Infection sirefef à plusieurs reprises [résolu]

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Version de la base de données: v2012.07.31.10

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Bruno :: BRUNO-PC [administrateur]

01/08/2012 10:46:28
mbam-log-2012-08-01 (10-46-28).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 327358
Temps écoulé: 37 minute(s), 27 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)

Rapport de ZHPDiag v1.31.11 par Nicolas Coolman, Update du 21/07/2012
Run by Bruno at 01/08/2012 11:38:02
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site :  http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v

---\\ Windows Product Information
~ Langage: Français
Windows 7 Ultimate Edition, 32-bit  (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3582 MB (65% free)
System Restore: Inconnu (Unknown)
System drive C: has 113 GB (57%) free of 195 GB

---\\ Logged in mode
~ Computer Name: BRUNO-PC
~ User Name: Bruno
~ All Users Names: HomeGroupUser$, Bruno, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Bruno\AppData\Roaming\
~ %Desktop% : C:\Users\Bruno\Desktop\
~ %Favorites% : C:\Users\Bruno\Favorites\
~ %LocalAppData% : C:\Users\Bruno\AppData\Local\
~ %StartMenu% : C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 113 Go of 195 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 487 Go of 736 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 195 Go of 233 Go)
G:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 02:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 02:16:19.) -- C:\Windows\System32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/07/2009 - 00:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 00:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2009 - 00:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 01:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/17
~ Mes musiques (My Musics) : 1/80
Mes Videos (My Videos) : 2/2  (Modified)
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 2/239
~ Mon Bureau (My Desktop) : 1/8541
~ Menu demarrer (Programs) : 0/30
~ Scan Hidden Files in 00mn 08s



---\\ Processus lancés
[MD5.B2C1EF0563C82807E3F553F8DDC5C2C3] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files\ASUS\TurboV\TurboV.exe  [5655680] [PID.2052]
[MD5.E7704CBF568815C1CAA6E513387BD3F2] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe  [65536] [PID.2064]
[MD5.640DD6345C6AB48E983C2BDCFC789E4F] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe  [1681408] [PID.2076]
[MD5.68E9B7820AF8D692F6F99483AB1F3BE5] - (.Pas de propriétaire - razerhid MFC Application.) -- C:\Program Files\Razer\Tarantula\razerhid.exe  [176128] [PID.2084]
[MD5.EE3D9986F75FB4239050F341348C2FF6] - (.Pas de propriétaire - razerhid MFC Application.) -- C:\Program Files\Razer\DeathAdder\razerhid.exe  [159744] [PID.2084]
[MD5.CFDE710E4AD97EFD666E6042750F218F] - (.Pas de propriétaire - razertra MFC Application.) -- C:\Program Files\Razer\DeathAdder\razertra.exe  [143360] [PID.2148]
[MD5.D9D79F547AE2A70C650DFCFC27AEC0F7] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe  [421736] [PID.2348]
[MD5.50F85FE43AF859330CC9515353EF300C] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.exe  [2516296] [PID.2356]
[MD5.3B78ACCCAA5132638E7CF419F4A965C7] - (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.exe  [1185112] [PID.2372]
[MD5.7A54E4A4116A8747EE148E1E82E595F6] - (.Razer Inc. - Razer OFA - On-the-Fly Sensitivity Adjustme.) -- C:\Program Files\Razer\DeathAdder\razerofa.exe  [163840] [PID.2384]
[MD5.C61F226996B84AB78D481FD69362E72A] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe  [6749512] [PID.2404]
[MD5.07CDD5732A8A084BA8EC10287CADDD36] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe  [35736] [PID.2424]
[MD5.995BEB69AE5C50D354894354F5A6CD5A] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe  [252296] [PID.2436]
[MD5.85EBCDF930AD766B46A521A9149D3276] - (.Pas de propriétaire - Netgear.) -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe  [4577760] [PID.2444]
[MD5.74EF310FAC89341CE2897B7F2C4A7B0F] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe  [65536] [PID.2800]
[MD5.72AE847EB2B526CC0551C88B9A2970C1] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe  [3763200] [PID.4380]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Chrome PDF Viewer v. (Désactivé)
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\18z9g9da.default\prefs.js
M3 - MFPP: Plugins - [Bruno] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Bruno] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Bruno] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Bruno] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Bruno] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Bruno] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Bruno] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Bruno - 18z9g9da.default] http://www.google.fr
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Contribute Firefox IBE Plugin DLL.) -- C:\Program Files\Mozilla Firefox\Plugins\npContribute.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 1



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Bruno\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DeepBurner.lnk . (.Astonsoft.)  -- C:\Program Files\Astonsoft\DeepBurner\DeepBurner.exe
O4 - Global Startup: C:\Users\Bruno\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Bruno\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
~ Scan Global Startup in 00mn 01s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files\MICROS~4\Office14\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-Bruno-PC-Bruno] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.00000000000000000000000000000000] [APT] [{60CA8793-8B27-4E94-8191-12370BD34FA7}] (...) -- C:\Users\Bruno\Desktop\Diablo 2\29181__Diablo_2\Diablo 2 [pwz2000]\Install.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{92D21CEF-BA79-4B8B-BE21-1BEDD6F40CC7}] (...) -- C:\Users\Bruno\Documents\Ymir-Online\Ymir-Online.exe (.not file.)
[MD5.E0332D6B784354194D01B785AD3F7F20] [APT] [ASUS SIX Engine] (.ASUSTeK Computer Inc..) -- C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
[MD5.7169DBC28AC7780DAEC53443690EADD8] [APT] [ASUS Update Checker] (...) -- C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
~ Scan Scheduled Task in 00mn 02s



---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/09/2010 - 02:04:17 - [2,951] ----D C:\Program Files\7-Zip
O43 - CFD: 13/07/2012 - 18:20:15 - [8,652] ----D C:\Program Files\Activision
O43 - CFD: 20/02/2012 - 23:03:29 - [399,063] ----D C:\Program Files\Adobe
O43 - CFD: 07/06/2012 - 10:31:53 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 28/07/2012 - 12:04:05 - [7,627] ----D C:\Program Files\Astonsoft
O43 - CFD: 16/09/2010 - 20:29:17 - [31,305] ----D C:\Program Files\ASUS
O43 - CFD: 16/09/2010 - 19:39:38 - [16,510] ----D C:\Program Files\ATI
O43 - CFD: 16/09/2010 - 19:39:51 - [72,189] ----D C:\Program Files\ATI Technologies
O43 - CFD: 20/12/2011 - 20:00:59 - [4,575] ----D C:\Program Files\beanfun!
O43 - CFD: 13/06/2012 - 20:04:09 - [345,318] ----D C:\Program Files\Canon
O43 - CFD: 13/06/2012 - 19:51:16 - [15,488] --H-D C:\Program Files\CanonBJ
O43 - CFD: 27/02/2012 - 14:13:40 - [0] ----D C:\Program Files\Codemasters
O43 - CFD: 22/07/2012 - 18:46:00 - [1402,129] ----D C:\Program Files\Common Files
O43 - CFD: 31/07/2012 - 19:37:32 - [135,168] ----D C:\Program Files\COMODO
O43 - CFD: 14/07/2009 - 11:01:30 - [79,371] ----D C:\Program Files\DVD Maker
O43 - CFD: 17/09/2010 - 01:06:19 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 20/02/2012 - 23:01:25 - [0,420] ----D C:\Program Files\FileHippo.com
O43 - CFD: 13/07/2012 - 17:56:49 - [113,250] ----D C:\Program Files\FreeTime
O43 - CFD: 27/02/2012 - 14:17:03 - [2,597] ----D C:\Program Files\Gameforge
O43 - CFD: 28/08/2011 - 19:38:02 - [7,701] ----D C:\Program Files\GPLGS
O43 - CFD: 24/07/2012 - 17:11:44 - [57,019] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 16/09/2010 - 19:56:10 - [0,092] ----D C:\Program Files\Intel
O43 - CFD: 02/12/2010 - 14:40:55 - [5,526] ----D C:\Program Files\Internet Explorer
O43 - CFD: 07/06/2012 - 10:32:39 - [1,926] ----D C:\Program Files\iPod
O43 - CFD: 07/06/2012 - 10:33:04 - [122,734] ----D C:\Program Files\iTunes
O43 - CFD: 07/06/2012 - 10:28:28 - [180,163] ----D C:\Program Files\Java
O43 - CFD: 28/08/2011 - 19:38:31 - [1,417] ----D C:\Program Files\JPEG to PDF
O43 - CFD: 22/07/2012 - 17:40:32 - [11,705] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 31/07/2012 - 21:39:52 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 18/09/2010 - 19:55:16 - [38,002] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 07/10/2011 - 22:46:08 - [-1913,168] ----D C:\Program Files\Microsoft Games
O43 - CFD: 01/10/2010 - 12:49:49 - [10,745] ----D C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 18/09/2010 - 19:58:07 - [635,678] ----D C:\Program Files\Microsoft Office
O43 - CFD: 31/07/2012 - 19:12:24 - [17,546] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 20/02/2012 - 23:14:35 - [36,499] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 20/02/2012 - 23:18:32 - [3,467] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 18/09/2010 - 19:58:30 - [0,312] ----D C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 18/09/2010 - 19:56:49 - [1,314] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 02/09/2011 - 22:46:44 - [7,797] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 23/07/2012 - 12:55:52 - [39,031] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 24/07/2012 - 10:23:01 - [0,195] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 18/09/2010 - 19:58:48 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 31/07/2012 - 20:05:58 - [31,133] ----D C:\Program Files\Mumble
O43 - CFD: 02/10/2010 - 16:40:02 - [0] ----D C:\Program Files\My Company Name
O43 - CFD: 29/06/2012 - 22:37:29 - [9,955] ----D C:\Program Files\NCSoft
O43 - CFD: 07/06/2012 - 10:16:00 - [26,493] ----D C:\Program Files\NETGEAR
O43 - CFD: 20/09/2010 - 19:42:45 - [73,125] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 07/08/2011 - 15:11:03 - [7,175] ----D C:\Program Files\Pando Networks
O43 - CFD: 01/08/2012 - 09:19:52 - [33,008] ----D C:\Program Files\PDFCreator
O43 - CFD: 22/07/2012 - 16:47:44 - [0,199] ----D C:\Program Files\PlayerPlus
O43 - CFD: 02/12/2010 - 14:40:55 - [72,801] ----D C:\Program Files\QuickTime
O43 - CFD: 18/09/2010 - 19:04:05 - [20,430] ----D C:\Program Files\Razer
O43 - CFD: 16/09/2010 - 20:28:24 - [0,956] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:30 - [36,805] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 31/07/2012 - 21:42:34 - [0] ----D C:\Program Files\Rockstar Games
O43 - CFD: 13/12/2010 - 22:23:07 - [0] ----D C:\Program Files\Screaming Bee
O43 - CFD: 29/06/2012 - 14:22:13 - [530,075] ----D C:\Program Files\Sid Meier's Civilization V
O43 - CFD: 01/08/2012 - 08:46:59 - [21,665] ----D C:\Program Files\SmartPCFixer
O43 - CFD: 31/07/2012 - 21:43:05 - [0] ----D C:\Program Files\Sophos
O43 - CFD: 01/08/2012 - 11:07:35 - [0,068] ----D C:\Program Files\Teamspeak2_RC2
O43 - CFD: 01/08/2012 - 08:51:22 - [0,777] ----D C:\Program Files\TERA
O43 - CFD: 22/07/2012 - 16:48:06 - [-1556,413] ----D C:\Program Files\Tera-Luxia
O43 - CFD: 28/09/2010 - 23:47:57 - [1023,567] ----D C:\Program Files\The Witcher Enhanced Edition
O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 16/09/2010 - 20:30:14 - [50,317] ----D C:\Program Files\VIA
O43 - CFD: 07/06/2012 - 10:29:54 - [90,784] ----D C:\Program Files\VideoLAN
O43 - CFD: 14/07/2009 - 10:39:39 - [2,909] ----D C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - 11:01:29 - [6,689] ----D C:\Program Files\Windows Journal
O43 - CFD: 20/02/2012 - 23:21:39 - [193,236] ----D C:\Program Files\Windows Live
O43 - CFD: 14/07/2009 - 10:39:39 - [5,895] ----D C:\Program Files\Windows Mail
O43 - CFD: 14/07/2009 - 10:39:39 - [6,302] ----D C:\Program Files\Windows Media Player
O43 - CFD: 17/09/2010 - 01:06:19 - [11,630] ----D C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - 10:39:39 - [4,213] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:52:32 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - 10:39:39 - [6,374] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 21/02/2012 - 13:30:41 - [10,757] ----D C:\Program Files\WinRAR
O43 - CFD: 20/12/2011 - 20:40:42 - [4,706] ----D C:\Program Files\Xiph.Org
O43 - CFD: 01/08/2012 - 11:38:16 - [12,787] ----D C:\Program Files\ZHPDiag
O43 - CFD: 31/05/2012 - 16:33:16 - [927,934] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 02/10/2010 - 16:38:47 - [30,670] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 07/06/2012 - 10:32:38 - [110,942] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 16/09/2010 - 19:47:49 - [0,093] ----D C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 22/07/2012 - 17:19:58 - [1,628] ----D C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD: 13/06/2012 - 19:54:37 - [0,001] ----D C:\Program Files\Common Files\CANON
O43 - CFD: 18/09/2010 - 19:58:29 - [0,095] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 27/01/2012 - 23:03:55 - [0] ----D C:\Program Files\Common Files\INCA Shared
O43 - CFD: 16/09/2010 - 20:29:46 - [5,801] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 20/02/2012 - 23:11:47 - [1,181] ----D C:\Program Files\Common Files\Java
O43 - CFD: 20/02/2012 - 23:16:03 - [240,250] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 03/07/2012 - 02:03:02 - [1,416] ----D C:\Program Files\Common Files\Nikon
O43 - CFD: 02/10/2010 - 16:40:02 - [0,195] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 13/12/2010 - 22:23:19 - [0] ----D C:\Program Files\Common Files\Screaming Bee
O43 - CFD: 14/07/2009 - 04:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 10:39:39 - [10,177] ----D C:\Program Files\Common Files\System
O43 - CFD: 16/09/2010 - 22:46:22 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 27/09/2010 - 17:05:21 - [32,544] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 28/08/2011 - 19:56:48 - [0,002] ----D C:\ProgramData\ABBYY
O43 - CFD: 28/02/2012 - 09:49:23 - [812,008] ----D C:\ProgramData\Adobe
O43 - CFD: 02/10/2010 - 16:47:06 - [0] ----D C:\ProgramData\ALM
O43 - CFD: 02/12/2010 - 14:40:29 - [57,920] ----D C:\ProgramData\Apple
O43 - CFD: 02/12/2010 - 14:41:16 - [72,293] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Application Data
O43 - CFD: 16/09/2010 - 20:32:40 - [0] ----D C:\ProgramData\ASUS OC Profiles
O43 - CFD: 16/09/2010 - 19:39:54 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 27/02/2012 - 14:13:23 - [0] ----D C:\ProgramData\BioWare
O43 - CFD: 18/09/2010 - 19:21:37 - [0,004] ----D C:\ProgramData\Blizzard
O43 - CFD: 03/07/2012 - 13:07:09 - [1,982] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 17/09/2010 - 01:06:19 - [0] ----D C:\ProgramData\Bureau
O43 - CFD: 13/06/2012 - 20:00:08 - [0] ----D C:\ProgramData\Canon IJ Network Tool
O43 - CFD: 13/06/2012 - 19:52:31 - [21,132] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 13/06/2012 - 20:04:10 - [0] --H-D C:\ProgramData\CanonEPP
O43 - CFD: 13/06/2012 - 20:04:35 - [0,000] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 13/06/2012 - 20:04:10 - [0] --H-D C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 13/06/2012 - 19:55:39 - [0,003] ----D C:\ProgramData\CanonIJMSetup
O43 - CFD: 13/06/2012 - 20:04:09 - [0,000] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 01/08/2012 - 09:02:18 - [0,011] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 13/06/2012 - 20:04:11 - [0,002] --H-D C:\ProgramData\CanonIJSolutionMenuEX
O43 - CFD: 13/06/2012 - 19:54:30 - [0,065] ----D C:\ProgramData\CanonIJWSpt
O43 - CFD: 31/07/2012 - 19:39:03 - [1,326] ----D C:\ProgramData\Comodo
O43 - CFD: 03/07/2012 - 02:09:10 - [50,267] ----D C:\ProgramData\CyberLink
O43 - CFD: 16/09/2010 - 20:41:16 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Documents
O43 - CFD: 17/09/2010 - 01:06:19 - [0] ----D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Favorites
O43 - CFD: 03/07/2012 - 02:01:49 - [0,033] ----D C:\ProgramData\install_clap
O43 - CFD: 22/07/2012 - 17:40:25 - [6,449] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 27/02/2012 - 14:13:03 - [0] ----D C:\ProgramData\Media Center Programs
O43 - CFD: 17/09/2010 - 01:06:19 - [0] ----D C:\ProgramData\Menu Démarrer
O43 - CFD: 31/07/2012 - 21:39:52 - [60,802] -S--D C:\ProgramData\Microsoft
O43 - CFD: 18/09/2010 - 20:00:49 - [0,057] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 17/09/2010 - 01:06:19 - [0] ----D C:\ProgramData\Modèles
O43 - CFD: 07/06/2012 - 10:32:28 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 31/07/2012 - 19:52:22 - [0,002] ----D C:\ProgramData\PMB Files
O43 - CFD: 03/10/2010 - 21:31:55 - [0,003] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 13/12/2010 - 22:23:51 - [0,002] ----D C:\ProgramData\Screaming Bee
O43 - CFD: 01/10/2010 - 13:28:31 - [0,027] -SH-D C:\ProgramData\SecuROM
O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Start Menu
O43 - CFD: 21/11/2010 - 04:19:22 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 03/07/2012 - 02:01:50 - [0] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Templates
O43 - CFD: 28/06/2012 - 22:58:17 - [2,013] ----D C:\ProgramData\TERA
O43 - CFD: 02/12/2010 - 14:41:35 - [0] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 31/05/2012 - 17:00:11 - [15,004] ----D C:\Users\Bruno\AppData\Roaming\Adobe
O43 - CFD: 24/07/2012 - 10:41:50 - [0,000] ----D C:\Users\Bruno\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 02/12/2010 - 17:33:44 - [1,487] ----D C:\Users\Bruno\AppData\Roaming\Apple Computer
O43 - CFD: 16/09/2010 - 19:39:54 - [0] ----D C:\Users\Bruno\AppData\Roaming\ATI
O43 - CFD: 17/10/2010 - 03:23:26 - [18,483] ----D C:\Users\Bruno\AppData\Roaming\Azureus
O43 - CFD: 21/02/2012 - 13:32:31 - [0,895] ----D C:\Users\Bruno\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 22/02/2012 - 12:12:02 - [0,020] ----D C:\Users\Bruno\AppData\Roaming\DeepBurner
O43 - CFD: 14/08/2011 - 21:00:26 - [0] ----D C:\Users\Bruno\AppData\Roaming\FOG Downloader
O43 - CFD: 02/09/2011 - 22:27:21 - [0] ----D C:\Users\Bruno\AppData\Roaming\GetRightToGo
O43 - CFD: 17/09/2010 - 01:06:34 - [0] ----D C:\Users\Bruno\AppData\Roaming\Identities
O43 - CFD: 18/09/2010 - 19:03:31 - [0] ----D C:\Users\Bruno\AppData\Roaming\InstallShield
O43 - CFD: 07/08/2011 - 15:54:51 - [0] ----D C:\Users\Bruno\AppData\Roaming\LolClient
O43 - CFD: 16/09/2010 - 19:28:22 - [0,001] ----D C:\Users\Bruno\AppData\Roaming\Macromedia
O43 - CFD: 22/07/2012 - 17:40:47 - [0,004] ----D C:\Users\Bruno\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 11:00:32 - [0] ----D C:\Users\Bruno\AppData\Roaming\Media Center Programs
O43 - CFD: 31/07/2012 - 16:52:20 - [10,964] -S--D C:\Users\Bruno\AppData\Roaming\Microsoft
O43 - CFD: 16/09/2010 - 22:23:16 - [15,111] ----D C:\Users\Bruno\AppData\Roaming\Mozilla
O43 - CFD: 31/07/2012 - 20:55:32 - [0,453] ----D C:\Users\Bruno\AppData\Roaming\Mumble
O43 - CFD: 13/12/2010 - 22:23:53 - [0,862] ----D C:\Users\Bruno\AppData\Roaming\Screaming Bee
O43 - CFD: 01/10/2010 - 13:28:32 - [0,008] R-H-D C:\Users\Bruno\AppData\Roaming\SecuROM
O43 - CFD: 24/07/2012 - 10:41:49 - [0] ----D C:\Users\Bruno\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 15/12/2010 - 13:22:29 - [0,004] ----D C:\Users\Bruno\AppData\Roaming\teamspeak2
O43 - CFD: 04/10/2010 - 20:33:00 - [0,341] ----D C:\Users\Bruno\AppData\Roaming\TS3Client
O43 - CFD: 31/07/2012 - 11:15:04 - [0,078] ----D C:\Users\Bruno\AppData\Roaming\vlc
O43 - CFD: 28/02/2012 - 20:44:36 - [0] ----D C:\Users\Bruno\AppData\Roaming\Windows Live Writer
O43 - CFD: 12/06/2012 - 10:38:38 - [0,000] ----D C:\Users\Bruno\AppData\Roaming\WinRAR
O43 - CFD: 20/09/2010 - 19:41:12 - [9,741] ----D C:\Users\Bruno\AppData\Local\2K Games
O43 - CFD: 28/08/2011 - 19:53:31 - [0] ----D C:\Users\Bruno\AppData\Local\ABBYY
O43 - CFD: 31/05/2012 - 15:27:04 - [13,450] ----D C:\Users\Bruno\AppData\Local\Adobe
O43 - CFD: 02/12/2010 - 14:40:34 - [0] ----D C:\Users\Bruno\AppData\Local\Apple
O43 - CFD: 04/09/2011 - 21:47:42 - [7,020] ----D C:\Users\Bruno\AppData\Local\Apple Computer
O43 - CFD: 17/09/2010 - 01:06:27 - [0] ----D C:\Users\Bruno\AppData\Local\Application Data
O43 - CFD: 17/09/2010 - 01:18:29 - [1,171] ----D C:\Users\Bruno\AppData\Local\Apps
O43 - CFD: 22/07/2012 - 18:49:32 - [26,100] ----D C:\Users\Bruno\AppData\Local\assembly
O43 - CFD: 16/09/2010 - 19:39:54 - [0,067] ----D C:\Users\Bruno\AppData\Local\ATI
O43 - CFD: 13/06/2012 - 20:08:22 - [0] ----D C:\Users\Bruno\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 03/07/2012 - 02:08:45 - [0] ----D C:\Users\Bruno\AppData\Local\Cyberlink
O43 - CFD: 22/07/2012 - 17:09:49 - [0] ----D C:\Users\Bruno\AppData\Local\Deployment
O43 - CFD: 17/10/2010 - 20:38:02 - [0] ----D C:\Users\Bruno\AppData\Local\Diagnostics
O43 - CFD: 11/07/2012 - 20:06:49 - [0] ----D C:\Users\Bruno\AppData\Local\ElevatedDiagnostics
O43 - CFD: 01/08/2012 - 11:06:42 - [472,680] ----D C:\Users\Bruno\AppData\Local\Google
O43 - CFD: 17/09/2010 - 01:06:27 - [0] ----D C:\Users\Bruno\AppData\Local\Historique
O43 - CFD: 14/06/2012 - 16:20:03 - [0] ----D C:\Users\Bruno\AppData\Local\Macromedia
O43 - CFD: 01/08/2012 - 08:39:38 - [1448,508] ----D C:\Users\Bruno\AppData\Local\Microsoft
O43 - CFD: 18/09/2010 - 21:12:20 - [0,086] ----D C:\Users\Bruno\AppData\Local\Microsoft Games
O43 - CFD: 18/09/2010 - 19:54:56 - [0] ----D C:\Users\Bruno\AppData\Local\Microsoft Help
O43 - CFD: 16/09/2010 - 22:23:10 - [62,892] ----D C:\Users\Bruno\AppData\Local\Mozilla
O43 - CFD: 07/10/2010 - 14:21:54 - [0] ----D C:\Users\Bruno\AppData\Local\Mumble
O43 - CFD: 15/06/2012 - 20:21:56 - [0] ----D C:\Users\Bruno\AppData\Local\My Games
O43 - CFD: 31/07/2012 - 19:52:23 - [0,222] ----D C:\Users\Bruno\AppData\Local\PMB Files
O43 - CFD: 01/10/2010 - 13:33:47 - [3,615] ----D C:\Users\Bruno\AppData\Local\Rockstar Games
O43 - CFD: 16/06/2012 - 12:38:32 - [0] ----D C:\Users\Bruno\AppData\Local\SKIDROW
O43 - CFD: 01/08/2012 - 11:37:25 - [74,418] ----D C:\Users\Bruno\AppData\Local\Temp
O43 - CFD: 17/09/2010 - 01:06:27 - [0] ----D C:\Users\Bruno\AppData\Local\Temporary Internet Files
O43 - CFD: 11/07/2012 - 21:41:48 - [0,003] ----D C:\Users\Bruno\AppData\Local\The Witcher
O43 - CFD: 02/12/2011 - 19:26:13 - [0] ----D C:\Users\Bruno\AppData\Local\The Witcher 2
O43 - CFD: 31/07/2012 - 18:54:21 - [0,005] ----D C:\Users\Bruno\AppData\Local\VirtualStore
O43 - CFD: 08/06/2012 - 18:25:09 - [0,082] ----D C:\Users\Bruno\AppData\Local\Windows Live
O43 - CFD: 28/02/2012 - 20:44:43 - [0,618] ----D C:\Users\Bruno\AppData\Local\Windows Live Writer
O43 - CFD: 06/06/2012 - 21:39:25 - [0] ----D C:\Users\Bruno\AppData\Local\{169441A3-1ECE-4729-8B3B-FE1AF36A74A6}
O43 - CFD: 07/06/2012 - 11:05:23 - [0] ----D C:\Users\Bruno\AppData\Local\{78332E5A-AA43-49A8-8BBC-BC4BFC45E22F}
O43 - CFD: 31/07/2012 - 18:24:44 - [0] -SH-D C:\Users\Bruno\AppData\Local\{b216f87b-7121-75df-440a-87352735dc08}
O43 - CFD: 14/07/2009 - 06:42:04 - [0,014] R---D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/09/2010 - 01:06:42 - [0,000] R---D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/07/2012 - 17:57:09 - [0,004] ----D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 01/08/2012 - 11:35:40 - [0,001] ----D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 06:37:42 - [0,001] R---D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 29/06/2012 - 22:37:29 - [0] ----D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCsoft
O43 - CFD: 01/08/2012 - 10:39:59 - [0] R---D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 20/02/2012 - 23:18:54 - [0,003] ----D C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 22s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 31/07/2012 - 18:12:25 ---A- . (...) -- C:\Windows\epplauncher.mif  [1912]
O44 - LFC:[MD5.615E16ED9EE2CEE8DBCBB321E5964A31] - 01/08/2012 - 10:37:02 ---A- . (...) -- C:\Windows\setupact.log  [61099]
O44 - LFC:[MD5.079A6FEDB6831672BDE072C56E44B01A] - 01/08/2012 - 10:36:59 -S-A- . (...) -- C:\Windows\bootstat.dat  [67584]
O44 - LFC:[MD5.8E5B3EAD51C4A1AE08308FCC6877A065] - 01/08/2012 - 10:36:56 ---A- . (...) -- C:\Windows\PFRO.log  [26726]
O44 - LFC:[MD5.C6F9B85DADF7898D31D4F01E1FD04793] - 01/08/2012 - 10:36:16 ---A- . (...) -- C:\Windows\WindowsUpdate.log  [1289550]
O44 - LFC:[MD5.92FC8D1C9118929F70441E3FC39EED9E] - 01/08/2012 - 09:48:13 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI  [1666740]
O44 - LFC:[MD5.54D4692724FDF4987BA1B530BACC0E88] - 01/08/2012 - 09:48:13 ---A- . (...) -- C:\Windows\System32\perfc009.dat  [121382]
O44 - LFC:[MD5.0B45A3A257301EE9E5EFBEA9FCB1DD9F] - 01/08/2012 - 09:48:13 ---A- . (...) -- C:\Windows\System32\perfc00C.dat  [149086]
O44 - LFC:[MD5.889CFA51738D9C4A60D5BA7BBDED37D6] - 01/08/2012 - 09:48:13 ---A- . (...) -- C:\Windows\System32\perfh009.dat  [653550]
O44 - LFC:[MD5.B8A1022615839E90D5FB959AD0BA828A] - 01/08/2012 - 09:48:13 ---A- . (...) -- C:\Windows\System32\perfh00C.dat  [746668]
O44 - LFC:[MD5.6513801A74D269801D21553D4AB13E50] - 01/08/2012 - 08:19:32 ---A- . (.pdfforge GbR - pdfcmon.) -- C:\Windows\System32\pdfcmon.dll  [81920]
O44 - LFC:[MD5.F912B591ED4D66859DB96B29749469ED] - 01/08/2012 - 07:37:04 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe  [227824]
O44 - LFC:[MD5.85D2B5F0C2B75F0F329CACC7C53E8E44] - 01/08/2012 - 07:37:03 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll  [687600]
O44 - LFC:[MD5.62BC16D94E8FD4751CF9A5A12AFC6163] - 01/08/2012 - 07:37:03 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe  [174064]
O44 - LFC:[MD5.892A789EB58FCEA322E86B239D641668] - 01/08/2012 - 07:37:03 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe  [174064]
O44 - LFC:[MD5.4BF5DC55B3E48D974E50C7BB82BEFDF3] - 01/08/2012 - 07:37:03 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npdeployJava1.dll  [772592]
O44 - LFC:[MD5.852BC11C23B7104443FC74EC7AD79158] - 27/07/2012 - 15:53:36 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe  [426184]
O44 - LFC:[MD5.A9D264526FBA70238969FF29AE3723EF] - 27/07/2012 - 15:53:35 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl  [70344]
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 22/07/2012 - 17:51:18 ---A- . (...) -- C:\Windows\system.ini  [215]
O44 - LFC:[MD5.586E272C56EB309B11CEC2A478DCA929] - 22/07/2012 - 17:16:00 ---A- . (...) -- C:\Windows\ntbtlog.txt  [735872]
O44 - LFC:[MD5.CAF1EA92E28801AAB5BDCA8A7668B91F] - 13/07/2012 - 17:26:47 ---A- . (...) -- C:\Windows\KB893803v2.log  [744]
O44 - LFC:[MD5.882056B5BD15C03807D9F88C724BC656] - 05/07/2012 - 22:27:16 ---A- . (...) -- C:\Windows\System32\DATA.INI  [20]
O44 - LFC:[MD5.6DFE7F2E8E8A337263AA5C92A215F161] - 03/07/2012 - 12:46:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys  [22344]
~ Scan Files in 00mn 04s



---\\ Contrôle du Safe Boot (CSB) (O49) (None)

---\\ MountPoints2 Shell Key (O51) (None)

---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys  [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS  [9029]
~ Scan Drivers in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68) (None)

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83) (None)

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.34A6118F41E66B678AA7A951FBCE7403] [SPRF][31/07/2012] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Bruno\AppData\Local\Temp\drm_dyndata_7410004.dll  [208896]
[MD5.2D2894581D355D5F44EAE38898A66846] [SPRF][01/01/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Bruno\AppData\Local\Temp\tbVuz2.dll  [4398888]
~ Scan Files in 00mn 00s



End of the scan (501 lines in 00mn 50s)(0)

# AdwCleaner v1.703 - Rapport créé le 01/08/2012 à 11:39:39
# Mis à jour le 20/07/2012 par Xplode
# Système d'exploitation : Windows 7 Ultimate  (32 bits)
# Nom d'utilisateur : Bruno - BRUNO-PC
# Exécuté depuis : C:\Users\Bruno\Downloads\adwcleaner.exe
# Option [Recherche]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Windows\system32\prncnfgd

***** [Registre] *****

Clé Présente : HKLM\SOFTWARE\DT Soft

***** [Registre - GUID] *****


***** [Navigateurs] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v14.0.1 (fr)

Nom du profil : default
Fichier : C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\18z9g9da.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R4].txt - [1071 octets] - [01/08/2012 11:39:39]

########## EOF - C:\AdwCleaner[R4].txt - [1199 octets] ##########