Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Mon pc s'eteint tout seul et je ne peux acceder a mes programmes de demarages

 

1 utilisateur anonyme
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Mon pc s'eteint tout seul et je ne peux acceder a mes programmes de demarages

Prévenir les modérateurs en cas d'abus 
sheperbloK
sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 12:00:43  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut j'ai un petit probleme avec mon pc c'est a dire que quand je veux acceder a mes programmes de demarages il me dit que Windows defender n'est pas activé et qu'il faut que je l'active mais quand j'ouvre la fenetre rien ne se passe , donc la j'ai pensé a un virus donc j'ai voulu faire un scan avec avira mais mon pc s'eteint tout seul quand l'antivirus fait son scan!!!!!!!!!!!!!!!je comprends vraiment pas pourquoi  :fou: ????
 merci de votre aide ++

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 12:10:35  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
car la en fait moi je pensais que la seule solution que j'avais c'est de mettre les fichiers que je veux garder sur disque dur et de formater mon ordi!!!!!!!!!!!!c'est pour ca que je viens voir ici si il n y a pas une ame charitable qui m indiqueré une solution
 merci a vous

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 17/11/2011 à 12:12:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK, bienvenu sur 01net


 Télécharge RogueKiller (par tigzy) sur le bureau :
 http://www.sur-la-toile.com/Ro [...] Killer.exe

 - Fermes les applications et programmes en cours.
 - Double clique sur RogueKiller.exe pour lancer le programme
 (Vista/Seven - Faire un clique droit sur RogueKiller.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme)
 - Lorsque demandé, taper 2 et valider
 - Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), poste le rapport
 - Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 15:02:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci de ton aide c'est sympa!!!Voila le rapport demandé:
 RogueKiller V6.1.9 [16/11/2011] par Tigzy
 mail: tigzyRK<at>gmail<dot>com
 Remontees: http://www.sur-la-toile.com/di [...] ntees.html
 Blog: http://tigzyrk.blogspot.com

 Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
 Demarrage : Mode normal
 Utilisateur: Ero [Droits d'admin]
 Mode: Suppression -- Date : 17/11/2011 14:59:55

 ¤¤¤ Processus malicieux: 0 ¤¤¤

 ¤¤¤ Entrees de registre: 3 ¤¤¤
 [SUSP PATH] HKCU\[...]\Run : cacaoweb ("C:\Users\Ero\AppData\Roaming​\cacaoweb\cacaoweb.exe" -noplayer) -> DELETED
 [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595f​e6b30ee} (1) -> REPLACED (0)
 [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002​B30309D} (1) -> REPLACED (0)

 ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 ¤¤¤ Driver: [LOADED] ¤¤¤

 ¤¤¤ Infection :  ¤¤¤

 ¤¤¤ Fichier HOSTS: ¤¤¤
 127.0.0.1 www.007guard.com
 127.0.0.1 007guard.com
 127.0.0.1 008i.com
 127.0.0.1 www.008k.com
 127.0.0.1 008k.com
 127.0.0.1 www.00hq.com
 127.0.0.1 00hq.com
 127.0.0.1 010402.com
 127.0.0.1 www.032439.com
 127.0.0.1 032439.com
 127.0.0.1 www.0scan.com
 127.0.0.1 0scan.com
 127.0.0.1 1000gratisproben.com
 127.0.0.1 www.1000gratisproben.com
 127.0.0.1 1001namen.com
 127.0.0.1 www.1001namen.com
 127.0.0.1 100888290cs.com
 127.0.0.1 www.100888290cs.com
 127.0.0.1 www.100sexlinks.com
 127.0.0.1 100sexlinks.com
 [...]


 Termine : << RKreport[1].txt >>
 RKreport[1].txt


Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 17/11/2011 à 19:39:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 On va vérifier le PC :

 Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

 - Quitte les applications en cours afin de ne pas interrompre le scan.
 - Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
 Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
 - Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
 - Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

 Ne modifie pas les autres paramètres !

 Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

 netsvcs
 msconfig
 safebootminimal
 safebootnetwork
 activex
 drivers32
 %SYSTEMDRIVE%\*.*
 %SYSTEMDRIVE%\*.exe
 %PROGRAMFILES%\*.*
 %PROGRAMFILES%\*.
 /md5start
 consrv.dll
 volsnap.sys
 hidserv.dll
 appmgmts.dll
 eventlog.dll
 winlogon.exe
 scecli.dll
 netlogon.dll
 cngaudit.dll
 sceclt.dll
 ntelogon.dll
 logevent.dll
 iaStor.sys
 nvstor.sys
 atapi.sys
 IdeChnDr.sys
 viasraid.sys
 AGP440.sys
 vaxscsi.sys
 nvatabus.sys
 viamraid.sys
 wininet.dll
 wininit.exe
 nvata.sys
 nvgts.sys
 iastorv.sys
 ViPrt.sys
 eNetHook.dll
 explorer.exe
 svchost.exe
 userinit.exe
 qmgr.dll
 ws2_32.dll
 proquota.exe
 imm32.dll
 kernel32.dll
 ndis.sys
 autochk.exe
 spoolsv.exe
 xmlprov.dll
 ntmssvc.dll
 mswsock.dll
 Beep.SYS
 ntfs.sys
 termsrv.dll
 sfcfiles.dll
 st3shark.sys
 winlogon.exe
 wininit.ini
 /md5stop
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager\SubSystems /s
 SAVEMBR:0
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles
 %systemroot%\system32\drivers\​*.sys /lockedfiles
 %systemroot%\System32\config\*​.sav
 c:\$recycle.bin\*.* /s


 - Clique sur le bouton Analyse.
 - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

 Utilise cjoint.com pour poster en lien tes rapports :
 http://cjoint.com/

 - Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

 Après fais de même avec l'autre rapport Extras.txt


 @++   :)

(Publicité)
sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 20:48:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OTL logfile created on: 17/11/2011 20:07:06 - Run 1
 OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Ero\Documents\Downloa​ds
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 60,92% Memory free
 6,22 Gb Paging File | 4,84 Gb Available in Paging File | 77,71% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 455,10 Gb Total Space | 119,55 Gb Free Space | 26,27% Space Free | Partition Type: NTFS
 Drive D: | 10,66 Gb Total Space | 1,33 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
 Drive P: | 931,51 Gb Total Space | 216,39 Gb Free Space | 23,23% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-ERO | User Name: Ero | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/11/17 20:04:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ero\Documents\Downloa​ds\OTL.exe
 PRC - [2011/11/15 00:39:06 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe
 PRC - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 PRC - [2011/08/18 10:48:31 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\​rbmonitor.exe
 PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
 PRC - [2011/05/18 21:35:55 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
 PRC - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
 PRC - [2011/05/05 14:34:14 | 000,861,696 | ---- | M] (Orange) -- C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe
 PRC - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
 PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
 PRC - [2011/03/24 13:30:12 | 001,115,536 | ---- | M] (Discordia, LTD) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e
 PRC - [2011/02/04 12:08:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 PRC - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 PRC - [2009/09/09 13:26:36 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe
 PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 PRC - [2008/07/03 10:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
 PRC - [2007/04/18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - [2011/10/12 12:52:29 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Web\e0​0630ec1e225a2376fdd430645e20f7​\System.Web.ni.dll
 MOD - [2011/10/12 12:52:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\6d2f689baff5da3df134fd​ec0742a13c\System.Runtime.Remo​ting.ni.dll
 MOD - [2011/10/12 12:31:28 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\c1​c06a392871267db27f7cbc40e1c4fb​\System.Xml.ni.dll
 MOD - [2011/10/12 12:30:58 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\1363115565fff5a641243a​48f396f107\System.Windows.Form​s.ni.dll
 MOD - [2011/10/12 12:30:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\367c4043efc2f32d843cb588b0dc​97fc\System.Drawing.ni.dll
 MOD - [2011/10/12 12:29:11 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\f9c36e​a806e77872dce891c77b68fac3\Sys​tem.ni.dll
 MOD - [2011/10/12 12:28:51 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\b663​2a8b2f276a8e31f5b0f6b2006cd1\m​scorlib.ni.dll
 MOD - [2010/11/04 10:10:52 | 000,337,408 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtXm​l4.dll
 MOD - [2010/11/04 10:10:50 | 000,875,520 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtNe​twork4.dll
 MOD - [2010/11/04 10:10:48 | 007,390,720 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtGu​i4.dll
 MOD - [2010/11/04 10:10:46 | 002,012,160 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtCo​re4.dll
 MOD - [2010/11/04 10:10:46 | 000,241,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on4.dll
 MOD - [2010/11/04 10:10:46 | 000,182,784 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Prox​yDetection.dll
 MOD - [2010/11/04 10:10:46 | 000,177,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on_backend\phonon_ds94.dll
 MOD - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 MOD - [2010/11/04 10:10:44 | 000,022,016 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\imag​eformats\qgif4.dll
 MOD - [2009/09/27 22:02:24 | 000,797,184 | ---- | M] () -- C:\WINDOWS\System32\ac3filter.​ax
 MOD - [2009/03/30 05:42:27 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\S​ystem.Windows.Forms.resources\​2.0.0.0_fr_b77a5c561934e089\Sy​stem.Windows.Forms.resources.d​ll
 MOD - [2009/03/30 05:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll
 MOD - [2008/05/16 12:11:39 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime\2.0.​2977.39064__90ba9c70f846762e\C​LI.Caste.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:39 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Wizard\2.0.2977.39118__90ba9c7​0f846762e\CLI.Aspect.InfoCentr​e.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard\2.0.2​977.39097__90ba9c70f846762e\CL​I.Caste.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Runtime\2.0.2977.39084__9​0ba9c70f846762e\CLI.Aspect.Hot​keysHandling.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:38 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Wizard\2.0.2977.39104__90​ba9c70f846762e\CLI.Aspect.Disp​laysManager.Graphics.Wizard.dl​l
 MOD - [2008/05/16 12:11:38 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.W​izard\2.0.2977.39334__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Ru​ntime\2.0.2977.39300__90ba9c70​f846762e\CLI.Aspect.DeviceTV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Ru​ntime\2.0.2977.39263__90ba9c70​f846762e\CLI.Aspect.DeviceCV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Runtime\2.0.2977.39217__90​ba9c70f846762e\CLI.Aspect.Devi​ceProperty.Graphics.Runtime.dl​l
 MOD - [2008/05/16 12:11:24 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Da​shboard\2.0.2977.39271__90ba9c​70f846762e\CLI.Aspect.Radeon3D​.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Welcome.Graphics.Das​hboard\2.0.2977.39340__90ba9c7​0f846762e\CLI.Aspect.Welcome.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Wi​zard\2.0.2977.39277__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Wizard.dll
 MOD - [2008/05/16 12:11:24 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard\2.​0.2977.39076__90ba9c70f846762e​\CLI.Caste.Graphics.Dashboard.​dll
 MOD - [2008/05/16 12:11:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Ru​ntime\2.0.2977.39270__90ba9c70​f846762e\CLI.Aspect.Radeon3D.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:24 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Runtime\2.0.2977.39331__90b​a9c70f846762e\CLI.Aspect.Power​PlayDPPE.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:23 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Runtime\2.0.2977.39361__90ba9c​70f846762e\CLI.Aspect.OverDriv​e5.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Das​hboard\2.0.2977.39227__90ba9c7​0f846762e\CLI.Aspect.MMVideo.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Dashboard\2.0.2977.39131_​_90ba9c70f846762e\CLI.Aspect.D​isplaysColour2.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.D​ashboard\2.0.2977.39219__90ba9​c70f846762e\CLI.Aspect.DeviceC​RT.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.D​ashboard\2.0.2977.39211__90ba9​c70f846762e\CLI.Aspect.DeviceD​FP.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Dashboard\2.0.2977.39085_​_90ba9c70f846762e\CLI.Aspect.D​isplaysManager.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Wiz​ard\2.0.2977.39292__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Wizard.dll
 MOD - [2008/05/16 12:11:22 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Dashboard\2.0.2977.39124__90ba​9c70f846762e\CLI.Aspect.InfoCe​ntre.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Dashboard\2.0.2977.39244_​_90ba9c70f846762e\CLI.Aspect.D​isplaysOptions.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Run​time\2.0.2977.39226__90ba9c70f​846762e\CLI.Aspect.MMVideo.Gra​phics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.R​untime\2.0.2977.39218__90ba9c7​0f846762e\CLI.Aspect.DeviceDFP​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Runtime\2.0.2977.39137__9​0ba9c70f846762e\CLI.Aspect.Dis​playsColour2.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.R​untime\2.0.2977.39226__90ba9c7​0f846762e\CLI.Aspect.DeviceCRT​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Runtime\2.0.2977.39243__9​0ba9c70f846762e\CLI.Aspect.Dis​playsOptions.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.R​untime\2.0.2977.39255__90ba9c7​0f846762e\CLI.Aspect.DeviceLCD​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Hotkeys.Shared\2.0.2​939.23687__90ba9c70f846762e\AE​M.Plugin.Hotkeys.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Actions.CCAA.Shared\2.0.293​9.23679__90ba9c70f846762e\AEM.​Actions.CCAA.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.EEU.Shared\2.0.2939.​23710__90ba9c70f846762e\AEM.Pl​ugin.EEU.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Shared\2.0.2939.23747__90ba9c7​0f846762e\CLI.Aspect.OverDrive​5.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation\2.0.2939.23668__​90ba9c70f846762e\CLI.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Shared\2.0.2​939.23689__90ba9c70f846762e\CL​I.Caste.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Sh​ared\2.0.2939.23743__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0601\2.0.2573.176​85__90ba9c70f846762e\DEM.Graph​ics.I0601.dll
 MOD - [2008/05/16 12:11:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.S​hared\2.0.2939.23764__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation\2.0.2939.23662__​90ba9c70f846762e\LOG.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.XManifest\2.0.29​39.23802__90ba9c70f846762e\CLI​.Foundation.XManifest.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Shared\2.0.2939.23763__90ba​9c70f846762e\CLI.Aspect.PowerP​layDPPE.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\N​EWAEM.Foundation\2.0.2939.2366​7__90ba9c70f846762e\NEWAEM.Fou​ndation.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS.I0602\2.0.2939.23717__90​ba9c70f846762e\DEM.OS.I0602.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0703\2.0.2651.188​02__90ba9c70f846762e\DEM.Graph​ics.I0703.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared\2.0​.2939.23693__90ba9c70f846762e\​CLI.Component.Wizard.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared\​2.0.2939.23687__90ba9c70f84676​2e\CLI.Component.Dashboard.Sha​red.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared\2.0​.2939.23679__90ba9c70f846762e\​CLI.Component.Client.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Foundation\2.0.2939.23707__​90ba9c70f846762e\MOM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS\2.0.2939.23717__90ba9c70​f846762e\DEM.OS.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0706\2.0.2743.233​04__90ba9c70f846762e\DEM.Graph​ics.I0706.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics\2.0.2939.23718__90​ba9c70f846762e\DEM.Graphics.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Foundation\2.0.2573.17684__​90ba9c70f846762e\DEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared\2.​0.2939.23688__90ba9c70f846762e​\CLI.Component.Runtime.Shared.​dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard.Share​d\2.0.2939.23734__90ba9c70f846​762e\CLI.Caste.Graphics.Wizard​.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard.Sh​ared\2.0.2939.23718__90ba9c70f​846762e\CLI.Caste.Graphics.Das​hboard.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.GD.Shared\2.0.2939.2​3767__90ba9c70f846762e\AEM.Plu​gin.GD.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.DPPE.Shared\2.0.2939​.23768__90ba9c70f846762e\AEM.P​lugin.DPPE.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\a​tixclib\1.0.0.0__90ba9c70f8467​62e\atixclib.dll
 MOD - [2008/05/16 12:11:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Sh​ared\2.0.2965.22300__90ba9c70f​846762e\CLI.Aspect.DeviceTV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.S​hared\2.0.2939.23739__90ba9c70​f846762e\CLI.Aspect.DeviceCRT.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Sha​red\2.0.2939.23740__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.S​hared\2.0.2939.23738__90ba9c70​f846762e\CLI.Aspect.DeviceDFP.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Sh​ared\2.0.2939.23742__90ba9c70f​846762e\CLI.Aspect.DeviceCV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Shared\2.0.2939.23708__90b​a9c70f846762e\CLI.Aspect.Devic​eProperty.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Shared\2.0.2939.23735__90​ba9c70f846762e\CLI.Aspect.Disp​laysColour2.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.S​hared\2.0.2939.23719__90ba9c70​f846762e\CLI.Aspect.DeviceLCD.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Shared\2.0.2939.23741__90​ba9c70f846762e\CLI.Aspect.Disp​laysOptions.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.CustomFormats.Graphi​cs.Shared\2.0.2939.23711__90ba​9c70f846762e\CLI.Aspect.Custom​Formats.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Foundation\2.0.2939.23665__​90ba9c70f846762e\AEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​CE.Graphics.DisplaysManager.Sh​ared\2.0.2573.17685__90ba9c70f​846762e\ACE.Graphics.DisplaysM​anager.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Shared\2.0.2939.23719__90​ba9c70f846762e\CLI.Aspect.Hotk​eysHandling.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Foundation\2.0.2939.23709__​90ba9c70f846762e\APM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server.Shared\2.0.2939.2368​7__90ba9c70f846762e\AEM.Server​.Shared.dll
 MOD - [2008/05/16 12:11:15 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard\2.0.297​7.39071__90ba9c70f846762e\CLI.​Component.Dashboard.dll
 MOD - [2008/05/16 12:11:15 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard\2.0.2977.3​9091__90ba9c70f846762e\CLI.Com​ponent.Wizard.dll
 MOD - [2008/05/16 12:11:15 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Implementation\2.0.2977.393​24__90ba9c70f846762e\MOM.Imple​mentation.dll
 MOD - [2008/05/16 12:11:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime\2.0.2977.​39056__90ba9c70f846762e\CLI.Co​mponent.Runtime.dll
 MOD - [2008/05/16 12:11:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation\2​.0.2977.39322__90ba9c70f846762​e\LOG.Foundation.Implementatio​n.dll
 MOD - [2008/05/16 12:11:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared.Pr​ivate\2.0.2939.23713__90ba9c70​f846762e\CLI.Component.Runtime​.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.Private\2.0.2939​.23678__90ba9c70f846762e\CLI.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared.Pri​vate\2.0.2939.23689__90ba9c70f​846762e\CLI.Component.Client.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Source.Kit.Server\2.​0.2977.39353__90ba9c70f846762e​\AEM.Plugin.Source.Kit.Server.​dll
 MOD - [2008/05/16 12:11:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Private\2.0.2939​.23679__90ba9c70f846762e\LOG.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared.Pri​vate\2.0.2939.23694__90ba9c70f​846762e\CLI.Component.Wizard.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation.P​rivate\2.0.2939.23712__90ba9c7​0f846762e\LOG.Foundation.Imple​mentation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared.​Private\2.0.2939.23711__90ba9c​70f846762e\CLI.Component.Dashb​oard.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime.Shar​ed.Private\2.0.2939.23746__90b​a9c70f846762e\CLI.Caste.Graphi​cs.Runtime.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OCALIZATION.Foundation.Private​\2.0.2939.23677__90ba9c70f8467​62e\LOCALIZATION.Foundation.Pr​ivate.dll
 MOD - [2008/05/16 12:11:15 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Extension​.EEU\2.0.2977.39056__90ba9c70f​846762e\CLI.Component.Runtime.​Extension.EEU.dll
 MOD - [2008/05/16 12:11:14 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TIDEMOS\2.0.2977.39057__90ba9c​70f846762e\ATIDEMOS.dll
 MOD - [2008/05/16 12:11:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Server\2.0.2977.39055__90ba​9c70f846762e\APM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server\2.0.2977.39055__90ba​9c70f846762e\AEM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​CC.Implementation\2.0.2977.393​23__90ba9c70f846762e\CCC.Imple​mentation.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TICCCom\2.0.0.0__90ba9c70f8467​62e\ATICCCom.dll
 MOD - [2008/02/25 23:10:10 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\atitmmxx.d​ll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - [2011/11/16 05:37:23 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 SRV - [2011/11/16 05:36:08 | 003,313,240 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_3c​5db2f.dll -- (Akamai)
 SRV - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
 SRV - [2011/05/20 10:13:26 | 001,055,872 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Serv​ice\OUCore.exe -- (Orange update Core Service)
 SRV - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
 SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
 SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 SRV - [2008/02/03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
 SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - [2011/11/17 20:04:20 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Micro​soft Antimalware\Definition Updates\{D403372F-7964-4432-87​2F-316CB367D015}\MpKsl7ef07288​.sys -- (MpKsl7ef07288)
 DRV - [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Tr​ueSight.sys -- (TrueSight)
 DRV - [2011/09/18 14:24:57 | 000,015,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\Ero\AppData\Local\Tem​p\jswmidin.sys -- (jswmidin)
 DRV - [2011/09/02 01:52:47 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\av​ipbb.sys -- (avipbb)
 DRV - [2011/09/02 01:52:47 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\av​gntflt.sys -- (avgntflt)
 DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Ni​sDrvWFP.sys -- (NisDrv)
 DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mp​NWMon.sys -- (MpNWMon)
 DRV - [2011/03/24 19:26:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sp​td.sys -- (sptd)
 DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ss​mdrv.sys -- (ssmdrv)
 DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
 DRV - [2008/02/26 01:53:20 | 003,520,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\at​ikmdag.sys -- (atikmdag)
 DRV - [2008/01/29 13:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nv​mfdx32.sys -- (NVENETFD)
 DRV - [2008/01/25 20:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​rd32.sys -- (nvrd32)
 DRV - [2008/01/25 20:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​stor32.sys -- (nvstor32)
 DRV - [2007/10/12 16:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​smu.sys -- (nvsmu)
 DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS​2.sys -- (Ps2)
 DRV - [2004/11/29 19:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​sync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
 DRV - [2004/11/25 17:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sf​drv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
 DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​hlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] on&pf=cndt
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Search,SearchAssistan​t = about:blank
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\SOFTWARE\M​icrosoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] on&pf=cndt
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\SOFTWARE\M​icrosoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_por [...] efaultPage
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\URLSear​chHook: {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask)
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\URLSear​chHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - No CLSID value found
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\Software\M​icrosoft\Windows\CurrentVersio​n\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.startup.home​page: "http://go.microsoft.com/fwlin​k/?LinkId=56626&homepage=http:​//www.searchqu.com/406"
 FF - prefs.js..network.proxy.type: 0
 
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​videolan.org/vlc,version=1.1.9​: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 FF - HKLM\Software\MozillaPlugins\@​WildTangent.com/GamesAppPresen​ceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll ()
 FF - HKCU\Software\MozillaPlugins\@​Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ero\AppData\Local\Fac​ebook\Video\Skype\npFacebookVi​deoCalling.dll (Skype Limited)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@off​erbox.com
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\wide​stream6@spointer.com: C:\Program Files\Widestream6\spointer\ext​ensions\widestream6@spointer.c​om [2011/03/23 02:03:49 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\smar​twebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 FF - HKEY_CURRENT_USER\software\moz​illa\Firefox\Extensions\\smart​webprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 
 [2011/07/02 11:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Extensions
 [2011/11/13 03:52:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions
 [2011/11/12 18:39:28 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org
 [2011/09/13 20:14:05 | 000,000,000 | ---D | M] (VirtualDJ Toolbar) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\toolbar@​ask.com
 [2011/07/09 08:35:55 | 000,000,000 | ---D | M] (barre d'outils Orange) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\toolbar@​Orange.fr
 [2011/02/01 18:05:08 | 000,002,333 | ---- | M] () -- C:\Users\Ero\AppData\Roaming\M​ozilla\Firefox\Profiles\dw8p8k​x2.default\searchplugins\askco​m.xml
 [2011/03/21 17:51:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAME​WORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTE​NSION
 
 ========== Chrome  ==========
 
 CHR - default_search_provider: Web Search (Enabled)
 CHR - default_search_provider: search_url = http://www.searchqu.com/web?sr [...] archTerms}
 CHR - default_search_provider: suggest_url =
 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.120\gcswf32.dll
 CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npdeployJava1.dll
 CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll
 CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl​.dll
 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
 CHR - plugin: Native Client (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.120\ppGoogleNaClPluginChrome​.dll
 CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.120\pdf.dll
 CHR - plugin: OfferboxChromePlugin Dynamic Link Library (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\bjeike​heijdjdfjbmknpefojickbkmom\2.1​.3564.126_0\OfferboxChromePlug​in.dll
 CHR - plugin: Interest Recognizer for Widestream6 (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\eppeeb​fgcgojgpffkdcpiljephjaboki\4.0​.1938.5_0\widestream6_air_chro​me.dll
 CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
 CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
 CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\​npGoogleUpdate3.dll
 CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
 CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll
 CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll
 CHR - plugin: Default Plug-in (Enabled) = default_plugin
 CHR - Extension: Interest Recognizer for Widestream6 = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\eppeeb​fgcgojgpffkdcpiljephjaboki\4.0​.1938.5_0\
 CHR - Extension: AT_DJTiesto = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\okmcbg​kkeagngnijeiighgblfljbekip\2_0​\
 
 O1 HOSTS File: ([2011/10/10 14:43:19 | 000,437,101 | R--- | M]) - C:\WINDOWS\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1 www.007guard.com
 O1 - Hosts: 127.0.0.1 007guard.com
 O1 - Hosts: 127.0.0.1 008i.com
 O1 - Hosts: 127.0.0.1 www.008k.com
 O1 - Hosts: 127.0.0.1 008k.com
 O1 - Hosts: 127.0.0.1 www.00hq.com
 O1 - Hosts: 127.0.0.1 00hq.com
 O1 - Hosts: 127.0.0.1 010402.com
 O1 - Hosts: 127.0.0.1 www.032439.com
 O1 - Hosts: 127.0.0.1 032439.com
 O1 - Hosts: 127.0.0.1 www.0scan.com
 O1 - Hosts: 127.0.0.1 0scan.com
 O1 - Hosts: 127.0.0.1 1000gratisproben.com
 O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
 O1 - Hosts: 127.0.0.1 1001namen.com
 O1 - Hosts: 127.0.0.1 www.1001namen.com
 O1 - Hosts: 127.0.0.1 100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100sexlinks.com
 O1 - Hosts: 127.0.0.1 100sexlinks.com
 O1 - Hosts: 127.0.0.1 10sek.com
 O1 - Hosts: 127.0.0.1 www.10sek.com
 O1 - Hosts: 127.0.0.1 www.1-2005-search.com
 O1 - Hosts: 127.0.0.1 1-2005-search.com
 O1 - Hosts: 127.0.0.1 123fporn.info
 O1 - Hosts: 15060 more lines...
 O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll (Adobe Systems Incorporated)
 O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439​253D926} - C:\Program Files\PriceGong\2.1.0\PriceGon​gIE.dll (PriceGong)
 O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {1a6dc111-b030-4c3e-be65-29928​4128b91} - C:\Program Files\Widestream6\spointer\ext​ensions\widestream6_air_ie.dll (Widestream6)
 O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D876​4B3486C} - No CLSID value found.
 O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\PROGRA~1\WI371A~1\ToolBar\s​earchqudtx.dll ()
 O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115} - C:\PROGRA~1\WI371A~1\Datamngr\​IEBHO.dll (Discordia, LTD)
 O2 - BHO: (VirtualDJ Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask)
 O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B2​80BF616} - C:\PROGRA~1\OPENSU~1\Iplex\IPL​EXT~1.DLL (ALLCinema Ltd.)
 O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\PROGRA~1\WI371A~1\ToolBar\s​earchqudtx.dll ()
 O3 - HKLM\..\Toolbar: (VirtualDJ Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask)
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E​7B03F8E} - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O4 - HKLM..\Run: []  File not found
 O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
 O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
 O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\​DATAMN~1.EXE (Discordia, LTD)
 O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe (CyberLink Corp.)
 O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe File not found
 O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
 O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
 O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
 O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe (Advanced Micro Devices, Inc.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Akamai NetSession Interface] C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe (Akamai Technologies, Inc)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [ALLUpdate] C:\Program Files\OpenSubtitlesPlayer\ALLU​pdate.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Facebook Update] C:\Users\Ero\AppData\Local\Fac​ebook\Update\FacebookUpdate.ex​e (Facebook Inc.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [orangeinside] C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe (Orange)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\​launcher.exe (Uniblue Systems Limited)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
 O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\addfavo​rites_html\addfavorites.html ()
 O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​selectedtext_html\sendsmsselec​tedtext.html ()
 O8 - Extra context menu item: envoyer par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​_html\sendsms.html ()
 O8 - Extra context menu item: envoyer un mail - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendmai​l_html\sendmail.html ()
 O8 - Extra context menu item: orange.fr - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\orange_​html\orange.html ()
 O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\selecte​dsearch_html\selectedsearch.ht​ml ()
 O8 - Extra context menu item: traduire la page - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​te_html\translate.html ()
 O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​teSelectedText_html\translateS​electedText.html ()
 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O13 - gopher Prefix: missing
 O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_01)
 O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{C561E0​60-3B3C-486D-8A20-28D2DE67FE04​}: DhcpNameServer = 192.168.1.1
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll (Discordia, LTD)
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll (Discordia, LTD)
 O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) -C:\WINDOWS\System32\userinit.​exe (Microsoft Corporation)
 O24 - Desktop WallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O24 - Desktop BackupWallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2008/05/16 12:22:55 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O32 - AutoRun File - [2010/08/27 17:44:50 | 000,000,000 | RH-D | M] - P:\autorun -- [ NTFS ]
 O32 - Unable to obtain root file information for disk P:\
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell\Au​toRun\command - "" = O:\LaunchU3.exe -a
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell\Au​toRun\command - "" = K:\setup.exe
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 NetSvcs: ezSharedSvc - C:\WINDOWS\System32\ezsvc7.dll (EasyBits Sofware AS)
 
 
 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootMin: NTDS -  File not found
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NTDS -  File not found
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootNet: WudfPf - Driver
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Java (Sun)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} - NetShow
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Windows Media Player 5.2
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {3C3901C5-3455-3E0A-A214-0B093​A5070A6} - .NET Framework
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} - DirectShow
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.7
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E​41B1089} - .NET Framework
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\system32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.d​ll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789​CFEFCDD} - .NET Framework
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {CDD7975E-60F8-41d5-8149-19E51​D6F71D0} - Windows Movie Maker v2.1
 ActiveX: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} - Adobe Flash Player
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - C:\Windows\system32\unregmp2.e​xe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\system32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF} - "C:\Windows\System32\rundll32.​exe" "C:\Windows\System32\iedkcs32.​dll",BrandIEActiveSetup SIGNUP
 
 Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
 Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dl​l ()
 PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/11/17 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\Desktop\RK_Quaran​tine
 [2011/11/13 04:34:28 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Div​inity 2
 [2011/11/12 18:39:05 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\c​acaoweb
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Strongh​old 3
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
 [2011/11/11 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Stronghold 3
 [2011/11/11 02:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/11/09 21:29:08 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Aka​mai
 [2011/11/01 10:17:30 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Orcs Must Die
 [2011/11/01 10:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Robot Entertainment
 [2011/11/01 10:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Robot Entertainment
 [2011/10/31 17:48:49 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax
 [2011/10/31 17:48:49 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.d​ll
 [2011/10/31 17:48:48 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.d​ll
 [2011/10/31 17:48:46 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\strmdll.dl​l
 [2011/10/31 17:48:46 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.ex​e
 [2011/10/31 17:48:43 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll
 [2011/10/31 17:48:43 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll
 [2011/10/31 17:48:43 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv
 [2011/10/31 17:48:41 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/31 17:44:20 | 000,000,000 | ---D | C] -- C:\Dark Project
 [2011/10/31 17:43:49 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe
 [2011/10/27 12:29:24 | 001,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
 [2011/10/27 12:29:24 | 000,540,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.c​pl
 [2011/10/27 12:29:23 | 006,266,880 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
 [2011/10/27 12:29:23 | 000,725,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.d​ll
 [2011/10/27 12:29:23 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.​dll
 [2011/10/21 23:44:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Dar​ksiders
 [2011/10/21 23:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Darksiders
 [2011/10/21 17:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
 [2011/10/19 11:26:54 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Fac​ebook
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/11/17 20:09:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
 [2011/11/17 20:03:01 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000UA.job
 [2011/11/17 19:56:01 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/11/17 19:55:44 | 000,680,904 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2011/11/17 19:55:44 | 000,597,898 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2011/11/17 19:55:44 | 000,127,420 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2011/11/17 19:55:44 | 000,104,872 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2011/11/17 19:51:32 | 000,000,680 | ---- | M] () -- C:\Users\Ero\AppData\Local\d3d​9caps.dat
 [2011/11/17 19:50:23 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/11/17 19:50:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/17 19:50:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/17 19:50:12 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\RegistryBoost​er.job
 [2011/11/17 19:50:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/11/17 19:50:03 | 3219,550,208 | -HS- | M] () -- C:\hiberfil.sys
 [2011/11/17 15:31:03 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000UA.job
 [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/17 12:37:26 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000Core.j​ob
 [2011/11/17 11:35:54 | 000,056,832 | ---- | M] () -- C:\Users\Ero\AppData\Local\DCB​C2A71-70D8-4DAN-EHR8-E0D61DEA3​FDF.ini
 [2011/11/17 11:09:28 | 000,395,264 | ---- | M] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/15 23:03:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000Core.job
 [2011/11/03 08:26:20 | 000,024,602 | ---- | M] () -- C:\Users\Ero\AppData\Roaming\w​klnhst.dat
 [2011/11/01 10:12:47 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
 [2011/10/31 17:48:41 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/27 12:29:33 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
 [2011/10/19 21:11:12 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2011/11/17 20:09:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
 [2011/11/17 14:57:47 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/12 18:39:04 | 000,395,264 | ---- | C] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/01 10:12:47 | 000,002,239 | ---- | C] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
 [2011/10/31 17:48:43 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
 [2011/10/31 17:48:43 | 000,005,672 | ---- | C] () -- C:\Windows\System32\quartz.vxd
 [2011/10/19 21:11:12 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
 [2011/10/19 11:26:58 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000UA.job
 [2011/10/19 11:26:58 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000Core.j​ob
 [2011/10/06 12:07:20 | 000,000,456 | ---- | C] () -- C:\Windows\wininit.ini
 [2011/09/22 10:38:12 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dl​l
 [2011/09/22 10:38:12 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dl​l
 [2011/09/22 10:38:12 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dl​l
 [2011/09/07 15:10:10 | 000,000,008 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\D​ofusAppId0_1
 [2011/09/07 14:28:47 | 000,000,169 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\D​2Info0
 [2011/09/07 14:28:47 | 000,000,008 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\D​ofusAppId0_2
 [2011/06/13 09:58:35 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2011/06/13 09:58:35 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2011/05/19 09:35:34 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dl​l
 [2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.​cat
 [2011/03/28 19:45:11 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.da​t
 [2011/03/24 20:26:22 | 000,284,160 | ---- | C] () -- C:\Windows\unin040c.exe
 [2011/03/23 15:01:18 | 000,183,179 | ---- | C] () -- C:\Windows\hpoins36.dat
 [2011/03/23 14:48:05 | 000,024,602 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\w​klnhst.dat
 [2011/03/21 23:54:00 | 000,056,832 | ---- | C] () -- C:\Users\Ero\AppData\Local\DCB​C2A71-70D8-4DAN-EHR8-E0D61DEA3​FDF.ini
 [2011/03/21 21:12:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuth​n.dll
 [2011/03/21 21:12:14 | 000,107,612 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchema.bin
 [2011/03/2

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 20:48:30  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OTL logfile created on: 17/11/2011 20:07:06 - Run 1
 OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Ero\Documents\Downloa​ds
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 60,92% Memory free
 6,22 Gb Paging File | 4,84 Gb Available in Paging File | 77,71% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 455,10 Gb Total Space | 119,55 Gb Free Space | 26,27% Space Free | Partition Type: NTFS
 Drive D: | 10,66 Gb Total Space | 1,33 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
 Drive P: | 931,51 Gb Total Space | 216,39 Gb Free Space | 23,23% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-ERO | User Name: Ero | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/11/17 20:04:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ero\Documents\Downloa​ds\OTL.exe
 PRC - [2011/11/15 00:39:06 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe
 PRC - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 PRC - [2011/08/18 10:48:31 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\​rbmonitor.exe
 PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
 PRC - [2011/05/18 21:35:55 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
 PRC - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
 PRC - [2011/05/05 14:34:14 | 000,861,696 | ---- | M] (Orange) -- C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe
 PRC - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
 PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
 PRC - [2011/03/24 13:30:12 | 001,115,536 | ---- | M] (Discordia, LTD) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.ex​e
 PRC - [2011/02/04 12:08:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 PRC - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 PRC - [2009/09/09 13:26:36 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe
 PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 PRC - [2008/07/03 10:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
 PRC - [2007/04/18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - [2011/10/12 12:52:29 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Web\e0​0630ec1e225a2376fdd430645e20f7​\System.Web.ni.dll
 MOD - [2011/10/12 12:52:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\6d2f689baff5da3df134fd​ec0742a13c\System.Runtime.Remo​ting.ni.dll
 MOD - [2011/10/12 12:31:28 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\c1​c06a392871267db27f7cbc40e1c4fb​\System.Xml.ni.dll
 MOD - [2011/10/12 12:30:58 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\1363115565fff5a641243a​48f396f107\System.Windows.Form​s.ni.dll
 MOD - [2011/10/12 12:30:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\367c4043efc2f32d843cb588b0dc​97fc\System.Drawing.ni.dll
 MOD - [2011/10/12 12:29:11 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\f9c36e​a806e77872dce891c77b68fac3\Sys​tem.ni.dll
 MOD - [2011/10/12 12:28:51 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\b663​2a8b2f276a8e31f5b0f6b2006cd1\m​scorlib.ni.dll
 MOD - [2010/11/04 10:10:52 | 000,337,408 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtXm​l4.dll
 MOD - [2010/11/04 10:10:50 | 000,875,520 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtNe​twork4.dll
 MOD - [2010/11/04 10:10:48 | 007,390,720 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtGu​i4.dll
 MOD - [2010/11/04 10:10:46 | 002,012,160 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtCo​re4.dll
 MOD - [2010/11/04 10:10:46 | 000,241,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on4.dll
 MOD - [2010/11/04 10:10:46 | 000,182,784 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Prox​yDetection.dll
 MOD - [2010/11/04 10:10:46 | 000,177,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on_backend\phonon_ds94.dll
 MOD - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 MOD - [2010/11/04 10:10:44 | 000,022,016 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\imag​eformats\qgif4.dll
 MOD - [2009/09/27 22:02:24 | 000,797,184 | ---- | M] () -- C:\WINDOWS\System32\ac3filter.​ax
 MOD - [2009/03/30 05:42:27 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\S​ystem.Windows.Forms.resources\​2.0.0.0_fr_b77a5c561934e089\Sy​stem.Windows.Forms.resources.d​ll
 MOD - [2009/03/30 05:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll
 MOD - [2008/05/16 12:11:39 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime\2.0.​2977.39064__90ba9c70f846762e\C​LI.Caste.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:39 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Wizard\2.0.2977.39118__90ba9c7​0f846762e\CLI.Aspect.InfoCentr​e.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard\2.0.2​977.39097__90ba9c70f846762e\CL​I.Caste.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Runtime\2.0.2977.39084__9​0ba9c70f846762e\CLI.Aspect.Hot​keysHandling.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:38 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Wizard\2.0.2977.39104__90​ba9c70f846762e\CLI.Aspect.Disp​laysManager.Graphics.Wizard.dl​l
 MOD - [2008/05/16 12:11:38 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.W​izard\2.0.2977.39334__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Ru​ntime\2.0.2977.39300__90ba9c70​f846762e\CLI.Aspect.DeviceTV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Ru​ntime\2.0.2977.39263__90ba9c70​f846762e\CLI.Aspect.DeviceCV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Runtime\2.0.2977.39217__90​ba9c70f846762e\CLI.Aspect.Devi​ceProperty.Graphics.Runtime.dl​l
 MOD - [2008/05/16 12:11:24 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Da​shboard\2.0.2977.39271__90ba9c​70f846762e\CLI.Aspect.Radeon3D​.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Welcome.Graphics.Das​hboard\2.0.2977.39340__90ba9c7​0f846762e\CLI.Aspect.Welcome.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Wi​zard\2.0.2977.39277__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Wizard.dll
 MOD - [2008/05/16 12:11:24 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard\2.​0.2977.39076__90ba9c70f846762e​\CLI.Caste.Graphics.Dashboard.​dll
 MOD - [2008/05/16 12:11:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Ru​ntime\2.0.2977.39270__90ba9c70​f846762e\CLI.Aspect.Radeon3D.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:24 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Runtime\2.0.2977.39331__90b​a9c70f846762e\CLI.Aspect.Power​PlayDPPE.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:23 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Runtime\2.0.2977.39361__90ba9c​70f846762e\CLI.Aspect.OverDriv​e5.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Das​hboard\2.0.2977.39227__90ba9c7​0f846762e\CLI.Aspect.MMVideo.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Dashboard\2.0.2977.39131_​_90ba9c70f846762e\CLI.Aspect.D​isplaysColour2.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.D​ashboard\2.0.2977.39219__90ba9​c70f846762e\CLI.Aspect.DeviceC​RT.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.D​ashboard\2.0.2977.39211__90ba9​c70f846762e\CLI.Aspect.DeviceD​FP.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Dashboard\2.0.2977.39085_​_90ba9c70f846762e\CLI.Aspect.D​isplaysManager.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Wiz​ard\2.0.2977.39292__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Wizard.dll
 MOD - [2008/05/16 12:11:22 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Dashboard\2.0.2977.39124__90ba​9c70f846762e\CLI.Aspect.InfoCe​ntre.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Dashboard\2.0.2977.39244_​_90ba9c70f846762e\CLI.Aspect.D​isplaysOptions.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Run​time\2.0.2977.39226__90ba9c70f​846762e\CLI.Aspect.MMVideo.Gra​phics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.R​untime\2.0.2977.39218__90ba9c7​0f846762e\CLI.Aspect.DeviceDFP​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Runtime\2.0.2977.39137__9​0ba9c70f846762e\CLI.Aspect.Dis​playsColour2.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.R​untime\2.0.2977.39226__90ba9c7​0f846762e\CLI.Aspect.DeviceCRT​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Runtime\2.0.2977.39243__9​0ba9c70f846762e\CLI.Aspect.Dis​playsOptions.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.R​untime\2.0.2977.39255__90ba9c7​0f846762e\CLI.Aspect.DeviceLCD​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Hotkeys.Shared\2.0.2​939.23687__90ba9c70f846762e\AE​M.Plugin.Hotkeys.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Actions.CCAA.Shared\2.0.293​9.23679__90ba9c70f846762e\AEM.​Actions.CCAA.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.EEU.Shared\2.0.2939.​23710__90ba9c70f846762e\AEM.Pl​ugin.EEU.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Shared\2.0.2939.23747__90ba9c7​0f846762e\CLI.Aspect.OverDrive​5.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation\2.0.2939.23668__​90ba9c70f846762e\CLI.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Shared\2.0.2​939.23689__90ba9c70f846762e\CL​I.Caste.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Sh​ared\2.0.2939.23743__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0601\2.0.2573.176​85__90ba9c70f846762e\DEM.Graph​ics.I0601.dll
 MOD - [2008/05/16 12:11:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.S​hared\2.0.2939.23764__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation\2.0.2939.23662__​90ba9c70f846762e\LOG.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.XManifest\2.0.29​39.23802__90ba9c70f846762e\CLI​.Foundation.XManifest.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Shared\2.0.2939.23763__90ba​9c70f846762e\CLI.Aspect.PowerP​layDPPE.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\N​EWAEM.Foundation\2.0.2939.2366​7__90ba9c70f846762e\NEWAEM.Fou​ndation.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS.I0602\2.0.2939.23717__90​ba9c70f846762e\DEM.OS.I0602.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0703\2.0.2651.188​02__90ba9c70f846762e\DEM.Graph​ics.I0703.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared\2.0​.2939.23693__90ba9c70f846762e\​CLI.Component.Wizard.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared\​2.0.2939.23687__90ba9c70f84676​2e\CLI.Component.Dashboard.Sha​red.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared\2.0​.2939.23679__90ba9c70f846762e\​CLI.Component.Client.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Foundation\2.0.2939.23707__​90ba9c70f846762e\MOM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS\2.0.2939.23717__90ba9c70​f846762e\DEM.OS.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0706\2.0.2743.233​04__90ba9c70f846762e\DEM.Graph​ics.I0706.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics\2.0.2939.23718__90​ba9c70f846762e\DEM.Graphics.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Foundation\2.0.2573.17684__​90ba9c70f846762e\DEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared\2.​0.2939.23688__90ba9c70f846762e​\CLI.Component.Runtime.Shared.​dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard.Share​d\2.0.2939.23734__90ba9c70f846​762e\CLI.Caste.Graphics.Wizard​.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard.Sh​ared\2.0.2939.23718__90ba9c70f​846762e\CLI.Caste.Graphics.Das​hboard.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.GD.Shared\2.0.2939.2​3767__90ba9c70f846762e\AEM.Plu​gin.GD.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.DPPE.Shared\2.0.2939​.23768__90ba9c70f846762e\AEM.P​lugin.DPPE.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\a​tixclib\1.0.0.0__90ba9c70f8467​62e\atixclib.dll
 MOD - [2008/05/16 12:11:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Sh​ared\2.0.2965.22300__90ba9c70f​846762e\CLI.Aspect.DeviceTV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.S​hared\2.0.2939.23739__90ba9c70​f846762e\CLI.Aspect.DeviceCRT.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Sha​red\2.0.2939.23740__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.S​hared\2.0.2939.23738__90ba9c70​f846762e\CLI.Aspect.DeviceDFP.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Sh​ared\2.0.2939.23742__90ba9c70f​846762e\CLI.Aspect.DeviceCV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Shared\2.0.2939.23708__90b​a9c70f846762e\CLI.Aspect.Devic​eProperty.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Shared\2.0.2939.23735__90​ba9c70f846762e\CLI.Aspect.Disp​laysColour2.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.S​hared\2.0.2939.23719__90ba9c70​f846762e\CLI.Aspect.DeviceLCD.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Shared\2.0.2939.23741__90​ba9c70f846762e\CLI.Aspect.Disp​laysOptions.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.CustomFormats.Graphi​cs.Shared\2.0.2939.23711__90ba​9c70f846762e\CLI.Aspect.Custom​Formats.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Foundation\2.0.2939.23665__​90ba9c70f846762e\AEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​CE.Graphics.DisplaysManager.Sh​ared\2.0.2573.17685__90ba9c70f​846762e\ACE.Graphics.DisplaysM​anager.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Shared\2.0.2939.23719__90​ba9c70f846762e\CLI.Aspect.Hotk​eysHandling.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Foundation\2.0.2939.23709__​90ba9c70f846762e\APM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server.Shared\2.0.2939.2368​7__90ba9c70f846762e\AEM.Server​.Shared.dll
 MOD - [2008/05/16 12:11:15 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard\2.0.297​7.39071__90ba9c70f846762e\CLI.​Component.Dashboard.dll
 MOD - [2008/05/16 12:11:15 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard\2.0.2977.3​9091__90ba9c70f846762e\CLI.Com​ponent.Wizard.dll
 MOD - [2008/05/16 12:11:15 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Implementation\2.0.2977.393​24__90ba9c70f846762e\MOM.Imple​mentation.dll
 MOD - [2008/05/16 12:11:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime\2.0.2977.​39056__90ba9c70f846762e\CLI.Co​mponent.Runtime.dll
 MOD - [2008/05/16 12:11:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation\2​.0.2977.39322__90ba9c70f846762​e\LOG.Foundation.Implementatio​n.dll
 MOD - [2008/05/16 12:11:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared.Pr​ivate\2.0.2939.23713__90ba9c70​f846762e\CLI.Component.Runtime​.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.Private\2.0.2939​.23678__90ba9c70f846762e\CLI.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared.Pri​vate\2.0.2939.23689__90ba9c70f​846762e\CLI.Component.Client.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Source.Kit.Server\2.​0.2977.39353__90ba9c70f846762e​\AEM.Plugin.Source.Kit.Server.​dll
 MOD - [2008/05/16 12:11:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Private\2.0.2939​.23679__90ba9c70f846762e\LOG.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared.Pri​vate\2.0.2939.23694__90ba9c70f​846762e\CLI.Component.Wizard.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation.P​rivate\2.0.2939.23712__90ba9c7​0f846762e\LOG.Foundation.Imple​mentation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared.​Private\2.0.2939.23711__90ba9c​70f846762e\CLI.Component.Dashb​oard.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime.Shar​ed.Private\2.0.2939.23746__90b​a9c70f846762e\CLI.Caste.Graphi​cs.Runtime.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OCALIZATION.Foundation.Private​\2.0.2939.23677__90ba9c70f8467​62e\LOCALIZATION.Foundation.Pr​ivate.dll
 MOD - [2008/05/16 12:11:15 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Extension​.EEU\2.0.2977.39056__90ba9c70f​846762e\CLI.Component.Runtime.​Extension.EEU.dll
 MOD - [2008/05/16 12:11:14 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TIDEMOS\2.0.2977.39057__90ba9c​70f846762e\ATIDEMOS.dll
 MOD - [2008/05/16 12:11:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Server\2.0.2977.39055__90ba​9c70f846762e\APM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server\2.0.2977.39055__90ba​9c70f846762e\AEM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​CC.Implementation\2.0.2977.393​23__90ba9c70f846762e\CCC.Imple​mentation.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TICCCom\2.0.0.0__90ba9c70f8467​62e\ATICCCom.dll
 MOD - [2008/02/25 23:10:10 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\atitmmxx.d​ll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - [2011/11/16 05:37:23 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 SRV - [2011/11/16 05:36:08 | 003,313,240 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_3c​5db2f.dll -- (Akamai)
 SRV - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
 SRV - [2011/05/20 10:13:26 | 001,055,872 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Serv​ice\OUCore.exe -- (Orange update Core Service)
 SRV - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
 SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
 SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 SRV - [2008/02/03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
 SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - [2011/11/17 20:04:20 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Micro​soft Antimalware\Definition Updates\{D403372F-7964-4432-87​2F-316CB367D015}\MpKsl7ef07288​.sys -- (MpKsl7ef07288)
 DRV - [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Tr​ueSight.sys -- (TrueSight)
 DRV - [2011/09/18 14:24:57 | 000,015,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\Ero\AppData\Local\Tem​p\jswmidin.sys -- (jswmidin)
 DRV - [2011/09/02 01:52:47 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\av​ipbb.sys -- (avipbb)
 DRV - [2011/09/02 01:52:47 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\av​gntflt.sys -- (avgntflt)
 DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Ni​sDrvWFP.sys -- (NisDrv)
 DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mp​NWMon.sys -- (MpNWMon)
 DRV - [2011/03/24 19:26:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sp​td.sys -- (sptd)
 DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ss​mdrv.sys -- (ssmdrv)
 DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
 DRV - [2008/02/26 01:53:20 | 003,520,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\at​ikmdag.sys -- (atikmdag)
 DRV - [2008/01/29 13:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nv​mfdx32.sys -- (NVENETFD)
 DRV - [2008/01/25 20:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​rd32.sys -- (nvrd32)
 DRV - [2008/01/25 20:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​stor32.sys -- (nvstor32)
 DRV - [2007/10/12 16:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​smu.sys -- (nvsmu)
 DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS​2.sys -- (Ps2)
 DRV - [2004/11/29 19:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​sync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
 DRV - [2004/11/25 17:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sf​drv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
 DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​hlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] on&pf=cndt
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Search,SearchAssistan​t = about:blank
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\SOFTWARE\M​icrosoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/ [...] on&pf=cndt
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\SOFTWARE\M​icrosoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_por [...] efaultPage
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\URLSear​chHook: {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask)
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\URLSear​chHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - No CLSID value found
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\Software\M​icrosoft\Windows\CurrentVersio​n\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.startup.home​page: "http://go.microsoft.com/fwlin​k/?LinkId=56626&homepage=http:​//www.searchqu.com/406"
 FF - prefs.js..network.proxy.type: 0
 
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​videolan.org/vlc,version=1.1.9​: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 FF - HKLM\Software\MozillaPlugins\@​WildTangent.com/GamesAppPresen​ceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll ()
 FF - HKCU\Software\MozillaPlugins\@​Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ero\AppData\Local\Fac​ebook\Video\Skype\npFacebookVi​deoCalling.dll (Skype Limited)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rboxffx@offerbox.com: C:\Program Files\OfferBox\offerboxffx@off​erbox.com
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\wide​stream6@spointer.com: C:\Program Files\Widestream6\spointer\ext​ensions\widestream6@spointer.c​om [2011/03/23 02:03:49 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\smar​twebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 FF - HKEY_CURRENT_USER\software\moz​illa\Firefox\Extensions\\smart​webprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 
 [2011/07/02 11:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Extensions
 [2011/11/13 03:52:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions
 [2011/11/12 18:39:28 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org
 [2011/09/13 20:14:05 | 000,000,000 | ---D | M] (VirtualDJ Toolbar) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\toolbar@​ask.com
 [2011/07/09 08:35:55 | 000,000,000 | ---D | M] (barre d'outils Orange) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\toolbar@​Orange.fr
 [2011/02/01 18:05:08 | 000,002,333 | ---- | M] () -- C:\Users\Ero\AppData\Roaming\M​ozilla\Firefox\Profiles\dw8p8k​x2.default\searchplugins\askco​m.xml
 [2011/03/21 17:51:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAME​WORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTE​NSION
 
 ========== Chrome  ==========
 
 CHR - default_search_provider: Web Search (Enabled)
 CHR - default_search_provider: search_url = http://www.searchqu.com/web?sr [...] archTerms}
 CHR - default_search_provider: suggest_url =
 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.120\gcswf32.dll
 CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npdeployJava1.dll
 CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll
 CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl​.dll
 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
 CHR - plugin: Native Client (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.120\ppGoogleNaClPluginChrome​.dll
 CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.120\pdf.dll
 CHR - plugin: OfferboxChromePlugin Dynamic Link Library (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\bjeike​heijdjdfjbmknpefojickbkmom\2.1​.3564.126_0\OfferboxChromePlug​in.dll
 CHR - plugin: Interest Recognizer for Widestream6 (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\eppeeb​fgcgojgpffkdcpiljephjaboki\4.0​.1938.5_0\widestream6_air_chro​me.dll
 CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
 CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
 CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\​npGoogleUpdate3.dll
 CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
 CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll
 CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll
 CHR - plugin: Default Plug-in (Enabled) = default_plugin
 CHR - Extension: Interest Recognizer for Widestream6 = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\eppeeb​fgcgojgpffkdcpiljephjaboki\4.0​.1938.5_0\
 CHR - Extension: AT_DJTiesto = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\okmcbg​kkeagngnijeiighgblfljbekip\2_0​\
 
 O1 HOSTS File: ([2011/10/10 14:43:19 | 000,437,101 | R--- | M]) - C:\WINDOWS\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1 www.007guard.com
 O1 - Hosts: 127.0.0.1 007guard.com
 O1 - Hosts: 127.0.0.1 008i.com
 O1 - Hosts: 127.0.0.1 www.008k.com
 O1 - Hosts: 127.0.0.1 008k.com
 O1 - Hosts: 127.0.0.1 www.00hq.com
 O1 - Hosts: 127.0.0.1 00hq.com
 O1 - Hosts: 127.0.0.1 010402.com
 O1 - Hosts: 127.0.0.1 www.032439.com
 O1 - Hosts: 127.0.0.1 032439.com
 O1 - Hosts: 127.0.0.1 www.0scan.com
 O1 - Hosts: 127.0.0.1 0scan.com
 O1 - Hosts: 127.0.0.1 1000gratisproben.com
 O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
 O1 - Hosts: 127.0.0.1 1001namen.com
 O1 - Hosts: 127.0.0.1 www.1001namen.com
 O1 - Hosts: 127.0.0.1 100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100sexlinks.com
 O1 - Hosts: 127.0.0.1 100sexlinks.com
 O1 - Hosts: 127.0.0.1 10sek.com
 O1 - Hosts: 127.0.0.1 www.10sek.com
 O1 - Hosts: 127.0.0.1 www.1-2005-search.com
 O1 - Hosts: 127.0.0.1 1-2005-search.com
 O1 - Hosts: 127.0.0.1 123fporn.info
 O1 - Hosts: 15060 more lines...
 O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll (Adobe Systems Incorporated)
 O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439​253D926} - C:\Program Files\PriceGong\2.1.0\PriceGon​gIE.dll (PriceGong)
 O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {1a6dc111-b030-4c3e-be65-29928​4128b91} - C:\Program Files\Widestream6\spointer\ext​ensions\widestream6_air_ie.dll (Widestream6)
 O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D876​4B3486C} - No CLSID value found.
 O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\PROGRA~1\WI371A~1\ToolBar\s​earchqudtx.dll ()
 O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115} - C:\PROGRA~1\WI371A~1\Datamngr\​IEBHO.dll (Discordia, LTD)
 O2 - BHO: (VirtualDJ Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask)
 O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B2​80BF616} - C:\PROGRA~1\OPENSU~1\Iplex\IPL​EXT~1.DLL (ALLCinema Ltd.)
 O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - C:\PROGRA~1\WI371A~1\ToolBar\s​earchqudtx.dll ()
 O3 - HKLM\..\Toolbar: (VirtualDJ Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask)
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E​7B03F8E} - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O4 - HKLM..\Run: []  File not found
 O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
 O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
 O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\WI371A~1\Datamngr\​DATAMN~1.EXE (Discordia, LTD)
 O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe (CyberLink Corp.)
 O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe File not found
 O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
 O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
 O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
 O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe (Advanced Micro Devices, Inc.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Akamai NetSession Interface] C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe (Akamai Technologies, Inc)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [ALLUpdate] C:\Program Files\OpenSubtitlesPlayer\ALLU​pdate.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Facebook Update] C:\Users\Ero\AppData\Local\Fac​ebook\Update\FacebookUpdate.ex​e (Facebook Inc.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [orangeinside] C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe (Orange)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\​launcher.exe (Uniblue Systems Limited)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
 O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\addfavo​rites_html\addfavorites.html ()
 O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​selectedtext_html\sendsmsselec​tedtext.html ()
 O8 - Extra context menu item: envoyer par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​_html\sendsms.html ()
 O8 - Extra context menu item: envoyer un mail - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendmai​l_html\sendmail.html ()
 O8 - Extra context menu item: orange.fr - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\orange_​html\orange.html ()
 O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\selecte​dsearch_html\selectedsearch.ht​ml ()
 O8 - Extra context menu item: traduire la page - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​te_html\translate.html ()
 O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​teSelectedText_html\translateS​electedText.html ()
 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O13 - gopher Prefix: missing
 O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_01)
 O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{C561E0​60-3B3C-486D-8A20-28D2DE67FE04​}: DhcpNameServer = 192.168.1.1
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll (Discordia, LTD)
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll (Discordia, LTD)
 O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) -C:\WINDOWS\System32\userinit.​exe (Microsoft Corporation)
 O24 - Desktop WallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O24 - Desktop BackupWallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2008/05/16 12:22:55 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O32 - AutoRun File - [2010/08/27 17:44:50 | 000,000,000 | RH-D | M] - P:\autorun -- [ NTFS ]
 O32 - Unable to obtain root file information for disk P:\
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell\Au​toRun\command - "" = O:\LaunchU3.exe -a
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell\Au​toRun\command - "" = K:\setup.exe
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 NetSvcs: ezSharedSvc - C:\WINDOWS\System32\ezsvc7.dll (EasyBits Sofware AS)
 
 
 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootMin: NTDS -  File not found
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NTDS -  File not found
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootNet: WudfPf - Driver
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Java (Sun)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} - NetShow
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Windows Media Player 5.2
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {3C3901C5-3455-3E0A-A214-0B093​A5070A6} - .NET Framework
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} - DirectShow
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.7
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E​41B1089} - .NET Framework
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\system32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.d​ll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789​CFEFCDD} - .NET Framework
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {CDD7975E-60F8-41d5-8149-19E51​D6F71D0} - Windows Movie Maker v2.1
 ActiveX: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} - Adobe Flash Player
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - C:\Windows\system32\unregmp2.e​xe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\system32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF} - "C:\Windows\System32\rundll32.​exe" "C:\Windows\System32\iedkcs32.​dll",BrandIEActiveSetup SIGNUP
 
 Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
 Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dl​l ()
 PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/11/17 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\Desktop\RK_Quaran​tine
 [2011/11/13 04:34:28 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Div​inity 2
 [2011/11/12 18:39:05 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\c​acaoweb
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Strongh​old 3
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
 [2011/11/11 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Stronghold 3
 [2011/11/11 02:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/11/09 21:29:08 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Aka​mai
 [2011/11/01 10:17:30 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Orcs Must Die
 [2011/11/01 10:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Robot Entertainment
 [2011/11/01 10:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Robot Entertainment
 [2011/10/31 17:48:49 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax
 [2011/10/31 17:48:49 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.d​ll
 [2011/10/31 17:48:48 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.d​ll
 [2011/10/31 17:48:46 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\strmdll.dl​l
 [2011/10/31 17:48:46 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.ex​e
 [2011/10/31 17:48:43 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll
 [2011/10/31 17:48:43 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll
 [2011/10/31 17:48:43 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv
 [2011/10/31 17:48:41 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/31 17:44:20 | 000,000,000 | ---D | C] -- C:\Dark Project
 [2011/10/31 17:43:49 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe
 [2011/10/27 12:29:24 | 001,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
 [2011/10/27 12:29:24 | 000,540,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.c​pl
 [2011/10/27 12:29:23 | 006,266,880 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
 [2011/10/27 12:29:23 | 000,725,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.d​ll
 [2011/10/27 12:29:23 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.​dll
 [2011/10/21 23:44:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Dar​ksiders
 [2011/10/21 23:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Darksiders
 [2011/10/21 17:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
 [2011/10/19 11:26:54 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Fac​ebook
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/11/17 20:09:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
 [2011/11/17 20:03:01 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000UA.job
 [2011/11/17 19:56:01 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/11/17 19:55:44 | 000,680,904 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2011/11/17 19:55:44 | 000,597,898 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2011/11/17 19:55:44 | 000,127,420 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2011/11/17 19:55:44 | 000,104,872 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2011/11/17 19:51:32 | 000,000,680 | ---- | M] () -- C:\Users\Ero\AppData\Local\d3d​9caps.dat
 [2011/11/17 19:50:23 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/11/17 19:50:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/17 19:50:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/17 19:50:12 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\RegistryBoost​er.job
 [2011/11/17 19:50:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/11/17 19:50:03 | 3219,550,208 | -HS- | M] () -- C:\hiberfil.sys
 [2011/11/17 15:31:03 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000UA.job
 [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/17 12:37:26 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000Core.j​ob
 [2011/11/17 11:35:54 | 000,056,832 | ---- | M] () -- C:\Users\Ero\AppData\Local\DCB​C2A71-70D8-4DAN-EHR8-E0D61DEA3​FDF.ini
 [2011/11/17 11:09:28 | 000,395,264 | ---- | M] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/15 23:03:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000Core.job
 [2011/11/03 08:26:20 | 000,024,602 | ---- | M] () -- C:\Users\Ero\AppData\Roaming\w​klnhst.dat
 [2011/11/01 10:12:47 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
 [2011/10/31 17:48:41 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/27 12:29:33 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
 [2011/10/19 21:11:12 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2011/11/17 20:09:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
 [2011/11/17 14:57:47 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/12 18:39:04 | 000,395,264 | ---- | C] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/01 10:12:47 | 000,002,239 | ---- | C] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
 [2011/10/31 17:48:43 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
 [2011/10/31 17:48:43 | 000,005,672 | ---- | C] () -- C:\Windows\System32\quartz.vxd
 [2011/10/19 21:11:12 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
 [2011/10/19 11:26:58 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000UA.job
 [2011/10/19 11:26:58 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000Core.j​ob
 [2011/10/06 12:07:20 | 000,000,456 | ---- | C] () -- C:\Windows\wininit.ini
 [2011/09/22 10:38:12 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dl​l
 [2011/09/22 10:38:12 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dl​l
 [2011/09/22 10:38:12 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dl​l
 [2011/09/07 15:10:10 | 000,000,008 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\D​ofusAppId0_1
 [2011/09/07 14:28:47 | 000,000,169 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\D​2Info0
 [2011/09/07 14:28:47 | 000,000,008 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\D​ofusAppId0_2
 [2011/06/13 09:58:35 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2011/06/13 09:58:35 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2011/05/19 09:35:34 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dl​l
 [2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.​cat
 [2011/03/28 19:45:11 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.da​t
 [2011/03/24 20:26:22 | 000,284,160 | ---- | C] () -- C:\Windows\unin040c.exe
 [2011/03/23 15:01:18 | 000,183,179 | ---- | C] () -- C:\Windows\hpoins36.dat
 [2011/03/23 14:48:05 | 000,024,602 | ---- | C] () -- C:\Users\Ero\AppData\Roaming\w​klnhst.dat
 [2011/03/21 23:54:00 | 000,056,832 | ---- | C] () -- C:\Users\Ero\AppData\Local\DCB​C2A71-70D8-4DAN-EHR8-E0D61DEA3​FDF.ini
 [2011/03/21 21:12:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuth​n.dll
 [2011/03/21 21:12:14 | 000,107,612 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchema.bin
 [2011/03/2

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 20:50:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OTL Extras logfile created on: 17/11/2011 20:07:06 - Run 1
 OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Ero\Documents\Downloa​ds
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 60,92% Memory free
 6,22 Gb Paging File | 4,84 Gb Available in Paging File | 77,71% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 455,10 Gb Total Space | 119,55 Gb Free Space | 26,27% Space Free | Partition Type: NTFS
 Drive D: | 10,66 Gb Total Space | 1,33 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
 Drive P: | 931,51 Gb Total Space | 216,39 Gb Free Space | 23,23% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-ERO | User Name: Ero | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .cpl [@ = cplfile] -- C:\Windows\System32\control.ex​e (Microsoft Corporation)
 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- %SystemRoot%\System32\control.​exe "%1",%* (Microsoft Corporation)
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
 htmlfile [edit] -- Reg Error: Key error.
 htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,P​rintHTML "%1"
 inffile [install] -- %SystemRoot%\System32\InfDefau​ltInstall.exe "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "cval" = 1
 "UacDisableNotify" = 0
 "InternetSettingsDisableNotify​" = 0
 "AutoUpdateDisableNotify" = 0
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\SymantecFirewall]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc]
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 "VistaSp1" = Reg Error: Unknown registry data type -- File not found
 "VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc\Vol]
 
 ========== Firewall Settings ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\PublicProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 ========== Authorized Applications List ==========
 
 
 ========== Vista Active Open Ports Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{02F48A5F-E0FC-4414-B8A7-434E​B43F0A8F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svch​ost.exe |
 "{12A6537B-64C9-4EB2-A896-95A4​E3F0A39D}" = lport=10244 | protocol=6 | dir=in | app=system |
 "{34581153-0406-4257-87A2-6DF8​375A0EDE}" = rport=137 | protocol=17 | dir=out | app=system |
 "{3655EC14-0C28-48B0-BEA5-2EC1​FAE321D5}" = lport=137 | protocol=17 | dir=in | app=system |
 "{3C0794C5-00AD-4A70-B4F9-0F59​6210202B}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
 "{43569E0D-3B58-49DA-9CD7-D05F​85267110}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{44C541BF-6434-4FBF-934C-E399​5261E73C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{4A9BE1E1-330D-4253-97EF-1A91​0CF70C8B}" = rport=139 | protocol=6 | dir=out | app=system |
 "{5278F9FE-D95E-4077-8394-AE6D​7F40418E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
 "{54C13E29-9AD5-491C-81F4-73F9​B0838829}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{5924EABB-01B1-4A9E-A359-D769​DD68A789}" = rport=10244 | protocol=6 | dir=out | app=system |
 "{592A6DB1-1726-4506-9F2C-E987​C3D88ED7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svch​ost.exe |
 "{5B13B88D-2D1D-49E1-BB9C-1095​10B219B5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 "{5DF93CEF-8CB5-4BF5-BBCF-D19E​CF9BAA57}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svch​ost.exe |
 "{6273C0A2-2F6B-4ABB-A33B-CC94​CB50CF9C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svch​ost.exe |
 "{68C4505B-F961-4BC0-B3C3-F923​4167A376}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svch​ost.exe |
 "{6C0AF8A9-889F-4098-A6E6-DCD0​C91D2F5D}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
 "{76C473C5-02FF-4A7A-8CDE-AE3B​529D9AC0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svch​ost.exe |
 "{79394F9F-F81E-4405-A9EF-C198​4CCDACC5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{799BFA8D-0840-40C9-B746-17E5​1BE29EAB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{7A03DD82-4614-47C7-921C-7F5F​56A8797B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{83EE220B-C2B0-42A5-8A73-69D5​F3CC1DB9}" = lport=3390 | protocol=6 | dir=in | app=system |
 "{884E1972-E8F5-49D7-8D14-567D​2DCFC127}" = lport=10244 | protocol=6 | dir=in | app=system |
 "{88923268-3527-46EC-8238-9CC3​382640FF}" = lport=445 | protocol=6 | dir=in | app=system |
 "{8B2E91FB-E04F-49D2-BF0A-D828​114355A4}" = lport=49159 | protocol=6 | dir=in | name=akamai netsession interface |
 "{8CE858E5-11BB-41E8-AD04-3D0F​8A5B435D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svch​ost.exe |
 "{8E4A5293-06FD-4C3D-81E0-A8E4​CD3A79E5}" = rport=445 | protocol=6 | dir=out | app=system |
 "{93D7CB1C-D27F-4CB4-A47A-85E5​BD6B62C2}" = lport=138 | protocol=17 | dir=in | app=system |
 "{9825C1A2-EA3E-40D7-88BE-FF8C​C441E750}" = lport=3390 | protocol=6 | dir=in | app=system |
 "{A32CEB85-396F-45CF-9614-AC3C​CF6E4823}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell​.exe |
 "{A83CCC79-A379-41F9-BB84-44CF​2639689E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svch​ost.exe |
 "{AC04436D-954B-42B7-A3F1-E759​61F9B52A}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell​.exe |
 "{AD73E84A-C116-43C9-8112-32FC​91138FDA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svch​ost.exe |
 "{B12CBA88-DD7B-4EDD-842F-E08F​8A4375A2}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell​.exe |
 "{B557063B-36E4-4870-BC25-4D17​B2121255}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{BA776A71-A9D9-4FC3-9595-5961​0D8CAEF2}" = rport=10244 | protocol=6 | dir=out | app=system |
 "{BC164AA1-F92E-4501-960B-FD0E​4F6BDF97}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svch​ost.exe |
 "{C06ECEE2-0FB6-4C47-BE1E-36CD​60650288}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 "{C0838347-F86F-43E8-AF3D-755C​A4E380FF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svch​ost.exe |
 "{CE6875DD-3BC6-4F78-BFCA-BEA0​AFC14A5A}" = lport=139 | protocol=6 | dir=in | app=system |
 "{D26D5314-7E07-4E2A-BAFC-277E​DA8F5967}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoo​lsv.exe |
 "{F37C1B88-17BF-43F8-A322-A448​7D8A8623}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell​.exe |
 "{F4EADF3D-8883-4C94-8707-A6AB​B922049C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svch​ost.exe |
 "{FCFAC97E-420D-4A89-9C62-327B​BCE87F92}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svch​ost.exe |
 "{FD2FF116-89D1-4C1E-8137-AC43​AA3CCD70}" = rport=138 | protocol=17 | dir=out | app=system |
 
 ========== Vista Active Application Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{0666E9A9-5D10-47C1-A570-8FF4​7D52DBB4}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
 "{074E45AD-81F8-461D-8A7F-A726​A626AB16}" = dir=in | app=c:\program files\hewlett-packard\media\dv​d\hpdvdsmart.exe |
 "{07FB3413-9473-43E1-8EA0-D88B​3EA6E69B}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
 "{0AA3E287-9FA1-4067-9706-F2B0​BEDA9F1E}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
 "{0ABDCAA8-1CAC-452B-8F50-2D91​2862E035}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
 "{12569420-A612-40C7-ABBA-71C8​39635611}" = protocol=17 | dir=in | app=c:\program files\orange\orangeupdate\serv​ice\oucore.exe |
 "{15603226-D722-4263-95FE-EAE5​B19B1FB4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
 "{166E6C64-FAFE-4811-B1AC-E01A​EED2D618}" = dir=in | app=c:\program files\hewlett-packard\media\dv​d\hptouchsmartvideo.exe |
 "{2002917C-2C61-4957-ACC4-55DF​711F833A}" = protocol=17 | dir=in | app=c:\users\ero\appdata\local​\akamai\netsession_win.exe |
 "{207ED409-66BB-4B2C-A4F2-BAA0​BF0BE45C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
 "{296CA0B4-56AC-4911-AC45-1E4E​8C70BC77}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
 "{29B54C63-77AD-4723-ADA1-B53E​AD0C0B8B}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
 "{2A6D1D66-1E1C-4E2F-8658-3D37​37684494}" = protocol=6 | dir=in | app=c:\users\public\documents\​blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.129​11-eu-downloader.exe |
 "{32ACD84B-F7D7-4C00-9FA1-113B​45406E50}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svch​ost.exe |
 "{367798F9-670F-46B8-BC49-7146​697538B1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2pro​v.exe |
 "{386D3397-C1B3-4525-8E4E-C601​B005E670}" = dir=in | app=c:\program files\hewlett-packard\media\dv​d\tsmagent.exe |
 "{3DDFF88E-995E-4D2B-BE30-511A​8D8E813E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
 "{455756B4-E7E2-41D9-8983-CFA4​0CA069BC}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell​.exe |
 "{493D10E8-4755-4EF2-992E-4C23​006DAF3D}" = dir=in | app=c:\program files\cyberlink\powerdirector\​pdr.exe |
 "{4B9E4BDF-E334-4666-A78B-85BD​D3B53FBF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
 "{4EB18E23-7210-4626-B1E1-7697​9C3C1003}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
 "{500844AA-A174-4A9F-9553-3ABE​B207EEA3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svch​ost.exe |
 "{54AF6772-5625-4D19-B0E1-B43A​7580D8B7}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
 "{57754E42-7E85-48AC-944F-2B51​6FE89983}" = dir=in | app=c:\program files\hewlett-packard\media\dv​d\hptouchsmartphoto.exe |
 "{586E115E-96FA-4205-BEB2-09D8​0DE4E320}" = protocol=6 | dir=in | app=c:\users\public\games\worl​d of warcraft\launcher.patch.exe |
 "{58CDC379-456F-4E3A-8518-CDE8​AFE2EAC2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
 "{59DDE5E5-49F5-4291-AEEE-B73A​5EF0CA84}" = protocol=17 | dir=in | app=e:\fscommand\cksocketserve​r.exe |
 "{5DD8DE67-335C-48AD-9584-8D2F​06BA49AF}" = protocol=6 | dir=in | app=c:\program files\crazyloader\crazyloader.​exe |
 "{5F2C3367-43EE-4D74-948B-E772​C5EAB19B}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svch​ost.exe |
 "{63C5D1B8-C858-43CB-B405-08F3​68BBB463}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
 "{65728FC8-D5DD-4762-B52E-BFA3​108206AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
 "{68E5F451-A731-4739-A571-2D6F​F8ECB6E7}" = protocol=6 | dir=in | app=c:\users\public\games\worl​d of warcraft\launcher.exe |
 "{6B9F6C34-AAD3-4F8A-BC4F-1FD4​16131456}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires online\spartan.exe |
 "{6CC56872-0295-4B6F-81DA-CF91​2DCEDA82}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
 "{6D5FF8E5-E553-47FE-837B-C722​C7C13148}" = dir=in | app=c:\program files\hewlett-packard\media\dv​d\kernel\clml\clmlsvc.exe |
 "{6E5D0000-E688-4106-9BBF-D3D9​8B1EDA1B}" = protocol=6 | dir=in | app=e:\fscommand\cksocketserve​r.exe |
 "{6E81B771-AF70-41E5-B166-35AF​D2CD24B5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
 "{71392240-0EEA-4ED7-8ACB-AF5D​F96A02C6}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
 "{71C162F7-343B-4A48-AACD-8638​EB6D2DAF}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
 "{7E976953-5134-4A91-8825-F2D2​4C5723B6}" = protocol=6 | dir=in | app=e:\fscommand\cksocketserve​r.exe |
 "{805D234D-B0C1-4E20-BAB7-6FE3​981DB872}" = protocol=17 | dir=in | app=c:\program files\crazyloader\crazyloader.​exe |
 "{812E45AD-08AC-4ABF-976F-43E9​F4D7110B}" = protocol=17 | dir=in | app=c:\program files\windows ilivid toolbar\toolbar\dtuser.exe |
 "{8D469A66-DE32-4A2E-BE53-FB2D​05C6E9F9}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell​.exe |
 "{92156385-FE77-4DEF-A886-CE92​4D9BFC27}" = dir=in | app=c:\users\ero\appdata\local​\facebook\video\skype\facebook​videocalling.exe |
 "{9227AE89-C410-45F8-88BE-A095​F4F4418E}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
 "{95B90B70-D5E9-40B8-B846-916C​62609C7A}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires online\spartan.exe |
 "{9639BBC7-87D7-4E76-96AB-7B52​EBCBCD44}" = dir=in | app=c:\program files\hewlett-packard\media\dv​d\hptouchsmartmusic.exe |
 "{9675C177-FC8A-4F69-9BEC-4BE1​F3679EC3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
 "{96D58A7D-CBFB-4096-81BF-75EE​57549F3E}" = protocol=17 | dir=in | app=c:\users\public\documents\​blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.129​11-eu-downloader.exe |
 "{9BCD598C-6F50-4D4C-971A-3BD9​EE4B24C7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
 "{A155C65C-ECE8-46FF-96B3-1239​AB983A56}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell​.exe |
 "{A3C74861-EFC5-49D2-962B-9D32​D1E13D9A}" = protocol=17 | dir=in | app=c:\users\public\games\worl​d of warcraft\launcher.patch.exe |
 "{A918C3F4-5C28-46A7-8F96-EF55​D4ABD8C1}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
 "{AC59C65C-DC39-4ED1-A0F4-1377​0EA0310B}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell​.exe |
 "{AC6672C7-72A6-4987-BCD5-5800​59DC3BB9}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
 "{ACE8D64F-0DFE-474D-8528-F67B​8D4489D6}" = protocol=17 | dir=in | app=c:\users\ero\appdata\local​\temp\blizzard installer bootstrap - 00ec15f4\installer.exe |
 "{B1B19C58-BB98-447C-81C1-A752​223B8245}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
 "{B46F0B42-EE33-418F-A23A-953F​6E8B3F93}" = protocol=6 | dir=in | app=c:\program files\windows ilivid toolbar\toolbar\dtuser.exe |
 "{C28B8080-33F1-42D0-A589-53B6​9F26E5C2}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2pro​v.exe |
 "{C3825748-BC54-4234-BE40-9298​A7D50211}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
 "{C66B6EB2-74AA-41E6-A06B-6DBE​7867DFDC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
 "{C7AEDBE1-56B8-4889-BDA7-2223​85D6BFE1}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe |
 "{C9A495EF-423E-4885-BF1F-06A4​2E67CC8E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
 "{CC78EDFC-0E23-4E27-81B3-FF3A​E0EF4B69}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
 "{CD16AEF2-B6F9-440B-B3FC-A0B2​4A7EA87A}" = protocol=6 | dir=in | app=c:\users\ero\appdata\local​\temp\blizzard installer bootstrap - 00ec15f4\installer.exe |
 "{D65BEDAD-5171-404B-92B0-0D52​8B3BF6E6}" = protocol=17 | dir=in | app=c:\users\ero\appdata\local​\temp\blizzard installer bootstrap - 000338fa\installer.exe |
 "{DAD226E2-B238-4EA8-95C5-7A9F​49FA587D}" = protocol=17 | dir=in | app=e:\fscommand\cksocketserve​r.exe |
 "{DCD37765-A822-4EB1-9FCB-D00A​2EBB3062}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
 "{E12FD167-E537-4956-AB4D-1057​D09DBE8F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
 "{E46AB215-486C-415D-8BDC-0C1F​5A28F194}" = protocol=6 | dir=in | app=c:\program files\orange\orangeupdate\serv​ice\oucore.exe |
 "{E4E4411C-5E33-4FAE-9452-8385​1D9390FF}" = protocol=17 | dir=in | app=c:\users\public\games\worl​d of warcraft\launcher.exe |
 "{ECCF0012-4B35-4EAC-9C4C-700D​E2A62966}" = protocol=6 | dir=in | app=c:\users\ero\appdata\local​\temp\blizzard installer bootstrap - 000338fa\installer.exe |
 "{EF69EFB9-F95B-45D6-8BF8-9403​45F2A826}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
 "{F1729CB3-7CFD-4DB9-A464-E31D​1C64B4BD}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
 "{F4EF7318-238D-4CE7-9821-967C​6D382187}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe |
 "{FC47F1AA-9718-44D0-9F98-56D6​F6E39D3E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
 "{FE87BEF4-37F9-4F32-8BCB-2997​A9668114}" = protocol=6 | dir=in | app=c:\users\ero\appdata\local​\akamai\netsession_win.exe |
 "TCP Query User{0444A642-1E39-404A-9003-8​7B76BEB9929}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
 "TCP Query User{25785E0B-49E2-4A7A-AC08-1​54E900B4EA7}C:\program files\atari\act of war - direct action\actofwar.exe" = protocol=6 | dir=in | app=c:\program files\atari\act of war - direct action\actofwar.exe |
 "TCP Query User{257CCF0D-CD78-4722-9DF9-0​8515D4995D9}C:\program files\stronghold 3\bin\win32_release\stronghold​3.exe" = protocol=6 | dir=in | app=c:\program files\stronghold 3\bin\win32_release\stronghold​3.exe |
 "TCP Query User{430240FA-3FD6-4E2E-92A3-6​023D982FC19}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
 "TCP Query User{7E7AEB18-0000-456F-BAB6-C​820E9EB265B}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe |
 "TCP Query User{84106F79-01E5-4D6C-BF2E-4​EE7912339A7}C:\program files\the cursed crusade\tcc.exe" = protocol=6 | dir=in | app=c:\program files\the cursed crusade\tcc.exe |
 "TCP Query User{8545A828-A11B-4297-A17C-9​2AF1C1656F6}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
 "TCP Query User{9DD46318-8253-428E-A991-7​383AFF9A87D}C:\program files\frogwares\world of battles\release\launcher.exe" = protocol=6 | dir=in | app=c:\program files\frogwares\world of battles\release\launcher.exe |
 "TCP Query User{A7A5FA40-05CA-46BF-AD41-1​2D6B8623317}C:\program files\java\jre1.6.0_01\launch4​j-tmp\crazyloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_01\launch4​j-tmp\crazyloader.exe |
 "TCP Query User{BF069CB9-05CC-4480-A975-1​97B2692D8F7}C:\users\ero\appda​ta\local\temp\jdic_0_9_5\ieemb​ed.exe" = protocol=6 | dir=in | app=c:\users\ero\appdata\local​\temp\jdic_0_9_5\ieembed.exe |
 "TCP Query User{CD8F08BF-05B1-4F7B-A0A9-4​DEE627B842E}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
 "TCP Query User{D860E387-C3DF-49AD-9518-A​0B40E2F69D1}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
 "TCP Query User{F3ABAD31-7BD5-4111-AE27-0​B4ACBEA59B2}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
 "TCP Query User{F5FF2C19-DEBE-4220-A69C-9​C534886190D}C:\program files\atari\act of war - direct action\actofwar.exe" = protocol=6 | dir=in | app=c:\program files\atari\act of war - direct action\actofwar.exe |
 "TCP Query User{FC96B129-06C7-4BD7-81CA-A​4A30DC7ECD9}C:\program files\robot entertainment\orcs must die!\build\release\orcsmustdie​.exe" = protocol=6 | dir=in | app=c:\program files\robot entertainment\orcs must die!\build\release\orcsmustdie​.exe |
 "UDP Query User{1A3D53C5-DBBC-42D9-85A2-1​20F17CC3FB1}C:\program files\robot entertainment\orcs must die!\build\release\orcsmustdie​.exe" = protocol=17 | dir=in | app=c:\program files\robot entertainment\orcs must die!\build\release\orcsmustdie​.exe |
 "UDP Query User{4D12DD84-6A04-48A3-9145-F​163B7F12F17}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
 "UDP Query User{6059B7C6-F664-463C-8639-B​4C2EA3E889E}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe |
 "UDP Query User{6F7BBC8C-84BB-4107-AEF8-1​D55714E6B36}C:\program files\atari\act of war - direct action\actofwar.exe" = protocol=17 | dir=in | app=c:\program files\atari\act of war - direct action\actofwar.exe |
 "UDP Query User{853E0E72-F14B-4000-BD79-9​5D5E27D0E32}C:\program files\frogwares\world of battles\release\launcher.exe" = protocol=17 | dir=in | app=c:\program files\frogwares\world of battles\release\launcher.exe |
 "UDP Query User{972366A9-F34C-4D24-A7DC-D​4A90412ED71}C:\program files\stronghold 3\bin\win32_release\stronghold​3.exe" = protocol=17 | dir=in | app=c:\program files\stronghold 3\bin\win32_release\stronghold​3.exe |
 "UDP Query User{AEE4DF94-A738-4EEF-B2D5-2​1987EFF21B4}C:\program files\atari\act of war - direct action\actofwar.exe" = protocol=17 | dir=in | app=c:\program files\atari\act of war - direct action\actofwar.exe |
 "UDP Query User{BC2B9E50-37A6-4794-8911-2​E38A698D32C}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
 "UDP Query User{BE316F07-A0D3-4F98-AC8D-9​67813575623}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
 "UDP Query User{C206ADCC-936E-42E4-AF1F-D​C206E725704}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
 "UDP Query User{D1FA241C-96D5-41D3-B7BC-6​4D07AB2E68A}C:\program files\the cursed crusade\tcc.exe" = protocol=17 | dir=in | app=c:\program files\the cursed crusade\tcc.exe |
 "UDP Query User{EB67DF15-33E1-4855-8914-F​304FD1CB705}C:\program files\java\jre1.6.0_01\launch4​j-tmp\crazyloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_01\launch4​j-tmp\crazyloader.exe |
 "UDP Query User{F0E14F82-BDE4-4704-8B65-D​3FDFFE14065}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
 "UDP Query User{F22040CC-BB38-41DB-BA97-4​3B903A97088}C:\users\ero\appda​ta\local\temp\jdic_0_9_5\ieemb​ed.exe" = protocol=17 | dir=in | app=c:\users\ero\appdata\local​\temp\jdic_0_9_5\ieembed.exe |
 "UDP Query User{FF0C1E74-2A0E-40DF-8E02-6​BD004ABB7DD}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{00405945-70C1-4B1D-9A3C-45A2​883366AF}" = PS_AIO_05_C4600_Software_Min
 "{004C5DA2-2051-4D25-94BA-51CF​810C91EB}" = LightScribe System Software  1.12.37.1
 "{01501EBA-EC35-4F9F-8889-3BE3​46E5DA13}" = MSXML4 Parser
 "{0428932D-FEAE-4FA2-953B-0437​ABE9ADF3}_is1" = Movie Subtitles Searcher 1.0
 "{048298C9-A4D3-490B-9FF9-AB02​3A9238F3}" = Steam
 "{054EC923-4B05-D008-CBEC-7403​ED383923}" = CCC Help Danish
 "{05BFB060-4F22-4710-B0A2-2801​A1B606C5}" = Microsoft Antimalware
 "{05E379CC-F626-4E7D-8354-4638​65B303BF}" = Windows Live UX Platform Language Pack
 "{07FB17D8-7DB6-4F06-80C4-8BE1​719CB6A1}" = hpWLPGInstaller
 "{09AF88A0-1895-E3CE-506A-FBA1​59EABC90}" = Catalyst Control Center Localization Greek
 "{0A2C5854-557E-48C8-835A-3B9F​074BDCAA}" = Python 2.5
 "{0A3A7A33-B6F5-6643-E98D-0AC5​DD6493EE}" = CCC Help Thai
 "{0B0F231F-CE6A-483D-AA23-77B3​64F75917}" = Windows Live Installer
 "{0D9ABD1F-786F-0D46-C2B4-9766​CC22DFB0}" = Catalyst Control Center Graphics Previews Common
 "{0F367CA3-3B2F-43F9-A44A-25A8​EE69E45D}" = Scan
 "{0FD46238-4C18-5173-D133-B07D​93599AC7}" = CCC Help Japanese
 "{10A1D1C4-F0B0-4341-B49A-A9ED​8FBDBF9D}" = Livestream Procaster
 "{15286CC2-DA82-B166-0D49-3AE8​EE35ACD3}" = CCC Help Czech
 "{175F0111-2968-4935-8F70-3310​8C6A4DE3}" = MarketResearch
 "{196BB40D-1578-3D01-B289-BEFC​77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
 "{1C08A24C-B168-407E-A826-68FA​F5F20710}" = Age of Empires III - The WarChiefs
 "{1CD383EF-2B28-8384-1F08-4379​65EEE2AC}" = CCC Help Finnish
 "{1D7CE340-70C3-4848-BCCF-2159​50328A4C}" = Facebook Video Calling 1.0.0.8953
 "{1F1C2DFC-2D24-3E06-BCB8-7251​34ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{1F6AB0E7-8CDD-4B93-8A23-AA9E​B2FEFCE4}" = Junk Mail filter update
 "{1FBF6C24-C1FD-4101-A42B-0C56​4F9E8E79}" = CyberLink DVD Suite Deluxe
 "{200FEC62-3C34-4D60-9CE8-EC37​2E01C08F}" = Windows Live SOXE Definitions
 "{21A2F5EE-1DC5-488A-BE7E-E526​F8C61488}" = DeviceDiscovery
 "{21B9B213-DE8D-10A6-CC00-7053​F449DD9B}" = CCC Help Dutch
 "{223B62A8-F6FF-4BEB-BC17-230D​12723CD0}_is1" = RomStation
 "{254C37AA-6B72-4300-84F6-98A8​2419187E}" = Hewlett-Packard Active Check for Health Check
 "{26A24AE4-039D-4CA4-87B4-2F83​216025FF}" = Java(TM) 6 Update 27
 "{2934DCB0-F8EE-11E0-A4A5-B8AC​6F97B88E}" = Google Earth Plug-in
 "{296D8550-CB06-48E4-9A8B-E503​4FB64715}" = Command & Conquer™ Alerte Rouge 3
 "{2E4609A3-F5AF-4408-B0C4-B8B8​4BC753DF}" = Catalyst Control Center - Branding
 "{2ED1D587-9CF4-0216-E314-A7F2​D245A051}" = Catalyst Control Center Localization Thai
 "{2EEA7AA4-C203-4b90-A34F-19FB​7EF1C81C}" = BufferChm
 "{2EFA4E4C-7B5F-48F7-A1C0-1AA8​82B7A9C3}" = HP Update
 "{2FA94A64-C84E-49d1-97DD-7BF0​6C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
 "{31787FDD-D9FB-C812-4A61-93A1​C6B61568}" = ATI Catalyst Install Manager
 "{3248F0A8-6813-11D6-A77B-00B0​D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
 "{32E9C1A5-0FDA-4483-987D-DBAB​F9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
 "{34319F1F-7CF2-4CC9-B357-1AE7​D2FF3AC5}" = Windows Live
 "{3530A86D-0151-BADE-7D8B-2BE5​E573B7FE}" = Catalyst Control Center Graphics Full New
 "{37F8AD37-33BD-A92F-1C61-F1E3​BC257A52}" = CCC Help Korean
 "{3B160861-7250-451E-B5EE-8B92​BF30A710}" = Microsoft Works
 "{3C3901C5-3455-3E0A-A214-0B09​3A5070A6}" = Microsoft .NET Framework 4 Client Profile
 "{3CB4DE6B-0063-F6CF-4D5E-C5AC​574727DB}" = Catalyst Control Center Localization Czech
 "{3E31821C-7917-367E-938E-E65F​C413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
 "{40BF1E83-20EB-11D8-97C5-0009​C5020658}" = Power2Go
 "{43CDF946-F5D9-4292-B006-BA0D​92013021}" = WebReg
 "{44C81D1A-0520-49BB-B510-98B8​DD414EA1}" = HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
 "{4880CDEC-46B5-ECCB-0629-DCC5​B59378BD}" = Catalyst Control Center Localization Chinese Traditional
 "{4A03706F-666A-4037-7777-5F27​48764D10}" = Java Auto Updater
 "{4A15E552-7701-9671-4A5F-D2AD​5D90BD1F}" = Catalyst Control Center Localization Polish
 "{4A70EF07-7F88-4434-BB61-D1DE​8AE93DD4}" = SolutionCenter
 "{4BD271AB-66E2-4D58-AF88-80FE​3B0770C4}" = Fissa
 "{4CB0307C-565E-4441-86BE-0DF2​E4FB828C}" = Microsoft Games for Windows Marketplace
 "{4D530FA3-9B89-4186-98B7-F510​00000100}" = Age of Empires Online
 "{4D530FA3-9B89-4186-98B7-F510​00008100}" = Age of Empires Online
 "{50779A29-834E-4E36-BBEB-B7CA​BC67A825}" = Microsoft Security Client FR-FR Language Pack
 "{50FF0E66-C30A-66C2-5557-7A7D​E87A2A57}" = CCC Help Turkish
 "{533A46E3-A450-CD86-E4C2-61CC​832149F9}" = Catalyst Control Center Localization Russian
 "{537C444C-9FD0-07F4-80BE-292B​712FA23E}" = CCC Help Russian
 "{54334E35-0C4E-7DDF-C137-7B30​09142372}" = Catalyst Control Center Graphics Light
 "{5442A47B-0CF1-9928-6B96-98EC​ED7EC302}" = Skins
 "{54B6DC7D-8C5B-4DFB-BC15-C010​A3326B2B}" = Microsoft Security Client
 "{55979C41-7D6A-49CC-B591-64AC​1BBE2C8B}" = HP Picasso Media Center Add-In
 "{5840C930-8D3F-797A-42B9-4C3C​C4D033FC}" = Catalyst Control Center Localization Korean
 "{5DD4FCBD-A3C1-4155-9E17-4161​C70AAABA}" = Segoe UI
 "{5E1375CB-6792-4464-8715-CC3E​C83D48FA}" = VirtualDJ Home FREE
 "{5E32EB1B-4E61-0A50-BEBC-35C8​56692F26}" = CCC Help Norwegian
 "{6057E21C-ABE9-4059-AE3E-3BEB​9925E660}" = Windows Live Messenger
 "{6068A42A-C1CF-45F2-9859-5DB1​6287FE5D}" = msvcrt_installer
 "{61AD15B2-50DB-4686-A739-14FE​180D4429}" = Windows Live ID Sign-in Assistant
 "{62687B11-58B5-4A18-9BC3-9DF4​CE03F194}" = Windows Live Writer Resources
 "{63FF21C9-A810-464F-B60A-3111​747B1A6D}" = GPBaseService2
 "{640A46BE-9E3F-F4CC-29E1-BFC8​6CCFF16B}" = Catalyst Control Center Localization Chinese Standard
 "{669D4A35-146B-4314-89F1-1AC3​D7B88367}" = Hewlett-Packard Asset Agent for Health Check
 "{682B3E4F-696A-42DE-A41C-4C07​EA1678B4}" = Windows Live SOXE
 "{68A10D12-0D0F-4212-BDE6-D87F​AD32A8FA}" = SmartWebPrinting
 "{6B2FFB21-AC88-45C3-9A7D-4BB3​E744EC91}" = HPSSupply
 "{6BBA26E9-AB03-4FE7-831A-3535​584CA002}" = Toolbox
 "{6CA7D5C7-42EE-4FEF-66E2-403A​151CDA83}" = CCC Help Polish
 "{6E5324C1-84FC-4F76-9A3A-C65E​07F80EE6}" = Complément Messenger
 "{70B446D1-E03B-4ab0-9B3C-0832​142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
 "{710f4c1c-cc18-4c49-8cbf-5124​0c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
 "{71A6311C-8903-7B1D-3D1A-0ACF​1065BBAE}" = CCC Help German
 "{770657D0-A123-3C07-8E44-1C83​EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{78A96B4C-A643-4D0F-98C2-A8E1​6A6669F9}" = Windows Live Messenger Companion Core
 "{7B9CC60A-9B81-46A3-A953-76B6​BF9EEC97}" = Age of Empires III
 "{7CDD7C4C-5224-40E4-951F-51C1​2FEAB8AB}" = C4600
 "{7DD1D7EB-4F6B-411F-43A9-BD6B​A5FA44D6}" = Catalyst Control Center Localization Finnish
 "{7EE104D6-75B0-9AD7-C6EF-1679​3F6AF206}" = CCC Help Greek
 "{835525BE-63BD-4EC4-9425-00CE​AD4849C2}" = Widestream6
 "{837b34e3-7c30-493c-8f6a-2b0f​04e2912c}" = Microsoft Visual C++ 2005 Redistributable
 "{83C292B7-38A5-440B-A731-0707​0E81A64F}" = Windows Live PIMT Platform
 "{86CE85E6-DBAC-3FFD-B977-E4B7​9F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
 "{86D4B82A-ABED-442A-BE86-9635​7B70F4FE}" = Ask Toolbar
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8DD46C6A-0056-4FEC-B70A-28BB​16A1F11F}" = MSVCRT
 "{90120000-0020-040C-0000-0000​000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
 "{9370105C-71BB-4FF9-A85B-36D7​9B95457A}_is1" = ALLConverter PRO 1.1
 "{948001BB-99F4-BA2C-9B92-044F​16DAA35E}" = CCC Help Hungarian
 "{95120000-00AF-040C-0000-0000​000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{9A25302D-30C0-39D9-BD6F-21E6​EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9BE518E6-ECC6-35A9-88E4-8775​5C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
 "{9CD9BB77-92F7-674F-E2D3-CF6D​14C672EF}" = Catalyst Control Center Localization Turkish
 "{9D56775A-93F3-44A3-8092-840E​3826DE30}" = Windows Live Mail
 "{9D9AE4AE-450D-909B-64F1-6F13​7CB4CDCC}" = CCC Help Chinese Traditional
 "{9DBA770F-BF73-4D39-B1DF-6035​D95268FC}" = HP Customer Feedback
 "{9DC47B66-E422-EDBF-341C-B544​BC3F0D65}" = Catalyst Control Center Graphics Previews Vista
 "{9F6C988E-9B1C-5038-A4E1-F881​7509DAE8}" = Catalyst Control Center Localization Italian
 "{9FAE6E8D-E686-49F5-A574-0A58​DFD9580C}" = Windows Live Mail
 "{A047FE02-C91C-41CB-898C-4ED2​1B86025A}" = ToolbarFR
 "{A55F99F2-D43E-8731-F7F9-3B3A​B133A893}" = ccc-utility
 "{A80FA752-C491-4ED9-ABF0-4278​563160B2}" = 32 Bit HP CIO Components Installer
 "{A92DAB39-4E2C-4304-9AB6-BC44​E68B55E2}" = Google Update Helper
 "{A9BDCA6B-3653-467B-AC83-9436​7DA3BFE3}" = Windows Live Photo Common
 "{AAAFC670-569B-4A2F-82B4-4294​5E0DE3EF}" = Windows Live Writer
 "{AC76BA86-7AD7-1036-7B44-A812​00000003}" = Adobe Reader 8.1.2 - Français
 "{AE8705FB-E13C-40A9-8A2D-68D6​733FBFC2}" = Status
 "{AF844339-2F8A-4593-81B3-9F4C​54038C4E}" = Windows Live MIME IFilter
 "{B02BBF6C-FB6E-4BA4-7977-3D03​D913BD9E}" = CCC Help Spanish
 "{B0DE8404-2287-D17A-D483-608C​C5D7427F}" = CCC Help Swedish
 "{B37B43B2-05A2-C0E6-C74B-2318​4780BD4B}" = CCC Help Chinese Standard
 "{B4092C6D-E886-4CB2-BA68-FE5A​88D31DE6}_is1" = Spybot - Search & Destroy
 "{B83FC356-B7C0-441F-8A4D-D71E​088E7974}" = NVIDIA PhysX
 "{BD7204BA-DD64-499E-9B55-6A28​2CDF4FA4}" = Destinations
 "{C05D8CDB-417D-4335-A38C-A065​9EDFD6B8}" = Les Sims™ 3
 "{C27C82E4-9C53-4D76-9ED3-A01A​3D5EE679}" = HP Customer Experience Enhancements
 "{C43326F5-F135-4551-8270-7F7A​BA0462E1}" = HPProductAssistant
 "{C43C1415-3DFC-4089-9A32-0BEC​F28A6046}" = Age of Empires III - The Asian Dynasties
 "{C4DA680A-657A-E15B-51EE-E71C​F527CD80}" = Catalyst Control Center Localization Japanese
 "{C4F0D5BE-0A7F-017E-66FC-DE96​B6AF8F6F}" = CCC Help Italian
 "{C59C179C-668D-49A9-B6EA-0121​CCFC1243}" = LabelPrint
 "{C75CDBA2-3C86-481e-BD10-BDDA​758F9DFF}" = hpPrintProjects
 "{C893D8C0-1BA0-4517-B11C-E89B​65E72F70}" = Windows Live Photo Common
 "{C926ACAF-84DF-BDFD-6825-BC56​69940AD0}" = Catalyst Control Center Localization Dutch
 "{CAE4213F-F797-439D-BD9E-79B7​1D115BE3}" = HPPhotoGadget
 "{CB099890-1D5F-11D5-9EA9-0050​BAE317E1}" = CyberLink PowerDirector
 "{CC3CFFD1-0EEF-C9DD-5731-089C​AA05EB30}" = CCC Help Portuguese
 "{CE2CDD62-0124-36CA-84D3-9F4D​CF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{CE95A79E-E4FC-4FFF-8A75-29F0​4B942FF2}" = Windows Live UX Platform
 "{D13FE823-C575-4451-AC37-E645​A67AA581}_1.2.2.0" = Orange Installeur version 1.2.2.0
 "{D45240D3-B6B3-4FF9-B243-54EC​E3E10066}" = Windows Live Communications Platform
 "{D73EA784-FC47-E0AA-46CD-1248​6F41C252}" = Catalyst Control Center Localization Spanish
 "{D9A5FF9F-7CEA-4075-8F17-1077​026CD98B}" = CCC Help French
 "{D9ABB34A-C07A-DCE7-21D3-3BB3​E343457B}" = ccc-core-static
 "{DB6CFD79-2AC7-A10E-CE84-13AA​A52AE9C2}" = Catalyst Control Center Localization Norwegian
 "{DC0A5F99-FD66-433F-9D3A-05DC​BA64BE42}" = TrayApp
 "{DCCAD079-F92C-44DA-B258-624F​C6517A5A}" = HP MediaSmart DVD
 "{E053E456-5B00-9D0E-9FC8-7FC2​3326D487}" = Catalyst Control Center Localization French
 "{E0810CC2-4B5B-4439-B1D0-4523​06AF2D64}" = HP Active Support Library
 "{E09C4DB7-630C-4F06-A631-8EA7​239923AF}" = D3DX10
 "{E1476612-02D6-42A3-BDC1-E292​B4115738}" = HP Easy Setup - Frontend
 "{E15C3B8B-E6AE-E417-4D8D-0E53​424DFFBB}" = Catalyst Control Center Localization Portuguese
 "{E3E71D07-CD27-46CB-8448-16D4​FB29AA13}" = Microsoft WSE 3.0 Runtime
 "{E503B4BF-F7BB-3D5F-8BC8-F694​B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
 "{EB4DF488-AAEF-406F-A341-CB2A​AA315B90}" = Windows Live Messenger
 "{EC3A1D84-E178-56CB-C615-3E27​20DD3959}" = Catalyst Control Center Localization Swedish
 "{EF9B6310-F152-23FD-5ECE-1EA8​EDC3BAF6}" = Catalyst Control Center Localization Danish
 "{F132AF7F-7BCA-4EDE-8A7C-9581​08FE7DBC}" = Realtek High Definition Audio Driver
 "{F2508213-9989-4E85-A078-72BE​483917EF}" = Microsoft Games for Windows - LIVE Redistributable
 "{f32502b5-5b64-4882-bf61-77f2​3edcac4f}" = HP Total Care Advisor
 "{F67530B4-606E-4FEF-1555-CB8A​5A539C84}" = Catalyst Control Center Graphics Full Existing
 "{F7963BA0-EE1C-11D4-9FA5-00A0​C9E6A342}" = Commandos 2: Men of Courage
 "{F84DFE70-2803-7068-EFD5-8F91​A648DE87}" = Catalyst Control Center Core Implementation
 "{F8CBC264-23A4-E63B-D112-67BF​F6A8AED7}" = Catalyst Control Center Localization Hungarian
 "{F9B915DF-B79C-4747-9BA3-9705​A57DC717}" = Act of War - Direct Action
 "{FDB3B167-F4FA-461D-976F-2863​04A57B2A}" = Adobe AIR
 "{FDDB69BB-2F9A-4830-A579-ABBB​7C5AF9A8}" = muvee autoProducer 6.1
 "{FE46F4D4-CC88-B686-FE10-B2C8​45FD3BC3}" = CCC Help English
 "{FEC2EC4D-D096-F5CA-CE9B-D525​AB4573F6}" = Catalyst Control Center Localization German
 "Adibou V.3.00 on C" = Adibou V.3.00 on C
 "ADIBOUd'CHOU V.1.00 on C" = ADIBOUd'CHOU V.1.00 on C
 "Adobe AIR" = Adobe AIR
 "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
 "Akamai" = Akamai NetSession Interface Service
 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
 "Back to the Future Episode 11.0" = Back to the Future Episode 1
 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar
 "GameSpy Arcade" = GameSpy Arcade
 "GFWL_{4D530FA3-9B89-4186-98B7​-F51000000100}" = Age of Empires Online
 "GFWL_{4D530FA3-9B89-4186-98B7​-F51000008100}" = Age of Empires Online
 "Hospital" = Theme Hospital
 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
 "HP Print Projects" = HP Print Projects 1.0
 "HP Smart Web Printing" = HP Smart Web Printing 4.5
 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
 "HPExtendedCapabilities" = HP Customer Participation Program 13.0
 "InstallShield_{1C08A24C-B168-​407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
 "InstallShield_{7B9CC60A-9B81-​46A3-A953-76B6BF9EEC97}" = Age of Empires III
 "InstallShield_{C43C1415-3DFC-​4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
 "InstallShield_{CB099890-1D5F-​11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
 "InstallShield_{DCCAD079-F92C-​44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
 "MailNotifier" = Notification Mail
 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 "Microsoft Security Client" = Microsoft Security Essentials
 "Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr)
 "NVIDIA Drivers" = NVIDIA Drivers
 "OfficeTrial" = Version de démonstration de Microsoft Office Home and Student 2007
 "OpenSubtitlesPlayer_is1" = OpenSubtitlesPlayer V4.X
 "OrangeToolbar" = barre d'outils Orange
 "OrangeUpdateManager" = Orange update
 "Orcs Must Die!_is1" = Orcs Must Die!
 "PC-Doctor 5 for Windows" = Outils de diagnostic du matériel
 "PriceGong" = PriceGong 2.1.0
 "Revo Uninstaller" = Revo Uninstaller 1.91
 "Searchqu 406 MediaBar" = Windows iLivid Toolbar
 "Shop for HP Supplies" = Shop for HP Supplies
 "Uniblue RegistryBooster" = Uniblue RegistryBooster
 "uTorrent" = µTorrent
 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
 "VLC media player" = VLC media player 1.1.9
 "WildTangent hp Master Uninstall" = HP Games
 "WinLiveSuite" = Windows Live
 "WinRAR archiver" = Archiveur WinRAR
 "WOLAPI" = Westwood Shared Internet Components
 "WTA-2e2d5447-0bfc-437b-91dc-1​cd4ddf36b5a" = Prison Tycoon - Alcatraz
 "WTA-9e5058eb-82b3-447a-95a8-2​ddc51757024" = Diner Dash - Seasonal Snack Pack
 "Xvid Video Codec 1.3.1" = Xvid Video Codec
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\S-1-5-21-2000734618​-2863593989-193771998-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\Uninstall]
 "Akamai" = Akamai NetSession Interface
 "Google Chrome" = Google Chrome
 "Orange Inside" = Orange Inside
 
 ========== Last 10 Event Log Errors ==========
 
 [ Application Events ]
 Error - 03/11/2011 17:23:33 | Computer Name = PC-de-Ero | Source = EventSystem | ID = 4621
 Description =
 
 Error - 06/11/2011 16:51:01 | Computer Name = PC-de-Ero | Source = EventSystem | ID = 4621
 Description =
 
 Error - 06/11/2011 20:45:49 | Computer Name = PC-de-Ero | Source = EventSystem | ID = 4621
 Description =
 
 Error - 08/11/2011 19:19:04 | Computer Name = PC-de-Ero | Source = EventSystem | ID = 4621
 Description =
 
 Error - 09/11/2011 18:18:18 | Computer Name = PC-de-Ero | Source = EventSystem | ID = 4621
 Description =
 
 Error - 11/11/2011 15:45:10 | Computer Name = PC-de-Ero | Source = Application Error | ID = 1000
 Description = Application défaillante Stronghold3.exe, version 0.0.0.0, horodatage
 0x4eb2d205, module défaillant vBase100.dll, version 8.1.8.0, horodatage 0x4e9ff795,
 code d’exception 0xc0000005, décalage d’erreur 0x0009d037,  ID du processus 0xda4,
 heure de début de l’application 0x01cca0aa5051da33.
 
 Error - 11/11/2011 15:45:47 | Computer Name = PC-de-Ero | Source = Application Error | ID = 1000
 Description = Application défaillante Stronghold3.exe, version 0.0.0.0, horodatage
 0x4eb2d205, module défaillant vBase100.dll, version 8.1.8.0, horodatage 0x4e9ff795,
 code d’exception 0xc0000005, décalage d’erreur 0x0009d037,  ID du processus 0x1668,
 heure de début de l’application 0x01cca0aa77828193.
 
 Error - 11/11/2011 15:48:36 | Computer Name = PC-de-Ero | Source = EventSystem | ID = 4621
 Description =
 
 Error - 11/11/2011 19:04:50 | Computer Name = PC-de-Ero | Source = Application Error | ID = 1000
 Description = Application défaillante Stronghold3.exe, version 0.0.0.0, horodatage
 0x4eb2d205, module défaillant vBase100.dll, version 8.1.8.0, horodatage 0x4e9ff795,
 code d’exception 0xc0000005, décalage d’erreur 0x0009d037,  ID du processus 0x1458,
 heure de début de l’application 0x01cca0c6363ec3e1.
 
 Error - 11/11/2011 19:06:32 | Computer Name = PC-de-Ero | Source = Application Hang | ID = 1002
 Description = Le programme MSASCui.exe version 1.1.1600.0 a cessé d’interagir avec
 Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
 disponibles, consultez l’historique du problème dans l’application Rapports et
 solutions aux problèmes du Panneau de configuration.  ID de processus : 11c8  Heure
 de début : 01cca0c66918f421  Heure de fin : 7
 
 [ System Events ]
 Error - 16/11/2011 14:25:11 | Computer Name = PC-de-Ero | Source = Application Popup | ID = 875
 Description = Le chargement du pilote sfdrv01.sys a été bloqué.
 
 Error - 16/11/2011 14:26:03 | Computer Name = PC-de-Ero | Source = Service Control Manager | ID = 7026
 Description =
 
 Error - 17/11/2011 01:58:04 | Computer Name = PC-de-Ero | Source = Application Popup | ID = 875
 Description = Le chargement du pilote sfdrv01.sys a été bloqué.
 
 Error - 17/11/2011 01:58:57 | Computer Name = PC-de-Ero | Source = Service Control Manager | ID = 7026
 Description =
 
 Error - 17/11/2011 06:08:15 | Computer Name = PC-de-Ero | Source = Application Popup | ID = 875
 Description = Le chargement du pilote sfdrv01.sys a été bloqué.
 
 Error - 17/11/2011 06:08:33 | Computer Name = PC-de-Ero | Source = EventLog | ID = 6008
 Description = L'arrêt système précédant à 07:40:40 le 17/11/2011 n'était pas prévu.
 
 Error - 17/11/2011 06:09:09 | Computer Name = PC-de-Ero | Source = Service Control Manager | ID = 7026
 Description =
 
 Error - 17/11/2011 14:49:47 | Computer Name = PC-de-Ero | Source = Application Popup | ID = 875
 Description = Le chargement du pilote sfdrv01.sys a été bloqué.
 
 Error - 17/11/2011 14:50:43 | Computer Name = PC-de-Ero | Source = Service Control Manager | ID = 7026
 Description =
 
 Error - 17/11/2011 14:51:12 | Computer Name = PC-de-Ero | Source = Microsoft Antimalware | ID = 3002
 Description = La fonctionnalité de protection en temps réel %%860 a rencontré une
 erreur et s'est arrêtée.     Fonctionnalité : %%835     Code d'erreur : 0x80004005     Description
 de l'erreur : Erreur non spécifiée      Raison : %%842
 
 
 < End of report >

(Publicité)
sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 20:51:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voila le deuxième rapport ,,,,, merci

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 17/11/2011 à 21:10:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Pas bien dur a comprendre...
 Faire attention quant tu installes un logiciel gratuit, bien lire chaque pages du programme d'installation(ne pas cliquer suivant/suivant/suivant/etc... sans lire), souvent est proposé des programmes inutiles(souvent des toolbars et adware), toujours une case à décocher lors de l'installation. De bonne lecture :

 http://www.libellules.ch/opt_out.php
 http://forum.malekal.com/les-t [...] t6173.html


 Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
 http://general-changelog-team. [...] adwcleaner

 Lance le, clique sur [Recherche] puis patiente le temps du scan.
 Une fois le scan fini, un rapport s'ouvrira, poste le contenu de ce rapport.
 Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 17/11/2011 à 22:47:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
# AdwCleaner v1.318 - Rapport créé le 17/11/2011 à 22:43:28
 # Mis à jour le 13/11/11 à 21h par Xplode
 # Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
 # Nom d'utilisateur : Ero - PC-DE-ERO (Administrateur)
 # Exécuté depuis : C:\Users\Ero\Documents\Downloa​ds\adwcleaner0.exe
 # Option [Recherche]


 ***** [Services] *****


 ***** [Fichiers / Dossiers] *****

 Dossier Présent : C:\Users\Ero\AppData\Roaming\c​acaoweb
 Dossier Présent : C:\Users\Ero\AppData\Roaming\C​razyLoader
 Dossier Présent : C:\Users\Ero\AppData\Roaming\F​issaSearch
 Dossier Présent : C:\Users\Ero\AppData\Roaming\H​BLite
 Dossier Présent : C:\Users\Ero\AppData\LocalLow\​AskToolbar
 Dossier Présent : C:\Users\Ero\AppData\LocalLow\​Conduit
 Dossier Présent : C:\Users\Ero\AppData\LocalLow\​ShoppingReport2
 Dossier Présent : C:\Users\Ero\AppData\LocalLow\​PriceGong
 Dossier Présent : C:\Program Files\Ask.com
 Dossier Présent : C:\Program Files\PriceGong
 Dossier Présent : C:\Program Files\Windows iLivid Toolbar
 Dossier Présent : C:\Windows\Installer\{86D4B82A​-ABED-442A-BE86-96357B70F4FE}
 Dossier Présent : C:\Users\Ero\AppData\Roaming\M​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org
 Dossier Présent : C:\Users\Ero\AppData\Roaming\M​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\toolbar@​ask.com
 Fichier Présent : C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Navigateur OfferBox.lnk
 Fichier Présent : C:\Users\Ero\Desktop\cacaoweb.​exe
 Fichier Présent : C:\Users\Ero\AppData\Roaming\M​ozilla\Firefox\Profiles\dw8p8k​x2.default\searchplugins\Askco​m.xml

 ***** [Registre] *****

 Clé Présente : HKCU\Software\Ask.com
 Clé Présente : HKCU\Software\cacaoweb
 Clé Présente : HKCU\Software\DataMngr
 Clé Présente : HKCU\Software\DataMngr_Toolbar
 Clé Présente : HKCU\Software\FissaSearch
 Clé Présente : HKCU\Software\AppDataLow\Softw​are\AskToolbar
 Clé Présente : HKCU\Software\AppDataLow\Softw​are\PriceGong
 Clé Présente : HKCU\Software\AppDataLow\Softw​are\ShoppingReport2
 Clé Présente : HKCU\Software\JavaSoft\Prefs\c​razyloader
 Clé Présente : HKLM\SOFTWARE\AskToolbar
 Clé Présente : HKLM\SOFTWARE\Conduit
 Clé Présente : HKLM\SOFTWARE\DataMngr
 Clé Présente : HKLM\SOFTWARE\FissaSearch
 Clé Présente : HKLM\SOFTWARE\QuestScan
 Clé Présente : HKLM\SOFTWARE\SearchquMediabar​Tb
 Clé Présente : HKLM\SOFTWARE\Classes\Conduit.​Engine
 Clé Présente : HKLM\SOFTWARE\Classes\GenericA​skToolbar.ToolbarWnd
 Clé Présente : HKLM\SOFTWARE\Classes\GenericA​skToolbar.ToolbarWnd.1
 Clé Présente : HKLM\SOFTWARE\Classes\PriceFac​torIE.PriceGongBHO
 Clé Présente : HKLM\SOFTWARE\Classes\PriceFac​torIE.PriceGongBHO.1
 Clé Présente : HKLM\SOFTWARE\Classes\PriceGon​gIE.PriceGongCtrl
 Clé Présente : HKLM\SOFTWARE\Classes\PriceGon​gIE.PriceGongCtrl.1
 Clé Présente : HKLM\SOFTWARE\Classes\SearchQU​IEHelper.DNSGuard
 Clé Présente : HKLM\SOFTWARE\Classes\SearchQU​IEHelper.DNSGuard.1
 Clé Présente : HKLM\SOFTWARE\Classes\AppID\Ge​nericAskToolbar.DLL
 Clé Présente : HKLM\SOFTWARE\Classes\AppID\Pr​iceGongIE.DLL
 Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9​B0CB95C-933A-4B8C-B6D4-EDCD19A​43874}
 Clé Présente : HKLM\SOFTWARE\Classes\AppID\{8​35315FC-1BF6-4CA9-80CD-F6C158D​40692}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{0​0000000-6E41-4FD3-8538-502F549​5E5FC}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D​4027C7F-154A-4066-A1AD-4243D81​27440}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{1​631550F-191D-4826-B069-D943925​3D926}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D​2A2595C-4FE4-4315-AA9B-19DBD62​71B71}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A​40DC6C5-79D0-4ca8-A185-8FF989A​F1115}
 Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9​9079a25-328f-4bd4-be04-00955ac​aa0a7}
 Clé Présente : HKLM\SOFTWARE\Classes\Installe​r\Products\A28B4D68DEBAA244EB6​86953B7074FEF
 Clé Présente : HKLM\SOFTWARE\Classes\Installe​r\Features\A28B4D68DEBAA244EB6​86953B7074FEF
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Installer\Use​rData\S-1-5-18\Products\A28B4D​68DEBAA244EB686953B7074FEF
 Clé Présente : HKLM\SOFTWARE\Microsoft\System​Certificates\AuthRoot\Certific​ates\2796BAE63F1801E277261BA0D​77770028F20EEE4
 Clé Présente : HKLM\SOFTWARE\Classes\Interfac​e\{6C434537-053E-486D-B62A-160​059D9D456}
 Clé Présente : HKLM\SOFTWARE\Classes\Interfac​e\{91CF619A-4686-4CA4-9232-3B2​E6B63AA92}
 Clé Présente : HKLM\SOFTWARE\Classes\Interfac​e\{AC71B60E-94C9-4EDE-BA46-E14​6747BB67E}
 Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\​{2996F0E7-292B-4CAE-893F-47B8B​1C05B56}
 Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\​{8B3372D0-09F0-41A5-8D9B-134E1​48672FB}
 Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\​{6A4BCABA-C437-4C76-A54E-AF31B​8A76CB9}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\conduitEng​ine
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\ShoppingRe​port2
 Clé Présente : HKLM\SOFTWARE\Google\Chrome\Ex​tensions\bjeikeheijdjdfjbmknpe​fojickbkmom
 Clé Présente : HKCU\Software\Microsoft\Intern​et Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-​B00F39A4E939}
 Clé Présente : HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{4B8C28A​7-A9BC-45F8-990D-21499EED643C}
 Clé Présente : HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{b41306c​6-96d0-442a-bcc4-b0f621e82ce9}
 Clé Présente : HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{8A96AF9​E-4074-43b7-BEA3-87217BDA7406}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{D4​027C7F-154A-4066-A1AD-4243D812​7440}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{99​079a25-328f-4bd4-be04-00955aca​a0a7}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{16​31550F-191D-4826-B069-D9439253​D926}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{D4027C7F-154A-4066-A1AD-4243D​8127440}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{99079A25-328F-4BD4-BE04-00955​ACAA0A7}
 Clé Présente : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{1631550F-191D-4826-B069-D9439​253D926}
 Clé Présente : HKCU\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A078F6​91-9C07-4AF2-BF43-35E79EECF8B7​}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{99079a​25-328f-4bd4-be04-00955acaa0a7​}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{D4027C7F-154A-4066-A1​AD-4243D8127440}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{1631550F-191D-4826-B0​69-D9439253D926}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{99079a25-328f-4bd4-be​04-00955acaa0a7}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{4d1ec4ca-4b92-4324-b8f8-c9​a6ed06a8ae}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{4e674574-3f0b-491d-8ae3-f9​0b43a34fd6}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\ForceRenive
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\{86​D4B82A-ABED-442A-BE86-96357B70​F4FE}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\{4B​D271AB-66E2-4D58-AF88-80FE3B07​70C4}
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\Pri​ceGong
 Clé Présente : HKLM\SOFTWARE\Microsoft\Window​s NT\CurrentVersion\Schedule\Tas​kCache\Tree\Scheduled Update for Ask Toolbar
 Valeur Présente : HKCU\Software\Microsoft\Intern​et Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5​495E5FC}]
 Valeur Présente : HKCU\Software\Microsoft\Intern​et Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA​6BD249D}]
 Valeur Présente : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D​8127440}]
 Valeur Présente : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Toolbar [{99079a25-328f-4bd4-be04-00955​acaa0a7}]
 Valeur Présente : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Run [DataMngr]
 Valeur Présente : HKLM\SOFTWARE\Mozilla\Firefox\​Extensions [offerboxffx@offerbox.com]

 ***** [Navigateurs] *****

 -\\ Internet Explorer v9.0.8112.16421

 [HKLM\SOFTWARE\Microsoft\Intern​et Explorer\AboutURls - Tabs] = hxxp://start.facemoods.com/?a=​ost&f=2

 -\\ Mozilla Firefox v5.0 (fr)

 Profil : dw8p8kx2.default
 Fichier : C:\Users\Ero\AppData\Roaming\M​ozilla\Firefox\Profiles\dw8p8k​x2.default\prefs.js

 Présente : user_pref("browser.startup.hom​epage", "hxxp://go.microsoft.com/fwlin​k/?LinkId=56626&homepage=hxxp:​//[...]

 -\\ Google Chrome v15.0.874.120

 Fichier : C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Preferences

 [OK] Le fichier ne contient aucune entrée illégitime.

 *************************

 AdwCleaner[R1].txt - [9007 octets] - [17/11/2011 22:43:28]

 ########## EOF - C:\AdwCleaner[R1].txt - [9135 octets] ##########

 Et encore merci de prendre du temps pour m'aider!!!!!!!!!!!!!!!!

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 18/11/2011 à 00:33:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Relance AdwCleaner ( d'Xplode )
 Clique sur [Suppression] puis patiente le temps du scan.
 Une fois le scan fini, un rapport s'ouvrira, poste le contenu de ce rapport.
 Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


 -----


 
  • Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
http://www.teamxscript.org/adr [...] ement.html
 http://dl.commentcamarche.net/ [...] .2%2CG.exe
 http://security-domain.be/download/telech.php?id=3

 bluefire-9 Désactive provisoirement et seulement le temps de l'utilisation de AD-Remover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de nettoyage de l'outil.
 Déconnecte-toi et ferme toutes applications en cours bluefire-9

 
  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur l'icône AD-Remover située sur ton Bureau.
(Vista/Seven - Faire un clique droit sur l'icône AD-Remover située sur ton Bureau et choisir exécuter en tant qu'administrateur.)
 
  • Au menu principal, choisis l'option Nettoyer.
  • Poste le rapport qui apparaît à la fin.

 (Le rapport est sauvegardé aussi sous C:\Ad-report(clean).Txt

 (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

 Aide : http://security-domain.be/tutoriel_AD-Remover.html
 

 @++    :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 18/11/2011 à 02:00:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 "

dédétraqué a écrit :

Salut sheperbloK


 Pas bien dur a comprendre..."   mdr ba çà dépend pour qui en faite car la j'ai l'impression que c'est du langage extra terrestre lol
 
 merci et encore merci de ton aide


Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 18/11/2011 à 02:33:34  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 As-tu des soucis??


 @++    :)

(Publicité)
sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 18/11/2011 à 14:24:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
oui et merci de t'en inquiéter...mon pc s’éteint tout seul maintenant c'est trop bizarre;;la je lance ad remover!!!

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 18/11/2011 à 14:35:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voici le rapport :

 ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 Mis à jour par TeamXscript le 12/04/11
 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
 Site web: http://www.teamxscript.org

 C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 14:27:54 le 18/11/2011, Mode normal

 Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2 (X86)
 Ero@PC-DE-ERO (HP-Pavilion KX575AA-ABF a6520.fr)
 
 ============== ACTION(S) ==============


 Fichier supprimé: C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Navigateur OfferBox.lnk
 Fichier supprimé: C:\Windows\system32\Tasks\Sche​duled Update for Ask Toolbar
 Dossier supprimé: C:\Users\Ero\AppData\Roaming\M​ozilla\FireFox\Profiles\dw8p8k​x2.default\extensions\toolbar@​ask.com
 Fichier supprimé: C:\Users\Ero\AppData\Roaming\M​ozilla\FireFox\Profiles\dw8p8k​x2.default\searchplugins\askco​m.xml
 Dossier supprimé: C:\Program Files\Ask.com
 Dossier supprimé: C:\Users\Ero\AppData\LocalLow\​AskToolbar
 Dossier supprimé: C:\Users\Ero\AppData\LocalLow\​Conduit
 Dossier supprimé: C:\Users\Ero\AppData\Roaming\C​razyLoader
 Dossier supprimé: C:\Users\Ero\AppData\Roaming\F​issaSearch
 Dossier supprimé: C:\Users\Ero\AppData\Roaming\H​BLite
 Dossier supprimé: C:\Users\Ero\AppData\LocalLow\​PriceGong
 Dossier supprimé: C:\Program Files\PriceGong
 Dossier supprimé: C:\Users\Ero\AppData\LocalLow\​ShoppingReport2
 Dossier supprimé: C:\Program Files\Widestream6

 (!) -- Fichiers temporaires supprimés.


 -- Fichier ouvert: C:\Users\Ero\AppData\Roaming\M​ozilla\FireFox\Profiles\dw8p8k​x2.default\Prefs.js --
 Ligne supprimée: user_pref("browser.startup.hom​epage", "hxxp://go.microsoft.com/fwlin​k/?LinkId=56626&homepage=hxxp:​//...
 -- Fichier Fermé --
 

 Clé supprimée: HKLM\Software\Classes\CLSID\{0​0000000-6E41-4FD3-8538-502F549​5E5FC}
 Clé supprimée: HKLM\Software\Classes\CLSID\{0​B25FF79-796A-4C2E-B09B-7921065​D8EF8}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{0B25FF79-796A-4C2E-B09B-792​1065D8EF8}
 Clé supprimée: HKLM\Software\Classes\CLSID\{1​631550F-191D-4826-B069-D943925​3D926}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{1631550F-191D-4826-B0​69-D9439253D926}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{1631550F-191D-4826-B069-D9439​253D926}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{16​31550F-191D-4826-B069-D9439253​D926}
 Clé supprimée: HKLM\Software\Classes\AppID\{8​35315FC-1BF6-4CA9-80CD-F6C158D​40692}
 Clé supprimée: HKLM\Software\Classes\CLSID\{1​a6dc111-b030-4c3e-be65-2992841​28b91}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{1a6dc111-b030-4c3e-be​65-299284128b91}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{1a6dc111-b030-4c3e-be65-29928​4128b91}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{1a​6dc111-b030-4c3e-be65-29928412​8b91}
 Clé supprimée: HKLM\Software\Classes\CLSID\{1​EB45B75-E889-42BE-B0C9-C8E0EE6​87052}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{1EB45B75-E889-42BE-B0C9-C8E​0EE687052}
 Clé supprimée: HKLM\Software\Classes\CLSID\{6​06d89e9-c72a-4e4d-8d3a-142b2a7​4ff1b}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{606d89e9-c72a-4e4d-8d3a-14​2b2a74ff1b}
 Clé supprimée: HKLM\Software\Classes\CLSID\{6​0d7e8fc-8849-46e8-b352-5abbae0​c48b4}
 Clé supprimée: HKLM\Software\Classes\CLSID\{9​9079a25-328f-4bd4-be04-00955ac​aa0a7}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{99079a​25-328f-4bd4-be04-00955acaa0a7​}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{99079a25-328f-4bd4-be​04-00955acaa0a7}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{99079a25-328f-4bd4-be04-00955​acaa0a7}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{99​079a25-328f-4bd4-be04-00955aca​a0a7}
 Clé supprimée: HKLM\Software\Classes\CLSID\{9​b218861-1cad-41e9-8105-1291a91​ca488}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{9b218861-1cad-41e9-8105-12​91a91ca488}
 Clé supprimée: HKLM\Software\Classes\CLSID\{A​40DC6C5-79D0-4ca8-A185-8FF989A​F1115}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{A40DC6C5-79D0-4ca8-A1​85-8FF989AF1115}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{A40DC6C5-79D0-4ca8-A185-8FF98​9AF1115}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{A4​0DC6C5-79D0-4ca8-A185-8FF989AF​1115}
 Clé supprimée: HKLM\Software\Classes\CLSID\{D​2A2595C-4FE4-4315-AA9B-19DBD62​71B71}
 Clé supprimée: HKLM\Software\Classes\CLSID\{D​4027C7F-154A-4066-A1AD-4243D81​27440}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Explorer\Brow​ser Helper Objects\{D4027C7F-154A-4066-A1​AD-4243D8127440}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{D4027C7F-154A-4066-A1AD-4243D​8127440}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{D4​027C7F-154A-4066-A1AD-4243D812​7440}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{54ADB4A4-6C88-4710-A227-820​961B9981E}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{6C434537-053E-486D-B62A-160​059D9D456}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{91CF619A-4686-4CA4-9232-3B2​E6B63AA92}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{AC71B60E-94C9-4EDE-BA46-E14​6747BB67E}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{B690A281-F7D4-4E0F-BA02-A12​ADD86277B}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{DB885111-F39F-4D88-9EE5-C88​460B6DF7B}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{F42A2432-287D-4161-8C94-99C​06BEE7A81}
 Clé supprimée: HKLM\Software\Classes\Interfac​e\{F44202AE-BE61-41C8-AFEA-5E4​94EC7595B}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{25B7FAD8-85B3-40A4-BBB8-22DBB​95831E1}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{2996F0E7-292B-4CAE-893F-47B8B​1C05B56}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{4FD0EE11-D5B1-41B1-A3BD-F5375​39804EE}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{5D82D8DD-B839-47C1-B8E0-AD754​F949BB6}
 Clé supprimée: HKLM\Software\Classes\TypeLib\​{8B3372D0-09F0-41A5-8D9B-134E1​48672FB}
 Clé supprimée: HKLM\Software\Classes\Conduit.​Engine
 Clé supprimée: HKLM\Software\Classes\GenericA​skToolbar.ToolbarWnd
 Clé supprimée: HKLM\Software\Classes\GenericA​skToolbar.ToolbarWnd.1
 Clé supprimée: HKLM\Software\Classes\PriceFac​torIE.PriceGongBHO
 Clé supprimée: HKLM\Software\Classes\PriceFac​torIE.PriceGongBHO.1
 Clé supprimée: HKLM\Software\Classes\PriceGon​gIE.PriceGongCtrl
 Clé supprimée: HKLM\Software\Classes\PriceGon​gIE.PriceGongCtrl.1
 Clé supprimée: HKLM\Software\Classes\SearchBa​r.Client
 Clé supprimée: HKLM\Software\Classes\Toolbar.​CT2851639
 Clé supprimée: HKLM\Software\Classes\AppID\Ge​nericAskToolbar.DLL
 Clé supprimée: HKLM\Software\Classes\AppID\{9​B0CB95C-933A-4B8C-B6D4-EDCD19A​43874}
 Clé supprimée: HKLM\Software\Classes\AppID\Pr​iceGongIE.DLL
 Clé supprimée: HKLM\Software\AskToolbar
 Clé supprimée: HKLM\Software\Conduit
 Clé supprimée: HKLM\Software\DataMngr
 Clé supprimée: HKLM\Software\FissaSearch
 Clé supprimée: HKLM\Software\SearchquMediabar​Tb
 Clé supprimée: HKCU\Software\Ask.com
 Clé supprimée: HKCU\Software\DataMngr
 Clé supprimée: HKCU\Software\FissaSearch
 Clé supprimée: HKCU\Software\AppDataLow\Softw​are\AskToolbar
 Clé supprimée: HKCU\Software\AppDataLow\Softw​are\PriceGong
 Clé supprimée: HKCU\Software\AppDataLow\Softw​are\ShoppingReport2
 Clé supprimée: HKLM\Software\Classes\Installe​r\Products\A28B4D68DEBAA244EB6​86953B7074FEF
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Installer\Use​rdata\S-1-5-18\Products\A28B4D​68DEBAA244EB686953B7074FEF
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{86BD568​7-5B81-4BAC-8C9F-BF40AABD8FD3}
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{8A96AF9​E-4074-43b7-BEA3-87217BDA7406}
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\SearchScopes\{b41306c​6-96d0-442a-bcc4-b0f621e82ce9}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\SearchScopes\{8A96AF9​E-4074-43b7-BEA3-87217BDA7406}
 Clé supprimée: HKCU\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A078F6​91-9C07-4AF2-BF43-35E79EECF8B7​}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{A5AA24​EA-11B8-4113-95AE-9ED71DEAF12A​}
 Clé supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Low Rights\ElevationPolicy\{a61376​ff-292a-4591-a6b5-d90771424583​}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\{4BD271AB-​66E2-4D58-AF88-80FE3B0770C4}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\{86D4B82A-​ABED-442A-BE86-96357B70F4FE}
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\conduitEng​ine
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\HBLiteSA
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\OfferBox Browser
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\pricegong
 Clé supprimée: HKCU\Software\Microsoft\Window​s\CurrentVersion\App Management\ARPCache\ShoppingRe​port2
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{4B​D271AB-66E2-4D58-AF88-80FE3B07​70C4}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\{86​D4B82A-ABED-442A-BE86-96357B70​F4FE}
 Clé supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Uninstall\pri​cegong
 Clé supprimée: HKLM\Software\Google\Chrome\Ex​tensions\bjeikeheijdjdfjbmknpe​fojickbkmom
 Erreur suppression clé: HKLM\Software\Microsoft\Window​s NT\CurrentVersion\Schedule\Tas​kCache\Tree\Scheduled Update for Ask Toolbar

 Valeur supprimée: HKLM\Software\Mozilla\Firefox\​Extensions|offerboxffx@offerbo​x.com
 Valeur supprimée: HKLM\Software\Mozilla\Firefox\​Extensions|widestream6@spointe​r.com
 Valeur supprimée: HKLM\Software\Microsoft\Window​s\CurrentVersion\Run|DataMngr
 Valeur supprimée: HKCU\Software\Microsoft\Intern​et Explorer\URLSearchHooks|{00000​000-6E41-4FD3-8538-502F5495E5F​C}
 Valeur supprimée: HKLM\Software\Microsoft\Intern​et Explorer\Toolbar|{D4027C7F-154​A-4066-A1AD-4243D8127440}
 Valeur supprimée: HKCU\Software\Microsoft\Intern​et Explorer\Toolbar\WebBrowser|{3​0F9B915-B755-4826-820B-08FBA6B​D249D}


 ============== SCAN ADDITIONNEL ==============

 -- C:\Users\Ero\AppData\Roaming\M​ozilla\FireFox\Profiles\dw8p8k​x2.default --
 Extensions\cacaoweb@cacaoweb.o​rg (cacaoweb)
 Extensions\toolbar@Orange.fr (barre d'outils Orange)
 Prefs.js - browser.startup.homepage_overr​ide.buildID, 20110615151330
 Prefs.js - browser.startup.homepage_overr​ide.mstone, rv:5.0

 ==============================​==========

 **** Google Chrome Version [15.0.874.120] ****

 Extension\eppeebfgcgojgpffkdcp​iljephjaboki (C:\Program Files\Widestream6\spointer\ext​ensions\widestream6_air_chrome​.crx) (x)

 -- C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default --
 Preferences - default_search_provider: "Web Search" (Activé: true) (hxxp://www.searchqu.com/web?s​rc=crb&systemid=406&q={searchT​erms})
 Preferences - homepage: hxxp://www.searchqu.com/406
 Preferences - homepage_is_newtabpage: false
 Plugin - Remoting Viewer (Activé: true) (internal-remoting-viewer) (x)
 Plugin - Native Client (Activé: true) (C:\Users\Ero\AppData\Local\Go​ogle\Chrome\Application\15.0.8​74.120\ppGoogleNaClPluginChrom​e.dll)
 Plugin - Interest Recognizer for Widestream6 (Activé: true) (C:\Users\Ero\AppData\Local\Go​ogle\Chrome\User Data\Default\Extensions\eppeeb​fgcgojgpffkdcpiljephjaboki\4.0​.1938.5_0\widestream6_air_chro​me.dll)
 Plugin - WildTangent Games App Presence Detector (Activé: true) (C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll)
 Plugin - "Java" (Activé: true)
 Plugin - "Silverlight" (Activé: true)
 Plugin - "Remoting Viewer" (Activé: true)
 Plugin - "Native Client" (Activé: true)
 Plugin - "OfferboxChromePlugin Dynamic Link Library" (Activé: true)
 Plugin - "Interest Recognizer for Widestream6" (Activé: true)
 Plugin - "WildTangent Games App Presence Detector" (Activé: true)

 ==============================​==========

 **** Internet Explorer Version [9.0.8112.16421] ****

 HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&pver=6&ar=ms​nhome
 HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink​/?linkid=54896
 HKCU_Main|Start Page - hxxp://fr.msn.com/
 HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink​/?LinkId=54896
 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.​htm
 HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 HKLM_Main|Start Page - hxxp://fr.msn.com/
 HKCU_URLSearchHooks|{05eeb91a-​aef7-4f8a-978f-fb83e7b03f8e} (x)
 HKCU_SearchScopes\{38B8FAA4-4D​00-4D82-8D27-CB69C385B089} - "Kelkoo" (hxxp://fr.kelkoopartners.net/​ctl/do/search?siteSearchQuery=​{searchTerms}&fromfor...)
 HKCU_SearchScopes\{4B8C28A7-A9​BC-45F8-990D-21499EED643C} - "QuestScan" (hxxp://www.questscan.com/?prt​=QstscanPB&keywords={searchTer​ms})
 HKCU_SearchScopes\{814C76CB-26​23-43F4-AAD0-58A0E5190A20} - "Orange" (hxxp://rws.search.ke.voila.fr​/RW/S/opensearch_orange?rdata=​{searchTerms})
 HKLM_SearchScopes\{38B8FAA4-4D​00-4D82-8D27-CB69C385B089} - "Kelkoo" (hxxp://fr.kelkoopartners.net/​ctl/do/search?siteSearchQuery=​{searchTerms}&fromfor...)
 HKCU_Toolbar\WebBrowser|{05EEB​91A-AEF7-4F8A-978F-FB83E7B03F8​E} (x)
 HKCU_Toolbar\WebBrowser|{6ADB0​F93-1AA5-4BCF-9DF4-CEA689A3C11​1} (x)
 HKCU_Toolbar\WebBrowser|{32099​AAC-C132-4136-9E9A-4E364A424E1​7} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
 HKLM_Toolbar|{32099AAC-C132-41​36-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
 HKLM_Toolbar|{99079a25-328f-4b​d4-be04-00955acaa0a7} (x)
 HKLM_Toolbar|{c9a6357b-25cc-4b​cf-96c1-78736985d412} (mscoree.dll) (x)
 HKCU_ElevationPolicy\{1024F1BE​-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Ero\AppData\Local\Fac​ebook\Video\Skype\FacebookVide​oCalling.exe (Skype Limited)
 HKCU_ElevationPolicy\{4169044D​-6BA4-4661-B7D6-E29274F1F458} - C:\Program Files\WildTangent Games\App\BrowserIntegration\w​tapp_ProtocolHandler.exe (WildTangent, Inc.)
 HKCU_ElevationPolicy\{E0A900DF​-9611-4446-86BD-4B1D47E7DB2A} - C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\14.0.83​5.202\chrome_launcher.exe (x)
 HKLM_ElevationPolicy\{1024F1BE​-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Ero\AppData\Local\Fac​ebook\Video\Skype\FacebookVide​oCalling.exe (Skype Limited)
 HKLM_ElevationPolicy\{70f641fd​-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
 HKLM_ElevationPolicy\{B926BA74​-5D28-40A1-A0E6-E0262CEC0C82} - C:\PROGRA~1\WI371A~1\ToolBar\d​tUser.exe (Visicom Media Inc.)
 HKLM_Extensions\{DFB852A3-47F8​-48C4-A200-58CAB36FD2A2} - "?" (?)
 BHO\{1d970ed5-3eda-438d-bffd-7​15931e2775b} - "ToolbarOrange.InitToolbarBHO" (mscoree.dll) (x)
 BHO\{465E08E7-F005-4389-980F-1​D8764B3486C} (?)
 BHO\{DF925EF3-7A87-44E4-9CAF-8​D7B280BF616} - "IplexToALLPlayer" (C:\PROGRA~1\OPENSU~1\Iplex\IP​LEXT~1.DLL)

 ==============================​==========

 C:\Program Files\Ad-Remover\Quarantine: 228 Fichier(s)
 C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

 C:\Ad-Report-CLEAN[1].txt - 18/11/2011 14:27:57 (15625 Octet(s))

 Fin à: 14:29:14, 18/11/2011
 
 ============== E.O.F ==============


 

sheperbloK a écrit :

oui et merci de t'en inquiéter...mon pc s’éteint tout seul maintenant c'est trop bizarre;;la je lance ad remover!!!
 



Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 18/11/2011 à 15:25:34  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 herisson41​-7 Télécharge et installe MalwareByte's Anti-Malware
 http://www.01net.com/telecharg [...] 44096.html

 herisson41​-7 Mets le à jour (Important)

 herisson41​-7 Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
 herisson41​-7 Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
 herisson41​-7 Clique sur Rechercher

 herisson41​-7 Une fois le scan terminé, une fenêtre s'ouvre, clique sur  sur Ok

 herisson41​-7 Si MalwareByte's n'a rien détecté, clique sur Ok  Un rapport va apparaître ferme-le.

 herisson41​-7 Si MalwareByte's a détecté des infections, clique sur Afficher les résultats  ensuite sur Supprimer la sélection

 herisson41​-7 Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

 Note : Si MalwareByte's  a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

 Tutoriel pour MalwareByte's ici :
 http://www.malekal.com/tutoria [...] alware.php


 -----


 Refais un scan avec OTL comme la première fois avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport.


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/11/2011 à 10:49:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Malwarebytes' Anti-Malware 1.51.2.1300
 www.malwarebytes.org

 Version de la base de données: 8188

 Windows 6.0.6002 Service Pack 2
 Internet Explorer 9.0.8112.16421

 19/11/2011 10:23:15
 mbam-log-2011-11-19 (10-23-13).txt

 Type d'examen: Examen complet (C:\|D:\|E:\|P:\|)
 Elément(s) analysé(s): 402659
 Temps écoulé: 1 heure(s), 29 minute(s), 32 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 6
 Valeur(s) du Registre infectée(s): 1
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 1

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-​B00F39A4E939} (Adware.ShoppingReport2) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{BDEA95CF-F0E6-41​E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> No action taken.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\SearchScopes\{4B8C28A​7-A9BC-45F8-990D-21499EED643C} (Adware.QuestScan) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Ext\PreApproved\{4D1EC4CA-4B9​2-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Ext\PreApproved\{4E674574-3F0​B-491d-8AE3-F90B43A34FD6} (Adware.Hotbar) -> No action taken.
 HKEY_LOCAL_MACHINE\SOFTWARE\QU​ESTSCAN (Adware.QuestScan) -> No action taken.

 Valeur(s) du Registre infectée(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Qu​estScan\DllPath (Adware.QuestScan) -> Value: DllPath -> No action taken.

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 c:\Users\Ero\downloads\orcs.mu​st.die-skidrow\orcs.must.die.f​ix-skidrow\orcs.must.die!.fix.​exe (PUP.Hacktool.Patcher) -> No action taken.

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/11/2011 à 11:12:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OTL logfile created on: 19/11/2011 10:51:34 - Run 2
 OTL by OldTimer - Version 3.2.31.0     Folder = c:\Users\Ero\Documents\Downloa​ds
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,49% Memory free
 6,21 Gb Paging File | 4,84 Gb Available in Paging File | 77,91% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 455,10 Gb Total Space | 110,27 Gb Free Space | 24,23% Space Free | Partition Type: NTFS
 Drive D: | 10,66 Gb Total Space | 1,33 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
 Drive P: | 931,51 Gb Total Space | 216,39 Gb Free Space | 23,23% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-ERO | User Name: Ero | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/11/17 20:04:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- c:\Users\Ero\Documents\Downloa​ds\OTL.exe
 PRC - [2011/11/17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe
 PRC - [2011/11/16 05:37:23 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
 PRC - [2011/09/26 09:40:24 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
 PRC - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
 PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 PRC - [2011/08/18 10:48:31 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\​rbmonitor.exe
 PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
 PRC - [2011/05/18 21:35:55 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
 PRC - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
 PRC - [2011/05/05 14:34:14 | 000,861,696 | ---- | M] (Orange) -- C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe
 PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
 PRC - [2011/02/04 12:08:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 PRC - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 PRC - [2009/09/09 13:26:36 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe
 PRC - [2009/04/11 07:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\W​MIADAP.EXE
 PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 PRC - [2008/07/03 10:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
 PRC - [2007/04/18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - [2011/11/16 05:37:20 | 014,410,024 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
 MOD - [2011/11/16 05:37:08 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
 MOD - [2011/11/16 05:37:08 | 000,194,344 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
 MOD - [2011/11/16 05:37:08 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dl​l
 MOD - [2011/11/16 05:37:08 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
 MOD - [2011/10/12 12:52:29 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Web\e0​0630ec1e225a2376fdd430645e20f7​\System.Web.ni.dll
 MOD - [2011/10/12 12:52:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\6d2f689baff5da3df134fd​ec0742a13c\System.Runtime.Remo​ting.ni.dll
 MOD - [2011/10/12 12:31:28 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\c1​c06a392871267db27f7cbc40e1c4fb​\System.Xml.ni.dll
 MOD - [2011/10/12 12:30:58 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\1363115565fff5a641243a​48f396f107\System.Windows.Form​s.ni.dll
 MOD - [2011/10/12 12:30:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\367c4043efc2f32d843cb588b0dc​97fc\System.Drawing.ni.dll
 MOD - [2011/10/12 12:29:11 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\f9c36e​a806e77872dce891c77b68fac3\Sys​tem.ni.dll
 MOD - [2011/10/12 12:28:51 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\b663​2a8b2f276a8e31f5b0f6b2006cd1\m​scorlib.ni.dll
 MOD - [2010/11/04 10:10:52 | 000,337,408 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtXm​l4.dll
 MOD - [2010/11/04 10:10:50 | 000,875,520 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtNe​twork4.dll
 MOD - [2010/11/04 10:10:48 | 007,390,720 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtGu​i4.dll
 MOD - [2010/11/04 10:10:46 | 002,012,160 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtCo​re4.dll
 MOD - [2010/11/04 10:10:46 | 000,241,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on4.dll
 MOD - [2010/11/04 10:10:46 | 000,182,784 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Prox​yDetection.dll
 MOD - [2010/11/04 10:10:46 | 000,177,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on_backend\phonon_ds94.dll
 MOD - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 MOD - [2010/11/04 10:10:44 | 000,022,016 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\imag​eformats\qgif4.dll
 MOD - [2009/09/27 22:02:24 | 000,797,184 | ---- | M] () -- C:\WINDOWS\System32\ac3filter.​ax
 MOD - [2009/03/30 05:42:27 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\S​ystem.Windows.Forms.resources\​2.0.0.0_fr_b77a5c561934e089\Sy​stem.Windows.Forms.resources.d​ll
 MOD - [2009/03/30 05:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll
 MOD - [2008/05/16 12:11:39 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime\2.0.​2977.39064__90ba9c70f846762e\C​LI.Caste.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:39 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Wizard\2.0.2977.39118__90ba9c7​0f846762e\CLI.Aspect.InfoCentr​e.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard\2.0.2​977.39097__90ba9c70f846762e\CL​I.Caste.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Runtime\2.0.2977.39084__9​0ba9c70f846762e\CLI.Aspect.Hot​keysHandling.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:38 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Wizard\2.0.2977.39104__90​ba9c70f846762e\CLI.Aspect.Disp​laysManager.Graphics.Wizard.dl​l
 MOD - [2008/05/16 12:11:38 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.W​izard\2.0.2977.39334__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Ru​ntime\2.0.2977.39300__90ba9c70​f846762e\CLI.Aspect.DeviceTV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Ru​ntime\2.0.2977.39263__90ba9c70​f846762e\CLI.Aspect.DeviceCV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Runtime\2.0.2977.39217__90​ba9c70f846762e\CLI.Aspect.Devi​ceProperty.Graphics.Runtime.dl​l
 MOD - [2008/05/16 12:11:24 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Da​shboard\2.0.2977.39271__90ba9c​70f846762e\CLI.Aspect.Radeon3D​.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Welcome.Graphics.Das​hboard\2.0.2977.39340__90ba9c7​0f846762e\CLI.Aspect.Welcome.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Wi​zard\2.0.2977.39277__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Wizard.dll
 MOD - [2008/05/16 12:11:24 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard\2.​0.2977.39076__90ba9c70f846762e​\CLI.Caste.Graphics.Dashboard.​dll
 MOD - [2008/05/16 12:11:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Ru​ntime\2.0.2977.39270__90ba9c70​f846762e\CLI.Aspect.Radeon3D.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:24 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Runtime\2.0.2977.39331__90b​a9c70f846762e\CLI.Aspect.Power​PlayDPPE.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:23 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Runtime\2.0.2977.39361__90ba9c​70f846762e\CLI.Aspect.OverDriv​e5.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Das​hboard\2.0.2977.39227__90ba9c7​0f846762e\CLI.Aspect.MMVideo.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Dashboard\2.0.2977.39131_​_90ba9c70f846762e\CLI.Aspect.D​isplaysColour2.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.D​ashboard\2.0.2977.39219__90ba9​c70f846762e\CLI.Aspect.DeviceC​RT.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.D​ashboard\2.0.2977.39211__90ba9​c70f846762e\CLI.Aspect.DeviceD​FP.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Dashboard\2.0.2977.39085_​_90ba9c70f846762e\CLI.Aspect.D​isplaysManager.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Wiz​ard\2.0.2977.39292__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Wizard.dll
 MOD - [2008/05/16 12:11:22 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Dashboard\2.0.2977.39124__90ba​9c70f846762e\CLI.Aspect.InfoCe​ntre.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Dashboard\2.0.2977.39244_​_90ba9c70f846762e\CLI.Aspect.D​isplaysOptions.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Run​time\2.0.2977.39226__90ba9c70f​846762e\CLI.Aspect.MMVideo.Gra​phics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.R​untime\2.0.2977.39218__90ba9c7​0f846762e\CLI.Aspect.DeviceDFP​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Runtime\2.0.2977.39137__9​0ba9c70f846762e\CLI.Aspect.Dis​playsColour2.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.R​untime\2.0.2977.39226__90ba9c7​0f846762e\CLI.Aspect.DeviceCRT​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Runtime\2.0.2977.39243__9​0ba9c70f846762e\CLI.Aspect.Dis​playsOptions.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.R​untime\2.0.2977.39255__90ba9c7​0f846762e\CLI.Aspect.DeviceLCD​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Hotkeys.Shared\2.0.2​939.23687__90ba9c70f846762e\AE​M.Plugin.Hotkeys.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Actions.CCAA.Shared\2.0.293​9.23679__90ba9c70f846762e\AEM.​Actions.CCAA.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.EEU.Shared\2.0.2939.​23710__90ba9c70f846762e\AEM.Pl​ugin.EEU.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Shared\2.0.2939.23747__90ba9c7​0f846762e\CLI.Aspect.OverDrive​5.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation\2.0.2939.23668__​90ba9c70f846762e\CLI.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Shared\2.0.2​939.23689__90ba9c70f846762e\CL​I.Caste.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Sh​ared\2.0.2939.23743__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0601\2.0.2573.176​85__90ba9c70f846762e\DEM.Graph​ics.I0601.dll
 MOD - [2008/05/16 12:11:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.S​hared\2.0.2939.23764__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation\2.0.2939.23662__​90ba9c70f846762e\LOG.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.XManifest\2.0.29​39.23802__90ba9c70f846762e\CLI​.Foundation.XManifest.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Shared\2.0.2939.23763__90ba​9c70f846762e\CLI.Aspect.PowerP​layDPPE.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\N​EWAEM.Foundation\2.0.2939.2366​7__90ba9c70f846762e\NEWAEM.Fou​ndation.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS.I0602\2.0.2939.23717__90​ba9c70f846762e\DEM.OS.I0602.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0703\2.0.2651.188​02__90ba9c70f846762e\DEM.Graph​ics.I0703.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared\2.0​.2939.23693__90ba9c70f846762e\​CLI.Component.Wizard.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared\​2.0.2939.23687__90ba9c70f84676​2e\CLI.Component.Dashboard.Sha​red.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared\2.0​.2939.23679__90ba9c70f846762e\​CLI.Component.Client.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Foundation\2.0.2939.23707__​90ba9c70f846762e\MOM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS\2.0.2939.23717__90ba9c70​f846762e\DEM.OS.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0706\2.0.2743.233​04__90ba9c70f846762e\DEM.Graph​ics.I0706.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics\2.0.2939.23718__90​ba9c70f846762e\DEM.Graphics.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Foundation\2.0.2573.17684__​90ba9c70f846762e\DEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared\2.​0.2939.23688__90ba9c70f846762e​\CLI.Component.Runtime.Shared.​dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard.Share​d\2.0.2939.23734__90ba9c70f846​762e\CLI.Caste.Graphics.Wizard​.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard.Sh​ared\2.0.2939.23718__90ba9c70f​846762e\CLI.Caste.Graphics.Das​hboard.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.GD.Shared\2.0.2939.2​3767__90ba9c70f846762e\AEM.Plu​gin.GD.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.DPPE.Shared\2.0.2939​.23768__90ba9c70f846762e\AEM.P​lugin.DPPE.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\a​tixclib\1.0.0.0__90ba9c70f8467​62e\atixclib.dll
 MOD - [2008/05/16 12:11:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Sh​ared\2.0.2965.22300__90ba9c70f​846762e\CLI.Aspect.DeviceTV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.S​hared\2.0.2939.23739__90ba9c70​f846762e\CLI.Aspect.DeviceCRT.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Sha​red\2.0.2939.23740__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.S​hared\2.0.2939.23738__90ba9c70​f846762e\CLI.Aspect.DeviceDFP.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Sh​ared\2.0.2939.23742__90ba9c70f​846762e\CLI.Aspect.DeviceCV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Shared\2.0.2939.23708__90b​a9c70f846762e\CLI.Aspect.Devic​eProperty.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Shared\2.0.2939.23735__90​ba9c70f846762e\CLI.Aspect.Disp​laysColour2.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.S​hared\2.0.2939.23719__90ba9c70​f846762e\CLI.Aspect.DeviceLCD.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Shared\2.0.2939.23741__90​ba9c70f846762e\CLI.Aspect.Disp​laysOptions.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.CustomFormats.Graphi​cs.Shared\2.0.2939.23711__90ba​9c70f846762e\CLI.Aspect.Custom​Formats.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Foundation\2.0.2939.23665__​90ba9c70f846762e\AEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​CE.Graphics.DisplaysManager.Sh​ared\2.0.2573.17685__90ba9c70f​846762e\ACE.Graphics.DisplaysM​anager.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Shared\2.0.2939.23719__90​ba9c70f846762e\CLI.Aspect.Hotk​eysHandling.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Foundation\2.0.2939.23709__​90ba9c70f846762e\APM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server.Shared\2.0.2939.2368​7__90ba9c70f846762e\AEM.Server​.Shared.dll
 MOD - [2008/05/16 12:11:15 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard\2.0.297​7.39071__90ba9c70f846762e\CLI.​Component.Dashboard.dll
 MOD - [2008/05/16 12:11:15 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard\2.0.2977.3​9091__90ba9c70f846762e\CLI.Com​ponent.Wizard.dll
 MOD - [2008/05/16 12:11:15 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Implementation\2.0.2977.393​24__90ba9c70f846762e\MOM.Imple​mentation.dll
 MOD - [2008/05/16 12:11:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime\2.0.2977.​39056__90ba9c70f846762e\CLI.Co​mponent.Runtime.dll
 MOD - [2008/05/16 12:11:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation\2​.0.2977.39322__90ba9c70f846762​e\LOG.Foundation.Implementatio​n.dll
 MOD - [2008/05/16 12:11:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared.Pr​ivate\2.0.2939.23713__90ba9c70​f846762e\CLI.Component.Runtime​.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.Private\2.0.2939​.23678__90ba9c70f846762e\CLI.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared.Pri​vate\2.0.2939.23689__90ba9c70f​846762e\CLI.Component.Client.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Source.Kit.Server\2.​0.2977.39353__90ba9c70f846762e​\AEM.Plugin.Source.Kit.Server.​dll
 MOD - [2008/05/16 12:11:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Private\2.0.2939​.23679__90ba9c70f846762e\LOG.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared.Pri​vate\2.0.2939.23694__90ba9c70f​846762e\CLI.Component.Wizard.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation.P​rivate\2.0.2939.23712__90ba9c7​0f846762e\LOG.Foundation.Imple​mentation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared.​Private\2.0.2939.23711__90ba9c​70f846762e\CLI.Component.Dashb​oard.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime.Shar​ed.Private\2.0.2939.23746__90b​a9c70f846762e\CLI.Caste.Graphi​cs.Runtime.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OCALIZATION.Foundation.Private​\2.0.2939.23677__90ba9c70f8467​62e\LOCALIZATION.Foundation.Pr​ivate.dll
 MOD - [2008/05/16 12:11:15 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Extension​.EEU\2.0.2977.39056__90ba9c70f​846762e\CLI.Component.Runtime.​Extension.EEU.dll
 MOD - [2008/05/16 12:11:14 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TIDEMOS\2.0.2977.39057__90ba9c​70f846762e\ATIDEMOS.dll
 MOD - [2008/05/16 12:11:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Server\2.0.2977.39055__90ba​9c70f846762e\APM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server\2.0.2977.39055__90ba​9c70f846762e\AEM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​CC.Implementation\2.0.2977.393​23__90ba9c70f846762e\CCC.Imple​mentation.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TICCCom\2.0.0.0__90ba9c70f8467​62e\ATICCCom.dll
 MOD - [2008/02/25 23:10:10 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\atitmmxx.d​ll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - [2011/11/18 02:33:45 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d7​68ebc.dll -- (Akamai)
 SRV - [2011/11/16 05:37:23 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 SRV - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
 SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
 SRV - [2011/05/20 10:13:26 | 001,055,872 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Serv​ice\OUCore.exe -- (Orange update Core Service)
 SRV - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
 SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
 SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 SRV - [2009/08/24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
 SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 SRV - [2008/02/03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
 SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Tr​ueSight.sys -- (TrueSight)
 DRV - [2011/09/02 01:52:47 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\av​ipbb.sys -- (avipbb)
 DRV - [2011/09/02 01:52:47 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\av​gntflt.sys -- (avgntflt)
 DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mb​am.sys -- (MBAMProtector)
 DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Ni​sDrvWFP.sys -- (NisDrv)
 DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mp​NWMon.sys -- (MpNWMon)
 DRV - [2011/03/24 19:26:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sp​td.sys -- (sptd)
 DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ss​mdrv.sys -- (ssmdrv)
 DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
 DRV - [2008/02/26 01:53:20 | 003,520,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\at​ikmdag.sys -- (atikmdag)
 DRV - [2008/01/29 13:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nv​mfdx32.sys -- (NVENETFD)
 DRV - [2008/01/25 20:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​rd32.sys -- (nvrd32)
 DRV - [2008/01/25 20:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​stor32.sys -- (nvstor32)
 DRV - [2007/10/12 16:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​smu.sys -- (nvsmu)
 DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS​2.sys -- (Ps2)
 DRV - [2004/11/29 19:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​sync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
 DRV - [2004/11/25 17:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sf​drv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
 DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​hlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\SOFTWARE\M​icrosoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_por [...] efaultPage
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\URLSear​chHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - No CLSID value found
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\Software\M​icrosoft\Windows\CurrentVersio​n\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..network.proxy.type: 0
 
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​videolan.org/vlc,version=1.1.9​: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 FF - HKLM\Software\MozillaPlugins\@​WildTangent.com/GamesAppPresen​ceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll ()
 FF - HKCU\Software\MozillaPlugins\@​Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ero\AppData\Local\Fac​ebook\Video\Skype\npFacebookVi​deoCalling.dll (Skype Limited)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\smar​twebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 FF - HKEY_CURRENT_USER\software\moz​illa\Firefox\Extensions\\smart​webprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 
 [2011/07/02 11:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Extensions
 [2011/11/18 14:28:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions
 [2011/11/12 18:39:28 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org
 [2011/07/09 08:35:55 | 000,000,000 | ---D | M] (barre d'outils Orange) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\toolbar@​Orange.fr
 [2011/03/21 17:51:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAME​WORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTE​NSION
 
 ========== Chrome  ==========
 
 CHR - default_search_provider: Web Search (Enabled)
 CHR - default_search_provider: search_url = http://www.searchqu.com/web?sr [...] archTerms}
 CHR - default_search_provider: suggest_url =
 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.121\gcswf32.dll
 CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npdeployJava1.dll
 CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll
 CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl​.dll
 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
 CHR - plugin: Native Client (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.121\ppGoogleNaClPluginChrome​.dll
 CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.121\pdf.dll
 CHR - plugin: OfferboxChromePlugin Dynamic Link Library (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\bjeike​heijdjdfjbmknpefojickbkmom\2.1​.3564.126_0\OfferboxChromePlug​in.dll
 CHR - plugin: Interest Recognizer for Widestream6 (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\eppeeb​fgcgojgpffkdcpiljephjaboki\4.0​.1938.5_0\widestream6_air_chro​me.dll
 CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
 CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
 CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\​npGoogleUpdate3.dll
 CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
 CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll
 CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll
 CHR - plugin: Default Plug-in (Enabled) = default_plugin
 CHR - Extension: AT_DJTiesto = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\okmcbg​kkeagngnijeiighgblfljbekip\2_0​\
 
 O1 HOSTS File: ([2011/10/10 14:43:19 | 000,437,101 | R--- | M]) - C:\WINDOWS\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1 www.007guard.com
 O1 - Hosts: 127.0.0.1 007guard.com
 O1 - Hosts: 127.0.0.1 008i.com
 O1 - Hosts: 127.0.0.1 www.008k.com
 O1 - Hosts: 127.0.0.1 008k.com
 O1 - Hosts: 127.0.0.1 www.00hq.com
 O1 - Hosts: 127.0.0.1 00hq.com
 O1 - Hosts: 127.0.0.1 010402.com
 O1 - Hosts: 127.0.0.1 www.032439.com
 O1 - Hosts: 127.0.0.1 032439.com
 O1 - Hosts: 127.0.0.1 www.0scan.com
 O1 - Hosts: 127.0.0.1 0scan.com
 O1 - Hosts: 127.0.0.1 1000gratisproben.com
 O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
 O1 - Hosts: 127.0.0.1 1001namen.com
 O1 - Hosts: 127.0.0.1 www.1001namen.com
 O1 - Hosts: 127.0.0.1 100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100sexlinks.com
 O1 - Hosts: 127.0.0.1 100sexlinks.com
 O1 - Hosts: 127.0.0.1 10sek.com
 O1 - Hosts: 127.0.0.1 www.10sek.com
 O1 - Hosts: 127.0.0.1 www.1-2005-search.com
 O1 - Hosts: 127.0.0.1 1-2005-search.com
 O1 - Hosts: 127.0.0.1 123fporn.info
 O1 - Hosts: 15060 more lines...
 O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll (Adobe Systems Incorporated)
 O2 - BHO: (ToolbarOrange.InitToolbarBHO) - {1d970ed5-3eda-438d-bffd-71593​1e2775b} - mscoree.dll (Microsoft Corporation)
 O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D876​4B3486C} - No CLSID value found.
 O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B2​80BF616} - C:\PROGRA~1\OPENSU~1\Iplex\IPL​EXT~1.DLL (ALLCinema Ltd.)
 O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {c9a6357b-25cc-4bcf-96c1-78736​985d412} - mscoree.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E​7B03F8E} - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O4 - HKLM..\Run: []  File not found
 O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
 O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
 O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe (CyberLink Corp.)
 O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe File not found
 O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
 O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
 O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
 O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
 O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
 O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe (Advanced Micro Devices, Inc.)
 O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Akamai NetSession Interface] C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe (Akamai Technologies, Inc)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [ALLUpdate] C:\Program Files\OpenSubtitlesPlayer\ALLU​pdate.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Facebook Update] C:\Users\Ero\AppData\Local\Fac​ebook\Update\FacebookUpdate.ex​e (Facebook Inc.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [orangeinside] C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe (Orange)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\​launcher.exe (Uniblue Systems Limited)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
 O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\addfavo​rites_html\addfavorites.html ()
 O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​selectedtext_html\sendsmsselec​tedtext.html ()
 O8 - Extra context menu item: envoyer par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​_html\sendsms.html ()
 O8 - Extra context menu item: envoyer un mail - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendmai​l_html\sendmail.html ()
 O8 - Extra context menu item: orange.fr - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\orange_​html\orange.html ()
 O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\selecte​dsearch_html\selectedsearch.ht​ml ()
 O8 - Extra context menu item: traduire la page - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​te_html\translate.html ()
 O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​teSelectedText_html\translateS​electedText.html ()
 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O13 - gopher Prefix: missing
 O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_01)
 O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{C561E0​60-3B3C-486D-8A20-28D2DE67FE04​}: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Filter\application/oc​tet-stream {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​complus {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​msdownload {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll (Discordia, LTD)
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll (Discordia, LTD)
 O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) -C:\WINDOWS\System32\userinit.​exe (Microsoft Corporation)
 O24 - Desktop WallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O24 - Desktop BackupWallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2008/05/16 12:22:55 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O32 - AutoRun File - [2010/08/27 17:44:50 | 000,000,000 | RH-D | M] - P:\autorun -- [ NTFS ]
 O32 - Unable to obtain root file information for disk P:\
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell\Au​toRun\command - "" = O:\LaunchU3.exe -a
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell\Au​toRun\command - "" = K:\setup.exe
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 NetSvcs: ezSharedSvc - C:\WINDOWS\System32\ezsvc7.dll (EasyBits Sofware AS)
 
 MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
 
 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootMin: NTDS -  File not found
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NTDS -  File not found
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootNet: WudfPf - Driver
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Java (Sun)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} - NetShow
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Windows Media Player 5.2
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {3C3901C5-3455-3E0A-A214-0B093​A5070A6} - .NET Framework
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} - DirectShow
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.7
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - C:\WINDOWS\System32\Microsoft
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E​41B1089} - .NET Framework
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\system32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.d​ll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789​CFEFCDD} - .NET Framework
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {CDD7975E-60F8-41d5-8149-19E51​D6F71D0} - Windows Movie Maker v2.1
 ActiveX: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} - Adobe Flash Player
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - C:\Windows\system32\unregmp2.e​xe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\system32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF} - "C:\Windows\System32\rundll32.​exe" "C:\Windows\System32\iedkcs32.​dll",BrandIEActiveSetup SIGNUP
 
 Drivers32: aux - wdmaud.drv (Microsoft Corporation)
 Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: aux2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: midi - wdmaud.drv (Microsoft Corporation)
 Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: midimapper - midimap.dll (Microsoft Corporation)
 Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
 Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
 Drivers32: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
 Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
 Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
 Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
 Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
 Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
 Drivers32: VIDC.IV41 - IR41_32.AX (Intel Corporation)
 Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
 Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
 Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
 Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
 Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.XVID - xvidvfw.dll ()
 Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
 Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
 Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
 Drivers32: wave - wdmaud.drv (Microsoft Corporation)
 Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/11/18 17:32:37 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\M​alwarebytes
 [2011/11/18 17:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Malwarebytes' Anti-Malware
 [2011/11/18 17:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
 [2011/11/18 17:17:44 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mb​am.sys
 [2011/11/18 17:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2011/11/18 14:27:10 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows\Start Menu\Programs\Ad-Remover
 [2011/11/18 14:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
 [2011/11/17 21:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
 [2011/11/17 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\Desktop\RK_Quaran​tine
 [2011/11/13 04:34:28 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Div​inity 2
 [2011/11/12 18:39:05 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\c​acaoweb
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Strongh​old 3
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
 [2011/11/11 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Stronghold 3
 [2011/11/11 02:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/11/09 21:29:08 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Aka​mai
 [2011/11/01 10:17:30 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Orcs Must Die
 [2011/11/01 10:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Robot Entertainment
 [2011/11/01 10:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Robot Entertainment
 [2011/10/31 17:48:49 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax
 [2011/10/31 17:48:49 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.d​ll
 [2011/10/31 17:48:48 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.d​ll
 [2011/10/31 17:48:46 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\strmdll.dl​l
 [2011/10/31 17:48:46 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.ex​e
 [2011/10/31 17:48:43 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll
 [2011/10/31 17:48:43 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll
 [2011/10/31 17:48:43 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv
 [2011/10/31 17:48:41 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/31 17:44:20 | 000,000,000 | ---D | C] -- C:\Dark Project
 [2011/10/31 17:43:49 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe
 [2011/10/27 12:29:24 | 001,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
 [2011/10/27 12:29:24 | 000,540,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.c​pl
 [2011/10/27 12:29:23 | 006,266,880 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
 [2011/10/27 12:29:23 | 000,725,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.d​ll
 [2011/10/27 12:29:23 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.​dll
 [2011/10/21 23:44:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Dar​ksiders
 [2011/10/21 23:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Darksiders
 [2011/10/21 17:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/11/19 10:54:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
 [2011/11/19 10:52:09 | 000,680,904 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2011/11/19 10:52:09 | 000,597,898 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2011/11/19 10:52:09 | 000,127,420 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2011/11/19 10:52:09 | 000,104,872 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2011/11/19 10:46:42 | 000,000,680 | ---- | M] () -- C:\Users\Ero\AppData\Local\d3d​9caps.dat
 [2011/11/19 10:46:07 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/19 10:46:07 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/19 10:45:47 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/11/19 10:45:46 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\RegistryBoost​er.job
 [2011/11/19 10:45:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/11/19 10:45:31 | 3219,603,456 | -HS- | M] () -- C:\hiberfil.sys
 [2011/11/19 10:03:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000UA.job
 [2011/11/19 09:56:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/11/19 09:31:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000UA.job
 [2011/11/18 17:17:49 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwar​ebytes' Anti-Malware.lnk
 [2011/11/18 14:54:36 | 000,001,105 | ---- | M] () -- C:\Users\Ero\Desktop\iw5sp - Raccourci.lnk
 [2011/11/18 14:27:10 | 000,001,678 | ---- | M] () -- C:\Users\Ero\Desktop\Ad-Remove​r.lnk
 [2011/11/18 13:38:51 | 000,025,222 | ---- | M] () -- C:\Users\Ero\AppData\Roaming\w​klnhst.dat
 [2011/11/18 12:31:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000Core.j​ob
 [2011/11/17 23:03:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000Core.job
 [2011/11/17 21:47:49 | 000,058,368 | ---- | M] () -- C:\Users\Ero\AppData\Local\DCB​C2A71-70D8-4DAN-EHR8-E0D61DEA3​FDF.ini
 [2011/11/17 21:20:34 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CClean​er.lnk
 [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/17 11:09:28 | 000,395,264 | ---- | M] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/01 10:12:47 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
 [2011/10/31 17:48:41 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/27 12:29:33 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2011/11/18 17:17:49 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwar​ebytes' Anti-Malware.lnk
 [2011/11/18 14:54:36 | 000,001,105 | ---- | C] () -- C:\Users\Ero\Desktop\iw5sp - Raccourci.lnk
 [2011/11/18 14:27:10 | 000,001,678 | ---- | C] () -- C:\Users\Ero\Desktop\Ad-Remove​r.lnk
 [2011/11/17 21:20:34 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CClean​er.lnk
 [2011/11/17 20:09:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
 [2011/11/17 14:57:47 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/12 18:39:04 | 000,395,264 | ---- | C] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/01 10:12

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/11/2011 à 15:23:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Ton rapport(OTL.txt) n'est pas complet, utilise cjoint.com pour poster en lien ton rapport :
 http://cjoint.com/

 - Clique sur Parcourir pour aller chercher le rapport
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

 Si ton rapport plus grand que 500Ko ici :  http://www.sendspace.com/


 @++  :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/11/2011 à 20:23:30  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OTL logfile created on: 19/11/2011 10:51:34 - Run 2
 OTL by OldTimer - Version 3.2.31.0     Folder = c:\Users\Ero\Documents\Downloa​ds
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,49% Memory free
 6,21 Gb Paging File | 4,84 Gb Available in Paging File | 77,91% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 455,10 Gb Total Space | 110,27 Gb Free Space | 24,23% Space Free | Partition Type: NTFS
 Drive D: | 10,66 Gb Total Space | 1,33 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
 Drive P: | 931,51 Gb Total Space | 216,39 Gb Free Space | 23,23% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-ERO | User Name: Ero | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/11/17 20:04:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- c:\Users\Ero\Documents\Downloa​ds\OTL.exe
 PRC - [2011/11/17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe
 PRC - [2011/11/16 05:37:23 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
 PRC - [2011/09/26 09:40:24 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
 PRC - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
 PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 PRC - [2011/08/18 10:48:31 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\​rbmonitor.exe
 PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
 PRC - [2011/05/18 21:35:55 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
 PRC - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
 PRC - [2011/05/05 14:34:14 | 000,861,696 | ---- | M] (Orange) -- C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe
 PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
 PRC - [2011/02/04 12:08:48 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 PRC - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 PRC - [2010/01/14 21:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 PRC - [2009/09/09 13:26:36 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe
 PRC - [2009/04/11 07:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\W​MIADAP.EXE
 PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
 PRC - [2008/07/03 10:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
 PRC - [2007/04/18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - [2011/11/16 05:37:20 | 014,410,024 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
 MOD - [2011/11/16 05:37:08 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
 MOD - [2011/11/16 05:37:08 | 000,194,344 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
 MOD - [2011/11/16 05:37:08 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dl​l
 MOD - [2011/11/16 05:37:08 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
 MOD - [2011/10/12 12:52:29 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Web\e0​0630ec1e225a2376fdd430645e20f7​\System.Web.ni.dll
 MOD - [2011/10/12 12:52:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\6d2f689baff5da3df134fd​ec0742a13c\System.Runtime.Remo​ting.ni.dll
 MOD - [2011/10/12 12:31:28 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\c1​c06a392871267db27f7cbc40e1c4fb​\System.Xml.ni.dll
 MOD - [2011/10/12 12:30:58 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\1363115565fff5a641243a​48f396f107\System.Windows.Form​s.ni.dll
 MOD - [2011/10/12 12:30:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\367c4043efc2f32d843cb588b0dc​97fc\System.Drawing.ni.dll
 MOD - [2011/10/12 12:29:11 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\f9c36e​a806e77872dce891c77b68fac3\Sys​tem.ni.dll
 MOD - [2011/10/12 12:28:51 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\b663​2a8b2f276a8e31f5b0f6b2006cd1\m​scorlib.ni.dll
 MOD - [2010/11/04 10:10:52 | 000,337,408 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtXm​l4.dll
 MOD - [2010/11/04 10:10:50 | 000,875,520 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtNe​twork4.dll
 MOD - [2010/11/04 10:10:48 | 007,390,720 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtGu​i4.dll
 MOD - [2010/11/04 10:10:46 | 002,012,160 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\QtCo​re4.dll
 MOD - [2010/11/04 10:10:46 | 000,241,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on4.dll
 MOD - [2010/11/04 10:10:46 | 000,182,784 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Prox​yDetection.dll
 MOD - [2010/11/04 10:10:46 | 000,177,664 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\phon​on_backend\phonon_ds94.dll
 MOD - [2010/11/04 10:10:44 | 000,634,368 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe
 MOD - [2010/11/04 10:10:44 | 000,022,016 | ---- | M] () -- C:\Program Files\Orange\MailNotifier\imag​eformats\qgif4.dll
 MOD - [2009/09/27 22:02:24 | 000,797,184 | ---- | M] () -- C:\WINDOWS\System32\ac3filter.​ax
 MOD - [2009/03/30 05:42:27 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\S​ystem.Windows.Forms.resources\​2.0.0.0_fr_b77a5c561934e089\Sy​stem.Windows.Forms.resources.d​ll
 MOD - [2009/03/30 05:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll
 MOD - [2008/05/16 12:11:39 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime\2.0.​2977.39064__90ba9c70f846762e\C​LI.Caste.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:39 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Wizard\2.0.2977.39118__90ba9c7​0f846762e\CLI.Aspect.InfoCentr​e.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard\2.0.2​977.39097__90ba9c70f846762e\CL​I.Caste.Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Runtime\2.0.2977.39084__9​0ba9c70f846762e\CLI.Aspect.Hot​keysHandling.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:38 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Wizard\2.0.2977.39104__90​ba9c70f846762e\CLI.Aspect.Disp​laysManager.Graphics.Wizard.dl​l
 MOD - [2008/05/16 12:11:38 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.W​izard\2.0.2977.39334__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Wizard.dll
 MOD - [2008/05/16 12:11:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Ru​ntime\2.0.2977.39300__90ba9c70​f846762e\CLI.Aspect.DeviceTV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Ru​ntime\2.0.2977.39263__90ba9c70​f846762e\CLI.Aspect.DeviceCV.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Runtime\2.0.2977.39217__90​ba9c70f846762e\CLI.Aspect.Devi​ceProperty.Graphics.Runtime.dl​l
 MOD - [2008/05/16 12:11:24 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Da​shboard\2.0.2977.39271__90ba9c​70f846762e\CLI.Aspect.Radeon3D​.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Welcome.Graphics.Das​hboard\2.0.2977.39340__90ba9c7​0f846762e\CLI.Aspect.Welcome.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:24 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Wi​zard\2.0.2977.39277__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Wizard.dll
 MOD - [2008/05/16 12:11:24 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard\2.​0.2977.39076__90ba9c70f846762e​\CLI.Caste.Graphics.Dashboard.​dll
 MOD - [2008/05/16 12:11:24 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Ru​ntime\2.0.2977.39270__90ba9c70​f846762e\CLI.Aspect.Radeon3D.G​raphics.Runtime.dll
 MOD - [2008/05/16 12:11:24 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Runtime\2.0.2977.39331__90b​a9c70f846762e\CLI.Aspect.Power​PlayDPPE.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:23 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Runtime\2.0.2977.39361__90ba9c​70f846762e\CLI.Aspect.OverDriv​e5.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Das​hboard\2.0.2977.39227__90ba9c7​0f846762e\CLI.Aspect.MMVideo.G​raphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Dashboard\2.0.2977.39131_​_90ba9c70f846762e\CLI.Aspect.D​isplaysColour2.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.D​ashboard\2.0.2977.39219__90ba9​c70f846762e\CLI.Aspect.DeviceC​RT.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.D​ashboard\2.0.2977.39211__90ba9​c70f846762e\CLI.Aspect.DeviceD​FP.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysManager.Grap​hics.Dashboard\2.0.2977.39085_​_90ba9c70f846762e\CLI.Aspect.D​isplaysManager.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Wiz​ard\2.0.2977.39292__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Wizard.dll
 MOD - [2008/05/16 12:11:22 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.InfoCentre.Graphics.​Dashboard\2.0.2977.39124__90ba​9c70f846762e\CLI.Aspect.InfoCe​ntre.Graphics.Dashboard.dll
 MOD - [2008/05/16 12:11:22 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Dashboard\2.0.2977.39244_​_90ba9c70f846762e\CLI.Aspect.D​isplaysOptions.Graphics.Dashbo​ard.dll
 MOD - [2008/05/16 12:11:22 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Run​time\2.0.2977.39226__90ba9c70f​846762e\CLI.Aspect.MMVideo.Gra​phics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.R​untime\2.0.2977.39218__90ba9c7​0f846762e\CLI.Aspect.DeviceDFP​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Runtime\2.0.2977.39137__9​0ba9c70f846762e\CLI.Aspect.Dis​playsColour2.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.R​untime\2.0.2977.39226__90ba9c7​0f846762e\CLI.Aspect.DeviceCRT​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Runtime\2.0.2977.39243__9​0ba9c70f846762e\CLI.Aspect.Dis​playsOptions.Graphics.Runtime.​dll
 MOD - [2008/05/16 12:11:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.R​untime\2.0.2977.39255__90ba9c7​0f846762e\CLI.Aspect.DeviceLCD​.Graphics.Runtime.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Hotkeys.Shared\2.0.2​939.23687__90ba9c70f846762e\AE​M.Plugin.Hotkeys.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Actions.CCAA.Shared\2.0.293​9.23679__90ba9c70f846762e\AEM.​Actions.CCAA.Shared.dll
 MOD - [2008/05/16 12:11:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.EEU.Shared\2.0.2939.​23710__90ba9c70f846762e\AEM.Pl​ugin.EEU.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.OverDrive5.Graphics.​Shared\2.0.2939.23747__90ba9c7​0f846762e\CLI.Aspect.OverDrive​5.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation\2.0.2939.23668__​90ba9c70f846762e\CLI.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Shared\2.0.2​939.23689__90ba9c70f846762e\CL​I.Caste.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.Radeon3D.Graphics.Sh​ared\2.0.2939.23743__90ba9c70f​846762e\CLI.Aspect.Radeon3D.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0601\2.0.2573.176​85__90ba9c70f846762e\DEM.Graph​ics.I0601.dll
 MOD - [2008/05/16 12:11:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.TransCode.Graphics.S​hared\2.0.2939.23764__90ba9c70​f846762e\CLI.Aspect.TransCode.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation\2.0.2939.23662__​90ba9c70f846762e\LOG.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.XManifest\2.0.29​39.23802__90ba9c70f846762e\CLI​.Foundation.XManifest.dll
 MOD - [2008/05/16 12:11:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.PowerPlayDPPE.Graphi​cs.Shared\2.0.2939.23763__90ba​9c70f846762e\CLI.Aspect.PowerP​layDPPE.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\N​EWAEM.Foundation\2.0.2939.2366​7__90ba9c70f846762e\NEWAEM.Fou​ndation.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS.I0602\2.0.2939.23717__90​ba9c70f846762e\DEM.OS.I0602.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0703\2.0.2651.188​02__90ba9c70f846762e\DEM.Graph​ics.I0703.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared\2.0​.2939.23693__90ba9c70f846762e\​CLI.Component.Wizard.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared\​2.0.2939.23687__90ba9c70f84676​2e\CLI.Component.Dashboard.Sha​red.dll
 MOD - [2008/05/16 12:11:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared\2.0​.2939.23679__90ba9c70f846762e\​CLI.Component.Client.Shared.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Foundation\2.0.2939.23707__​90ba9c70f846762e\MOM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.OS\2.0.2939.23717__90ba9c70​f846762e\DEM.OS.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics.I0706\2.0.2743.233​04__90ba9c70f846762e\DEM.Graph​ics.I0706.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Graphics\2.0.2939.23718__90​ba9c70f846762e\DEM.Graphics.dl​l
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\D​EM.Foundation\2.0.2573.17684__​90ba9c70f846762e\DEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared\2.​0.2939.23688__90ba9c70f846762e​\CLI.Component.Runtime.Shared.​dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Wizard.Share​d\2.0.2939.23734__90ba9c70f846​762e\CLI.Caste.Graphics.Wizard​.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Dashboard.Sh​ared\2.0.2939.23718__90ba9c70f​846762e\CLI.Caste.Graphics.Das​hboard.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.GD.Shared\2.0.2939.2​3767__90ba9c70f846762e\AEM.Plu​gin.GD.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.DPPE.Shared\2.0.2939​.23768__90ba9c70f846762e\AEM.P​lugin.DPPE.Shared.dll
 MOD - [2008/05/16 12:11:21 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\a​tixclib\1.0.0.0__90ba9c70f8467​62e\atixclib.dll
 MOD - [2008/05/16 12:11:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceTV.Graphics.Sh​ared\2.0.2965.22300__90ba9c70f​846762e\CLI.Aspect.DeviceTV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCRT.Graphics.S​hared\2.0.2939.23739__90ba9c70​f846762e\CLI.Aspect.DeviceCRT.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.MMVideo.Graphics.Sha​red\2.0.2939.23740__90ba9c70f8​46762e\CLI.Aspect.MMVideo.Grap​hics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceDFP.Graphics.S​hared\2.0.2939.23738__90ba9c70​f846762e\CLI.Aspect.DeviceDFP.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceCV.Graphics.Sh​ared\2.0.2939.23742__90ba9c70f​846762e\CLI.Aspect.DeviceCV.Gr​aphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceProperty.Graph​ics.Shared\2.0.2939.23708__90b​a9c70f846762e\CLI.Aspect.Devic​eProperty.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysColour2.Grap​hics.Shared\2.0.2939.23735__90​ba9c70f846762e\CLI.Aspect.Disp​laysColour2.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DeviceLCD.Graphics.S​hared\2.0.2939.23719__90ba9c70​f846762e\CLI.Aspect.DeviceLCD.​Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.DisplaysOptions.Grap​hics.Shared\2.0.2939.23741__90​ba9c70f846762e\CLI.Aspect.Disp​laysOptions.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.CustomFormats.Graphi​cs.Shared\2.0.2939.23711__90ba​9c70f846762e\CLI.Aspect.Custom​Formats.Graphics.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Foundation\2.0.2939.23665__​90ba9c70f846762e\AEM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​CE.Graphics.DisplaysManager.Sh​ared\2.0.2573.17685__90ba9c70f​846762e\ACE.Graphics.DisplaysM​anager.Shared.dll
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Aspect.HotkeysHandling.Grap​hics.Shared\2.0.2939.23719__90​ba9c70f846762e\CLI.Aspect.Hotk​eysHandling.Graphics.Shared.dl​l
 MOD - [2008/05/16 12:11:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Foundation\2.0.2939.23709__​90ba9c70f846762e\APM.Foundatio​n.dll
 MOD - [2008/05/16 12:11:20 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server.Shared\2.0.2939.2368​7__90ba9c70f846762e\AEM.Server​.Shared.dll
 MOD - [2008/05/16 12:11:15 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard\2.0.297​7.39071__90ba9c70f846762e\CLI.​Component.Dashboard.dll
 MOD - [2008/05/16 12:11:15 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard\2.0.2977.3​9091__90ba9c70f846762e\CLI.Com​ponent.Wizard.dll
 MOD - [2008/05/16 12:11:15 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\M​OM.Implementation\2.0.2977.393​24__90ba9c70f846762e\MOM.Imple​mentation.dll
 MOD - [2008/05/16 12:11:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime\2.0.2977.​39056__90ba9c70f846762e\CLI.Co​mponent.Runtime.dll
 MOD - [2008/05/16 12:11:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation\2​.0.2977.39322__90ba9c70f846762​e\LOG.Foundation.Implementatio​n.dll
 MOD - [2008/05/16 12:11:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Shared.Pr​ivate\2.0.2939.23713__90ba9c70​f846762e\CLI.Component.Runtime​.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Foundation.Private\2.0.2939​.23678__90ba9c70f846762e\CLI.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Client.Shared.Pri​vate\2.0.2939.23689__90ba9c70f​846762e\CLI.Component.Client.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Plugin.Source.Kit.Server\2.​0.2977.39353__90ba9c70f846762e​\AEM.Plugin.Source.Kit.Server.​dll
 MOD - [2008/05/16 12:11:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Private\2.0.2939​.23679__90ba9c70f846762e\LOG.F​oundation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Wizard.Shared.Pri​vate\2.0.2939.23694__90ba9c70f​846762e\CLI.Component.Wizard.S​hared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OG.Foundation.Implementation.P​rivate\2.0.2939.23712__90ba9c7​0f846762e\LOG.Foundation.Imple​mentation.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Dashboard.Shared.​Private\2.0.2939.23711__90ba9c​70f846762e\CLI.Component.Dashb​oard.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Caste.Graphics.Runtime.Shar​ed.Private\2.0.2939.23746__90b​a9c70f846762e\CLI.Caste.Graphi​cs.Runtime.Shared.Private.dll
 MOD - [2008/05/16 12:11:15 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\L​OCALIZATION.Foundation.Private​\2.0.2939.23677__90ba9c70f8467​62e\LOCALIZATION.Foundation.Pr​ivate.dll
 MOD - [2008/05/16 12:11:15 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​LI.Component.Runtime.Extension​.EEU\2.0.2977.39056__90ba9c70f​846762e\CLI.Component.Runtime.​Extension.EEU.dll
 MOD - [2008/05/16 12:11:14 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TIDEMOS\2.0.2977.39057__90ba9c​70f846762e\ATIDEMOS.dll
 MOD - [2008/05/16 12:11:14 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​PM.Server\2.0.2977.39055__90ba​9c70f846762e\APM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​EM.Server\2.0.2977.39055__90ba​9c70f846762e\AEM.Server.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\C​CC.Implementation\2.0.2977.393​23__90ba9c70f846762e\CCC.Imple​mentation.dll
 MOD - [2008/05/16 12:11:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\A​TICCCom\2.0.0.0__90ba9c70f8467​62e\ATICCCom.dll
 MOD - [2008/02/25 23:10:10 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\atitmmxx.d​ll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - [2011/11/18 02:33:45 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d7​68ebc.dll -- (Akamai)
 SRV - [2011/11/16 05:37:23 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 SRV - [2011/09/02 01:52:46 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
 SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
 SRV - [2011/05/20 10:13:26 | 001,055,872 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Serv​ice\OUCore.exe -- (Orange update Core Service)
 SRV - [2011/05/18 09:40:45 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 SRV - [2011/04/27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
 SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
 SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 SRV - [2009/08/24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
 SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 SRV - [2008/02/03 11:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\WINDOWS\System32\ezsvc7.dll -- (ezSharedSvc)
 SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Tr​ueSight.sys -- (TrueSight)
 DRV - [2011/09/02 01:52:47 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\av​ipbb.sys -- (avipbb)
 DRV - [2011/09/02 01:52:47 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\av​gntflt.sys -- (avgntflt)
 DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mb​am.sys -- (MBAMProtector)
 DRV - [2011/04/27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Ni​sDrvWFP.sys -- (NisDrv)
 DRV - [2011/04/18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mp​NWMon.sys -- (MpNWMon)
 DRV - [2011/03/24 19:26:00 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sp​td.sys -- (sptd)
 DRV - [2010/06/17 14:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ss​mdrv.sys -- (ssmdrv)
 DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
 DRV - [2008/02/26 01:53:20 | 003,520,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\at​ikmdag.sys -- (atikmdag)
 DRV - [2008/01/29 13:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nv​mfdx32.sys -- (NVENETFD)
 DRV - [2008/01/25 20:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​rd32.sys -- (nvrd32)
 DRV - [2008/01/25 20:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​stor32.sys -- (nvstor32)
 DRV - [2007/10/12 16:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nv​smu.sys -- (nvsmu)
 DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS​2.sys -- (Ps2)
 DRV - [2004/11/29 19:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​sync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
 DRV - [2004/11/25 17:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sf​drv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
 DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sf​hlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\SOFTWARE\M​icrosoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_por [...] efaultPage
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\URLSear​chHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - No CLSID value found
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\Software\M​icrosoft\Windows\CurrentVersio​n\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..network.proxy.type: 0
 
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​videolan.org/vlc,version=1.1.9​: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 FF - HKLM\Software\MozillaPlugins\@​WildTangent.com/GamesAppPresen​ceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll ()
 FF - HKCU\Software\MozillaPlugins\@​Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ero\AppData\Local\Fac​ebook\Video\Skype\npFacebookVi​deoCalling.dll (Skype Limited)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Ero\AppData\Local\Goo​gle\Update\1.3.21.79\npGoogleU​pdate3.dll (Google Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\smar​twebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 FF - HKEY_CURRENT_USER\software\moz​illa\Firefox\Extensions\\smart​webprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/23 15:10:40 | 000,000,000 | ---D | M]
 
 [2011/07/02 11:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Extensions
 [2011/11/18 14:28:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions
 [2011/11/12 18:39:28 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org
 [2011/07/09 08:35:55 | 000,000,000 | ---D | M] (barre d'outils Orange) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\toolbar@​Orange.fr
 [2011/03/21 17:51:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAME​WORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTE​NSION
 
 ========== Chrome  ==========
 
 CHR - default_search_provider: Web Search (Enabled)
 CHR - default_search_provider: search_url = http://www.searchqu.com/web?sr [...] archTerms}
 CHR - default_search_provider: suggest_url =
 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.121\gcswf32.dll
 CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npdeployJava1.dll
 CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll
 CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl​.dll
 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
 CHR - plugin: Native Client (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.121\ppGoogleNaClPluginChrome​.dll
 CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\Application\15.0.87​4.121\pdf.dll
 CHR - plugin: OfferboxChromePlugin Dynamic Link Library (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\bjeike​heijdjdfjbmknpefojickbkmom\2.1​.3564.126_0\OfferboxChromePlug​in.dll
 CHR - plugin: Interest Recognizer for Widestream6 (Enabled) = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\eppeeb​fgcgojgpffkdcpiljephjaboki\4.0​.1938.5_0\widestream6_air_chro​me.dll
 CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
 CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
 CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\​npGoogleUpdate3.dll
 CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
 CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\R​egistered\1\NP_wtapp.dll
 CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll
 CHR - plugin: Default Plug-in (Enabled) = default_plugin
 CHR - Extension: AT_DJTiesto = C:\Users\Ero\AppData\Local\Goo​gle\Chrome\User Data\Default\Extensions\okmcbg​kkeagngnijeiighgblfljbekip\2_0​\
 
 O1 HOSTS File: ([2011/10/10 14:43:19 | 000,437,101 | R--- | M]) - C:\WINDOWS\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1 www.007guard.com
 O1 - Hosts: 127.0.0.1 007guard.com
 O1 - Hosts: 127.0.0.1 008i.com
 O1 - Hosts: 127.0.0.1 www.008k.com
 O1 - Hosts: 127.0.0.1 008k.com
 O1 - Hosts: 127.0.0.1 www.00hq.com
 O1 - Hosts: 127.0.0.1 00hq.com
 O1 - Hosts: 127.0.0.1 010402.com
 O1 - Hosts: 127.0.0.1 www.032439.com
 O1 - Hosts: 127.0.0.1 032439.com
 O1 - Hosts: 127.0.0.1 www.0scan.com
 O1 - Hosts: 127.0.0.1 0scan.com
 O1 - Hosts: 127.0.0.1 1000gratisproben.com
 O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
 O1 - Hosts: 127.0.0.1 1001namen.com
 O1 - Hosts: 127.0.0.1 www.1001namen.com
 O1 - Hosts: 127.0.0.1 100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100888290cs.com
 O1 - Hosts: 127.0.0.1 www.100sexlinks.com
 O1 - Hosts: 127.0.0.1 100sexlinks.com
 O1 - Hosts: 127.0.0.1 10sek.com
 O1 - Hosts: 127.0.0.1 www.10sek.com
 O1 - Hosts: 127.0.0.1 www.1-2005-search.com
 O1 - Hosts: 127.0.0.1 1-2005-search.com
 O1 - Hosts: 127.0.0.1 123fporn.info
 O1 - Hosts: 15060 more lines...
 O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelper.dll (Adobe Systems Incorporated)
 O2 - BHO: (ToolbarOrange.InitToolbarBHO) - {1d970ed5-3eda-438d-bffd-71593​1e2775b} - mscoree.dll (Microsoft Corporation)
 O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D876​4B3486C} - No CLSID value found.
 O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B2​80BF616} - C:\PROGRA~1\OPENSU~1\Iplex\IPL​EXT~1.DLL (ALLCinema Ltd.)
 O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {c9a6357b-25cc-4bcf-96c1-78736​985d412} - mscoree.dll (Microsoft Corporation)
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E​7B03F8E} - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364​A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
 O4 - HKLM..\Run: []  File not found
 O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
 O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
 O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DV​D\DVDAgent.exe (CyberLink Corp.)
 O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe File not found
 O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
 O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
 O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
 O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
 O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
 O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe (Advanced Micro Devices, Inc.)
 O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Akamai NetSession Interface] C:\Users\Ero\AppData\Local\Aka​mai\netsession_win.exe (Akamai Technologies, Inc)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [ALLUpdate] C:\Program Files\OpenSubtitlesPlayer\ALLU​pdate.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Facebook Update] C:\Users\Ero\AppData\Local\Fac​ebook\Update\FacebookUpdate.ex​e (Facebook Inc.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\Mail​Notifier.exe ()
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [orangeinside] C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\one\OrangeI​nside.exe (Orange)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\​launcher.exe (Uniblue Systems Limited)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
 O4 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
 O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\addfavo​rites_html\addfavorites.html ()
 O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​selectedtext_html\sendsmsselec​tedtext.html ()
 O8 - Extra context menu item: envoyer par sms - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​_html\sendsms.html ()
 O8 - Extra context menu item: envoyer un mail - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendmai​l_html\sendmail.html ()
 O8 - Extra context menu item: orange.fr - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\orange_​html\orange.html ()
 O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\selecte​dsearch_html\selectedsearch.ht​ml ()
 O8 - Extra context menu item: traduire la page - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​te_html\translate.html ()
 O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​teSelectedText_html\translateS​electedText.html ()
 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll (Safer Networking Limited)
 O13 - gopher Prefix: missing
 O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
 O15 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_01)
 O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_27)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{C561E0​60-3B3C-486D-8A20-28D2DE67FE04​}: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Filter\application/oc​tet-stream {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​complus {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​msdownload {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\datamngr.dll (Discordia, LTD)
 O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll) -C:\PROGRA~1\WI371A~1\Datamngr​\IEBHO.dll (Discordia, LTD)
 O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) -C:\WINDOWS\System32\userinit.​exe (Microsoft Corporation)
 O24 - Desktop WallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O24 - Desktop BackupWallPaper: C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2008/05/16 12:22:55 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O32 - AutoRun File - [2010/08/27 17:44:50 | 000,000,000 | RH-D | M] - P:\autorun -- [ NTFS ]
 O32 - Unable to obtain root file information for disk P:\
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{021105f9-f89a-11​e0-9120-001e9033c421}\Shell\Au​toRun\command - "" = O:\LaunchU3.exe -a
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell - "" = AutoRun
 O33 - MountPoints2\{d146791f-56c1-11​e0-87bd-001e9033c421}\Shell\Au​toRun\command - "" = K:\setup.exe
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 NetSvcs: ezSharedSvc - C:\WINDOWS\System32\ezsvc7.dll (EasyBits Sofware AS)
 
 MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
 
 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootMin: NTDS -  File not found
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NTDS -  File not found
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootNet: WudfPf - Driver
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Java (Sun)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} - NetShow
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Windows Media Player 5.2
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {3C3901C5-3455-3E0A-A214-0B093​A5070A6} - .NET Framework
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} - DirectShow
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.7
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - C:\WINDOWS\System32\Microsoft
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E​41B1089} - .NET Framework
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\system32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.d​ll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789​CFEFCDD} - .NET Framework
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {CDD7975E-60F8-41d5-8149-19E51​D6F71D0} - Windows Movie Maker v2.1
 ActiveX: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} - Adobe Flash Player
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - C:\Windows\system32\unregmp2.e​xe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\system32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF} - "C:\Windows\System32\rundll32.​exe" "C:\Windows\System32\iedkcs32.​dll",BrandIEActiveSetup SIGNUP
 
 Drivers32: aux - wdmaud.drv (Microsoft Corporation)
 Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: aux2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: midi - wdmaud.drv (Microsoft Corporation)
 Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: midimapper - midimap.dll (Microsoft Corporation)
 Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
 Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
 Drivers32: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
 Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
 Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
 Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
 Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
 Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
 Drivers32: VIDC.IV41 - IR41_32.AX (Intel Corporation)
 Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
 Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
 Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
 Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
 Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.XVID - xvidvfw.dll ()
 Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
 Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
 Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
 Drivers32: wave - wdmaud.drv (Microsoft Corporation)
 Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
 Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)
 Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/11/18 17:32:37 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\M​alwarebytes
 [2011/11/18 17:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Malwarebytes' Anti-Malware
 [2011/11/18 17:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
 [2011/11/18 17:17:44 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mb​am.sys
 [2011/11/18 17:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2011/11/18 14:27:10 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\M​icrosoft\Windows\Start Menu\Programs\Ad-Remover
 [2011/11/18 14:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
 [2011/11/17 21:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
 [2011/11/17 14:57:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\Desktop\RK_Quaran​tine
 [2011/11/13 04:34:28 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Div​inity 2
 [2011/11/12 18:39:05 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\c​acaoweb
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Strongh​old 3
 [2011/11/11 20:44:25 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
 [2011/11/11 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Stronghold 3
 [2011/11/11 02:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/11/09 21:29:08 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Aka​mai
 [2011/11/01 10:17:30 | 000,000,000 | ---D | C] -- C:\Users\Ero\Documents\Orcs Must Die
 [2011/11/01 10:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Robot Entertainment
 [2011/11/01 10:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Robot Entertainment
 [2011/10/31 17:48:49 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax
 [2011/10/31 17:48:49 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.d​ll
 [2011/10/31 17:48:48 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.d​ll
 [2011/10/31 17:48:46 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\strmdll.dl​l
 [2011/10/31 17:48:46 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.ex​e
 [2011/10/31 17:48:43 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll
 [2011/10/31 17:48:43 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll
 [2011/10/31 17:48:43 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv
 [2011/10/31 17:48:41 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/31 17:44:20 | 000,000,000 | ---D | C] -- C:\Dark Project
 [2011/10/31 17:43:49 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe
 [2011/10/27 12:29:24 | 001,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
 [2011/10/27 12:29:24 | 000,540,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.c​pl
 [2011/10/27 12:29:23 | 006,266,880 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
 [2011/10/27 12:29:23 | 000,725,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.d​ll
 [2011/10/27 12:29:23 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.​dll
 [2011/10/21 23:44:43 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Local\Dar​ksiders
 [2011/10/21 23:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Darksiders
 [2011/10/21 17:20:07 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/11/19 10:54:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
 [2011/11/19 10:52:09 | 000,680,904 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2011/11/19 10:52:09 | 000,597,898 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2011/11/19 10:52:09 | 000,127,420 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2011/11/19 10:52:09 | 000,104,872 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2011/11/19 10:46:42 | 000,000,680 | ---- | M] () -- C:\Users\Ero\AppData\Local\d3d​9caps.dat
 [2011/11/19 10:46:07 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/19 10:46:07 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2011/11/19 10:45:47 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/11/19 10:45:46 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\RegistryBoost​er.job
 [2011/11/19 10:45:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/11/19 10:45:31 | 3219,603,456 | -HS- | M] () -- C:\hiberfil.sys
 [2011/11/19 10:03:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000UA.job
 [2011/11/19 09:56:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/11/19 09:31:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000UA.job
 [2011/11/18 17:17:49 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwar​ebytes' Anti-Malware.lnk
 [2011/11/18 14:54:36 | 000,001,105 | ---- | M] () -- C:\Users\Ero\Desktop\iw5sp - Raccourci.lnk
 [2011/11/18 14:27:10 | 000,001,678 | ---- | M] () -- C:\Users\Ero\Desktop\Ad-Remove​r.lnk
 [2011/11/18 13:38:51 | 000,025,222 | ---- | M] () -- C:\Users\Ero\AppData\Roaming\w​klnhst.dat
 [2011/11/18 12:31:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000Core.j​ob
 [2011/11/17 23:03:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000Core.job
 [2011/11/17 21:47:49 | 000,058,368 | ---- | M] () -- C:\Users\Ero\AppData\Local\DCB​C2A71-70D8-4DAN-EHR8-E0D61DEA3​FDF.ini
 [2011/11/17 21:20:34 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CClean​er.lnk
 [2011/11/17 14:59:28 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/17 11:09:28 | 000,395,264 | ---- | M] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/01 10:12:47 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Orcs Must Die!.lnk
 [2011/10/31 17:48:41 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.d​ll
 [2011/10/31 17:48:41 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.d​ll
 [2011/10/27 12:29:33 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2011/11/18 17:17:49 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwar​ebytes' Anti-Malware.lnk
 [2011/11/18 14:54:36 | 000,001,105 | ---- | C] () -- C:\Users\Ero\Desktop\iw5sp - Raccourci.lnk
 [2011/11/18 14:27:10 | 000,001,678 | ---- | C] () -- C:\Users\Ero\Desktop\Ad-Remove​r.lnk
 [2011/11/17 21:20:34 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CClean​er.lnk
 [2011/11/17 20:09:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
 [2011/11/17 14:57:47 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\Tr​ueSight.sys
 [2011/11/12 18:39:04 | 000,395,264 | ---- | C] () -- C:\Users\Ero\Desktop\cacaoweb.​exe
 [2011/11/01 10:12

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/11/2011 à 20:25:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/11/2011 à 21:01:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Double clic sur OTL.exe pour le lancer.
 (Vista/Seven --> Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

 * Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

 



:OTL
 IE - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\URLSear​chHook: {05eeb91a-aef7-4f8a-978f-fb83e​7b03f8e} - No CLSID value found    
 [2011/11/12 18:39:28 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org
 CHR - default_search_provider: search_url = http://www.searchqu.com/web?sr [...] archTerms}
 O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D876​4B3486C} - No CLSID value found.    
 O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955​acaa0a7} - No CLSID value found.    
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKU\S-1-5-21-2000734618-286359​3989-193771998-1000\..\Toolbar​\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E​7B03F8E} - No CLSID value found.    
 O4 - HKLM\..\Run: []  File not found
 O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found    
 MsConfig - StartUpReg: Windows Defender - hkey= - key= -  File not found
 [2011/11/12 18:39:05 | 000,000,000 | ---D | C] -- C:\Users\Ero\AppData\Roaming\c​acaoweb    
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 [2011/11/17 11:09:28 | 000,395,264 | ---- | M] () -- C:\Users\Ero\Desktop\cacaoweb.​exe    
 [2011/03/23 02:04:54 | 000,000,000 | ---D | M] -- C:\Users\Ero\AppData\Roaming\w​idestream    
 [2011/05/26 18:22:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows iLivid Toolbar    

 :Commands
 [EMPTYFLASH]
 [Emptytemp]





 * Clique sur " Correction " pour lancer la suppression.

 * Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

 * Au redémarrage , autorise OTL a s'exécuter.

 * Poste le rapport généré par OTL.


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/11/2011 à 11:40:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Dédétraqué voici le nouveau rapport (mais peut tu m'expliquer en quoi ca consiste)

 All processes killed
 ========== OTL ==========
 Registry value HKEY_USERS\S-1-5-21-2000734618​-2863593989-193771998-1000\Sof​tware\Microsoft\Internet Explorer\URLSearchHooks\\{05ee​b91a-aef7-4f8a-978f-fb83e7b03f​8e} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{05eeb91a-aef7-4f8​a-978f-fb83e7b03f8e}\ not found.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\defaults\prefere​nces folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\defaults folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome\skin folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome\locale\fr​-FR folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome\locale\es​-ES folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome\locale\en​-US folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome\locale\de​-DE folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome\locale folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome\content folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org\chrome folder moved successfully.
 C:\Users\Ero\AppData\Roaming\m​ozilla\Firefox\Profiles\dw8p8k​x2.default\extensions\cacaoweb​@cacaoweb.org folder moved successfully.
 Unable to fix default_search_provider items.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{465E08E7-F005-4389-98​0F-1D8764B3486C}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{465E08E7-F005-438​9-980F-1D8764B3486C}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{99079a25-32​8f-4bd4-be04-00955acaa0a7} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{99079a25-328f-4bd​4-be04-00955acaa0a7}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\10 deleted successfully.
 Registry value HKEY_USERS\S-1-5-21-2000734618​-2863593989-193771998-1000\Sof​tware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​05EEB91A-AEF7-4F8A-978F-FB83E7​B03F8E} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{05EEB91A-AEF7-4F8​A-978F-FB83E7B03F8E}\ not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Shared Tools\MSConfig\StartUpReg\Wind​ows Defender\ deleted successfully.
 C:\Users\Ero\AppData\Roaming\c​acaoweb folder moved successfully.
 C:\Windows\1C4551A64743409391E​41477CD655043.TMP\WiseCustomCa​lla.dll deleted successfully.
 C:\Windows\1C4551A64743409391E​41477CD655043.TMP folder deleted successfully.
 C:\Users\Ero\Desktop\cacaoweb.​exe moved successfully.
 C:\Users\Ero\AppData\Roaming\w​idestream folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\components folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\se​archbar folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\op​tions folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\weatherbutton\panels\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\weatherbutton\panels folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\weatherbutton\icons folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\weatherbutton folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\uwa folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\radio\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\radio\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\radio folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\panels\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\panels\default\scripts folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\panels\default\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\panels\default\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\panels\default folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\panels\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b\panels folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin\li​b folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\skin folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2\skin\scripts folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2\skin\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2\skin\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2\skin folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2\js folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.YouTube_v​2 folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter\s​kin\scripts folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter\s​kin\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter\s​kin\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter\s​kin folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter\j​s folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter\i​mages folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter\c​ss folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Twitter folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.PPCBully folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook\skin\scripts folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook\skin\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook\skin\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook\skin folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook\js folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.MyStartFa​cebook folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2\skin\scripts folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2\skin\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2\skin\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2\skin folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2\js folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2\images folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2\css folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets\net.vmn.www.Coupons_v​2 folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\widgets folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\modules folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\lib folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\data\search folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content​\data folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome\content folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar\chrome folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\ToolBar folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar\Datamngr folder moved successfully.
 C:\Program Files\Windows iLivid Toolbar folder moved successfully.
 ========== COMMANDS ==========
 
 [EMPTYFLASH]
 
 User: All Users
 
 User: Default
 ->Flash cache emptied: 56468 bytes
 
 User: Default User
 ->Flash cache emptied: 0 bytes
 
 User: Ero
 ->Flash cache emptied: 63884 bytes
 
 User: Mcx1
 
 User: Public
 
 Total Flash Files Cleaned = 0,00 mb
 
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Ero
 ->Temp folder emptied: 2149662 bytes
 ->Temporary Internet Files folder emptied: 38481720 bytes
 ->Java cache emptied: 317371 bytes
 ->FireFox cache emptied: 22235937 bytes
 ->Google Chrome cache emptied: 371282993 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Mcx1
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 87184 bytes
 
 User: Public
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 77926 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 0 bytes
 
 Total Files Cleaned = 415,00 mb
 
 
 OTL by OldTimer - Version 3.2.31.0 log created on 11222011_113405

 Files\Folders moved on Reboot...

 Registry entries deleted on Reboot...

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/11/2011 à 11:40:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
merci beaucoup    :super:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 22/11/2011 à 15:32:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Comment va le PC, d'autre souci?

 On va vérifier si rien de caché :
 Faire un scan avec Nod32 en ligne ici :
 http://www.eset.com/onlinescan/

 A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt

 Aide pour le scan : http://www.bibou0007.com/scans [...] -t3691.htm


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/11/2011 à 03:29:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Ba j'arrive toujours pas a accéder a mes programmes de démarrages en fait (il me dit que Windows defender n'est pas actif et quand je veux lancer Windows defender rien ne se passe)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/11/2011 à 03:40:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hurle:    :hurle:      :hurle:    
 mon pc continue de s’éteindre tout seul!!!!!!!!je viens de faire un scan comme tu m'zs recommandé au dessus et mon pc s'est éteint,, l'autre jour pareil quand je faisais des papier........il m’énerve ste pc!!!!!!!!!merci de ton aide

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 23/11/2011 à 03:41:28  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Es-ce le seul programme, voir avec une réinstallation...


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/11/2011 à 09:35:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ca le fait avec avira aussi quand je veux faire un scan

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 23/11/2011 à 15:45:16  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 http://imagesup.org/images8/12​94493299-nextimage.gif Télécharge sur ton bureau TdssKiller de kaspersky , décompresse le et exécute le , un rapport sera crée ici:

 C:\TDSSKillerVersion_Date_Time​_log.txt.<< copie_colle son contenu

 (Vista/Seven --> Faire un clique droit sur tdsskiller.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

 
  • Execute le , La fenêtre suivante va s'ouvrir :

 http://i265.photobucket.com/al​bums/ii226/Marie_Ven/0001img-2​421.png

 
  •  Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
  •  Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:

 http://i265.photobucket.com/al​bums/ii226/Marie_Ven/0002img-4​0.png

 
  • Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

 
  • Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

 
  • Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

 
  • Si Suspicious file est indiqué, laisse l'option cochée sur Skip

 
  • Clique sur Continue puis sur Reboot now pour redémarrer le PC.

 
  • Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM​.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

 Tutoriel--> http://support.kaspersky.com/v [...] =208280684


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 28/11/2011 à 11:01:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut , j'ai fait comme indiqué ci dessus mais il n'y a aucun rapport il me dit qu'il n'y a que un fichier mais c'est marqué " Suspicious file ".
 merci de ton aide

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 28/11/2011 à 16:42:28  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Télécharge combofix.exe (de sUBs) sur le bureau :

 http://download.bleepingcomput [...] mboFix.exe
 http://subs.geekstogo.com/ComboFix.exe

 Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
 http://forum.pcastuces.com/des [...] -f31s4.htm


 ==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

 Double clique sur combofix.exe, clique sur OUI et valide par Entrée

 Il te sera demandé d’installer la console si elle n’est pas installer, clique sur Oui

 Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

 NOTE : Le rapport se trouve également ici : C:\Combofix.txt

 Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


 @++   :)

sheperblok
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 02/12/2011 à 18:04:04  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
xsComboFix 11-12-02.01 - Ero 02/12/2011  12:43:54.1.2 - x86
 Microsoft® Windows Vista™ Édition Familiale Premium   6.0.6002.2.1252.33.1036.18.307​0.2161 [GMT 1:00]
 Lancé depuis: c:\users\Ero\Documents\Downloa​ds\ComboFix.exe
 AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-91413​5DA5160}
 SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334​E5D1BDD}
 SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132​C1ACF46}
 .
 .
 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 c:\users\Ero\AppData\Roaming\a​pp
 c:\users\Ero\AppData\Roaming\a​pp\Jerakine_lang.dat
 c:\users\Ero\AppData\Roaming\a​pp\Jerakine_lang_vesrion.dat
 c:\users\Ero\AppData\Roaming\c​acaoweb
 c:\users\Ero\AppData\Roaming\c​acaoweb\cacaoweb.exe
 c:\users\Ero\AppData\Roaming\c​acaoweb\npdfile.dat
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicating28B8A99340C​83D2225BC093792E2A533.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicating2DDA51953F1​9B033A207C57AAC7C116C.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicating4B7150B22BD​17BDEB2DA24973AC853E2.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicating6FD753527AA​EE4E0F4676261BEE6521C.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicatingAA32CFC45EE​F70EF756C5F172512A6C0.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicatingB1C62D54C5E​FB07BECBEB6B650D18E93.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicatingB8DFFF0E4FD​91B1DDFB7F5DD97008552.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\replicatingFF95991E8E4​615706E1056DAFA70DE2A.cacao
 c:\users\Ero\AppData\Roaming\c​acaoweb\storage.db
 c:\windows\system32\drivers\et​c\hosts.txt
 c:\windows\system32\jucheck.ex​e
 c:\windows\system32\jusched.ex​e
 c:\windows\system32\ReadMe.txt
 P:\autorun.inf
 .
 .
 (((((((((((((((((((((((((((((   Fichiers créés du 2011-11-02 au 2011-12-02  ))))))))))))))))))))))))))))))​))))))
 .
 .
 2011-12-02 11:53 . 2011-12-02 11:53 56200 ----a-w- c:\programdata\Microsoft\Micro​soft Antimalware\Definition Updates\{4A796DD4-729F-4A9A-8B​4B-9500E06859AC}\offreg.dll
 2011-12-01 17:33 . 2011-12-01 17:33 -------- d-----w- c:\program files\Nicolas Games
 2011-12-01 17:30 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.​dll
 2011-12-01 17:30 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.​dll
 2011-12-01 17:30 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine​3_7.dll
 2011-12-01 17:30 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompile​r_43.dll
 2011-12-01 17:30 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.​dll
 2011-12-01 17:30 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.​dll
 2011-12-01 17:30 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.​dll
 2011-12-01 17:30 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.d​ll
 2011-12-01 11:21 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Micro​soft Antimalware\Definition Updates\{4A796DD4-729F-4A9A-8B​4B-9500E06859AC}\mpengine.dll
 2011-11-27 19:05 . 2011-11-27 19:05 -------- d-----w- c:\users\Ero\AppData\Local\Ubi​soft Game Launcher
 2011-11-27 19:05 . 2011-11-27 19:05 -------- d-----w- c:\programdata\Ubisoft
 2011-11-26 11:13 . 2011-11-26 11:13 -------- d-----w- c:\users\Ero\AppData\Local\WB Games
 2011-11-26 10:47 . 2011-11-26 10:47 -------- d-----w- c:\program files\Program Files (x86)
 2011-11-26 10:27 . 2011-12-01 10:55 -------- d-----w- c:\program files\Oddworld Inhabitants
 2011-11-23 02:31 . 2011-11-23 02:31 -------- d-----w- c:\program files\ESET
 2011-11-22 20:35 . 2011-11-22 20:50 -------- d-----w- c:\users\Ero\AppData\Local\Sky​rim
 2011-11-22 10:34 . 2011-11-22 10:34 -------- d-----w- C:\_OTL
 2011-11-18 16:32 . 2011-11-18 16:32 -------- d-----w- c:\users\Ero\AppData\Roaming\M​alwarebytes
 2011-11-18 16:17 . 2011-11-18 16:17 -------- d-----w- c:\programdata\Malwarebytes
 2011-11-18 16:17 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mb​am.sys
 2011-11-18 16:17 . 2011-11-19 09:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
 2011-11-18 13:27 . 2011-11-18 13:27 -------- d-----w- c:\program files\Ad-Remover
 2011-11-17 20:20 . 2011-11-17 20:20 -------- d-----w- c:\program files\CCleaner
 2011-11-17 19:09 . 2011-11-19 09:54 512 ----a-w- C:\PhysicalMBR.bin
 2011-11-17 13:57 . 2011-11-17 13:59 111872 ----a-w- c:\windows\system32\drivers\Tr​ueSight.sys
 2011-11-13 03:34 . 2011-11-13 03:34 -------- d-----w- c:\users\Ero\AppData\Local\Div​inity 2
 2011-11-11 19:44 . 2011-11-11 19:44 -------- d-----w- c:\programdata\RELOADED
 2011-11-09 20:29 . 2011-11-18 01:40 -------- d-----w- c:\users\Ero\AppData\Local\Aka​mai
 2011-11-09 11:07 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
 2011-11-09 09:25 . 2011-09-20 21:02 913280 ----a-w- c:\windows\system32\drivers\tc​pip.sys
 2011-11-09 09:25 . 2011-09-20 13:44 31232 ----a-w- c:\windows\system32\drivers\tc​pipreg.sys
 2011-11-09 09:24 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
 .
 .
 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2011-10-31 16:48 . 2011-10-31 16:48 4608 ----a-w- c:\windows\system32\w95inf32.d​ll
 2011-10-31 16:48 . 2011-10-31 16:48 2272 ----a-w- c:\windows\system32\w95inf16.d​ll
 2011-10-27 11:29 . 2008-05-16 11:12 319456 ----a-w- c:\windows\DIFxAPI.dll
 2011-10-12 11:32 . 2011-10-12 11:32 703824 ------w- c:\programdata\Microsoft\Micro​soft Antimalware\Definition Updates\{8FFE075B-3B9C-4AA2-AE​FD-0682E7CC4AED}\gapaengine.dl​l
 2011-10-07 03:48 . 2011-10-12 11:33 6668624 ----a-w- c:\programdata\Microsoft\Micro​soft Antimalware\Definition Updates\Backup\mpengine.dll
 2011-09-22 09:48 . 2011-09-22 09:38 21840 ----atw- c:\windows\system32\SIntfNT.dl​l
 2011-09-22 09:48 . 2011-09-22 09:38 17212 ----atw- c:\windows\system32\SIntf32.dl​l
 2011-09-22 09:48 . 2011-09-22 09:38 12067 ----atw- c:\windows\system32\SIntf16.dl​l
 2011-09-12 23:14 . 2011-10-12 06:56 7269712 ----a-w- c:\programdata\Microsoft\Windo​ws Defender\Definition Updates\{B533B3E0-C84A-4B05-B2​53-78951987F3B8}\mpengine.dll
 2011-09-06 13:30 . 2011-10-12 07:15 2043392 ----a-w- c:\windows\system32\win32k.sys
 .
 .
 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4
 .
 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
 .
 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "MailNotifier"="c:\program files\Orange\MailNotifier\Mail​Notifier.exe" [2010-11-04 634368]
 "orangeinside"="c:\users\Ero\A​ppData\Roaming\Orange\OrangeIn​side\one\OrangeInside.exe" [2011-05-05 861696]
 "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-05-18 399736]
 "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
 "Facebook Update"="c:\users\Ero\AppData\​Local\Facebook\Update\Facebook​Update.exe" [2011-10-19 137536]
 "Akamai NetSession Interface"="c:\users\Ero\AppDa​ta\Local\Akamai\netsession_win​.exe" [2011-11-17 3303000]
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6266880]
 "hpsysdrv"="c:\hp\support\hpsy​sdrv.exe" [2007-04-18 65536]
 "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
 "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe" [2008-01-21 61440]
 "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
 "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
 "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
 "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
 "DVDAgent"="c:\program files\Hewlett-Packard\Media\DV​D\DVDAgent.exe" [2009-09-09 1148200]
 "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
 "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
 .
 c:\programdata\Microsoft\Windo​ws\Start Menu\Programs\Startup\
 HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows\currentversion​\policies\system]
 "EnableUIADesktopToggle"= 0 (0x0)
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\windows]
 "AppInit_DLLs"=c:\progra~1\WI3​71A~1\Datamngr\datamngr.dll c:\progra~1\WI371A~1\Datamngr\​IEBHO.dll
 .
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\MsMpSvc]
 @="Service"
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ALLUpdate]
 2011-02-26 21:11 1022464 ----a-w- c:\program files\OpenSubtitlesPlayer\ALLU​pdate.exe
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Spyb​otSD TeaTimer]
 2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Steam]
 2011-09-26 08:40 1242448 ----a-w- c:\program files\Steam\Steam.exe
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 2011-06-09 11:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring]
 "DisableMonitoring"=dword:0000​0001
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring"=dword:0000​0001
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecFirewall]
 "DisableMonitoring"=dword:0000​0001
 .
 R2 clr_optimization_v4.0.30319_32​;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Micr​osoft.NET\Framework\v4.0.30319​\mscorsvw.exe [2010-03-18 130384]
 R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpda​te.exe [2011-05-29 136176]
 R3 GamesAppService;GamesAppServic​e;c:\program files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
 R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpda​te.exe [2011-05-29 136176]
 R3 jswmidin;jswmidin;c:\users\Ero​\AppData\Local\Temp\jswmidin.s​ys [x]
 R3 MBAMSwissArmy;MBAMSwissArmy;c:​\windows\system32\drivers\mbam​swissarmy.sys [x]
 R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRI​VERS\MpNWMon.sys [2011-04-18 43392]
 R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRI​VERS\NisDrvWFP.sys [2011-04-27 65024]
 R3 NisSrv;Inspection réseau Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
 R3 TrueSight;TrueSight;c:\windows​\system32\drivers\TrueSight.sy​s [2011-11-17 111872]
 R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.N​ET\Framework\v4.0.30319\WPF\WP​FFontCache_v0400.exe [2010-03-18 753504]
 S0 sptd;sptd;c:\windows\System32\​Drivers\sptd.sys [2011-03-24 691696]
 S2 Akamai;Akamai NetSession Interface;c:\windows\System32\​svchost.exe [2008-01-21 21504]
 S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-18 136360]
 S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\sv​chost.exe [2008-01-21 21504]
 S2 MBAMService;MBAMService;c:\pro​gram files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
 S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Serv​ice\OUCore.exe [2011-05-20 1055872]
 S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
 S3 MBAMProtector;MBAMProtector;c:​\windows\system32\drivers\mbam​.sys [2011-08-31 22216]
 .
 .
 [HKEY_LOCAL_MACHINE\software\mi​crosoft\windows nt\currentversion\svchost]
 LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache
 HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
 hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
 Akamai REG_MULTI_SZ    Akamai
 .
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
 ezSharedSvc
 .
 Contenu du dossier 'Tâches planifiées'
 .
 2011-12-02 c:\windows\Tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000Core.j​ob
 - c:\users\Ero\AppData\Local\Fac​ebook\Update\FacebookUpdate.ex​e [2011-10-19 10:26]
 .
 2011-12-02 c:\windows\Tasks\FacebookUpdat​eTaskUserS-1-5-21-2000734618-2​863593989-193771998-1000UA.job
 - c:\users\Ero\AppData\Local\Fac​ebook\Update\FacebookUpdate.ex​e [2011-10-19 10:26]
 .
 2011-12-02 c:\windows\Tasks\GoogleUpdateT​askMachineCore.job
 - c:\program files\Google\Update\GoogleUpda​te.exe [2011-05-29 16:22]
 .
 2011-12-02 c:\windows\Tasks\GoogleUpdateT​askMachineUA.job
 - c:\program files\Google\Update\GoogleUpda​te.exe [2011-05-29 16:22]
 .
 2011-12-01 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000Core.job
 - c:\users\Ero\AppData\Local\Goo​gle\Update\GoogleUpdate.exe [2011-03-21 16:26]
 .
 2011-12-02 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-2000734618-286​3593989-193771998-1000UA.job
 - c:\users\Ero\AppData\Local\Goo​gle\Update\GoogleUpdate.exe [2011-03-21 16:26]
 .
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = hxxp://r.orange.fr/r/Ohome_por​tail?ref=O_OI_defaultPage
 IE: ajouter cette page à vos favoris Orange - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\addfavo​rites_html\addfavorites.html
 IE: envoyer le texte sélectionné par sms - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​selectedtext_html\sendsmsselec​tedtext.html
 IE: envoyer par sms - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendsms​_html\sendsms.html
 IE: envoyer un mail - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\sendmai​l_html\sendmail.html
 IE: orange.fr - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\orange_​html\orange.html
 IE: rechercher le texte sélectionné - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\selecte​dsearch_html\selectedsearch.ht​ml
 IE: traduire la page - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​te_html\translate.html
 IE: traduire le texte sélectionné - c:\users\Ero\AppData\Roaming\O​range\OrangeInside\src\transla​teSelectedText_html\translateS​electedText.html
 Trusted Zone: orange.fr\logicielsgratuits
 TCP: DhcpNameServer = 192.168.1.1
 .
 - - - - ORPHELINS SUPPRIMES - - - -
 .
 HKCU-Run-cacaoweb - c:\users\Ero\AppData\Roaming\c​acaoweb\cacaoweb.exe
 HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Pac​kard\HP Health Check\HPHC_Scheduler.exe
 MSConfigStartUp-RegistryBooste​r - c:\program files\Uniblue\RegistryBooster\​launcher.exe
 AddRemove-Adibou V.3.00 on C - c:\coktel\Adibou3\Uninst.exe
 AddRemove-ADIBOUd'CHOU V.1.00 on C - c:\coktel\adiboudchou\Uninst.e​xe
 AddRemove-Searchqu 406 MediaBar - c:\program files\Windows iLivid Toolbar\uninstall.exe
 AddRemove-WOLAPI - c:\westwood\Internet\UnstllAP.​exe
 AddRemove-{09FF4DB8-7DE9-4D47-​B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-​4BE5-BAF9-AA46E0629E42}\bm_ins​taller.exe
 .
 .
 .
 ******************************​******************************​**************
 Recherche de processus cachés ...
 .
 Recherche d'éléments en démarrage automatique cachés ...
 .
 Recherche de fichiers cachés ...
 .
 Scan terminé avec succès
 Fichiers cachés:
 .
 ******************************​******************************​**************
 .
 [HKEY_LOCAL_MACHINE\SYSTEM\Cont​rolSet001\Services\Akamai]
 "ServiceDll"="c:\program files\common files\akamai/netsession_win_d7​68ebc.dll"
 .
 --------------------- CLES DE REGISTRE BLOQUEES ---------------------
 .
 [HKEY_USERS\S-1-5-21-2000734618​-2863593989-193771998-1000\Sof​tware\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
 @Allowed: (Read) (RestrictedCode)
 "??"=hex:2e,57,2f,e0,69,49,d4,​bb,b4,52,35,2f,2e,16,8b,e1,67,​55,bc,33,8a,42,1c,

d6,d9,a2,92,06,27,4c,57,25,06,​98,66,1c,ab,8b,52,39,60,a7,1f,​9e,9e,26,17,d6,\
 "??"=hex:20,5f,3b,ce,d0,0c,41,​d1,c4,73,81,f8,db,cd,db,f3
 .
 [HKEY_USERS\S-1-5-21-2000734618​-2863593989-193771998-1000\Sof​tware\SecuROM\License information*]
 @Allowed: (Read) (RestrictedCode)
 "datasecu"=hex:eb,4f,fa,f7,9f,​d9,84,7b,32,ef,5a,4e,8e,6e,25,​0a,5f,4e,f8,84,80,

db,3f,46,45,8c,58,83,ca,13,9d,​f5,06,c0,62,3f,69,5d,5b,6e,89,​a5,74,85,84,05,\
 "rkeysecu"=hex:1f,26,30,63,c5,​d8,66,1c,cb,7a,a4,32,5a,a0,02,​ed
 .
 ------------------------ Autres processus actifs ------------------------
 .
 c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
 c:\windows\system32\Ati2evxx.e​xe
 c:\windows\system32\Ati2evxx.e​xe
 c:\program files\Avira\AntiVir Desktop\avguard.exe
 c:\program files\Common Files\LightScribe\LSSrvc.exe
 c:\program files\Avira\AntiVir Desktop\avshadow.exe
 c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
 c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
 c:\windows\system32\WUDFHost.e​xe
 c:\program files\Orange\OrangeUpdate\Mana​ger\OUNotification.exe
 c:\windows\system32\conime.exe
 c:\windows\RtHDVCpl.exe
 c:\program files\ATI Technologies\ATI.ACE\Core-Stat​ic\MOM.exe
 c:\program files\Windows Media Player\wmpnetwk.exe
 c:\program files\Orange\OrangeUpdate\Serv​ice\OUIndicator.exe
 c:\windows\system32\wbem\unsec​app.exe
 c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
 c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
 c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
 c:\program files\ATI Technologies\ATI.ACE\Core-Stat​ic\CCC.exe
 c:\program files\HP\Digital Imaging\bin\hpqdirec.exe
 c:\hp\kbd\kbd.exe
 c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
 c:\\?\c:\windows\system32\wbem​\WMIADAP.EXE
 c:\windows\system32\pcaui.exe
 c:\windows\servicing\TrustedIn​staller.exe
 .
 ******************************​******************************​**************
 .
 Heure de fin: 2011-12-02  13:00:26 - La machine a redémarré
 ComboFix-quarantined-files.txt  2011-12-02 11:59
 .
 Avant-CF: 67 068 751 872 octets libres
 Après-CF: 67 912 892 416 octets libres
 .
 - - End Of File - - DE83E4A557D98D108E4CCD0CD56064​DF

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 02/12/2011 à 18:31:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut sheperbloK


 Télécharge Gmer et enregistre-le sur ton bureau.

 - Déconnecte toi d'internet si possible et ferme tous les programmes, puis lance l'outil.
 - Clique sur le bouton "Scan" sur la droite.

 - Lorsque le scan est terminé, clic sur "Copy".
 - Ouvre le bloc-note et clic sur le Menu Edition / Coller
 - Le rapport doit alors apparaître.

 - Enregistre le fichier sur ton bureau et copie/colle le contenu ici.


 @++  :)

 Page :
1

Aller à :
 

Sujets relatifs
Bureau vide + impossible d'accéder à ma session [résolu] pc qui plante, ventile en permanence, s'eteint seul, fenetres d'erreur etc...
pc s'eteint tout le temps Des onglets de publicites s'ouvrent tout seul.....
malwarebytes éteint le pc ordinateur qui s'éteint brusquement ...
avast et cheval de troie à tous les demarages Infection, programmes supect au démarrage HELP !
Plus de sujets relatifs à : Mon pc s'eteint tout seul et je ne peux acceder a mes programmes de demarages

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Problème de redirection Google 17
piratage carnet adresse boite mail 1
cheval de troie TR/Crypt.XPACK.gen [résolu] 11
virus trojan, création de raccourcis et impossible à supprimer/ Nod23 16
Pas sur d'etre infecter 2