqs_yMyVwUnaXVEl3hA
C:\Users\proprietaire\AppData\Local\Temp\etilqs_Z6QFELEWtSRg7sb
C:\Users\proprietaire\AppData\Local\Temp\etilqs_ZDBByWTBfHqIJ21
C:\Users\proprietaire\AppData\Local\Temp\etilqs_zNmJHlMyh4cQ6Wx
C:\Users\proprietaire\AppData\Local\Temp\etilqs_Zug27Tv4TGX1ot1
C:\Users\proprietaire\AppData\Local\Temp\etilqs_ZxGYHGZuJzwpsiT
C:\Users\proprietaire\AppData\Local\Temp\etilqs_Zzd3a8tU1Rrpjmd
C:\Users\proprietaire\AppData\Local\Temp\F13C.tmp
C:\Users\proprietaire\AppData\Local\Temp\F19D.tmp
C:\Users\proprietaire\AppData\Local\Temp\F36C.tmp
C:\Users\proprietaire\AppData\Local\Temp\f8042edc-b9ec-4aa9-b0b8-750a0e98b124.dmp
C:\Users\proprietaire\AppData\Local\Temp\F8F9.tmp
C:\Users\proprietaire\AppData\Local\Temp\FA83.tmp
C:\Users\proprietaire\AppData\Local\Temp\FAE8.tmp
C:\Users\proprietaire\AppData\Local\Temp\FC27.tmp
C:\Users\proprietaire\AppData\Local\Temp\FE63.tmp
C:\Users\proprietaire\AppData\Local\Temp\ffe92b91-eacd-40c9-9412-47e04984f743.dmp
C:\Users\proprietaire\AppData\Local\Temp\gch8113.tmp
C:\Users\proprietaire\AppData\Local\Temp\gch8115.tmp
C:\Users\proprietaire\AppData\Local\Temp\gchF43E.tmp
C:\Users\proprietaire\AppData\Local\Temp\gchF440.tmp
C:\Users\proprietaire\AppData\Local\Temp\glupgrade
C:\Users\proprietaire\AppData\Local\Temp\go9876.html
C:\Users\proprietaire\AppData\Local\Temp\GoogleUpdateSetup.exe12ab8a
C:\Users\proprietaire\AppData\Local\Temp\GoogleUpdateSetup.exe1b7c4826
C:\Users\proprietaire\AppData\Local\Temp\GoogleUpdateSetup.exe3e3595a
C:\Users\proprietaire\AppData\Local\Temp\GoogleUpdateSetup.exe6a5e2672
C:\Users\proprietaire\AppData\Local\Temp\GoogleUpdateSetup.exe8459e8b
C:\Users\proprietaire\AppData\Local\Temp\hsperfdata_proprietaire
C:\Users\proprietaire\AppData\Local\Temp\inet.txt
C:\Users\proprietaire\AppData\Local\Temp\is-CD2TO.tmp
C:\Users\proprietaire\AppData\Local\Temp\is1668783924
C:\Users\proprietaire\AppData\Local\Temp\JAUReg.log
C:\Users\proprietaire\AppData\Local\Temp\JavaDeployReg.log
C:\Users\proprietaire\AppData\Local\Temp\java_install.log
C:\Users\proprietaire\AppData\Local\Temp\java_install_reg.log
C:\Users\proprietaire\AppData\Local\Temp\java_install_sp.log
C:\Users\proprietaire\AppData\Local\Temp\jinstall.cfg
C:\Users\proprietaire\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\proprietaire\AppData\Local\Temp\JRT.txt
C:\Users\proprietaire\AppData\Local\Temp\jusched.log
C:\Users\proprietaire\AppData\Local\Temp\KiesInstall.Log
C:\Users\proprietaire\AppData\Local\Temp\KiesLiveupdateTemp
C:\Users\proprietaire\AppData\Local\Temp\LBubble Dock.txt
C:\Users\proprietaire\AppData\Local\Temp\logs
C:\Users\proprietaire\AppData\Local\Temp\mfi8112.tmp
C:\Users\proprietaire\AppData\Local\Temp\mfi8114.tmp
C:\Users\proprietaire\AppData\Local\Temp\mfiF43D.tmp
C:\Users\proprietaire\AppData\Local\Temp\mfiF43F.tmp
C:\Users\proprietaire\AppData\Local\Temp\MMDUtl.ini
C:\Users\proprietaire\AppData\Local\Temp\MSI30d65.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d66.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d67.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d68.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d69.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d6a.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d6b.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d6c.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d6d.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d6e.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d6f.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d70.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d71.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d72.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d73.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d74.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d75.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d76.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d77.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d78.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI30d79.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI71795.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSI87c77.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSIa42a1.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSIaac92.LOG
C:\Users\proprietaire\AppData\Local\Temp\MSIfc20f.LOG
C:\Users\proprietaire\AppData\Local\Temp\mtcmn
C:\Users\proprietaire\AppData\Local\Temp\MyWinLocker
C:\Users\proprietaire\AppData\Local\Temp\netlog.txt
C:\Users\proprietaire\AppData\Local\Temp\nsaAC6E.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsaB78.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsbC457.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsc782E.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsc913C.tmp
C:\Users\proprietaire\AppData\Local\Temp\nscD5C6.tmp
C:\Users\proprietaire\AppData\Local\Temp\nscE3A4.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsd2D4C.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsd3892.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsd9A0.tmp
C:\Users\proprietaire\AppData\Local\Temp\nse74C3.tmp
C:\Users\proprietaire\AppData\Local\Temp\nse81CC.tmp
C:\Users\proprietaire\AppData\Local\Temp\nse845B.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsfA02B.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsfAC0E.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsgCAD2.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsi114.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsi8F09.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsiB296.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsj936A.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsj9935.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsjFE5E.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsk3A16.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsl42EA.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsm2C86.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsn3F84.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsn4E3.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsnC821.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsoB234.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsp77C9.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsq20B3.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsq46FF.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsr71EF.tmp
C:\Users\proprietaire\AppData\Local\Temp\nst7C1.tmp
C:\Users\proprietaire\AppData\Local\Temp\nstFCE4.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsu6D77.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsu8827.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsuADF0.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsv131B.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsv48A4.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsv8C1.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsx8615.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsx9687.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsxFF4D.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsy8C76.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsz2211.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsz51DC.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsz6281.tmp
C:\Users\proprietaire\AppData\Local\Temp\nsz7702.tmp
C:\Users\proprietaire\AppData\Local\Temp\ntdll_dump.dll
C:\Users\proprietaire\AppData\Local\Temp\OICE_78FE9FEA-019C-4B3A-A033-6F7B0F9A6057.0
C:\Users\proprietaire\AppData\Local\Temp\oPackage
C:\Users\proprietaire\AppData\Local\Temp\ping.txt
C:\Users\proprietaire\AppData\Local\Temp\Plus-HD-3.5Installer_1379277052.log
C:\Users\proprietaire\AppData\Local\Temp\proprietaire.bmp
C:\Users\proprietaire\AppData\Local\Temp\Quarantine.exe
C:\Users\proprietaire\AppData\Local\Temp\RD3A27.tmp
C:\Users\proprietaire\AppData\Local\Temp\Reduc.frInstaller_1373618961.log
C:\Users\proprietaire\AppData\Local\Temp\Reduc.frUninstaller_1376992260.log
C:\Users\proprietaire\AppData\Local\Temp\Report.ico
C:\Users\proprietaire\AppData\Local\Temp\SAMSUNG
C:\Users\proprietaire\AppData\Local\Temp\Savings WaveInstaller_1368557916.log
C:\Users\proprietaire\AppData\Local\Temp\Savings WaveUninstaller_1368561189.log
C:\Users\proprietaire\AppData\Local\Temp\Scan.ico
C:\Users\proprietaire\AppData\Local\Temp\SCCLog.txt
C:\Users\proprietaire\AppData\Local\Temp\scoped_dir_3140_29251
C:\Users\proprietaire\AppData\Local\Temp\Setup.log
C:\Users\proprietaire\AppData\Local\Temp\SkypeSetup.exe
C:\Users\proprietaire\AppData\Local\Temp\Sqlite3.dll
C:\Users\proprietaire\AppData\Local\Temp\SSFTdwloaded.xml
C:\Users\proprietaire\AppData\Local\Temp\svdbchfg.tmp
C:\Users\proprietaire\AppData\Local\Temp\SymCCIS_CheckCriteria.txt
C:\Users\proprietaire\AppData\Local\Temp\temp_scan.ini
C:\Users\proprietaire\AppData\Local\Temp\Thumbs.db
C:\Users\proprietaire\AppData\Local\Temp\tmp1537.tmp
C:\Users\proprietaire\AppData\Local\Temp\toolbar1.cab
C:\Users\proprietaire\AppData\Local\Temp\TWAIN.LOG
C:\Users\proprietaire\AppData\Local\Temp\Twain001.Mtx
C:\Users\proprietaire\AppData\Local\Temp\Twunk001.MTX
C:\Users\proprietaire\AppData\Local\Temp\Twunk002.MTX
C:\Users\proprietaire\AppData\Local\Temp\uninst1.exe
C:\Users\proprietaire\AppData\Local\Temp\Uninstall.ico
C:\Users\proprietaire\AppData\Local\Temp\upe2701.tmp
C:\Users\proprietaire\AppData\Local\Temp\upe3774.tmp
C:\Users\proprietaire\AppData\Local\Temp\upe4BBE.tmp
C:\Users\proprietaire\AppData\Local\Temp\upe7A2E.tmp
C:\Users\proprietaire\AppData\Local\Temp\upe8411.tmp
C:\Users\proprietaire\AppData\Local\Temp\upe8B4E.tmp
C:\Users\proprietaire\AppData\Local\Temp\upeA19E.tmp
C:\Users\proprietaire\AppData\Local\Temp\upeC478.tmp
C:\Users\proprietaire\AppData\Local\Temp\upeD192.tmp
C:\Users\proprietaire\AppData\Local\Temp\upeE0BD.tmp
C:\Users\proprietaire\AppData\Local\Temp\upeE6D6.tmp
C:\Users\proprietaire\AppData\Local\Temp\upeF104.tmp
C:\Users\proprietaire\AppData\Local\Temp\upeF6EC.tmp
C:\Users\proprietaire\AppData\Local\Temp\upr2827.tmp
C:\Users\proprietaire\AppData\Local\Temp\upr3323.tmp
C:\Users\proprietaire\AppData\Local\Temp\uprC18A.tmp
C:\Users\proprietaire\AppData\Local\Temp\uprD5C6.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt256D.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt256E.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt256F.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt2570.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt2571.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt2572.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt28CE.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt28CF.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt28D0.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt28E0.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt28E1.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt28E2.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt35F3.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt35F4.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt35F5.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt35F6.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt35F7.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt35F8.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt39D1.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt39D2.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt39E2.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3A12.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3A32.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3A33.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3B5A.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3B99.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3B9A.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3B9B.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3B9C.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3B9D.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3E23.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3E24.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3E25.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3E26.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3E27.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt3E28.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt452A.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt452B.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt452D.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt452E.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt452F.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt52E6.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt52E7.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt52E8.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt52E9.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt52EA.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt52EB.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5567.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5567.tmp.bat
C:\Users\proprietaire\AppData\Local\Temp\utt5A36.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5A37.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5A38.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5A39.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5A3A.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5A3B.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5D7C.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5D7C.tmp.bat
C:\Users\proprietaire\AppData\Local\Temp\utt5FF6.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt5FF6.tmp.old
C:\Users\proprietaire\AppData\Local\Temp\utt6492.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6493.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6494.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt64A5.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt64A6.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt64A7.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6C94.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6C95.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6C96.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6C97.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6C98.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt6CA9.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt826.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt826.tmp.bat
C:\Users\proprietaire\AppData\Local\Temp\utt83B7.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt83B8.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt83BA.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt83BB.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt83BC.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt8AFD.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt8AFE.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt8AFF.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt8B00.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt8B01.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt8B02.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt9276.tmp
C:\Users\proprietaire\AppData\Local\Temp\utt9276.tmp.bat
C:\Users\proprietaire\AppData\Local\Temp\uttA839.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttAACC.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttAACC.tmp.exe
C:\Users\proprietaire\AppData\Local\Temp\uttABF7.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttABF8.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttABF9.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttABFA.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttABFB.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttABFC.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB3DA.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB3DB.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB3DC.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB3DD.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB3DE.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB3DF.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB84A.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB84B.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB85C.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB85D.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB85E.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttB85F.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttBFD7.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttBFD8.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttBFD9.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttBFDA.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttBFDB.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttBFDC.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC02C.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC02D.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC02E.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC03F.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC040.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC041.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC5A7.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC5A8.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC5A9.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC5AA.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC5AB.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttC5AC.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttE646.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttE646.tmp.bat
C:\Users\proprietaire\AppData\Local\Temp\uttEE62.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttEE63.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttEE64.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttEE65.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttEE66.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttEE67.tmp
C:\Users\proprietaire\AppData\Local\Temp\uttF18D.tmp
C:\Users\proprietaire\AppData\Local\Temp\Version.xml
C:\Users\proprietaire\AppData\Local\Temp\VistaLib64_1.dll
C:\Users\proprietaire\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\proprietaire\AppData\Local\Temp\wctA0E8.tmp
C:\Users\proprietaire\AppData\Local\Temp\wctC651.tmp
C:\Users\proprietaire\AppData\Local\Temp\wctCC55.tmp
C:\Users\proprietaire\AppData\Local\Temp\wctE9E7.tmp
C:\Users\proprietaire\AppData\Local\Temp\WMPBurn
C:\Users\proprietaire\AppData\Local\Temp\wmplog00.sqm
C:\Users\proprietaire\AppData\Local\Temp\wmsetup.log
C:\Users\proprietaire\AppData\Local\Temp\WPDNSE
C:\Users\proprietaire\AppData\Local\Temp\zlrkqt
C:\Users\proprietaire\AppData\Local\Temp\_avast_
C:\Users\proprietaire\AppData\Local\Temp\{10183bca-1515-4a6c-87a7-5f199fa950c7}
C:\Users\proprietaire\AppData\Local\Temp\{124C4BB8-4A6D-4855-AAAC-7F30252BC10B}
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}
C:\Users\proprietaire\AppData\Local\Temp\{6D98F190-28A1-4AE3-88B9-58AA14B70009}
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}
C:\Users\proprietaire\AppData\Local\Temp\{BD41077F-4FA7-4319-9559-46B4D4ABED57}
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}
C:\Users\proprietaire\AppData\Local\Temp\{D4AF0F2C-67D2-4AC3-9951-06AD0B8E7A87}
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}
C:\Users\proprietaire\AppData\Local\Temp\~71670B.tmp
C:\Users\proprietaire\AppData\Local\Temp\~nsu.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PI1125.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PI1136.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PI134A.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PI5FF7.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PI9FC8.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PIA5A4.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PIAD1D.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PIB98E.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PIBA2B.tmp
C:\Users\proprietaire\AppData\Local\Temp\~PIBD2A.tmp
C:\Users\proprietaire\AppData\Local\Temp\~nsu.tmp\sql.tmp
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}\0x0409.ini
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}\0x0412.ini
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}\1033.MST
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}\ISSetup.dll
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}\Samsung Kies.msi
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}\Setup.INI
C:\Users\proprietaire\AppData\Local\Temp\{F2A26227-323B-4F31-B537-EC5912BD8E0B}\_ISMSIDEL.INI
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}\0x0409.ini
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}\0x0412.ini
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}\1033.MST
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}\ISSetup.dll
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}\Samsung Kies.msi
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}\Setup.INI
C:\Users\proprietaire\AppData\Local\Temp\{BFB1B331-9C6B-4544-B6DF-0B2265B8DA99}\_ISMSIDEL.INI
C:\Users\proprietaire\AppData\Local\Temp\{BD41077F-4FA7-4319-9559-46B4D4ABED57}\ISBEW64.exe
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\BrowseFolderDll.dll
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1025.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1026.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1028.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1029.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1030.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1031.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1032.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1033.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1035.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1036.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1037.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1038.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1040.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1041.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1042.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1043.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1044.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1045.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1046.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1048.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1049.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1050.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1051.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1053.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1054.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1055.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1057.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1058.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1061.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1062.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1063.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1066.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1081.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_1086.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_2052.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_2057.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_2058.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_2070.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_3076.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_3082.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\EULA_3084.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\Execute2App.exe
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\install_01.bmp
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\ISBEW64.exe
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\ISRT.dll
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\Kies2RemoveAll.exe
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\KiesProgressDialog.dll
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\Microsoft.VC90.CRT.manifest
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\MSSetupAddinDll.dll
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\MSSetupAddinDllForVista.dll
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\msvcp90.dll
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\msvcr90.dll
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\setup.exe
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\setup.inx
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\String1033.txt
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\WriteDescExecuteFileName.exe
C:\Users\proprietaire\AppData\Local\Temp\{88BE33B2-DE3E-445A-9F2E-1DC5EFD5F240}\_isres_0x0409.dll
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}\0x0409.ini
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}\0x0412.ini
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}\1033.MST
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}\ISSetup.dll
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}\Samsung Kies.msi
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}\Setup.INI
C:\Users\proprietaire\AppData\Local\Temp\{79F86851-8301-4A21-9D35-4E4B548ECC48}\_ISMSIDEL.INI
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}\0x0409.ini
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}\0x0412.ini
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}\1033.MST
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}\ISSetup.dll
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}\Samsung Kies.msi
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}\Setup.INI
C:\Users\proprietaire\AppData\Local\Temp\{43E5BF02-4A63-4947-8089-73DB1E68CD7C}\_ISMSIDEL.INI
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\BrowseFolderDll.dll
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1025.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1026.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1028.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1029.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1030.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1031.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1032.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1033.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1035.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1036.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1037.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1038.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1040.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1041.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1042.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1043.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1044.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1045.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1046.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1048.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1049.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1050.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1051.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1053.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1054.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1055.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1057.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1058.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1061.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1062.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1063.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1066.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1081.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_1086.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_2052.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_2057.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_2058.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_2070.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_3076.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_3082.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\EULA_3084.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\Execute2App.exe
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\install_01.bmp
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\ISBEW64.exe
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\ISRT.dll
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\Kies2RemoveAll.exe
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\KiesProgressDialog.dll
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\Microsoft.VC90.CRT.manifest
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\MSSetupAddinDll.dll
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\MSSetupAddinDllForVista.dll
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\msvcp90.dll
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\msvcr90.dll
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\setup.exe
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\setup.inx
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\String1033.txt
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\WriteDescExecuteFileName.exe
C:\Users\proprietaire\AppData\Local\Temp\{2BB6555C-6852-475A-9016-17BD65BE126F}\_isres_0x0409.dll
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\BrowseFolderDll.dll
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1025.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1026.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1028.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1029.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1030.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1031.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1032.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1033.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1035.txt
C:\Users\proprietaire\AppData\Local\Temp\{2180F188-06E6-48D4-921F-B3B7C63BB36A}\EULA_1036.
~ Rapport de ZHPDiag v2013.12.26.23 - Nicolas Coolman (26/12/2013)
~ Lancé par proprietaire (29/12/2013 19:28:08)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1483.0
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 9.1 MUI
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4026 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 253 GB (55%) free of 453 GB

---\\ Mode de connexion au système
~ Computer Name: PROPRIETAIRE-PC
~ User Name: proprietaire
~ All Users Names: proprietaire, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\proprietaire\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\proprietaire\AppData\Roaming\
~ %Desktop% : C:\Users\proprietaire\Desktop\
~ %Favorites% : C:\Users\proprietaire\Favorites\
~ %LocalAppData% : C:\Users\proprietaire\AppData\Local\
~ %StartMenu% : C:\Users\proprietaire\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 253 Go of 453 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 02s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/84
~ Mes musiques (My Musics) : 396/695
~ Mes Videos (My Videos) : 2/152
~ Mes Favoris (My Favorites) : 1/37
~ Mes Documents (My Documents) : 1/10
~ Mon Bureau (My Desktop) : 3/102
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.0D6972A795995F07B6D78CA7724744FB] - (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552] [PID.3640]
[MD5.D0AC482B584F244B0E10B465CFC6DEC5] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [955712] [PID.1032]
[MD5.6AABCAB9FF3FFB26EF173153B765483D] - (...) -- C:\Users\proprietaire\AppData\Roaming\cacaoweb\cacaoweb.exe [469504] [PID.4152] =>PUP.CacaoWeb
[MD5.9ECF375A6E4E74D056F4B54E76D58721] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.4400]
[MD5.38218E47372B77DDB3C9DDD4390CB960] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [975952] [PID.4428]
[MD5.0ADF079D36B2C25E6E9BECE1BD937ACE] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.4652]
[MD5.94F80155B91B8DF7A0EAD527C853D377] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984] [PID.4764]
[MD5.F8D427DAE2984A4968E2D1CB53634784] - (.Nuance Communications, Inc. - OCR Aware.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe [79400] [PID.4948]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.4960]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3868]
[MD5.1DB860CA1C72B0B953B9555BB390E554] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [305744] [PID.5732]
[MD5.F255E48EA981E943A14CF16269F3F3AF] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584] [PID.5944]
[MD5.1C5A81304F4B3A24914E10E339E3D51A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe [900440] [PID.5876] =>P2P.BitTorrent
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.6564]
[MD5.10616CB2E16AD780B99409C9F12F7884] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe [4212512] [PID.3876] =>Toolbar.Conduit
[MD5.82771E3CCBB98642B71194F2DC3B257C] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe [2849568] [PID.6496] =>Toolbar.Conduit
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.6348]
[MD5.870DF389D7676EDBB635141336A867C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8302080] [PID.3164]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1248]
[MD5.9CF46FDF163E06B83D03FF929EF2296C] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [321104] [PID.1660]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [23584] [PID.1796]
[MD5.78DF31CDD3A380E7F9CFCC8B4E24813C] - (.Pas de propriétaire - PIXMA Extended Servey Program Service.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [99936] [PID.1824]
[MD5.3E5E20817259F7328C8F3BE5421F35B9] - (.Egis Technology Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520] [PID.1884]
[MD5.9A308FCDCCA98A15B6F62D36A272160E] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [255744] [PID.1956]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.1544]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232] [PID.2196]
[MD5.6B24D1C3096DE796D15571079EA5E98C] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.2484]
[MD5.1BBBF640BC0E0B750537BAECE8D66C18] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [641832] [PID.3008]
[MD5.417B683148EED8263721C441A4468C49] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2314016] [PID.7008] =>Toolbar.Conduit
~ Processes Running: Scanned in 00mn 07s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\proprietaire\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.conduit.com
G0 - GCSP: Preference [User Data\Default] http://search.conduit.com
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [bbjciahceamgodcoidkjpchnokgfpphh] Funmoods v.1.0 (Désactivé) =>PUP.Funmoods
G2 - GCE: Preference [User Data\Default] [bfcpnihmbfoaeoakalclfalkdepgiaje] SpecialSavings v.2.0.0.1 (Désactivé) =>PUP.SpecialSavings
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [boipimhfjpakfgckhbljjengakjhkcbp] MixiDJ Toolbar v.1.2 (Désactivé) =>Toolbar.MixiDJ
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Managerr v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [clbfjfbnelcflpgpklppgplejolacbej] Browser Companion Helper v.1.0.5 (Désactivé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [dednnpigldgdbpgcdpfppmlcnnbjciel] General Crawler v.2.5 (Désactivé) =>PUP.MediaFinder
G2 - GCE: Preference [User Data\Default] [dlfienamagdnkekbbbocojppncdambda] Complitly plugin for chrome v.1.1 (Désactivé) =>Adware.PredictAd
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.2 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] WebCake v.1.0.3 (Désactivé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [gdnafjfahbdfphihncgadbegiaebehio] SquirrelWeb v.1.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [hokdglbhghcebcopdbanieangmcamaak] Windows Media Player Extension for HTML5 v.1.0 (Activé) =>.Microsoft Corporation
G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.7.0.1426 (Désactivé)
G2 - GCE: Preference [User Data\Default] [kincjchfokkeneeofpeefomkikfkiedl] VideoFileDownload v.1.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ldikpdnngdmeceeameoaannjilbjppnm] Plus-HD-3.5 v.1.26.111, (Activé) =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [leahdjjpjmnamomgpojikeapflgbmjab] cacaoweb v.1.13 (Désactivé) =>PUP.CacaoWeb
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.2.0.10687 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mocblcnaofikinigmceddfghppkkjbog] Smiley Bar for Facebook v.1.0.0.0 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Désactivé) =>Adware.Yontoo
G2 - GCE: Preference [User Data\Default] [nikpibnbobmbdbheedjfogjlikpgpnhp] DvdVideoSoft Free Youtube Download v.1.0.0.0, (Désactivé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé)
G2 - GCE: Preference [User Data\Default] [paoponfhfdfnjgddpnpjkambkcgdaaib] uTorrentBar_FR v.2.3.7.1 (Désactivé) =>P2P.µTorrent
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.8.0.1, (Désactivé) =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
G2 - GCE: Preference [User Data\Default] [pljcgbedjplidkdjahbaalanadmjfgop] Ask Toolbar v.26.63936, (Désactivé) =>Toolbar.Ask
~ Google Browser: 36 Scanned in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\proprietaire\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\proprietaire\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
~ Firefox Browser: 4 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.portaldosites.com =>Hijacker.PortaldoSites
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://rechercher-fr.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rechercher-fr.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.16428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
O1 - Hosts: 0.0.0.0 boxore.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.boxore.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 boxore.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.boxore.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 boxore.net =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.boxore.net =>Adware.Boxore
O1 - Hosts: 0.0.0.0 dlmanager.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.dlmanager.com =>Adware.Boxore
O1 - Hosts: 0.0.0.0 dlmanager.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.dlmanager.org =>Adware.Boxore
O1 - Hosts: 0.0.0.0 dlmanager.net =>Adware.Boxore
O1 - Hosts: 0.0.0.0 www.dlmanager.net =>Adware.Boxore
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 34



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Complitly [64Bits] - {0FB6A909-6086-458F-BD92-1F8EE10042A0} . (.SimplyGen - Complitly - Helps you search the web.) -- C:\Users\proprietaire\AppData\Roaming\Complitly\Complitly.dll =>Adware.PredictAd
O2 - BHO: CrossriderApp0037180 [64Bits] - {11111111-1111-1111-1111-110311711180} . (.Plus HD - Plus-HD-3.5 BHO.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-bho.dll =>Adware.PlusHD
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion au compte Microsoft [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SquirrelWeb [64Bits] - {dd86af49-1ef1-4532-89f7-41eda1dbbe6d} . (.SquirrelWeb - SquirrelWeb.) -- C:\Program Files (x86)\SquirrelWeb\SquirrelWebbho.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O2 - BHO: (no name) [64Bits] - {95525BD9-6136-4A26-8263-9CEE295D442D} Clé orpheline
~ BHO: 19 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{95080B13-AA71-4EE8-B951-7E98221E1ED5} Clé orpheline
O3 - Toolbar: (no name) [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{BB1227AC-7A0D-4076-8C1A-51A1348F6FA8} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
O4 - GS\Desktop [Public]: Fast Media Converter.lnk . (...) -- C:\Program Files (x86)\FastMediaConverter\FastMedia Converter.exe
O4 - GS\Desktop [Public]: OpenOffice.org 3.4.1.lnk . (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop [Public]: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.7.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Program [Public]: Adobe Reader 9.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Photorécit 3 pour Windows.lnk . (.Microsoft Corp. - Photo Story 3 for Windows.) -- C:\Program Files (x86)\Photo Story 3 for Windows\PhotoStory3.exe
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Visionneuse Microsoft PowerPoint .lnk . (...) -- C:\Windows\Installer\{95140000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [proprietaire]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\QuickLaunch [proprietaire]: VSO DivxToDVD.lnk . (.VSO Software - Divx to DVD converter.) -- C:\Program Files (x86)\vso\DivxToDVD\DivxToDVD.exe
O4 - GS\QuickLaunch [proprietaire]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [proprietaire]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\TaskBar [proprietaire]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [proprietaire]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [proprietaire]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\Program [proprietaire]: WebPlayerV2.lnk . (...) -- C:\Users\proprietaire\AppData\Roaming\Microsoft\Installer\{7D41BC10-F03E-41EB-8E2D-B7006948332F}\_ADF352EEE65CC9B6695365.exe
O4 - GS\Accessories [proprietaire]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [proprietaire]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [proprietaire]: Run.lnk - Clé orpheline
O4 - GS\Accessories [proprietaire]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [proprietaire]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.portaldosites.com =>Hijacker.PortaldoSites
O4 - GS\SystemTools [proprietaire]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\SendTo [proprietaire]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [proprietaire]: Search.lnk . (...) -- C:\ProgramData\DSearchLink\DSearchLink.exe =>Toolbar.DeltaSearch
O4 - GS\Desktop [proprietaire]: VSO DivxToDVD.lnk . (.VSO Software - Divx to DVD converter.) -- C:\Program Files (x86)\vso\DivxToDVD\DivxToDVD.exe
O4 - GS\Desktop [proprietaire]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [proprietaire]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [proprietaire]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 61 Scanned in 00mn 06s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FastMediaConverter.lnk . (...) -- C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [mwlDaemon] . (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [OOTag] . (.Microsoft - OOTag.) -- C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe
O4 - HKLM\..\Run: [MRT] . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\system32\MRT.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.exe (.not file.)
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\proprietaire\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Bubble Dock] C:\Users\proprietaire\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\RunOnce: [Application Restart #2] . (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [OOTag] . (.Microsoft - OOTag.) -- C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
O4 - HKLM\..\Wow6432Node\Run: [OpwareSE4] . (.Nuance Communications, Inc. - OCR Aware.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe =>.ScanSoft, Inc
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [ROC_roc_ssl_v12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe (.not file.) =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_30] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\RunOnce: [20131224] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\9584e010-5d6e-4c9a-a03f-e4cefb5cbcb9.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [cacaoweb] . (...) -- C:\Users\proprietaire\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [Bubble Dock] C:\Users\proprietaire\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\proprietaire\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-4048187908-1995387496-4212406666-1000\..\RunOnce: [Application Restart #2] . (.Google Inc. - Google Chrome.) -- C:\Users\proprietaire\AppData\Local\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 9 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8ECE5A6-F2B0-4222-80B9-A1A323A3CD22}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{A8ECE5A6-F2B0-4222-80B9-A1A323A3CD22}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{A8ECE5A6-F2B0-4222-80B9-A1A323A3CD22}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - PIXMA Extended Servey Program Service.) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\SysWOW64\srvany.exe =>Hijacker.Office
O23 - Service: MyWinLocker Service (MWLService) . (.Egis Technology Inc. - MyWinLocker Service.) - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
~ Services: 16 Scanned in 00mn 21s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1076]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1080]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000Core.job [1054]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000UA.job [1106]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Happy Lyrics Update.job [402] =>Adware.AddLyrics
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-chromeinstaller.job [1916] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-codedownloader.job [1208] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-enabler.job [1108] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-firefoxinstaller.job [1840] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-3.5-updater.job [1304] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [4832] (...) -- C:\Users\proprietaire\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.AB3C4A3667AEAD147F175721D8719B78] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [250248]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\proprietaire\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [Funmoods] (...) -- C:\Users\proprietaire\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.Funmoods
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000Core] (.Google Inc..) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4048187908-1995387496-4212406666-1000UA] (.Google Inc..) -- C:\Users\proprietaire\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [Happy Lyrics Update] (...) -- C:\Program Files (x86)\HappyLyrics\HLUpdater.exe (.not file.) [0] =>Adware.AddLyrics
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] [APT] [Java Update Scheduler] (.Oracle Corporation.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336]
[MD5.00000000000000000000000000000000] [APT] [Omiga Plus RunAsStdUser] (...) -- C:\Program Files (x86)\Omiga Plus\omigaplus.exe (.not file.) [0] =>Hijacker.OmigaPlus
[MD5.C11D7537690D388ED9D5FE83BBCA7563] [APT] [Plus-HD-3.5-chromeinstaller] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-chromeinstaller.exe [466280] =>Adware.PlusHD
[MD5.386F5060FE270EFDC629FC6FBE720055] [APT] [Plus-HD-3.5-codedownloader] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-codedownloader.exe [491880] =>Adware.PlusHD
[MD5.76AE0731AFCF8B515D8F3F3206151192] [APT] [Plus-HD-3.5-enabler] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-enabler.exe [351080] =>Adware.PlusHD
[MD5.E8F21679635FE7491D0957B966BB4E2F] [APT] [Plus-HD-3.5-firefoxinstaller] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-firefoxinstaller.exe [727400] =>Adware.PlusHD
[MD5.5A8245FC4E59011DFF180461EB877AB8] [APT] [Plus-HD-3.5-updater] (.Plus HD.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-updater.exe [367976] =>Adware.PlusHD
[MD5.846965AE55A2662B1576C0F392DD1D6E] [APT] [ScanSoft Background Update] (.Nuance Communications, Inc..) -- C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472]
[MD5.00000000000000000000000000000000] [APT] [{329118BA-AB97-4DF3-8FC2-D1F9889D35E2}] (...) -- E:\Setup\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{858AD928-CDC7-43CE-A645-E9C7F3879B9E}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe (.not file.) [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{97BBF679-6E1A-4C71-BE43-A092ED5CC20D}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe [1917440]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] [APT] [{9B60BB48-DEAE-4ED5-8F53-9FB700AFEC29}] (.Google Inc..) -- c:\users\proprietaire\appdata\local\google\chrome\application\chrome.exe [863184]
[MD5.92B476DD52794881A4B91A5529C2706B] [APT] [{D669FB41-CD44-4498-8409-58CA41AD8864}] (...) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe [107568]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 47 Scanned in 00mn 12s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (ucbpwtpb) . (. - .) - C:\Windows\system32\drivers\ucbpwtpb.sys (.not file.)
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 75 Scanned in 00mn 02s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Acer Crystal Eye webcam - (.Liteon.) [HKLM][64Bits] -- {51F026FA-5146-4232-A8BA-1364740BD053}
O42 - Logiciel: Acer GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Screensaver
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Suis les instructions comme au début, tu l'héberge !
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20131230_p107q9x5r5
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Bonsoir,

On refait Rogue Killer.

Ton ordinateur est infecté par un rogue, c'est à dire un logiciel qui affiche de fausses alertes pour te faire peur et te pousser à payer (plus d'infos ici)... Ignore les fausses alertes du rogue et ne paye surtout pas, je vais t'aider à t'en débarrasser. Pour commencer, utilise cet outil :

▶ Télécharge RogueKiller (de Tigzy) sur le Bureau
▶ Quitte tous tes programmes en cours
▶ Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
▶ Patiente pendant le pre-scan, puis clique sur le bouton "Scan"
▶ A la fin, vérifie que tous les éléments sont cochés puis clique sur "Suppression"
▶ Un rapport (RKreport.txt) doit être créé sur le Bureau, poste le dans ta prochaine réponse.
▶ Redémarre le pc
RogueKiller V8.8.0 [Dec 27 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : proprietaire [Droits d'admin]
Mode : Suppression -- Date : 12/30/2013 21:42:21
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


0.0.0.0 boxore.com
0.0.0.0 www.boxore.com
0.0.0.0 boxore.org
0.0.0.0 www.boxore.org
0.0.0.0 boxore.net
0.0.0.0 www.boxore.net
0.0.0.0 dlmanager.com
0.0.0.0 www.dlmanager.com
0.0.0.0 dlmanager.org
0.0.0.0 www.dlmanager.org
0.0.0.0 dlmanager.net
0.0.0.0 www.dlmanager.net


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BEVT-22A0RT0 +++++
--- User ---
[MBR] 8b4faa014149bcfc4d1ec54b6c7c5eff
[BSP] 0de360b15c5716f6f8a88110a81faa16 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 463526 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_D_12302013_214221.txt >>
RKreport[0]_D_12292013_200900.txt;RKreport[0]_S_12292013_200729.txt;RKreport[0]_S_12302013_213434.txt



http://pjjoint.malekal.com/files.php?id=20131230_p15v13x13u13r13
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Si je te demande le lien, ce n'est pas pour me poster le rapport mais juste le lien -_-

Comment se comporte ton pc ?
il est plus rapide et plus de page de pub ou autre qui s'ouvrent seules
Messages postés
4175
Date d'inscription
mercredi 13 janvier 2010
Statut
Membre
Dernière intervention
18 mars 2014
197
Parfait :)

On finalise :

Télécharge SFTGC ici http://www.archive-host.com
Enregistrez le fichier sur le bureau.
Ouvrez SFTGC.exe et patientez durant l'initialisation du logiciel :
Pour lancer le nettoyage, il suffit de cliquer sur Go.

Pour supprimer les outils de désinfections utilisés :

Télécharges DelFix par Xplode sur ton Bureau.

Lance DelFix, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
Coche les cases suivantes en gras:

Réactiver l'UAC
Supprimer les outils de désinfection
Effectuer une sauvegarde du registre
Purger la restauration système
Réinitialisation des paramètres système

Puis exécuter

Change tout tes mots de passe !

Si tu n'as pas d'autres questions, met ce sujet résolu.


Un peu de lecture :

Si tu veux un antivirus gratuit, choisis-en UN parmi ceux-ci :
- Avast : http://www.commentcamarche.net/download/telecharger-151-avast-free-version
- AntiVir : http://www.commentcamarche.net/download/telecharger-55-antivir
- Microsoft Security Essentials : https://support.microsoft.com/en-us/windows/what-is-microsoft-security-essentials-c25ad47a-7d15-8072-1438-b07dffcbbb20

Pour le pare-feu, celui de Windows est suffisant. Inutile d'installer un anti-spyware, ces logiciels sont inutiles de nos jours (de toute façon, les antivirus actuels détectent aussi les adwares). En complément, tu peux utiliser MalwareBytes Anti-Malware pour faire des scans de vérification de temps en temps : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Dans tous les cas un antivirus est utile, mais qu'il soit gratuit ou payant, aucun antivirus ne te protègera à 100%, loin de là ! Le choix de l'antivirus n'est pas l'élément le plus important pour la sécurité d'un ordinateur, il faut prendre d'autres précautions :

* N'oublie pas de garder Windows à jour via Windows Update (accessible via le menu démarrer, dans la liste des programmes). L'idéal est de laisser activées les mises à jour automatiques.

* Garde aussi tes logiciels à jour, c'est très important d'avoir les dernières versions pour combler les failles de sécurité. Si tu souhaites être prévenu des mises à jour importantes à effectuer à l'avenir, je me permets de te signaler l'existence d'une lettre d'information proposée en bas à gauche de ce site. En t'inscrivant, tu recevras un e-mail dès que des mises à jour importantes pour la sécurité de ton ordinateur sont disponibles. Ces messages contiendront des explications pour savoir comment procéder, au cas où tu ne te sentes pas à l'aise pour le faire seul.

* Pour naviguer sur internet plus en sécurité et à l'abri des publicités, je te conseille vivement d'installer et d'utiliser exclusivement le navigateur Mozilla Firefox : http://www.mozilla-europe.org/fr/firefox/
Une fois que c'est fait, lance le et installe les deux extensions de sécurité suivantes :
- AdBlockPlus pour bloquer les publicités : https://addons.mozilla.org/fr/firefox/addon/adblock-plus/
- WOT pour t'avertir des sites web dangereux : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/

* WOT est également disponibles pour d'autres navigateurs si tu le souhaites : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp

* Si ton antivirus est Avira AntiVir, ignore cette étape : Vaccine tes disques amovibles à l'aide de MKV : http://general-changelog-team.fr/fr/downloads/viewdownload/15-outils-de-el-desaparecido/20-mkv
Il suffit de brancher tous tes disques amovibles (clé USB, disque dur externe, lecteur mp3, cartes mémoire...) sans les ouvrir, puis de lancer MKV et cliquer sur "Vacciner".

* Ne pas avoir un comportement à risque (installer tout et n'importe quoi sans réfléchir, télécharger des cracks)... Consulte ceci pour comprendre comment les infections actuelles se propagent et savoir les éviter : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf