Results 1 to 5 of 5
  1. #1
    Member
    Join Date
    Nov 2013
    Posts
    3
    Points
    0

    Default Very slow computer and can't install a windows update.

    Hello,
    I can't install windows update for 7 (KB2868626) error 80070005.
    After that I did a scan by Hijackthis :

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 13:27:27, on 20/11/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16736)

    FIREFOX: 25.0.1 (fr)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe
    C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\ASUS\AI Suite II\AI Suite II.exe
    C:\Users\Salon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    C:\Program Files\Comodo\COMODO Internet Security\cis.exe
    C:\Windows\system32\wuauclt.exe
    F:\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Salon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll
    O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: AMD FUEL Service - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe
    O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe
    O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: CyberLink Product - 2012/09/15 20:49:27 (CLKMSVC10_E92D8507) - CyberLink - C:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
    O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 21746 bytes

    But Malwarebytes log is :
    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Version de la base de données: v2013.11.20.09

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 10.0.9200.16736
    Salon :: SALON-PC [administrateur]

    20/11/2013 16:43:19
    mbam-log-2013-11-20 (16-43-19).txt

    Type d'examen: Examen complet (C:\|E:\|F:\|)
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 437968
    Temps écoulé: 1 heure(s), 20 minute(s), 51 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)

    And Superantispyware log is :
    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 11/21/2013 at 07:46 PM

    Application Version : 5.6.1042

    Core Rules Database Version : 10898
    Trace Rules Database Version: 8710

    Scan type : Complete Scan
    Total Scan Time : 01:05:43

    Operating System Information
    Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 750
    Memory threats detected : 0
    Registry items scanned : 39463
    Registry threats detected : 0
    File items scanned : 84592
    File threats detected : 0


    Thanks for help!

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hi ced2vo,

    Please post an OTL Log. Someone will be with you soon. Post both logs created OTL.txt and Exrta's .txt

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

    Thanks
    Joe

  3. #3
    Member
    Join Date
    Nov 2013
    Posts
    3
    Points
    0

    Default

    Hi zep516,
    Thanks for help!
    The content of OTL.Txt is :

    OTL logfile created on: 22/11/2013 09:56:13 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = F:\Downloads
    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16736)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,96 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,99% Memory free
    5,92 Gb Paging File | 4,60 Gb Available in Paging File | 77,61% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 97,56 Gb Total Space | 24,15 Gb Free Space | 24,75% Space Free | Partition Type: NTFS
    Drive E: | 135,23 Gb Total Space | 43,85 Gb Free Space | 32,43% Space Free | Partition Type: NTFS
    Drive F: | 931,51 Gb Total Space | 801,77 Gb Free Space | 86,07% Space Free | Partition Type: NTFS

    Computer Name: SALON-PC | User Name: Salon | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/11/19 20:01:12 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/11/19 20:01:12 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/11/16 01:43:06 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Users\Salon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    PRC - [2013/11/14 16:20:07 | 007,022,808 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cis.exe
    PRC - [2013/11/11 15:58:47 | 001,576,152 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
    PRC - [2013/11/05 18:56:23 | 005,717,272 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    PRC - [2013/10/20 02:23:22 | 004,832,192 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    PRC - [2013/10/10 23:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2013/09/24 11:53:25 | 001,857,752 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    PRC - [2013/08/30 23:58:20 | 000,480,256 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2013/08/30 23:57:40 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2013/08/30 19:45:18 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    PRC - [2013/04/17 10:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files\Common Files\COMODO\launcher_service.exe
    PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2012/10/05 21:57:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Downloads\OTL.exe
    PRC - [2011/06/13 15:36:54 | 000,922,240 | ---- | M] () -- C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe
    PRC - [2011/05/31 08:42:06 | 000,173,672 | ---- | M] (DTS) -- C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe
    PRC - [2011/05/24 19:54:46 | 001,426,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AI Suite II\AI Suite II.exe
    PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/12/02 09:15:14 | 000,915,584 | ---- | M] () -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe
    PRC - [2010/11/26 20:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe
    PRC - [2010/10/21 16:52:26 | 000,586,880 | ---- | M] () -- C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    PRC - [2010/09/24 20:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    PRC - [2010/07/06 09:07:24 | 000,188,416 | ---- | M] (Canal+ Active) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
    PRC - [2007/01/11 12:26:56 | 000,063,112 | ---- | M] (CANON INC.) -- C:\Windows\System32\CNAB4RPK.EXE


    ========== Modules (No Company Name) ==========

    MOD - [2013/11/19 20:01:13 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
    MOD - [2013/08/07 20:25:24 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
    MOD - [2011/05/20 08:12:18 | 000,881,152 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Sensor\Sensor.dll
    MOD - [2011/05/16 16:35:56 | 000,965,632 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\BarGadget\BarGadget.dll
    MOD - [2011/04/07 16:33:18 | 001,607,168 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
    MOD - [2011/03/09 13:55:24 | 001,036,800 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\ASUS Update\Update.dll
    MOD - [2011/02/24 09:19:36 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\AssistFunc.dll
    MOD - [2011/01/07 15:39:36 | 001,246,208 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Settings\Settings.dll
    MOD - [2010/08/23 09:17:40 | 000,662,016 | ---- | M] () -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMLib.dll
    MOD - [2010/08/06 17:13:48 | 000,886,272 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\TabGadget\TabGadget.dll
    MOD - [2010/08/06 17:11:20 | 000,850,944 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Splitter\Splitter.dll
    MOD - [2010/06/21 14:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
    MOD - [2010/06/21 14:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\ImageHelper.dll
    MOD - [2009/08/12 19:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\pngio.dll


    ========== Services (SafeList) ==========

    SRV - [2013/11/19 20:01:12 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2013/11/15 21:42:27 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/10/20 02:23:22 | 004,832,192 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
    SRV - [2013/10/10 23:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2013/09/24 11:53:27 | 000,131,288 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
    SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/08/30 23:57:40 | 000,209,408 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2013/08/30 19:45:18 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
    SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2013/04/17 12:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
    SRV - [2013/04/17 10:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
    SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [On_Demand | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2012/05/06 08:36:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2011/06/13 15:36:54 | 000,922,240 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
    SRV - [2011/05/31 08:42:06 | 000,173,672 | ---- | M] (DTS) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe -- (DTSAudioService)
    SRV - [2010/12/02 09:15:14 | 000,915,584 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
    SRV - [2010/11/23 16:33:22 | 000,240,112 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_E92D8507)
    SRV - [2010/10/21 16:52:26 | 000,586,880 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
    SRV - [2010/07/06 09:07:24 | 000,188,416 | ---- | M] (Canal+ Active) [Auto | Running] -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD)
    SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
    SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\cvkyaev.sys -- (auvyrn)
    DRV - [2013/11/19 20:01:50 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
    DRV - [2013/11/19 20:01:13 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2013/11/19 20:01:13 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2013/11/19 20:01:13 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
    DRV - [2013/11/19 20:01:13 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2013/11/19 20:01:13 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2013/11/19 20:01:13 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2013/11/19 20:01:13 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2013/11/14 12:38:16 | 000,582,936 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
    DRV - [2013/10/10 18:35:11 | 000,595,552 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
    DRV - [2013/10/10 18:35:11 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
    DRV - [2013/10/10 18:35:11 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
    DRV - [2013/10/10 18:35:11 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
    DRV - [2013/09/24 11:54:09 | 000,085,464 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
    DRV - [2013/09/24 11:54:08 | 000,044,752 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
    DRV - [2013/09/24 11:54:07 | 000,020,072 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
    DRV - [2013/08/31 01:09:30 | 010,925,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2013/08/31 01:09:30 | 010,925,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
    DRV - [2013/08/30 23:31:20 | 000,495,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2013/07/05 09:40:32 | 000,078,848 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
    DRV - [2013/06/22 18:06:12 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
    DRV - [2013/06/19 09:30:37 | 000,044,000 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
    DRV - [2013/04/24 07:35:07 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
    DRV - [2012/12/13 21:45:17 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
    DRV - [2012/11/20 13:55:44 | 000,048,808 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys -- (AODDriver4.2)
    DRV - [2012/09/03 08:20:00 | 000,035,064 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD)
    DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV - [2012/08/23 15:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV - [2012/08/23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2012/08/02 14:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
    DRV - [2012/06/29 19:39:02 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vncmirror.sys -- (vncmirror)
    DRV - [2012/06/03 19:52:26 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbvoice.sys -- (ZTEusbvoice)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
    DRV - [2011/08/02 15:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
    DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
    DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/03/04 06:46:18 | 000,032,896 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
    DRV - [2011/03/04 06:46:16 | 000,065,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
    DRV - [2011/02/24 09:30:52 | 000,308,200 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)
    DRV - [2011/02/24 09:30:52 | 000,100,328 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)
    DRV - [2010/12/16 05:06:46 | 000,037,504 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
    DRV - [2010/11/25 04:27:32 | 000,103,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
    DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/08/24 14:31:08 | 000,011,456 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
    DRV - [2010/08/03 12:20:56 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
    DRV - [2010/07/15 17:12:30 | 000,163,880 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\CLBUDF.sys -- (CLBUDF)
    DRV - [2010/07/15 17:12:30 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\CLBStor.sys -- (CLBStor)
    DRV - [2009/10/07 09:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
    DRV - [2009/10/07 09:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
    DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
    DRV - [2009/05/14 07:46:10 | 000,011,808 | ---- | M] (Laplink Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\llrcm.sys -- (llrcmir)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 82 68 14 A2 4C 2D CD 01 [binary data]
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
    FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
    FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
    FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0: C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\npcpvod.dll (Canal+ Active)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL ()
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/19 20:01:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 21:42:24 | 000,000,000 | ---D | M]

    [2012/05/05 14:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\Extensions
    [2013/11/16 11:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\Firefox\Profiles\rpe8tzwl.default-1369144509172\extensions
    [2013/09/04 15:21:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Salon\AppData\Roaming\mozilla\Firefox\Profiles\rpe8tzwl.default-1369144509172\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2013/11/16 11:20:16 | 000,523,651 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\PrivDog@AdTrustMedia.com.xpi
    [2013/09/10 15:37:30 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
    [2013/10/10 22:13:44 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2013/11/03 10:10:25 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
    [2013/11/15 21:42:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    [2013/11/15 21:42:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2013/11/15 21:42:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
    [2013/11/15 21:42:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/11/19 20:01:16 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

    O1 HOSTS File: ([2013/11/06 17:26:07 | 000,449,817 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 00hq.com mobile
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 Gadgets And More
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 123fporn.info
    O1 - Hosts: 15467 more lines...
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll (AdTrustMedia)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
    O4 - HKLM..\Run: [Tau Monitor] C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe (Agnitum Ltd.)
    O4 - HKU\S-1-5-21-2636033085-763419413-3343590746-1000..\Run: [Spotify Web Helper] C:\Users\Salon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O4 - HKU\S-1-5-21-2636033085-763419413-3343590746-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll (AdTrustMedia)
    O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7653243D-A880-457E-9912-5C292C1191E0}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E53AC47A-043C-4592-BCFF-DEE3B8A8BF08}: DhcpNameServer = 172.20.2.39 172.20.2.10
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.DLL) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 0
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{12add18c-ad9f-11e1-9bf5-c86000861d9e}\Shell - "" = AutoRun
    O33 - MountPoints2\{12add18c-ad9f-11e1-9bf5-c86000861d9e}\Shell\AutoRun\command - "" = G:\wubi.exe
    O33 - MountPoints2\{2ac2c5f7-ec4e-11e2-b831-c86000861d9e}\Shell - "" = AutoRun
    O33 - MountPoints2\{2ac2c5f7-ec4e-11e2-b831-c86000861d9e}\Shell\AutoRun\command - "" = H:\unlock.exe autoplay=true
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/11/21 20:22:43 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Agnitum
    [2013/11/21 20:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agnitum
    [2013/11/21 20:22:39 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001
    [2013/11/21 20:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum
    [2013/11/21 20:22:38 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
    [2013/11/19 21:07:23 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\SUPERAntiSpyware.com
    [2013/11/19 21:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2013/11/19 21:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2013/11/19 21:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2013/11/19 20:02:32 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\AVAST Software
    [2013/11/19 20:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    [2013/11/19 20:01:19 | 000,774,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/11/19 20:01:19 | 000,403,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
    [2013/11/19 20:01:19 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/11/19 20:01:18 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
    [2013/11/19 20:01:18 | 000,070,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/11/19 20:01:18 | 000,035,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/11/19 20:01:17 | 000,269,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/11/19 20:01:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/11/19 20:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2013/11/19 20:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
    [2013/11/16 11:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\AdTrustMedia
    [2013/11/16 11:17:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Adtrustmedia
    [2013/11/15 21:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2013/11/15 16:43:08 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2013/11/15 16:43:07 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2013/11/15 16:43:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2013/11/15 16:43:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/11/15 16:43:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2013/11/15 16:43:05 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2013/11/15 16:43:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2013/11/15 16:43:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2013/11/15 16:43:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2013/11/15 16:43:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2013/11/15 11:24:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
    [2013/11/15 11:24:18 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
    [2013/11/15 11:23:59 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
    [2013/11/15 11:23:59 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
    [2013/11/11 16:22:36 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2013/11/11 16:22:36 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2013/11/11 16:22:36 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
    [2013/11/11 16:22:35 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
    [2013/11/11 16:22:19 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
    [2013/11/08 14:50:39 | 000,000,000 | ---D | C] -- C:\Users\Salon\Documents\Backup
    [2013/11/08 14:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTwin
    [2013/11/08 13:34:38 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
    [2013/11/08 13:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
    [2013/11/08 13:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
    [2013/11/08 13:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/11/08 13:28:57 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2013/11/08 13:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2013/11/08 12:56:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
    [2013/11/06 17:33:09 | 000,000,000 | ---D | C] -- C:\Users\Salon\Documents\Fichiers Outlook
    [2013/11/06 14:57:56 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Local\Wide_Angle_Software_Ltd
    [2013/11/06 14:57:56 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Local\Wide Angle Software
    [2013/11/06 10:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2013/11/06 10:25:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2013/11/06 10:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2013/11/06 10:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/11/06 08:14:14 | 000,000,000 | -HSD | C] -- C:\found.005
    [2013/11/05 11:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
    [2013/11/05 11:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
    [2013/11/05 11:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
    [2013/11/05 11:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
    [2013/11/05 11:02:43 | 000,000,000 | ---D | C] -- C:\AMD
    [2013/11/03 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Salon\Desktop\Chorale
    [2013/11/03 12:03:54 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.0

    ========== Files - Modified Within 30 Days ==========

    [2013/11/22 09:58:06 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/11/22 09:58:06 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/11/22 09:52:52 | 000,000,619 | ---- | M] () -- C:\Windows\Taumon.INI
    [2013/11/22 09:50:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/11/22 09:50:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
    [2013/11/22 09:50:00 | 2385,518,592 | -HS- | M] () -- C:\hiberfil.sys
    [2013/11/21 21:07:05 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task e7b86752-d23c-47fb-b876-aa0adef2c46d.job
    [2013/11/20 02:00:04 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 83993610-a224-4fce-af27-7b2132436d3e.job
    [2013/11/19 21:06:39 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2013/11/19 20:17:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2013/11/19 20:17:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2013/11/19 20:12:24 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/11/19 20:01:55 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2013/11/19 20:01:50 | 000,403,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
    [2013/11/19 20:01:13 | 000,774,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/11/19 20:01:13 | 000,269,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/11/19 20:01:13 | 000,178,304 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/11/19 20:01:13 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
    [2013/11/19 20:01:13 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/11/19 20:01:13 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/11/19 20:01:13 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/11/19 20:01:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/11/19 20:01:13 | 000,035,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/11/19 08:11:01 | 000,019,204 | ---- | M] () -- C:\Users\Salon\Documents\CMLF_Feuille_de_style_avec_nom_auteur.ott
    [2013/11/16 11:15:18 | 000,001,838 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
    [2013/11/16 08:10:28 | 000,735,814 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2013/11/16 08:10:28 | 000,146,056 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2013/11/15 13:39:20 | 000,656,834 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/11/15 13:39:20 | 000,122,646 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/11/14 12:38:16 | 000,582,936 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
    [2013/11/14 12:38:01 | 000,036,000 | ---- | M] (COMODO) -- C:\Windows\System32\cmdcsr.dll
    [2013/11/12 15:32:59 | 000,000,134 | ---- | M] () -- C:\Users\Salon\Desktop\Internet Explorer - résolution de problèmes.url
    [2013/11/12 15:07:33 | 000,000,134 | ---- | M] () -- C:\Users\Salon\Desktop\Internet Explorer Troubleshooting.url
    [2013/11/12 15:05:56 | 000,049,292 | ---- | M] () -- C:\Users\Salon\Documents\Lecon - le verbe.pdf
    [2013/11/08 13:34:39 | 000,000,989 | ---- | M] () -- C:\Users\Salon\Desktop\WinDirStat.lnk
    [2013/11/08 13:28:59 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/11/08 13:04:29 | 000,000,079 | ---- | M] () -- C:\Windows\wininit.ini
    [2013/11/07 18:41:23 | 000,500,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2013/11/06 17:26:07 | 000,449,817 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2013/11/06 10:25:41 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2013/11/05 10:28:42 | 000,000,873 | ---- | M] () -- C:\Users\Salon\AppData\Local\recently-used.xbel
    [2013/11/03 12:03:54 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 4.0.lnk
    [2013/10/28 22:36:33 | 000,000,851 | ---- | M] () -- C:\Users\Salon\Desktop\µTorrent.lnk
    [2013/10/28 22:36:33 | 000,000,831 | ---- | M] () -- C:\Users\Salon\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

    ========== Files Created - No Company Name ==========

    [2013/11/22 09:52:52 | 000,000,619 | ---- | C] () -- C:\Windows\Taumon.INI
    [2013/11/19 21:07:34 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task e7b86752-d23c-47fb-b876-aa0adef2c46d.job
    [2013/11/19 21:07:34 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 83993610-a224-4fce-af27-7b2132436d3e.job
    [2013/11/19 21:06:39 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2013/11/19 20:01:55 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2013/11/19 20:01:19 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/11/19 20:01:19 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/11/19 08:10:59 | 000,019,204 | ---- | C] () -- C:\Users\Salon\Documents\CMLF_Feuille_de_style_avec_nom_auteur.ott
    [2013/11/12 15:32:59 | 000,000,134 | ---- | C] () -- C:\Users\Salon\Desktop\Internet Explorer - résolution de problèmes.url
    [2013/11/12 15:07:33 | 000,000,134 | ---- | C] () -- C:\Users\Salon\Desktop\Internet Explorer Troubleshooting.url
    [2013/11/12 15:05:54 | 000,049,292 | ---- | C] () -- C:\Users\Salon\Documents\Lecon - le verbe.pdf
    [2013/11/08 13:34:39 | 000,000,989 | ---- | C] () -- C:\Users\Salon\Desktop\WinDirStat.lnk
    [2013/11/08 13:28:59 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/11/05 10:28:42 | 000,000,873 | ---- | C] () -- C:\Users\Salon\AppData\Local\recently-used.xbel
    [2013/10/28 22:36:33 | 000,000,851 | ---- | C] () -- C:\Users\Salon\Desktop\µTorrent.lnk
    [2013/10/28 22:36:33 | 000,000,831 | ---- | C] () -- C:\Users\Salon\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2013/09/04 12:52:55 | 000,216,064 | ---- | C] () -- C:\Windows\System32\gcapi_dll.dll
    [2013/08/31 00:47:56 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe
    [2013/08/30 19:53:48 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
    [2013/08/27 20:06:16 | 000,233,652 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
    [2013/08/27 18:27:56 | 000,082,336 | ---- | C] () -- C:\Windows\System32\ativce02.dat
    [2013/08/07 18:22:00 | 000,716,208 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2013/08/07 16:12:12 | 000,231,984 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
    [2013/06/18 15:00:18 | 000,000,109 | ---- | C] () -- C:\Windows\System32\fgbs81.sys
    [2013/06/14 14:45:26 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
    [2013/05/02 19:31:40 | 000,002,017 | ---- | C] () -- C:\Windows\KillSwitch.INI
    [2013/04/24 08:47:36 | 000,002,890 | ---- | C] () -- C:\Windows\System32\drivers\fvstore.dat
    [2013/04/18 18:03:18 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
    [2013/04/18 18:03:18 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
    [2013/04/18 18:03:17 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2013/03/29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
    [2013/03/29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
    [2013/02/28 08:18:33 | 000,869,376 | ---- | C] () -- C:\Windows\is-ABQE6.exe
    [2013/02/28 08:15:47 | 000,321,675 | ---- | C] () -- C:\Users\Salon\AppData\Local\census.cache
    [2013/02/28 08:15:23 | 000,163,234 | ---- | C] () -- C:\Users\Salon\AppData\Local\ars.cache
    [2013/02/28 08:03:08 | 000,000,036 | ---- | C] () -- C:\Users\Salon\AppData\Local\housecall.guid.cache
    [2013/02/22 18:17:17 | 000,000,179 | ---- | C] () -- C:\Windows\disney.ini
    [2013/02/22 18:17:14 | 000,000,201 | ---- | C] () -- C:\Windows\disneysy.ini
    [2013/02/19 10:15:10 | 000,000,042 | ---- | C] () -- C:\Users\Salon\.gtk-bookmarks
    [2013/01/25 14:06:03 | 000,000,287 | ---- | C] () -- C:\Users\Salon\AppData\Local\VersionChecker_15.xml
    [2012/11/16 14:01:46 | 000,108,146 | ---- | C] () -- C:\Users\Salon\BonCommande.pdf
    [2012/11/16 11:38:53 | 000,007,597 | ---- | C] () -- C:\Users\Salon\AppData\Local\resmon.resmoncfg
    [2012/10/06 16:50:16 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
    [2012/09/25 12:49:22 | 000,280,869 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
    [2012/09/25 12:28:57 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
    [2012/09/07 14:48:47 | 002,539,008 | ---- | C] () -- C:\Windows\PE_File.dll
    [2012/09/07 13:46:56 | 002,473,472 | ---- | C] () -- C:\Windows\PE_Rom.dll
    [2012/09/07 13:42:45 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
    [2012/09/07 13:41:08 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
    [2012/09/07 13:41:08 | 000,011,456 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
    [2012/09/07 13:41:08 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
    [2012/05/06 08:58:09 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
    [2012/05/05 19:36:31 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2012/05/05 19:36:28 | 000,023,964 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2012/05/05 17:07:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

    ========== ZeroAccess Check ==========

    [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

    < End of report >

    The content of Extras.Txt is :
    OTL Extras logfile created on: 22/11/2013 09:56:13 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = F:\Downloads
    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16736)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,96 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,99% Memory free
    5,92 Gb Paging File | 4,60 Gb Available in Paging File | 77,61% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 97,56 Gb Total Space | 24,15 Gb Free Space | 24,75% Space Free | Partition Type: NTFS
    Drive E: | 135,23 Gb Total Space | 43,85 Gb Free Space | 32,43% Space Free | Partition Type: NTFS
    Drive F: | 931,51 Gb Total Space | 801,77 Gb Free Space | 86,07% Space Free | Partition Type: NTFS

    Computer Name: SALON-PC | User Name: Salon | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{046DC5E4-C4EA-4F91-B631-2333473AF3FB}" = lport=137 | protocol=17 | dir=in | app=system |
    "{213F870C-71B9-4AF7-98E0-F8114C69F2CD}" = rport=139 | protocol=6 | dir=out | app=system |
    "{3C720388-22FD-4DD0-B45B-7F579531876D}" = lport=445 | protocol=6 | dir=in | app=system |
    "{3F1A3140-3562-4B52-B80F-2BFB9351A6C8}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
    "{512B5168-2DE5-4A74-82E1-EA5E04683E79}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
    "{6F12ED28-CA05-4313-AEC2-C72C0E93C80F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{7450C811-F328-41BC-922B-F41373E0D8E1}" = lport=139 | protocol=6 | dir=in | app=system |
    "{8F392510-3FA7-486E-BAFA-6F6554992CB8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{97A4978B-8314-42E9-91C1-33506CDB770A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{9BA926D3-B679-4088-A7B1-DB67B46FD448}" = rport=138 | protocol=17 | dir=out | app=system |
    "{A0D0E8AB-288C-447C-BDC7-9FD571F8C1B9}" = rport=137 | protocol=17 | dir=out | app=system |
    "{ACB11270-1671-4FC8-9E00-F6CE5A0B586E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{DBB54041-0F47-426D-B6FF-C3BA6CDE721A}" = rport=445 | protocol=6 | dir=out | app=system |
    "{E6FBB040-2A30-48E6-B256-B2FA670ADACB}" = lport=138 | protocol=17 | dir=in | app=system |
    "{EF428AB0-4ED6-4AF1-9340-BD20A5892D41}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
    "{F7929071-9121-4C7D-8201-0F888D3DCE63}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{FFCEB1E3-C366-496F-90AD-FCE4F7E2375C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{03888AE1-DC0E-40C9-9513-474715737D6C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
    "{0447E0A2-51C1-4CE9-9C19-8C1F5CB621DC}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
    "{090F8990-B27E-42A4-8F70-E979CA5DF706}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
    "{11BB2B30-BE54-46D8-BE9B-9F33E13B8B4C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{12BC504A-7538-4B07-8B8E-A02B35CBD273}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
    "{1E98B2BF-45B9-476D-9712-C982C7637D8F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{23F88985-8488-4D23-93C3-0F8C51B4AF98}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
    "{2D15DE7B-D83B-44E4-B197-06871A0486B9}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{4A112196-3EA0-439A-9476-0C8C0FEB409B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{57B83C0E-4DE9-47B1-B213-A5B65CE00F5C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{688DE0F6-4005-4A6C-9C78-81966E00B6F1}" = protocol=17 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
    "{956D3451-696F-4ABC-B11E-F467A05CEE6D}" = protocol=6 | dir=in | app=c:\users\salon\appdata\roaming\utorrent\utorrent.exe |
    "{9E8B3A2C-4BB6-4E19-90B1-8A2C85A39A9D}" = protocol=6 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{A081B467-8F73-4EFB-9898-ED0980D6AC9F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{A1441BBB-E1A2-426F-AD41-EF5BDB1E206F}" = protocol=6 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
    "{A5EA180A-0434-4DD6-91FB-2FB6CB28BEAE}" = protocol=17 | dir=in | app=c:\users\salon\appdata\roaming\utorrent\utorrent.exe |
    "{A985A3BC-6F38-4DDA-AF83-DE86AF844C74}" = protocol=6 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{CBAEE902-F3CD-4891-A818-0041F3892B59}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
    "{CC186A97-C14C-4E67-955B-06B78BD078E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{D41A4F95-752E-465B-8D94-1EE9C118C503}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{DAC677E1-BE34-4249-BC8B-4B3BEC168928}" = protocol=17 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{DDA59A7F-A41C-4030-96AF-FA5B0817B2ED}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{DE6F96D8-4AE6-49C0-95DB-E4FFD8BCCED3}" = protocol=17 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{E364C798-060B-4D17-80E8-2F85BC08B7A7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{EC02F79D-8F00-4955-9F53-7CCF9562E1C7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{F5A14B02-0559-4729-A28E-A8CB89F6F8C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{FB00F947-01FF-4A03-B2AC-0AB4A1F0FF21}" = protocol=58 | dir=in | app=system |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
    "{00280C97-E028-4563-8435-2BCA2786D03F}" = SketchUp 8
    "{04DA096D-6236-4A5D-8FB6-3081E67009BA}" = CANAL+ CANALSAT A LA DEMANDE
    "{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{07B98CCD-72B4-7F02-F9C1-B0410BA81580}" = CCC Help Norwegian
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D66D9EB-2DAE-599C-92D0-E2E6CCAA0666}" = CCC Help Japanese
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{132EAB86-BB6E-3975-68C1-F2D4D364CDC5}" = AMD Accelerated Video Transcoding
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
    "{1CA07BFA-8F7C-80CA-0A69-EAA93C7C7744}" = CCC Help Chinese Traditional
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
    "{239D758B-F854-D61D-AC4E-1AAA9654426F}" = CCC Help French
    "{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
    "{281D28EC-1357-4778-B2D7-DEA56D70EF96}" = Logitech High Quality Video
    "{2B2782F8-929D-AE80-1297-488D7590D208}" = CCC Help Portuguese
    "{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
    "{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
    "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
    "{31DF9E67-DA8A-5C06-BBAD-3B3BCB5B2304}" = CCC Help Polish
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
    "{38350E9E-D50E-454A-BAFC-58BBDDBE08C4}" = AxCrypt 1.7.2976.0
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
    "{488E9FD9-7C30-4120-8790-410F46F13CD6}" = ASUS Sync
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4B89B115-0D42-6FBD-CE6C-45CA37BEBDD1}" = AMD Fuel
    "{4D3BF70D-19A9-F87B-7B8B-8BADDFF9C8A5}" = CCC Help Finnish
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
    "{51853D9B-0D96-7A31-88D7-8520B50373F0}" = CCC Help Italian
    "{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
    "{580B86B2-0E0F-996C-0045-38D0B681B16E}" = CCC Help Danish
    "{5B9C9486-4287-4621-8F9D-EC3EE622A82F}" = LibreOffice 4.0.5.2
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{7056155C-38E3-EDCC-F498-47DA57ADA1F0}" = AMD Catalyst Install Manager
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{731E4875-0F23-6005-7E18-C8FA23C8515A}" = AMD Drag and Drop Transcoding
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{8624569E-94AE-EF90-92E2-6AD8E5A617ED}" = AMD Catalyst Control Center
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A6F6649-5244-9C2E-80CD-AD49603321AF}" = CCC Help German
    "{8BF66753-6750-D41C-43EB-F64C54A8E80D}" = CCC Help Chinese Standard
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8EA39464-1316-0125-7FD8-E74B49ADB429}" = CCC Help Turkish
    "{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
    "{90140000-0015-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
    "{90140000-0016-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
    "{90140000-0018-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
    "{90140000-0019-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
    "{90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
    "{90140000-001B-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
    "{90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUSR_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
    "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
    "{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
    "{90140000-002C-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010
    "{90140000-0044-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
    "{90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
    "{90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010
    "{90140000-00BA-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90D2DF70-F0E8-2CA3-F3B9-DD7CE267BB19}" = Catalyst Control Center Graphics Previews Common
    "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9785513D-0335-E199-3AC0-74DF83246F20}" = CCC Help Czech
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D959FE5-9C6C-D82D-D208-0B7FBBC0C772}" = ccc-utility
    "{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
    "{A049FD86-61DA-E6DB-2602-0065CB7D4414}" = CCC Help Greek
    "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
    "{A47642B2-4CB5-4325-8093-C88D4747953F}" = GeekBuddy
    "{A7B4D968-7FB7-2CD3-9792-5ACCAECAC72E}" = CCC Help Korean
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
    "{B05FBD47-2A22-2259-E65C-A2D3FB647A6A}" = CCC Help Russian
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B328A1B9-D169-FBA9-F4AF-806E0046F89A}" = CCC Help Spanish
    "{B5BE22C7-420A-5F14-A1B9-4AB3F3DE0A3E}" = Catalyst Control Center InstallProxy
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "{B9EF9C0B-0428-1743-BF3A-9CC890CA5C91}" = Vectorworks 2010 Help
    "{BCC0552D-76C0-4130-BFBD-49BE49ACC594}" = COMODO Internet Security
    "{BE73543D-E7A0-01D8-7866-C05693BB6BBE}" = CCC Help English
    "{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
    "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
    "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D9E34320-D91C-E961-D902-B60788EAA26E}" = CCC Help Hungarian
    "{DF4CBDE3-8789-A589-46F2-7F5B78092D5F}" = CCC Help Swedish
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EC2D4C8B-D8BF-7E06-C094-26B4CE84BF8C}" = CCC Help Dutch
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F6AEADC0-6B97-430E-B78A-C1D633A6528D}" = ASUS Android USB Drivers
    "{FB474A6C-CB62-AA42-A618-2EA58F0F2504}" = Catalyst Control Center Localization All
    "{FD244C27-2EB7-C17B-5BFA-CC8659CBF29C}" = AMD Media Foundation Decoders
    "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
    "{FFB3193B-D922-DD38-B218-EB86DD3F3FAD}" = CCC Help Thai
    "7-Zip" = 7-Zip 9.20
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Agnitum Tauscan 1.7" = Agnitum Tauscan 1.7
    "Avast" = avast! Free Antivirus
    "Canon LBP2900" = Canon LBP2900
    "Comodo Dragon" = Comodo Dragon
    "DAEMON Tools Lite" = DAEMON Tools Lite
    "Déclic" = Déclic
    "Directory Lister_is1" = Directory Lister v0.9
    "FileZilla Client" = FileZilla Client 3.7.3
    "Foxit Reader_is1" = Foxit Reader
    "FreePack" = FreePack
    "GIMP-2_is1" = GIMP 2.8.4
    "HijackThis" = HijackThis 2.0.2
    "ImgBurn" = ImgBurn
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
    "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
    "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
    "LinuxLive USB Creator" = LinuxLive USB Creator
    "lvdrivers_12.10" = Coffret de pilotes Logitech Webcam Software
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 25.0.1 (x86 fr)" = Mozilla Firefox 25.0.1 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "net.nemetschek.vectorworks.2010.help.eng.CC16605A57FA88F0CED2B1A19E704F482AB2B1EB.1" = Vectorworks 2010 Help
    "Office14.PROPLUSR" = Microsoft Office Professionnel Plus 2010
    "PrivDog" = PrivDog
    "SumatraPDF" = SumatraPDF
    "SyncBack_is1" = SyncBack
    "Totalcmd" = Total Commander (Remove or Repair)
    "TrueCrypt" = TrueCrypt
    "VLC media player" = VLC media player 2.1.1
    "WinLiveSuite" = Windows Live

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Spotify" = Spotify
    "uTorrent" = µTorrent
    "WinDirStat" = WinDirStat 1.1.2

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 18/09/2013 05:58:47 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 18/09/2013 05:58:48 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 20/09/2013 02:24:55 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*C:\Program Files\ASUS\ASUS
    Sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 02:28:28 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*c:\program files\ASUS\asus
    sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 11:40:08 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 20/09/2013 11:40:09 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 20/09/2013 20:07:51 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*C:\Program Files\ASUS\ASUS
    Sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 20:11:31 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*c:\program files\ASUS\asus
    sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 20:47:05 | Computer Name = Salon-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante AsSysCtrlService.exe, version : 0.0.0.0,
    horodatage : 0x4cc00d4c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
    : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus
    défaillant : 0x894 Heure de début de l’application défaillante : 0x01ceb5c5ac979a5b
    Chemin
    d’accès de l’application défaillante : C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    Chemin
    d’accès du module défaillant: unknown ID de rapport : 55cdbd57-2257-11e3-8b32-c86000861d9e

    Error - 21/09/2013 06:29:55 | Computer Name = Salon-PC | Source = .NET Runtime | ID = 1023
    Description =

    Error - 21/09/2013 06:29:56 | Computer Name = Salon-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante plugin-container.exe, version : 24.0.0.5001,
    horodatage : 0x522fd228 Nom du module défaillant : coreclr.dll, version : 5.1.20513.0,
    horodatage : 0x519065ac Code d’exception : 0x8013150a Décalage d’erreur : 0x000475eb
    ID
    du processus défaillant : 0x5cc Heure de début de l’application défaillante : 0x01ceb6ad78828d58
    Chemin
    d’accès de l’application défaillante : C:\Program Files\Mozilla Firefox\plugin-container.exe
    Chemin
    d’accès du module défaillant: C:\Program Files\Microsoft Silverlight\5.1.20513.0\coreclr.dll
    ID
    de rapport : c20a340b-22a8-11e3-848c-c86000861d9e

    [ Canal+ Events ]
    Error - 18/11/2013 14:04:55 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:13:32 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:20:45 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:20:45 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:20:49 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:49:30 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 16:22:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 16:52:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 17:22:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 17:52:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    [ Media Center Events ]
    Error - 25/06/2013 06:47:42 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 12:47:42 - Erreur de connexion à Internet. 12:47:42 - Impossible
    de contacter le service..

    Error - 25/06/2013 12:59:38 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 18:59:38 - Erreur de connexion à Internet. 18:59:38 - Impossible
    de contacter le service..

    Error - 04/07/2013 15:20:30 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 21:20:30 - Erreur de connexion à Internet. 21:20:30 - Impossible
    de contacter le service..

    Error - 04/07/2013 15:21:21 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 21:21:18 - Erreur de connexion à Internet. 21:21:18 - Impossible
    de contacter le service..

    Error - 07/07/2013 09:13:20 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 15:13:20 - Erreur de connexion à Internet. 15:13:20 - Impossible
    de contacter le service..

    Error - 12/09/2013 12:31:47 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 18:31:47 - Échec de la récupération de Directory (Erreur : Impossible
    de se connecter au serveur distant)

    Error - 14/09/2013 06:57:37 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 12:57:34 - Erreur de connexion à Internet. 12:57:36 - Impossible
    de contacter le service..

    Error - 14/09/2013 06:58:10 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 12:58:06 - Erreur de connexion à Internet. 12:58:06 - Impossible
    de contacter le service..

    Error - 25/09/2013 04:13:56 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 10:13:56 - Erreur de connexion à Internet. 10:13:56 - Impossible
    de contacter le service..

    Error - 25/09/2013 04:18:08 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 10:18:02 - Erreur de connexion à Internet. 10:18:02 - Impossible
    de contacter le service..

    [ System Events ]
    Error - 20/11/2013 03:21:11 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 03:22:52 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 03:26:47 | Computer Name = Salon-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation*: l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070005*: Mise à jour de sécurité pour Windows 7 (KB2868626).

    Error - 20/11/2013 06:47:04 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:39:39 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:48:30 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:49:52 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:53:37 | Computer Name = Salon-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation*: l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070005*: Mise à jour de sécurité pour Windows 7 (KB2868626).

    Error - 21/11/2013 13:40:00 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 22/11/2013 04:50:54 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn


    < End of report >

    Thanks

  4. #4
    Member
    Join Date
    Nov 2013
    Posts
    3
    Points
    0

    Default

    Hi zep516,
    Thanks for help!
    The content of OTL.Txt is :

    OTL logfile created on: 22/11/2013 09:56:13 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = F:\Downloads
    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16736)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,96 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,99% Memory free
    5,92 Gb Paging File | 4,60 Gb Available in Paging File | 77,61% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 97,56 Gb Total Space | 24,15 Gb Free Space | 24,75% Space Free | Partition Type: NTFS
    Drive E: | 135,23 Gb Total Space | 43,85 Gb Free Space | 32,43% Space Free | Partition Type: NTFS
    Drive F: | 931,51 Gb Total Space | 801,77 Gb Free Space | 86,07% Space Free | Partition Type: NTFS

    Computer Name: SALON-PC | User Name: Salon | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/11/19 20:01:12 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/11/19 20:01:12 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/11/16 01:43:06 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Users\Salon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    PRC - [2013/11/14 16:20:07 | 007,022,808 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cis.exe
    PRC - [2013/11/11 15:58:47 | 001,576,152 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
    PRC - [2013/11/05 18:56:23 | 005,717,272 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    PRC - [2013/10/20 02:23:22 | 004,832,192 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    PRC - [2013/10/10 23:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2013/09/24 11:53:25 | 001,857,752 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    PRC - [2013/08/30 23:58:20 | 000,480,256 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2013/08/30 23:57:40 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2013/08/30 19:45:18 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    PRC - [2013/04/17 10:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files\Common Files\COMODO\launcher_service.exe
    PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2012/10/05 21:57:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Downloads\OTL.exe
    PRC - [2011/06/13 15:36:54 | 000,922,240 | ---- | M] () -- C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe
    PRC - [2011/05/31 08:42:06 | 000,173,672 | ---- | M] (DTS) -- C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe
    PRC - [2011/05/24 19:54:46 | 001,426,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AI Suite II\AI Suite II.exe
    PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/12/02 09:15:14 | 000,915,584 | ---- | M] () -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe
    PRC - [2010/11/26 20:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe
    PRC - [2010/10/21 16:52:26 | 000,586,880 | ---- | M] () -- C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    PRC - [2010/09/24 20:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
    PRC - [2010/07/06 09:07:24 | 000,188,416 | ---- | M] (Canal+ Active) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
    PRC - [2007/01/11 12:26:56 | 000,063,112 | ---- | M] (CANON INC.) -- C:\Windows\System32\CNAB4RPK.EXE


    ========== Modules (No Company Name) ==========

    MOD - [2013/11/19 20:01:13 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
    MOD - [2013/08/07 20:25:24 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
    MOD - [2011/05/20 08:12:18 | 000,881,152 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Sensor\Sensor.dll
    MOD - [2011/05/16 16:35:56 | 000,965,632 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\BarGadget\BarGadget.dll
    MOD - [2011/04/07 16:33:18 | 001,607,168 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
    MOD - [2011/03/09 13:55:24 | 001,036,800 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\ASUS Update\Update.dll
    MOD - [2011/02/24 09:19:36 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\AssistFunc.dll
    MOD - [2011/01/07 15:39:36 | 001,246,208 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Settings\Settings.dll
    MOD - [2010/08/23 09:17:40 | 000,662,016 | ---- | M] () -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMLib.dll
    MOD - [2010/08/06 17:13:48 | 000,886,272 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\TabGadget\TabGadget.dll
    MOD - [2010/08/06 17:11:20 | 000,850,944 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Splitter\Splitter.dll
    MOD - [2010/06/21 14:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
    MOD - [2010/06/21 14:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\ImageHelper.dll
    MOD - [2009/08/12 19:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files\ASUS\AI Suite II\pngio.dll


    ========== Services (SafeList) ==========

    SRV - [2013/11/19 20:01:12 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2013/11/15 21:42:27 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/10/20 02:23:22 | 004,832,192 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
    SRV - [2013/10/10 23:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2013/09/24 11:53:27 | 000,131,288 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
    SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/08/30 23:57:40 | 000,209,408 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2013/08/30 19:45:18 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
    SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2013/04/17 12:27:24 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
    SRV - [2013/04/17 10:57:08 | 000,070,344 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
    SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [On_Demand | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2012/05/06 08:36:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2011/06/13 15:36:54 | 000,922,240 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
    SRV - [2011/05/31 08:42:06 | 000,173,672 | ---- | M] (DTS) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe -- (DTSAudioService)
    SRV - [2010/12/02 09:15:14 | 000,915,584 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
    SRV - [2010/11/23 16:33:22 | 000,240,112 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_E92D8507)
    SRV - [2010/10/21 16:52:26 | 000,586,880 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
    SRV - [2010/07/06 09:07:24 | 000,188,416 | ---- | M] (Canal+ Active) [Auto | Running] -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD)
    SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
    SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\cvkyaev.sys -- (auvyrn)
    DRV - [2013/11/19 20:01:50 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
    DRV - [2013/11/19 20:01:13 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2013/11/19 20:01:13 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2013/11/19 20:01:13 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
    DRV - [2013/11/19 20:01:13 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2013/11/19 20:01:13 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2013/11/19 20:01:13 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2013/11/19 20:01:13 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2013/11/14 12:38:16 | 000,582,936 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
    DRV - [2013/10/10 18:35:11 | 000,595,552 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
    DRV - [2013/10/10 18:35:11 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
    DRV - [2013/10/10 18:35:11 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
    DRV - [2013/10/10 18:35:11 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
    DRV - [2013/09/24 11:54:09 | 000,085,464 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
    DRV - [2013/09/24 11:54:08 | 000,044,752 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
    DRV - [2013/09/24 11:54:07 | 000,020,072 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
    DRV - [2013/08/31 01:09:30 | 010,925,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2013/08/31 01:09:30 | 010,925,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
    DRV - [2013/08/30 23:31:20 | 000,495,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2013/07/05 09:40:32 | 000,078,848 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
    DRV - [2013/06/22 18:06:12 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
    DRV - [2013/06/19 09:30:37 | 000,044,000 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
    DRV - [2013/04/24 07:35:07 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
    DRV - [2012/12/13 21:45:17 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
    DRV - [2012/11/20 13:55:44 | 000,048,808 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys -- (AODDriver4.2)
    DRV - [2012/09/03 08:20:00 | 000,035,064 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD)
    DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV - [2012/08/23 15:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV - [2012/08/23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2012/08/02 14:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
    DRV - [2012/06/29 19:39:02 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vncmirror.sys -- (vncmirror)
    DRV - [2012/06/03 19:52:26 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbvoice.sys -- (ZTEusbvoice)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
    DRV - [2011/09/26 10:04:02 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
    DRV - [2011/08/02 15:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
    DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
    DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/03/04 06:46:18 | 000,032,896 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
    DRV - [2011/03/04 06:46:16 | 000,065,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
    DRV - [2011/02/24 09:30:52 | 000,308,200 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)
    DRV - [2011/02/24 09:30:52 | 000,100,328 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)
    DRV - [2010/12/16 05:06:46 | 000,037,504 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
    DRV - [2010/11/25 04:27:32 | 000,103,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
    DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/08/24 14:31:08 | 000,011,456 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
    DRV - [2010/08/03 12:20:56 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
    DRV - [2010/07/15 17:12:30 | 000,163,880 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\CLBUDF.sys -- (CLBUDF)
    DRV - [2010/07/15 17:12:30 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\CLBStor.sys -- (CLBStor)
    DRV - [2009/10/07 09:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
    DRV - [2009/10/07 09:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
    DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
    DRV - [2009/05/14 07:46:10 | 000,011,808 | ---- | M] (Laplink Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\llrcm.sys -- (llrcmir)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 82 68 14 A2 4C 2D CD 01 [binary data]
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
    FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
    FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
    FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0: C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\npcpvod.dll (Canal+ Active)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL ()
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/19 20:01:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/15 21:42:24 | 000,000,000 | ---D | M]

    [2012/05/05 14:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\Extensions
    [2013/11/16 11:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\Firefox\Profiles\rpe8tzwl.default-1369144509172\extensions
    [2013/09/04 15:21:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Salon\AppData\Roaming\mozilla\Firefox\Profiles\rpe8tzwl.default-1369144509172\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2013/11/16 11:20:16 | 000,523,651 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\PrivDog@AdTrustMedia.com.xpi
    [2013/09/10 15:37:30 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
    [2013/10/10 22:13:44 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2013/11/03 10:10:25 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Salon\AppData\Roaming\mozilla\firefox\profiles\rpe8tzwl.default-1369144509172\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
    [2013/11/15 21:42:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    [2013/11/15 21:42:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2013/11/15 21:42:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
    [2013/11/15 21:42:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/11/19 20:01:16 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

    O1 HOSTS File: ([2013/11/06 17:26:07 | 000,449,817 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 00hq.com mobile
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 Gadgets And More
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 123fporn.info
    O1 - Hosts: 15467 more lines...
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll (AdTrustMedia)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
    O4 - HKLM..\Run: [Tau Monitor] C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe (Agnitum Ltd.)
    O4 - HKU\S-1-5-21-2636033085-763419413-3343590746-1000..\Run: [Spotify Web Helper] C:\Users\Salon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
    O4 - HKU\S-1-5-21-2636033085-763419413-3343590746-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
    O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\1.7.0.12\trustedads.dll (AdTrustMedia)
    O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7653243D-A880-457E-9912-5C292C1191E0}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E53AC47A-043C-4592-BCFF-DEE3B8A8BF08}: DhcpNameServer = 172.20.2.39 172.20.2.10
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.DLL) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 0
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{12add18c-ad9f-11e1-9bf5-c86000861d9e}\Shell - "" = AutoRun
    O33 - MountPoints2\{12add18c-ad9f-11e1-9bf5-c86000861d9e}\Shell\AutoRun\command - "" = G:\wubi.exe
    O33 - MountPoints2\{2ac2c5f7-ec4e-11e2-b831-c86000861d9e}\Shell - "" = AutoRun
    O33 - MountPoints2\{2ac2c5f7-ec4e-11e2-b831-c86000861d9e}\Shell\AutoRun\command - "" = H:\unlock.exe autoplay=true
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/11/21 20:22:43 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Agnitum
    [2013/11/21 20:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agnitum
    [2013/11/21 20:22:39 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001
    [2013/11/21 20:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum
    [2013/11/21 20:22:38 | 000,278,581 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
    [2013/11/19 21:07:23 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\SUPERAntiSpyware.com
    [2013/11/19 21:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2013/11/19 21:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2013/11/19 21:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2013/11/19 20:02:32 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\AVAST Software
    [2013/11/19 20:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    [2013/11/19 20:01:19 | 000,774,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/11/19 20:01:19 | 000,403,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
    [2013/11/19 20:01:19 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/11/19 20:01:18 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
    [2013/11/19 20:01:18 | 000,070,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/11/19 20:01:18 | 000,035,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/11/19 20:01:17 | 000,269,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/11/19 20:01:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/11/19 20:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2013/11/19 20:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
    [2013/11/16 11:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\AdTrustMedia
    [2013/11/16 11:17:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Adtrustmedia
    [2013/11/15 21:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2013/11/15 16:43:08 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2013/11/15 16:43:07 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2013/11/15 16:43:07 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2013/11/15 16:43:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/11/15 16:43:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2013/11/15 16:43:05 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2013/11/15 16:43:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2013/11/15 16:43:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2013/11/15 16:43:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2013/11/15 16:43:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2013/11/15 11:24:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
    [2013/11/15 11:24:18 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
    [2013/11/15 11:23:59 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
    [2013/11/15 11:23:59 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
    [2013/11/11 16:22:36 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2013/11/11 16:22:36 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2013/11/11 16:22:36 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
    [2013/11/11 16:22:35 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
    [2013/11/11 16:22:19 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
    [2013/11/08 14:50:39 | 000,000,000 | ---D | C] -- C:\Users\Salon\Documents\Backup
    [2013/11/08 14:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTwin
    [2013/11/08 13:34:38 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
    [2013/11/08 13:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
    [2013/11/08 13:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
    [2013/11/08 13:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/11/08 13:28:57 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2013/11/08 13:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2013/11/08 12:56:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
    [2013/11/06 17:33:09 | 000,000,000 | ---D | C] -- C:\Users\Salon\Documents\Fichiers Outlook
    [2013/11/06 14:57:56 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Local\Wide_Angle_Software_Ltd
    [2013/11/06 14:57:56 | 000,000,000 | ---D | C] -- C:\Users\Salon\AppData\Local\Wide Angle Software
    [2013/11/06 10:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2013/11/06 10:25:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2013/11/06 10:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2013/11/06 10:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/11/06 08:14:14 | 000,000,000 | -HSD | C] -- C:\found.005
    [2013/11/05 11:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
    [2013/11/05 11:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
    [2013/11/05 11:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
    [2013/11/05 11:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
    [2013/11/05 11:02:43 | 000,000,000 | ---D | C] -- C:\AMD
    [2013/11/03 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Salon\Desktop\Chorale
    [2013/11/03 12:03:54 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.0

    ========== Files - Modified Within 30 Days ==========

    [2013/11/22 09:58:06 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/11/22 09:58:06 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/11/22 09:52:52 | 000,000,619 | ---- | M] () -- C:\Windows\Taumon.INI
    [2013/11/22 09:50:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/11/22 09:50:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
    [2013/11/22 09:50:00 | 2385,518,592 | -HS- | M] () -- C:\hiberfil.sys
    [2013/11/21 21:07:05 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task e7b86752-d23c-47fb-b876-aa0adef2c46d.job
    [2013/11/20 02:00:04 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 83993610-a224-4fce-af27-7b2132436d3e.job
    [2013/11/19 21:06:39 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2013/11/19 20:17:17 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2013/11/19 20:17:17 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2013/11/19 20:12:24 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/11/19 20:01:55 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2013/11/19 20:01:50 | 000,403,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
    [2013/11/19 20:01:13 | 000,774,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/11/19 20:01:13 | 000,269,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/11/19 20:01:13 | 000,178,304 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/11/19 20:01:13 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
    [2013/11/19 20:01:13 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/11/19 20:01:13 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/11/19 20:01:13 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/11/19 20:01:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/11/19 20:01:13 | 000,035,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/11/19 08:11:01 | 000,019,204 | ---- | M] () -- C:\Users\Salon\Documents\CMLF_Feuille_de_style_avec_nom_auteur.ott
    [2013/11/16 11:15:18 | 000,001,838 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
    [2013/11/16 08:10:28 | 000,735,814 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2013/11/16 08:10:28 | 000,146,056 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2013/11/15 13:39:20 | 000,656,834 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/11/15 13:39:20 | 000,122,646 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/11/14 12:38:16 | 000,582,936 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
    [2013/11/14 12:38:01 | 000,036,000 | ---- | M] (COMODO) -- C:\Windows\System32\cmdcsr.dll
    [2013/11/12 15:32:59 | 000,000,134 | ---- | M] () -- C:\Users\Salon\Desktop\Internet Explorer - résolution de problèmes.url
    [2013/11/12 15:07:33 | 000,000,134 | ---- | M] () -- C:\Users\Salon\Desktop\Internet Explorer Troubleshooting.url
    [2013/11/12 15:05:56 | 000,049,292 | ---- | M] () -- C:\Users\Salon\Documents\Lecon - le verbe.pdf
    [2013/11/08 13:34:39 | 000,000,989 | ---- | M] () -- C:\Users\Salon\Desktop\WinDirStat.lnk
    [2013/11/08 13:28:59 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/11/08 13:04:29 | 000,000,079 | ---- | M] () -- C:\Windows\wininit.ini
    [2013/11/07 18:41:23 | 000,500,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2013/11/06 17:26:07 | 000,449,817 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2013/11/06 10:25:41 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2013/11/05 10:28:42 | 000,000,873 | ---- | M] () -- C:\Users\Salon\AppData\Local\recently-used.xbel
    [2013/11/03 12:03:54 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 4.0.lnk
    [2013/10/28 22:36:33 | 000,000,851 | ---- | M] () -- C:\Users\Salon\Desktop\µTorrent.lnk
    [2013/10/28 22:36:33 | 000,000,831 | ---- | M] () -- C:\Users\Salon\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

    ========== Files Created - No Company Name ==========

    [2013/11/22 09:52:52 | 000,000,619 | ---- | C] () -- C:\Windows\Taumon.INI
    [2013/11/19 21:07:34 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task e7b86752-d23c-47fb-b876-aa0adef2c46d.job
    [2013/11/19 21:07:34 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 83993610-a224-4fce-af27-7b2132436d3e.job
    [2013/11/19 21:06:39 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2013/11/19 20:01:55 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2013/11/19 20:01:19 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/11/19 20:01:19 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/11/19 08:10:59 | 000,019,204 | ---- | C] () -- C:\Users\Salon\Documents\CMLF_Feuille_de_style_avec_nom_auteur.ott
    [2013/11/12 15:32:59 | 000,000,134 | ---- | C] () -- C:\Users\Salon\Desktop\Internet Explorer - résolution de problèmes.url
    [2013/11/12 15:07:33 | 000,000,134 | ---- | C] () -- C:\Users\Salon\Desktop\Internet Explorer Troubleshooting.url
    [2013/11/12 15:05:54 | 000,049,292 | ---- | C] () -- C:\Users\Salon\Documents\Lecon - le verbe.pdf
    [2013/11/08 13:34:39 | 000,000,989 | ---- | C] () -- C:\Users\Salon\Desktop\WinDirStat.lnk
    [2013/11/08 13:28:59 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/11/05 10:28:42 | 000,000,873 | ---- | C] () -- C:\Users\Salon\AppData\Local\recently-used.xbel
    [2013/10/28 22:36:33 | 000,000,851 | ---- | C] () -- C:\Users\Salon\Desktop\µTorrent.lnk
    [2013/10/28 22:36:33 | 000,000,831 | ---- | C] () -- C:\Users\Salon\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2013/09/04 12:52:55 | 000,216,064 | ---- | C] () -- C:\Windows\System32\gcapi_dll.dll
    [2013/08/31 00:47:56 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe
    [2013/08/30 19:53:48 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
    [2013/08/27 20:06:16 | 000,233,652 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
    [2013/08/27 18:27:56 | 000,082,336 | ---- | C] () -- C:\Windows\System32\ativce02.dat
    [2013/08/07 18:22:00 | 000,716,208 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2013/08/07 16:12:12 | 000,231,984 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
    [2013/06/18 15:00:18 | 000,000,109 | ---- | C] () -- C:\Windows\System32\fgbs81.sys
    [2013/06/14 14:45:26 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
    [2013/05/02 19:31:40 | 000,002,017 | ---- | C] () -- C:\Windows\KillSwitch.INI
    [2013/04/24 08:47:36 | 000,002,890 | ---- | C] () -- C:\Windows\System32\drivers\fvstore.dat
    [2013/04/18 18:03:18 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
    [2013/04/18 18:03:18 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
    [2013/04/18 18:03:17 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2013/03/29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
    [2013/03/29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
    [2013/02/28 08:18:33 | 000,869,376 | ---- | C] () -- C:\Windows\is-ABQE6.exe
    [2013/02/28 08:15:47 | 000,321,675 | ---- | C] () -- C:\Users\Salon\AppData\Local\census.cache
    [2013/02/28 08:15:23 | 000,163,234 | ---- | C] () -- C:\Users\Salon\AppData\Local\ars.cache
    [2013/02/28 08:03:08 | 000,000,036 | ---- | C] () -- C:\Users\Salon\AppData\Local\housecall.guid.cache
    [2013/02/22 18:17:17 | 000,000,179 | ---- | C] () -- C:\Windows\disney.ini
    [2013/02/22 18:17:14 | 000,000,201 | ---- | C] () -- C:\Windows\disneysy.ini
    [2013/02/19 10:15:10 | 000,000,042 | ---- | C] () -- C:\Users\Salon\.gtk-bookmarks
    [2013/01/25 14:06:03 | 000,000,287 | ---- | C] () -- C:\Users\Salon\AppData\Local\VersionChecker_15.xml
    [2012/11/16 14:01:46 | 000,108,146 | ---- | C] () -- C:\Users\Salon\BonCommande.pdf
    [2012/11/16 11:38:53 | 000,007,597 | ---- | C] () -- C:\Users\Salon\AppData\Local\resmon.resmoncfg
    [2012/10/06 16:50:16 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
    [2012/09/25 12:49:22 | 000,280,869 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
    [2012/09/25 12:28:57 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
    [2012/09/07 14:48:47 | 002,539,008 | ---- | C] () -- C:\Windows\PE_File.dll
    [2012/09/07 13:46:56 | 002,473,472 | ---- | C] () -- C:\Windows\PE_Rom.dll
    [2012/09/07 13:42:45 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
    [2012/09/07 13:41:08 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
    [2012/09/07 13:41:08 | 000,011,456 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
    [2012/09/07 13:41:08 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
    [2012/05/06 08:58:09 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
    [2012/05/05 19:36:31 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2012/05/05 19:36:28 | 000,023,964 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2012/05/05 17:07:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

    ========== ZeroAccess Check ==========

    [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

    < End of report >

    The content of Extras.Txt is :
    OTL Extras logfile created on: 22/11/2013 09:56:13 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = F:\Downloads
    Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16736)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,96 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,99% Memory free
    5,92 Gb Paging File | 4,60 Gb Available in Paging File | 77,61% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 97,56 Gb Total Space | 24,15 Gb Free Space | 24,75% Space Free | Partition Type: NTFS
    Drive E: | 135,23 Gb Total Space | 43,85 Gb Free Space | 32,43% Space Free | Partition Type: NTFS
    Drive F: | 931,51 Gb Total Space | 801,77 Gb Free Space | 86,07% Space Free | Partition Type: NTFS

    Computer Name: SALON-PC | User Name: Salon | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{046DC5E4-C4EA-4F91-B631-2333473AF3FB}" = lport=137 | protocol=17 | dir=in | app=system |
    "{213F870C-71B9-4AF7-98E0-F8114C69F2CD}" = rport=139 | protocol=6 | dir=out | app=system |
    "{3C720388-22FD-4DD0-B45B-7F579531876D}" = lport=445 | protocol=6 | dir=in | app=system |
    "{3F1A3140-3562-4B52-B80F-2BFB9351A6C8}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
    "{512B5168-2DE5-4A74-82E1-EA5E04683E79}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
    "{6F12ED28-CA05-4313-AEC2-C72C0E93C80F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{7450C811-F328-41BC-922B-F41373E0D8E1}" = lport=139 | protocol=6 | dir=in | app=system |
    "{8F392510-3FA7-486E-BAFA-6F6554992CB8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{97A4978B-8314-42E9-91C1-33506CDB770A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{9BA926D3-B679-4088-A7B1-DB67B46FD448}" = rport=138 | protocol=17 | dir=out | app=system |
    "{A0D0E8AB-288C-447C-BDC7-9FD571F8C1B9}" = rport=137 | protocol=17 | dir=out | app=system |
    "{ACB11270-1671-4FC8-9E00-F6CE5A0B586E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{DBB54041-0F47-426D-B6FF-C3BA6CDE721A}" = rport=445 | protocol=6 | dir=out | app=system |
    "{E6FBB040-2A30-48E6-B256-B2FA670ADACB}" = lport=138 | protocol=17 | dir=in | app=system |
    "{EF428AB0-4ED6-4AF1-9340-BD20A5892D41}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
    "{F7929071-9121-4C7D-8201-0F888D3DCE63}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{FFCEB1E3-C366-496F-90AD-FCE4F7E2375C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{03888AE1-DC0E-40C9-9513-474715737D6C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
    "{0447E0A2-51C1-4CE9-9C19-8C1F5CB621DC}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
    "{090F8990-B27E-42A4-8F70-E979CA5DF706}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
    "{11BB2B30-BE54-46D8-BE9B-9F33E13B8B4C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{12BC504A-7538-4B07-8B8E-A02B35CBD273}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
    "{1E98B2BF-45B9-476D-9712-C982C7637D8F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{23F88985-8488-4D23-93C3-0F8C51B4AF98}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
    "{2D15DE7B-D83B-44E4-B197-06871A0486B9}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{4A112196-3EA0-439A-9476-0C8C0FEB409B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{57B83C0E-4DE9-47B1-B213-A5B65CE00F5C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{688DE0F6-4005-4A6C-9C78-81966E00B6F1}" = protocol=17 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
    "{956D3451-696F-4ABC-B11E-F467A05CEE6D}" = protocol=6 | dir=in | app=c:\users\salon\appdata\roaming\utorrent\utorrent.exe |
    "{9E8B3A2C-4BB6-4E19-90B1-8A2C85A39A9D}" = protocol=6 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{A081B467-8F73-4EFB-9898-ED0980D6AC9F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{A1441BBB-E1A2-426F-AD41-EF5BDB1E206F}" = protocol=6 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
    "{A5EA180A-0434-4DD6-91FB-2FB6CB28BEAE}" = protocol=17 | dir=in | app=c:\users\salon\appdata\roaming\utorrent\utorrent.exe |
    "{A985A3BC-6F38-4DDA-AF83-DE86AF844C74}" = protocol=6 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{CBAEE902-F3CD-4891-A818-0041F3892B59}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
    "{CC186A97-C14C-4E67-955B-06B78BD078E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{D41A4F95-752E-465B-8D94-1EE9C118C503}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{DAC677E1-BE34-4249-BC8B-4B3BEC168928}" = protocol=17 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{DDA59A7F-A41C-4030-96AF-FA5B0817B2ED}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{DE6F96D8-4AE6-49C0-95DB-E4FFD8BCCED3}" = protocol=17 | dir=in | app=c:\users\salon\appdata\roaming\spotify\spotify.exe |
    "{E364C798-060B-4D17-80E8-2F85BC08B7A7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{EC02F79D-8F00-4955-9F53-7CCF9562E1C7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{F5A14B02-0559-4729-A28E-A8CB89F6F8C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{FB00F947-01FF-4A03-B2AC-0AB4A1F0FF21}" = protocol=58 | dir=in | app=system |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
    "{00280C97-E028-4563-8435-2BCA2786D03F}" = SketchUp 8
    "{04DA096D-6236-4A5D-8FB6-3081E67009BA}" = CANAL+ CANALSAT A LA DEMANDE
    "{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{07B98CCD-72B4-7F02-F9C1-B0410BA81580}" = CCC Help Norwegian
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D66D9EB-2DAE-599C-92D0-E2E6CCAA0666}" = CCC Help Japanese
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{132EAB86-BB6E-3975-68C1-F2D4D364CDC5}" = AMD Accelerated Video Transcoding
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
    "{1CA07BFA-8F7C-80CA-0A69-EAA93C7C7744}" = CCC Help Chinese Traditional
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
    "{239D758B-F854-D61D-AC4E-1AAA9654426F}" = CCC Help French
    "{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
    "{281D28EC-1357-4778-B2D7-DEA56D70EF96}" = Logitech High Quality Video
    "{2B2782F8-929D-AE80-1297-488D7590D208}" = CCC Help Portuguese
    "{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
    "{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
    "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
    "{31DF9E67-DA8A-5C06-BBAD-3B3BCB5B2304}" = CCC Help Polish
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
    "{38350E9E-D50E-454A-BAFC-58BBDDBE08C4}" = AxCrypt 1.7.2976.0
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
    "{488E9FD9-7C30-4120-8790-410F46F13CD6}" = ASUS Sync
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4B89B115-0D42-6FBD-CE6C-45CA37BEBDD1}" = AMD Fuel
    "{4D3BF70D-19A9-F87B-7B8B-8BADDFF9C8A5}" = CCC Help Finnish
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
    "{51853D9B-0D96-7A31-88D7-8520B50373F0}" = CCC Help Italian
    "{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
    "{580B86B2-0E0F-996C-0045-38D0B681B16E}" = CCC Help Danish
    "{5B9C9486-4287-4621-8F9D-EC3EE622A82F}" = LibreOffice 4.0.5.2
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{7056155C-38E3-EDCC-F498-47DA57ADA1F0}" = AMD Catalyst Install Manager
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{731E4875-0F23-6005-7E18-C8FA23C8515A}" = AMD Drag and Drop Transcoding
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{8624569E-94AE-EF90-92E2-6AD8E5A617ED}" = AMD Catalyst Control Center
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A6F6649-5244-9C2E-80CD-AD49603321AF}" = CCC Help German
    "{8BF66753-6750-D41C-43EB-F64C54A8E80D}" = CCC Help Chinese Standard
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8EA39464-1316-0125-7FD8-E74B49ADB429}" = CCC Help Turkish
    "{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
    "{90140000-0015-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
    "{90140000-0016-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
    "{90140000-0018-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
    "{90140000-0019-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
    "{90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
    "{90140000-001B-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
    "{90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUSR_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
    "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
    "{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
    "{90140000-002C-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010
    "{90140000-0044-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
    "{90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
    "{90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010
    "{90140000-00BA-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90D2DF70-F0E8-2CA3-F3B9-DD7CE267BB19}" = Catalyst Control Center Graphics Previews Common
    "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9785513D-0335-E199-3AC0-74DF83246F20}" = CCC Help Czech
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D959FE5-9C6C-D82D-D208-0B7FBBC0C772}" = ccc-utility
    "{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
    "{A049FD86-61DA-E6DB-2602-0065CB7D4414}" = CCC Help Greek
    "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
    "{A47642B2-4CB5-4325-8093-C88D4747953F}" = GeekBuddy
    "{A7B4D968-7FB7-2CD3-9792-5ACCAECAC72E}" = CCC Help Korean
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
    "{B05FBD47-2A22-2259-E65C-A2D3FB647A6A}" = CCC Help Russian
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B328A1B9-D169-FBA9-F4AF-806E0046F89A}" = CCC Help Spanish
    "{B5BE22C7-420A-5F14-A1B9-4AB3F3DE0A3E}" = Catalyst Control Center InstallProxy
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "{B9EF9C0B-0428-1743-BF3A-9CC890CA5C91}" = Vectorworks 2010 Help
    "{BCC0552D-76C0-4130-BFBD-49BE49ACC594}" = COMODO Internet Security
    "{BE73543D-E7A0-01D8-7866-C05693BB6BBE}" = CCC Help English
    "{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
    "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
    "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D9E34320-D91C-E961-D902-B60788EAA26E}" = CCC Help Hungarian
    "{DF4CBDE3-8789-A589-46F2-7F5B78092D5F}" = CCC Help Swedish
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EC2D4C8B-D8BF-7E06-C094-26B4CE84BF8C}" = CCC Help Dutch
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F6AEADC0-6B97-430E-B78A-C1D633A6528D}" = ASUS Android USB Drivers
    "{FB474A6C-CB62-AA42-A618-2EA58F0F2504}" = Catalyst Control Center Localization All
    "{FD244C27-2EB7-C17B-5BFA-CC8659CBF29C}" = AMD Media Foundation Decoders
    "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
    "{FFB3193B-D922-DD38-B218-EB86DD3F3FAD}" = CCC Help Thai
    "7-Zip" = 7-Zip 9.20
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Agnitum Tauscan 1.7" = Agnitum Tauscan 1.7
    "Avast" = avast! Free Antivirus
    "Canon LBP2900" = Canon LBP2900
    "Comodo Dragon" = Comodo Dragon
    "DAEMON Tools Lite" = DAEMON Tools Lite
    "Déclic" = Déclic
    "Directory Lister_is1" = Directory Lister v0.9
    "FileZilla Client" = FileZilla Client 3.7.3
    "Foxit Reader_is1" = Foxit Reader
    "FreePack" = FreePack
    "GIMP-2_is1" = GIMP 2.8.4
    "HijackThis" = HijackThis 2.0.2
    "ImgBurn" = ImgBurn
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
    "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
    "InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
    "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
    "LinuxLive USB Creator" = LinuxLive USB Creator
    "lvdrivers_12.10" = Coffret de pilotes Logitech Webcam Software
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 25.0.1 (x86 fr)" = Mozilla Firefox 25.0.1 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "net.nemetschek.vectorworks.2010.help.eng.CC16605A57FA88F0CED2B1A19E704F482AB2B1EB.1" = Vectorworks 2010 Help
    "Office14.PROPLUSR" = Microsoft Office Professionnel Plus 2010
    "PrivDog" = PrivDog
    "SumatraPDF" = SumatraPDF
    "SyncBack_is1" = SyncBack
    "Totalcmd" = Total Commander (Remove or Repair)
    "TrueCrypt" = TrueCrypt
    "VLC media player" = VLC media player 2.1.1
    "WinLiveSuite" = Windows Live

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2636033085-763419413-3343590746-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Spotify" = Spotify
    "uTorrent" = µTorrent
    "WinDirStat" = WinDirStat 1.1.2

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 18/09/2013 05:58:47 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 18/09/2013 05:58:48 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 20/09/2013 02:24:55 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*C:\Program Files\ASUS\ASUS
    Sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 02:28:28 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*c:\program files\ASUS\asus
    sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 11:40:08 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 20/09/2013 11:40:09 | Computer Name = Salon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
    Description =

    Error - 20/09/2013 20:07:51 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*C:\Program Files\ASUS\ASUS
    Sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 20:11:31 | Computer Name = Salon-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour «*c:\program files\ASUS\asus
    sync\FDAgentForOutlook64.exe*». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 20/09/2013 20:47:05 | Computer Name = Salon-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante AsSysCtrlService.exe, version : 0.0.0.0,
    horodatage : 0x4cc00d4c Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
    : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus
    défaillant : 0x894 Heure de début de l’application défaillante : 0x01ceb5c5ac979a5b
    Chemin
    d’accès de l’application défaillante : C:\Program Files\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
    Chemin
    d’accès du module défaillant: unknown ID de rapport : 55cdbd57-2257-11e3-8b32-c86000861d9e

    Error - 21/09/2013 06:29:55 | Computer Name = Salon-PC | Source = .NET Runtime | ID = 1023
    Description =

    Error - 21/09/2013 06:29:56 | Computer Name = Salon-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante plugin-container.exe, version : 24.0.0.5001,
    horodatage : 0x522fd228 Nom du module défaillant : coreclr.dll, version : 5.1.20513.0,
    horodatage : 0x519065ac Code d’exception : 0x8013150a Décalage d’erreur : 0x000475eb
    ID
    du processus défaillant : 0x5cc Heure de début de l’application défaillante : 0x01ceb6ad78828d58
    Chemin
    d’accès de l’application défaillante : C:\Program Files\Mozilla Firefox\plugin-container.exe
    Chemin
    d’accès du module défaillant: C:\Program Files\Microsoft Silverlight\5.1.20513.0\coreclr.dll
    ID
    de rapport : c20a340b-22a8-11e3-848c-c86000861d9e

    [ Canal+ Events ]
    Error - 18/11/2013 14:04:55 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:13:32 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:20:45 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:20:45 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:20:49 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 15:49:30 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 16:22:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 16:52:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 17:22:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    Error - 18/11/2013 17:52:07 | Computer Name = Salon-PC | Source = VideoOnDemand | ID = 0
    Description = ServicesAdapter::ProcessRequest : Accès refusé

    [ Media Center Events ]
    Error - 25/06/2013 06:47:42 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 12:47:42 - Erreur de connexion à Internet. 12:47:42 - Impossible
    de contacter le service..

    Error - 25/06/2013 12:59:38 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 18:59:38 - Erreur de connexion à Internet. 18:59:38 - Impossible
    de contacter le service..

    Error - 04/07/2013 15:20:30 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 21:20:30 - Erreur de connexion à Internet. 21:20:30 - Impossible
    de contacter le service..

    Error - 04/07/2013 15:21:21 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 21:21:18 - Erreur de connexion à Internet. 21:21:18 - Impossible
    de contacter le service..

    Error - 07/07/2013 09:13:20 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 15:13:20 - Erreur de connexion à Internet. 15:13:20 - Impossible
    de contacter le service..

    Error - 12/09/2013 12:31:47 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 18:31:47 - Échec de la récupération de Directory (Erreur : Impossible
    de se connecter au serveur distant)

    Error - 14/09/2013 06:57:37 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 12:57:34 - Erreur de connexion à Internet. 12:57:36 - Impossible
    de contacter le service..

    Error - 14/09/2013 06:58:10 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 12:58:06 - Erreur de connexion à Internet. 12:58:06 - Impossible
    de contacter le service..

    Error - 25/09/2013 04:13:56 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 10:13:56 - Erreur de connexion à Internet. 10:13:56 - Impossible
    de contacter le service..

    Error - 25/09/2013 04:18:08 | Computer Name = Salon-PC | Source = MCUpdate | ID = 0
    Description = 10:18:02 - Erreur de connexion à Internet. 10:18:02 - Impossible
    de contacter le service..

    [ System Events ]
    Error - 20/11/2013 03:21:11 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 03:22:52 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 03:26:47 | Computer Name = Salon-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation*: l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070005*: Mise à jour de sécurité pour Windows 7 (KB2868626).

    Error - 20/11/2013 06:47:04 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:39:39 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:48:30 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:49:52 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 20/11/2013 08:53:37 | Computer Name = Salon-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation*: l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070005*: Mise à jour de sécurité pour Windows 7 (KB2868626).

    Error - 21/11/2013 13:40:00 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn

    Error - 22/11/2013 04:50:54 | Computer Name = Salon-PC | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se
    charger*: auvyrn


    < End of report >

    Thanks

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hi ced2vo,

    Not seeing a lot of Malware, we'll go through a general clean up though. That windows up -Date appears to be for 64Bit systems, we'll investigate that more at the end, right now lets see if we can improve performance first.

    What I do see from the start is 2 Anti Virus programs running, Avast & COMODO and I see what appear to be left over Kaspersky drivers from a possible uninstall of Kaspersky Anti Virus. They (Drivers) also are running an loading at boot time.

    The real-time protection of two antivirus programs may conflict with each other and cause the following:

    * False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
    * Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
    * Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
    * Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.
    Please remove 1 of the Anti Virus programs.

    Let me know when you have done that, and if any better performance is gained.

    Kaspersky Anti-Virus 2013---It's listed in your Programs & Features listing, see if you can remove it. Like I said it looks like it's been removed because no running processes show, it may be just an orphaned entry.

    Did you install this program O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Salon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ?


    Thanks
    Joe
    Last edited by zep516; 11-22-2013 at 09:40 PM.