Mon pc rame
Fermé
titine08800
Messages postés
248
Date d'inscription
samedi 23 février 2008
Statut
Membre
Dernière intervention
22 mai 2014
-
Modifié par irongege le 22/10/2012 à 18:57
titine08800 Messages postés 248 Date d'inscription samedi 23 février 2008 Statut Membre Dernière intervention 22 mai 2014 - 22 oct. 2012 à 20:50
titine08800 Messages postés 248 Date d'inscription samedi 23 février 2008 Statut Membre Dernière intervention 22 mai 2014 - 22 oct. 2012 à 20:50
A voir également:
- Mon pc rame
- Mon pc rame que faire - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Plus de son sur mon pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
7 réponses
ginto5
Messages postés
11354
Date d'inscription
mercredi 4 juin 2008
Statut
Membre
Dernière intervention
16 octobre 2024
653
22 oct. 2012 à 17:20
22 oct. 2012 à 17:20
Je vous souhaite bien du courage et beaucoup de patience, pour faire tourner Android sur le PC.
Car Android (bien qu'étant un substrat de Linux) ne reconnaîtra aucun périphérique hormis le lecteur de CD/DVDet un lecteur de cartes. Il faudra alors trouver et adapter les pilotes, puis monter les volumes, etc.....et super-galère pour l'imprimante ou le scanner.....
Par contre Linux a beaucoup plus de chance de tourner sur un PC, faites un essai en bootant sur un CD contenant une distribution Linux.
Car Android (bien qu'étant un substrat de Linux) ne reconnaîtra aucun périphérique hormis le lecteur de CD/DVDet un lecteur de cartes. Il faudra alors trouver et adapter les pilotes, puis monter les volumes, etc.....et super-galère pour l'imprimante ou le scanner.....
Par contre Linux a beaucoup plus de chance de tourner sur un PC, faites un essai en bootant sur un CD contenant une distribution Linux.
Utilisateur anonyme
Modifié par Scarface72 le 22/10/2012 à 17:21
Modifié par Scarface72 le 22/10/2012 à 17:21
Salut
Un Pc ça s'entretient et ça se nettoie...
Un Pc d'un an n'est pas usé, il fonctionne comme au 1er jour sauf si on l'a utilisé tel quel, jamais défragmenté, jamais nettoyé le disque et blindé de trucs inutiles qu'on a téléchargé à gauche ou à droite sans oublier tous les logiciels dont on ne se sert pas forcément et qui démarrent en même temps que Windows...
Alors avant de racheter un Pc alors que le tien n'a qu'un an => Mon Pc rame, que faire ?
Avant de poser une question: 1° Le cerveau ne s'use pas si on s'en sert, n'hésite pas à l'utiliser!
2° Google est ton ami, le moteur de recherche de CCM aussi, fais une recherche!
Un Pc ça s'entretient et ça se nettoie...
Un Pc d'un an n'est pas usé, il fonctionne comme au 1er jour sauf si on l'a utilisé tel quel, jamais défragmenté, jamais nettoyé le disque et blindé de trucs inutiles qu'on a téléchargé à gauche ou à droite sans oublier tous les logiciels dont on ne se sert pas forcément et qui démarrent en même temps que Windows...
Alors avant de racheter un Pc alors que le tien n'a qu'un an => Mon Pc rame, que faire ?
Avant de poser une question: 1° Le cerveau ne s'use pas si on s'en sert, n'hésite pas à l'utiliser!
2° Google est ton ami, le moteur de recherche de CCM aussi, fais une recherche!
irongege
Messages postés
40847
Date d'inscription
jeudi 1 novembre 2007
Statut
Modérateur
Dernière intervention
29 juin 2023
5 072
22 oct. 2012 à 17:23
22 oct. 2012 à 17:23
Encore un ami informaticien en herbe !!!!!
irongege
Messages postés
40847
Date d'inscription
jeudi 1 novembre 2007
Statut
Modérateur
Dernière intervention
29 juin 2023
5 072
22 oct. 2012 à 17:21
22 oct. 2012 à 17:21
Lut
Avant tout, je te conseillerais de faire une analyse de ton pc dans le forum virus/sécurité.
Il y a pas mal de choses à faire avant de changer de pc lorsque celui-ci rame.
Avant tout, je te conseillerais de faire une analyse de ton pc dans le forum virus/sécurité.
Il y a pas mal de choses à faire avant de changer de pc lorsque celui-ci rame.
hisaeh
Messages postés
2642
Date d'inscription
samedi 10 mars 2007
Statut
Membre
Dernière intervention
23 août 2019
572
Modifié par hisaeh le 22/10/2012 à 17:22
Modifié par hisaeh le 22/10/2012 à 17:22
Bonjour,
Si tu mets android dessus, tu gagneras fortement en rapidité, aucun doute la dessus.
Reste à savoir si android x86 s'installera comme il faut, et si ton matériel sera compatible.
Si c'est le cas , il y aura néanmoins un certain nombres de reglages à faire pour optimiser. Reste que le clique de souris ne remplacera pas le tactile ..
Patience est mère de sûreté !
Si tu mets android dessus, tu gagneras fortement en rapidité, aucun doute la dessus.
Reste à savoir si android x86 s'installera comme il faut, et si ton matériel sera compatible.
Si c'est le cas , il y aura néanmoins un certain nombres de reglages à faire pour optimiser. Reste que le clique de souris ne remplacera pas le tactile ..
Patience est mère de sûreté !
hisaeh
Messages postés
2642
Date d'inscription
samedi 10 mars 2007
Statut
Membre
Dernière intervention
23 août 2019
572
Modifié par hisaeh le 22/10/2012 à 19:04
Modifié par hisaeh le 22/10/2012 à 19:04
J'ai testé android x86 sur plusieurs ultrabooks, et le systeme est tres fluide et rapide. Il n'y a pas de comparaison avec Windows bien sur et meme avec certaines distrib Linux.
L'installation est rapide et on peut bien tester plusieurs versions adaptées au processeur.
Il n'en reste pas moins , comme je le disais, que tout le materiel ne sera pas forcement compatible, mais pour un ultrabook qui est censé servir à la navigation internet, on se fout pas mal de la resolution convenable.
Et sur ceux que j'ai testés, aucun probleme sur le graphisme, les ports usb, et le wifi.
L'installation est rapide et on peut bien tester plusieurs versions adaptées au processeur.
Il n'en reste pas moins , comme je le disais, que tout le materiel ne sera pas forcement compatible, mais pour un ultrabook qui est censé servir à la navigation internet, on se fout pas mal de la resolution convenable.
Et sur ceux que j'ai testés, aucun probleme sur le graphisme, les ports usb, et le wifi.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
titine08800
Messages postés
248
Date d'inscription
samedi 23 février 2008
Statut
Membre
Dernière intervention
22 mai 2014
1
22 oct. 2012 à 17:45
22 oct. 2012 à 17:45
merci de vos commentaires
voici le rapport du scan
Rapport de ZHPDiag v1.31.31 par Nicolas Coolman, Update du 19/10/2012
Run by sandrine at 22/10/2012 17:23:28
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
UAC : deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1770 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 349 GB (77%) free of 451 GB
---\\ Logged in mode
~ Computer Name: SANDRINE-PC
~ User Name: sandrine
~ All Users Names: sandrine, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\sandrine\AppData\Roaming\
~ %Desktop% : C:\Users\sandrine\Desktop\
~ %Favorites% : C:\Users\sandrine\Favorites\
~ %LocalAppData% : C:\Users\sandrine\AppData\Local\
~ %StartMenu% : C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 349 Go of 451 Go)
D:\ CD-ROM drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
UAC deactivate by program
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.3D165C53E40236A68B7102D1A622D4E0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/08/2012 - 11:21:18.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/5
Mes musiques (My Musics) : 38/38 (Modified)
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/45
~ Mes Documents (My Documents) : 4/85
~ Mon Bureau (My Desktop) : 1/60
~ Menu demarrer (Programs) : 1/33
~ Scan Hidden Files in 00mn 00s
---\\ Processus lancés
[MD5.2C1EF6485EEB834187FC69556A64EAFE] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe [896912] [PID.1304]
[MD5.B84DBE0075A6A643F0C3C24B70B797F4] - (.NTI Corporation - Packard Bell MyBackup.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295232] [PID.2288]
[MD5.848D034D067BE2FF5CD3D779BECBDA00] - (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe [1239064] [PID.3112]
[MD5.56873D899C0707AA017AA2D74EC190AE] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3770368] [PID.4564]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.]
[MD5.53E4843E1CD3653E665DAA32241F8F8B] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [310864] [PID.]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584] [PID.]
[MD5.C409A8F7EF56A7E9CA605807EBEE2ABB] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904] [PID.]
[MD5.8F59A2506AF43F96F5397B3C79938AE9] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344] [PID.]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\sandrine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G0 - GCSP: Preference [User Data\Default] https://www.google.com/?gws_rd=ssl
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
C:\Users\sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\sandrine\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\sandrine\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\sandrine\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=packardbell.msn.com&ocid=AARDHP&pc=MAPB
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=packardbell.msn.com&ocid=AARDHP&pc=MAPB
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.babylon.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {2c80c23a-1ac3-4987-bfec-a33335aeb236} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: (no name) [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: (no name) [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé orpheline
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
~ Scan BHO in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Packard Bell MyBackup.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [PCTuto] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2235326386-795786822-2120572921-1001\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\Nero Home\NeroHome.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SecurDisc Viewer.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\SecurDisc Viewer\SecurDisc Viewer.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - packardbell.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FE6C096-983A-471C-AA33-35D4B164CA26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FE6C096-983A-471C-AA33-35D4B164CA26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FE6C096-983A-471C-AA33-35D4B164CA26}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: C:\Windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NTI Corporation - Backup Manager Module.) - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 01s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\OfferBoxUpdate.job
[MD5.44C00A385CA9DBC1D5CF3781F8C26AEA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core] (.Facebook Inc..) -- C:\Users\sandrine\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA] (.Facebook Inc..) -- C:\Users\sandrine\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core] (.Google Inc..) -- C:\Users\sandrine\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA] (.Google Inc..) -- C:\Users\sandrine\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [OfferBoxUpdate] (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files (x86)\BrightBreeze\bin\2.0.12.0\BrightBreezeSA.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [YourFile Update] (...) -- C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{354EABF0-8BAC-4C1C-9998-06E754B57182}] (...) -- C:\Users\sandrine\Downloads\jeu so blonde+crack\Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{4B9DB58C-5DFF-4B2C-A0D8-746527A09F7B}] (...) -- C:\Users\sandrine\Downloads\Need For Speed - Conduite en Etat de Libert'\Patch + crack\NFS_HS_EP_Setup_(V2.1A Build 1.33).exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{6A61496F-58B9-4CA2-BE32-6105AD62A014}] (...) -- C:\Downloads\LES.SIMS.3\keygen+crack.no.DVD\TS3.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{83CA4B8E-568A-410B-B9F7-54ED4517E317}] (...) -- C:\Users\sandrine\appdata\local\temp\rar$ex06.961\Sims3EP05Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{9875BD94-64A5-4872-9599-B802D10281D2}] (...) -- C:\Users\sandrine\Downloads\53.Jeux.Objets Cach'e.Francais\AdventureChroniclesSetup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{AF71D2D3-3B27-49C4-8D8E-5133C6718DA2}] (...) -- C:\Users\sandrine\Downloads\jeu so blonde+crack\Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{DEF521EB-EA08-455A-9220-F7019E9DED36}] (...) -- D:\setup.exe (.not file.)
[MD5.29703A1247488A79B717C891F52C552C] [APT] [Burn Notification] (.Acer.) -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe
~ Scan Scheduled Task in 00mn 08s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {793E51B7-8189-E701-BA05-C8D2E6B84D8D}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A83BDD51-65F8-FB49-5B18-42DF72C006CB}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4F709EA4-F300-51D9-78D5-A198A612B929}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {53300BE7-7B2A-0057-ED1F-7974D7107EBA}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WT088216
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Backup Manager V3 - (.NTI Corporation.) [HKLM][64Bits] -- {0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088226
O42 - Logiciel: Build-a-lot 2 - (.WildTangent.) [HKLM][64Bits] -- WT088228
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5F7308C0-56FF-415A-B34C-44A90A892A95}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088235
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM][64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT088238
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT088416
O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM][64Bits] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E}
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WT088260
O42 - Logiciel: Final Drive Nitro - (.WildTangent.) [HKLM][64Bits] -- WT088420
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Product Detection - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088268
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {774C0434-9948-4DEE-A14E-69CDD316E36C}
O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: Java(TM) 6 Update 31 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WT088269
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WT088448
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 - (.Microsoft Corporation.) [HKLM][64Bits] -- {E34002C7-8CE7-3F76-B36C-09FA973BC4F6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM][64Bits] -- {57660847-B1F7-35BD-9118-F62EB863A598}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM][64Bits] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM][64Bits] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM][64Bits] -- {A39DAD32-3515-438D-8617-F8AE2A301036}
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Packard Bell Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent packardbell Master Uninstall
O42 - Logiciel: Packard Bell MyBackup - (.NTI Corporation.) [HKLM][64Bits] -- InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell .) [HKLM][64Bits] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Social Networks - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}
O42 - Logiciel: Packard Bell Social Networks - (.CyberLink Corp..) [HKLM][64Bits] -- {64EF903E-D00A-414C-94A4-FBA368FFCDC9}
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT088452
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT088283
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT088456
O42 - Logiciel: Polar Golfer - (.WildTangent.) [HKLM][64Bits] -- WT088460
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: SecurDisc Viewer - (.Nero AG.) [HKLM][64Bits] -- {4BC5B788-1670-44CA-90A2-F85193431036}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype(TM) 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Video Web Camera - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Video Web Camera - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Virtual Villagers 4 - The Tree of Life - (.WildTangent.) [HKLM][64Bits] -- WT088508
O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM][64Bits] -- WBFS Manager 3.0
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: WildTangent Games App (Packard Bell Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM][64Bits] -- {027E5FAB-1476-4C59-AAB4-32EF28520399}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM][64Bits] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM][64Bits] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088292
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WT088531
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM][64Bits] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload]
[HKCU\Software\AMD]
[HKCU\Software\ATI]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\searchcoretoolbar]
[HKCU\Software\AppDataLow\Software\searchqutoolbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Artogon]
[HKCU\Software\BitComet]
[HKCU\Software\BitTorrent]
[HKCU\Software\BrowserTemp]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Conexant]
[HKCU\Software\CyberLink]
[HKCU\Software\Datamngr]
[HKCU\Software\Digital River]
[HKCU\Software\Dritek]
[HKCU\Software\Facebook]
[HKCU\Software\Fenomen Games]
[HKCU\Software\GOG]
[HKCU\Software\Good games]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaFinder]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PCTuto]
[HKCU\Software\ParetoLogic]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\PowerPack]
[HKCU\Software\RSB]
[HKCU\Software\Screentime Media]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\SuperSoftwarePackage]
[HKCU\Software\SweetIM]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamViewer]
[HKCU\Software\Test3D]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\ValuSoft]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\YourFileDownloader]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Acer]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\DataMngr]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\ObviousIdea]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Two Pilots]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\Boxore]
[HKLM\Software\Wow6432Node\BrowserMngr]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\FREEzeFrog]
[HKLM\Software\Wow6432Node\Freeze.com]
[HKLM\Software\Wow6432Node\GPL Ghostscript]
[HKLM\Software\Wow6432Node\GameInstaller]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OfferBox]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\PCTuto]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\ParetoLogic]
[H
voici le rapport du scan
Rapport de ZHPDiag v1.31.31 par Nicolas Coolman, Update du 19/10/2012
Run by sandrine at 22/10/2012 17:23:28
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
UAC : deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1770 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 349 GB (77%) free of 451 GB
---\\ Logged in mode
~ Computer Name: SANDRINE-PC
~ User Name: sandrine
~ All Users Names: sandrine, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\sandrine\AppData\Roaming\
~ %Desktop% : C:\Users\sandrine\Desktop\
~ %Favorites% : C:\Users\sandrine\Favorites\
~ %LocalAppData% : C:\Users\sandrine\AppData\Local\
~ %StartMenu% : C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 349 Go of 451 Go)
D:\ CD-ROM drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
UAC deactivate by program
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.3D165C53E40236A68B7102D1A622D4E0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/08/2012 - 11:21:18.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/5
Mes musiques (My Musics) : 38/38 (Modified)
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/45
~ Mes Documents (My Documents) : 4/85
~ Mon Bureau (My Desktop) : 1/60
~ Menu demarrer (Programs) : 1/33
~ Scan Hidden Files in 00mn 00s
---\\ Processus lancés
[MD5.2C1EF6485EEB834187FC69556A64EAFE] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe [896912] [PID.1304]
[MD5.B84DBE0075A6A643F0C3C24B70B797F4] - (.NTI Corporation - Packard Bell MyBackup.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295232] [PID.2288]
[MD5.848D034D067BE2FF5CD3D779BECBDA00] - (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe [1239064] [PID.3112]
[MD5.56873D899C0707AA017AA2D74EC190AE] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3770368] [PID.4564]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.]
[MD5.53E4843E1CD3653E665DAA32241F8F8B] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [310864] [PID.]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584] [PID.]
[MD5.C409A8F7EF56A7E9CA605807EBEE2ABB] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904] [PID.]
[MD5.8F59A2506AF43F96F5397B3C79938AE9] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344] [PID.]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\sandrine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G0 - GCSP: Preference [User Data\Default] https://www.google.com/?gws_rd=ssl
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
C:\Users\sandrine\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\sandrine\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\sandrine\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\sandrine\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=packardbell.msn.com&ocid=AARDHP&pc=MAPB
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=packardbell.msn.com&ocid=AARDHP&pc=MAPB
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.babylon.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {2c80c23a-1ac3-4987-bfec-a33335aeb236} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: (no name) [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Clé orpheline
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: (no name) [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Clé orpheline
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline
~ Scan BHO in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Packard Bell MyBackup.) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [PCTuto] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2235326386-795786822-2120572921-1001\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\Nero Home\NeroHome.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SecurDisc Viewer.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\SecurDisc Viewer\SecurDisc Viewer.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - packardbell.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
O4 - Global Startup: C:\Users\sandrine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FE6C096-983A-471C-AA33-35D4B164CA26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FE6C096-983A-471C-AA33-35D4B164CA26}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FE6C096-983A-471C-AA33-35D4B164CA26}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: C:\Windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NTI Corporation - Backup Manager Module.) - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 01s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\OfferBoxUpdate.job
[MD5.44C00A385CA9DBC1D5CF3781F8C26AEA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core] (.Facebook Inc..) -- C:\Users\sandrine\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA] (.Facebook Inc..) -- C:\Users\sandrine\AppData\Local\Facebook\Update\FacebookUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001Core] (.Google Inc..) -- C:\Users\sandrine\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2235326386-795786822-2120572921-1001UA] (.Google Inc..) -- C:\Users\sandrine\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [OfferBoxUpdate] (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files (x86)\BrightBreeze\bin\2.0.12.0\BrightBreezeSA.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [YourFile Update] (...) -- C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{354EABF0-8BAC-4C1C-9998-06E754B57182}] (...) -- C:\Users\sandrine\Downloads\jeu so blonde+crack\Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{4B9DB58C-5DFF-4B2C-A0D8-746527A09F7B}] (...) -- C:\Users\sandrine\Downloads\Need For Speed - Conduite en Etat de Libert'\Patch + crack\NFS_HS_EP_Setup_(V2.1A Build 1.33).exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{6A61496F-58B9-4CA2-BE32-6105AD62A014}] (...) -- C:\Downloads\LES.SIMS.3\keygen+crack.no.DVD\TS3.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{83CA4B8E-568A-410B-B9F7-54ED4517E317}] (...) -- C:\Users\sandrine\appdata\local\temp\rar$ex06.961\Sims3EP05Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{9875BD94-64A5-4872-9599-B802D10281D2}] (...) -- C:\Users\sandrine\Downloads\53.Jeux.Objets Cach'e.Francais\AdventureChroniclesSetup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{AF71D2D3-3B27-49C4-8D8E-5133C6718DA2}] (...) -- C:\Users\sandrine\Downloads\jeu so blonde+crack\Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{DEF521EB-EA08-455A-9220-F7019E9DED36}] (...) -- D:\setup.exe (.not file.)
[MD5.29703A1247488A79B717C891F52C552C] [APT] [Burn Notification] (.Acer.) -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe
~ Scan Scheduled Task in 00mn 08s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {793E51B7-8189-E701-BA05-C8D2E6B84D8D}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A83BDD51-65F8-FB49-5B18-42DF72C006CB}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4F709EA4-F300-51D9-78D5-A198A612B929}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {53300BE7-7B2A-0057-ED1F-7974D7107EBA}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WT088216
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Backup Manager V3 - (.NTI Corporation.) [HKLM][64Bits] -- {0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088226
O42 - Logiciel: Build-a-lot 2 - (.WildTangent.) [HKLM][64Bits] -- WT088228
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5F7308C0-56FF-415A-B34C-44A90A892A95}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088235
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM][64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT088238
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT088416
O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM][64Bits] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E}
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WT088260
O42 - Logiciel: Final Drive Nitro - (.WildTangent.) [HKLM][64Bits] -- WT088420
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Product Detection - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088268
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {774C0434-9948-4DEE-A14E-69CDD316E36C}
O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF}
O42 - Logiciel: Java(TM) 6 Update 31 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WT088269
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WT088448
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 - (.Microsoft Corporation.) [HKLM][64Bits] -- {E34002C7-8CE7-3F76-B36C-09FA973BC4F6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM][64Bits] -- {57660847-B1F7-35BD-9118-F62EB863A598}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM][64Bits] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM][64Bits] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM][64Bits] -- {A39DAD32-3515-438D-8617-F8AE2A301036}
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Packard Bell Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent packardbell Master Uninstall
O42 - Logiciel: Packard Bell MyBackup - (.NTI Corporation.) [HKLM][64Bits] -- InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell .) [HKLM][64Bits] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Social Networks - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}
O42 - Logiciel: Packard Bell Social Networks - (.CyberLink Corp..) [HKLM][64Bits] -- {64EF903E-D00A-414C-94A4-FBA368FFCDC9}
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT088452
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT088283
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT088456
O42 - Logiciel: Polar Golfer - (.WildTangent.) [HKLM][64Bits] -- WT088460
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: SecurDisc Viewer - (.Nero AG.) [HKLM][64Bits] -- {4BC5B788-1670-44CA-90A2-F85193431036}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype(TM) 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Video Web Camera - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Video Web Camera - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Virtual Villagers 4 - The Tree of Life - (.WildTangent.) [HKLM][64Bits] -- WT088508
O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM][64Bits] -- WBFS Manager 3.0
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: WildTangent Games App (Packard Bell Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM][64Bits] -- {027E5FAB-1476-4C59-AAB4-32EF28520399}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM][64Bits] -- {DA54F80E-261C-41A2-A855-549A144F2F59}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM][64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM][64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM][64Bits] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088292
O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WT088531
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM][64Bits] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload]
[HKCU\Software\AMD]
[HKCU\Software\ATI]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\searchcoretoolbar]
[HKCU\Software\AppDataLow\Software\searchqutoolbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Artogon]
[HKCU\Software\BitComet]
[HKCU\Software\BitTorrent]
[HKCU\Software\BrowserTemp]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Conexant]
[HKCU\Software\CyberLink]
[HKCU\Software\Datamngr]
[HKCU\Software\Digital River]
[HKCU\Software\Dritek]
[HKCU\Software\Facebook]
[HKCU\Software\Fenomen Games]
[HKCU\Software\GOG]
[HKCU\Software\Good games]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaFinder]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PCTuto]
[HKCU\Software\ParetoLogic]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\PowerPack]
[HKCU\Software\RSB]
[HKCU\Software\Screentime Media]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\SuperSoftwarePackage]
[HKCU\Software\SweetIM]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamViewer]
[HKCU\Software\Test3D]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\ValuSoft]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\YourFileDownloader]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Acer]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\DataMngr]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\ObviousIdea]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Two Pilots]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\Boxore]
[HKLM\Software\Wow6432Node\BrowserMngr]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\FREEzeFrog]
[HKLM\Software\Wow6432Node\Freeze.com]
[HKLM\Software\Wow6432Node\GPL Ghostscript]
[HKLM\Software\Wow6432Node\GameInstaller]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OfferBox]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\PCTuto]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\ParetoLogic]
[H
hisaeh
Messages postés
2642
Date d'inscription
samedi 10 mars 2007
Statut
Membre
Dernière intervention
23 août 2019
572
22 oct. 2012 à 18:57
22 oct. 2012 à 18:57
Ton rapport est incomplet, mais il est clair qu'avec tous les adwares qui demarrent sur cet ordinateur, il doit etre vraiment ralenti.
Attends que ton sujet soit transféré sur le forum virus/sécurité.
Et poste un rapport complet.
Attends que ton sujet soit transféré sur le forum virus/sécurité.
Et poste un rapport complet.
titine08800
Messages postés
248
Date d'inscription
samedi 23 février 2008
Statut
Membre
Dernière intervention
22 mai 2014
1
22 oct. 2012 à 20:50
22 oct. 2012 à 20:50
voici enfin j'espere avoir tout cette fois ci,la fin du rapport,j'ai repris de
---// HKCU et HKLM
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload]
[HKCU\Software\AMD]
[HKCU\Software\ATI]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\searchcoretoolbar]
[HKCU\Software\AppDataLow\Software\searchqutoolbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Artogon]
[HKCU\Software\BitComet]
[HKCU\Software\BitTorrent]
[HKCU\Software\BrowserTemp]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Conexant]
[HKCU\Software\CyberLink]
[HKCU\Software\Datamngr]
[HKCU\Software\Digital River]
[HKCU\Software\Dritek]
[HKCU\Software\Facebook]
[HKCU\Software\Fenomen Games]
[HKCU\Software\GOG]
[HKCU\Software\Good games]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaFinder]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PCTuto]
[HKCU\Software\ParetoLogic]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\PowerPack]
[HKCU\Software\RSB]
[HKCU\Software\Screentime Media]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\SuperSoftwarePackage]
[HKCU\Software\SweetIM]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamViewer]
[HKCU\Software\Test3D]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\ValuSoft]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\YourFileDownloader]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Acer]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\DataMngr]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\ObviousIdea]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Two Pilots]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\Boxore]
[HKLM\Software\Wow6432Node\BrowserMngr]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\FREEzeFrog]
[HKLM\Software\Wow6432Node\Freeze.com]
[HKLM\Software\Wow6432Node\GPL Ghostscript]
[HKLM\Software\Wow6432Node\GameInstaller]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OfferBox]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\PCTuto]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\ParetoLogic]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\RSB]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\TeamViewer]
[HKLM\Software\Wow6432Node\Trymedia Systems]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\W3i]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\YourFileDownloader]
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/12/2011 - 14:39:02 - [160,429] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 20/10/2012 - 11:42:07 - [2,145] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 20/10/2012 - 11:42:20 - [0,389] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 20/10/2012 - 11:38:57 - [54,082] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [268,020] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 12/01/2012 - 12:58:38 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 04/12/2011 - 23:30:53 - [5,825] ----D C:\Program Files (x86)\Google
O43 - CFD: 16/09/2012 - 16:54:02 - [7,701] ----D C:\Program Files (x86)\GPLGS
O43 - CFD: 12/02/2012 - 11:42:28 - [1,905] ----D C:\Program Files (x86)\HP
O43 - CFD: 13/10/2011 - 16:04:59 - [60,076] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 23/09/2012 - 07:56:42 - [4,917] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/08/2012 - 12:39:53 - [205,986] ----D C:\Program Files (x86)\Java
O43 - CFD: 22/03/2011 - 07:18:38 - [7,749] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 21/07/2012 - 21:48:20 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 27/09/2012 - 08:46:58 - [1,182] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/05/2012 - 21:00:02 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 22/03/2011 - 07:40:31 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 08/01/2012 - 22:23:13 - [0,090] ----D C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 01/08/2011 - 07:52:04 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 18/09/2012 - 11:13:07 - [0,071] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 31/07/2011 - 10:25:25 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 13/08/2011 - 12:02:58 - [798,107] ----D C:\Program Files (x86)\Nero
O43 - CFD: 22/12/2010 - 14:48:04 - [359,037] ----D C:\Program Files (x86)\NTI
O43 - CFD: 14/08/2011 - 12:27:16 - [0,009] ----D C:\Program Files (x86)\Object
O43 - CFD: 19/04/2012 - 20:33:29 - [338,128] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 27/06/2012 - 17:41:43 - [33,205] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 22/03/2011 - 07:00:59 - [50,159] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 30/07/2011 - 11:01:15 - [1113,917] ----D C:\Program Files (x86)\Packard Bell Games
O43 - CFD: 20/12/2011 - 16:44:13 - [3,731] ----D C:\Program Files (x86)\RealArcade
O43 - CFD: 22/12/2010 - 14:30:52 - [9,821] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/08/2012 - 15:10:21 - [47,858] R---D C:\Program Files (x86)\Skype
O43 - CFD: 22/12/2010 - 14:45:29 - [24,751] ----D C:\Program Files (x86)\Social Networks
O43 - CFD: 16/09/2012 - 21:11:04 - [0] ----D C:\Program Files (x86)\Software
O43 - CFD: 04/04/2012 - 12:34:24 - [0,000] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 01/06/2012 - 06:50:35 - [0,855] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 22/03/2011 - 07:43:36 - [31,577] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 31/07/2011 - 11:32:37 - [80,965] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 23/09/2012 - 08:28:50 - [11,674] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 22/03/2011 - 15:53:42 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/04/2012 - 23:10:24 - [167,317] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 02/08/2011 - 10:20:50 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 02/08/2011 - 10:20:50 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 02/08/2011 - 10:20:49 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 02/08/2011 - 10:20:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 02/08/2011 - 10:20:50 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/07/2011 - 10:16:06 - [0,000] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 19/11/2011 - 17:28:37 - [0] ----D C:\Program Files (x86)\Xvid
O43 - CFD: 22/10/2012 - 17:24:03 - [10,013] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 12/07/2012 - 09:26:42 - [27,341] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/12/2010 - 15:13:21 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 22/03/2011 - 07:21:51 - [2,737] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [1,184] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/03/2011 - 07:36:53 - [0,827] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 04/12/2011 - 23:29:10 - [21,855] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 13/08/2011 - 12:15:49 - [132,736] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/02/2012 - 19:57:25 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/11/2011 - 09:00:09 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/03/2011 - 07:37:35 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 22/12/2010 - 14:43:57 - [0,000] ----D C:\ProgramData\Acer
O43 - CFD: 28/08/2012 - 07:22:45 - [123,359] ----D C:\ProgramData\Adobe
O43 - CFD: 20/10/2012 - 11:42:24 - [0,004] ----D C:\ProgramData\AMD
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 20/10/2012 - 11:50:15 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 22/12/2010 - 14:49:02 - [1,114] ----D C:\ProgramData\BackupManager
O43 - CFD: 22/02/2012 - 14:19:07 - [0,000] ----D C:\ProgramData\Becky Brogan
O43 - CFD: 19/10/2012 - 14:05:04 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 21/07/2012 - 11:48:43 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 30/07/2011 - 09:47:44 - [0,009] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 31/07/2011 - 13:42:46 - [0,067] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 08/02/2012 - 20:20:00 - [0] ----D C:\ProgramData\HP
O43 - CFD: 16/09/2012 - 20:42:53 - [2,650] ----D C:\ProgramData\InstallMate
O43 - CFD: 28/08/2012 - 07:20:16 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 21/07/2012 - 21:48:20 - [628,471] -S--D C:\ProgramData\Microsoft
O43 - CFD: 02/12/2011 - 13:12:17 - [0,048] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 13/08/2011 - 12:02:59 - [4,953] ----D C:\ProgramData\Nero
O43 - CFD: 30/07/2011 - 10:16:55 - [0,000] ----D C:\ProgramData\Norton
O43 - CFD: 22/12/2010 - 15:09:25 - [15,594] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 30/07/2011 - 09:41:24 - [0,002] ----D C:\ProgramData\OEM
O43 - CFD: 30/08/2012 - 12:19:50 - [0,316] ----D C:\ProgramData\OptimizerPro1
O43 - CFD: 22/12/2010 - 14:53:06 - [1,666] ----D C:\ProgramData\Packard Bell
O43 - CFD: 03/10/2011 - 20:04:49 - [0] ----D C:\ProgramData\Premium
O43 - CFD: 19/10/2012 - 21:16:00 - [29,125] ----D C:\ProgramData\Skype
O43 - CFD: 22/12/2011 - 11:05:08 - [0] ----D C:\ProgramData\Software
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 03/10/2011 - 20:30:11 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 18/09/2012 - 11:29:34 - [2,624] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 31/07/2012 - 10:21:23 - [0] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 18/09/2011 - 14:24:53 - [2,653] ----D C:\ProgramData\Trymedia
O43 - CFD: 03/12/2011 - 10:38:03 - [0] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 23/09/2012 - 08:24:45 - [1363,556] ----D C:\ProgramData\WildTangent
O43 - CFD: 01/12/2011 - 14:42:34 - [6,488] ----D C:\Users\sandrine\AppData\Roaming\Adobe
O43 - CFD: 15/02/2012 - 13:47:34 - [0,015] ----D C:\Users\sandrine\AppData\Roaming\Anarchy
O43 - CFD: 01/02/2012 - 17:15:31 - [0,056] ----D C:\Users\sandrine\AppData\Roaming\Artogon
O43 - CFD: 03/12/2011 - 10:51:08 - [0] ----D C:\Users\sandrine\AppData\Roaming\ATI
O43 - CFD: 27/11/2011 - 21:05:27 - [4,933] ----D C:\Users\sandrine\AppData\Roaming\Azureus
O43 - CFD: 16/09/2012 - 16:55:12 - [0,068] ----D C:\Users\sandrine\AppData\Roaming\Babylon
O43 - CFD: 27/02/2012 - 13:57:17 - [58,565] ----D C:\Users\sandrine\AppData\Roaming\Big Fish Games
O43 - CFD: 12/12/2011 - 21:43:04 - [0,541] ----D C:\Users\sandrine\AppData\Roaming\BitComet
O43 - CFD: 03/11/2011 - 14:18:20 - [0,099] ----D C:\Users\sandrine\AppData\Roaming\casualArts
O43 - CFD: 17/02/2012 - 15:35:40 - [0,006] ----D C:\Users\sandrine\AppData\Roaming\cerasus.media
O43 - CFD: 14/09/2011 - 11:17:25 - [0,021] ----D C:\Users\sandrine\AppData\Roaming\Coyotes Tale
O43 - CFD: 30/07/2011 - 09:47:39 - [0,002] ----D C:\Users\sandrine\AppData\Roaming\CyberLink
O43 - CFD: 08/01/2012 - 11:58:58 - [0] ----D C:\Users\sandrine\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 29/01/2012 - 15:20:21 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\DarkParablesBriarRose_BFG
O43 - CFD: 12/01/2012 - 15:46:47 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\DriverCure
O43 - CFD: 17/10/2012 - 19:26:47 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\dvdcss
O43 - CFD: 18/06/2012 - 08:18:06 - [0] ----D C:\Users\sandrine\AppData\Roaming\ElementalsTheMagicKey
O43 - CFD: 13/09/2012 - 16:33:46 - [0,247] ----D C:\Users\sandrine\AppData\Roaming\Enki Games
O43 - CFD: 24/06/2012 - 12:32:27 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\Enlightenus
O43 - CFD: 10/07/2012 - 22:32:40 - [8,213] ----D C:\Users\sandrine\AppData\Roaming\Enlightenus2SE_BFG
O43 - CFD: 15/02/2012 - 12:54:02 - [0,713] ----D C:\Users\sandrine\AppData\Roaming\ERS Game Studios
O43 - CFD: 14/09/2011 - 07:55:35 - [0,018] ----D C:\Users\sandrine\AppData\Roaming\Flood Light Games
O43 - CFD: 25/08/2011 - 17:13:26 - [0,011] ----D C:\Users\sandrine\AppData\Roaming\FloodLightGames
O43 - CFD: 10/12/2011 - 17:05:32 - [7,200] ----D C:\Users\sandrine\AppData\Roaming\FlyWheelGames
O43 - CFD: 25/02/2012 - 14:30:05 - [6,188] ----D C:\Users\sandrine\AppData\Roaming\Frogwares
O43 - CFD: 20/02/2012 - 21:12:55 - [0,013] ----D C:\Users\sandrine\AppData\Roaming\GameHousev1002
O43 - CFD: 24/06/2012 - 17:02:46 - [0,045] ----D C:\Users\sandrine\AppData\Roaming\Gamenauts
O43 - CFD: 14/09/2012 - 15:21:23 - [0,100] ----D C:\Users\sandrine\AppData\Roaming\GamersDigital
O43 - CFD: 22/02/2012 - 14:37:24 - [0,036] ----D C:\Users\sandrine\AppData\Roaming\Games
O43 - CFD: 13/09/2012 - 19:15:37 - [0,020] ----D C:\Users\sandrine\AppData\Roaming\HdO Adventure
O43 - CFD: 14/03/2012 - 14:42:44 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\Identities
O43 - CFD: 17/08/2011 - 00:13:42 - [0,028] ----D C:\Users\sandrine\AppData\Roaming\Lazy Turtle Games
O43 - CFD: 17/08/2012 - 16:30:37 - [0,008] ----D C:\Users\sandrine\AppData\Roaming\LegacyInteractive
O43 - CFD: 30/07/2011 - 09:41:24 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\Macromedia
O43 - CFD: 16/08/2011 - 10:47:36 - [0,010] ----D C:\Users\sandrine\AppData\Roaming\Magnet's Story
O43 - CFD: 14/08/2011 - 12:22:20 - [0,004] ----D C:\Users\sandrine\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\sandrine\AppData\Roaming\Media Center Programs
O43 - CFD: 30/01/2012 - 09:14:14 - [0,014] ----D C:\Users\sandrine\AppData\Roaming\Media Finder
O43 - CFD: 12/01/2012 - 12:55:16 - [11,196] -S--D C:\Users\sandrine\AppData\Roaming\Microsoft
O43 - CFD: 29/02/2012 - 16:29:02 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\MissTeriTale3
O43 - CFD: 05/09/2011 - 19:32:09 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\Monkey Barrel Games
O43 - CFD: 28/01/2012 - 23:44:45 - [4,713] ----D C:\Users\sandrine\AppData\Roaming\Mozilla
O43 - CFD: 14/09/2011 - 19:00:10 - [0,002] ----D C:\Users\sandrine\AppData\Roaming\MysteryStudio
O43 - CFD: 13/08/2011 - 12:22:40 - [0,318] ----D C:\Users\sandrine\AppData\Roaming\Nero
O43 - CFD: 29/03/2012 - 20:25:13 - [0] ----D C:\Users\sandrine\AppData\Roaming\ObviousIdea
O43 - CFD: 29/11/2011 - 19:04:50 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\OfferBox
O43 - CFD: 19/04/2012 - 20:41:39 - [1,608] ----D C:\Users\sandrine\AppData\Roaming\OpenOffice.org
O43 - CFD: 16/06/2012 - 11:49:05 - [0,018] ----D C:\Users\sandrine\AppData\Roaming\Orneon
O43 - CFD: 12/01/2012 - 15:46:47 - [0] ----D C:\Users\sandrine\AppData\Roaming\ParetoLogic
O43 - CFD: 04/11/2011 - 19:07:53 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\PhotoFiltre
O43 - CFD: 29/10/2011 - 15:13:52 - [6,683] ----D C:\Users\sandrine\AppData\Roaming\SecondLife
O43 - CFD: 09/11/2011 - 09:23:57 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\sekrbfgfr
O43 - CFD: 19/10/2012 - 14:08:11 - [4,604] ----D C:\Users\sandrine\AppData\Roaming\Skype
O43 - CFD: 02/02/2012 - 19:17:35 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\SNS
O43 - CFD: 04/12/2011 - 23:27:51 - [1,763] ----D C:\Users\sandrine\AppData\Roaming\SoftGrid Client
O43 - CFD: 15/02/2012 - 10:50:00 - [0,012] ----D C:\Users\sandrine\AppData\Roaming\SpinTop Games
O43 - CFD: 05/11/2011 - 18:30:28 - [4,076] ----D C:\Users\sandrine\AppData\Roaming\SulusGames
O43 - CFD: 13/02/2012 - 13:55:41 - [0,029] ----D C:\Users\sandrine\AppData\Roaming\SunRay Games
O43 - CFD: 19/10/2012 - 14:16:18 - [0,181] ----D C:\Users\sandrine\AppData\Roaming\TeamViewer
O43 - CFD: 06/03/2012 - 10:35:52 - [0,007] ----D C:\Users\sandrine\AppData\Roaming\Total Eclipse
O43 - CFD: 02/12/2011 - 13:01:40 - [0] ----D C:\Users\sandrine\AppData\Roaming\TP
O43 - CFD: 24/10/2011 - 08:48:03 - [6,091] ----D C:\Users\sandrine\AppData\Roaming\Urban Legends The Maze Strategy Guide
O43 - CFD: 22/10/2012 - 17:21:09 - [3,758] ----D C:\Users\sandrine\AppData\Roaming\uTorrent
O43 - CFD: 23/10/2011 - 19:48:03 - [0,055] ----D C:\Users\sandrine\AppData\Roaming\VampireSagaHL
O43 - CFD: 08/09/2011 - 15:50:34 - [0,074] ----D C:\Users\sandrine\AppData\Roaming\vlc
O43 - CFD: 18/06/2012 - 08:19:00 - [0,390] ----D C:\Users\sandrine\AppData\Roaming\Vogat Interactive
O43 - CFD: 23/09/2012 - 08:24:50 - [88,866] ----D C:\Users\sandrine\AppData\Roaming\WildTangent
O43 - CFD: 10/08/2011 - 09:59:49 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\Windows Live Writer
O43 - CFD: 30/07/2011 - 10:35:29 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\WinRAR
O43 - CFD: 18/09/2012 - 11:13:14 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\YourFileDownloader
O43 - CFD: 01/12/2011 - 14:37:39 - [15,614] ----D C:\Users\sandrine\AppData\Local\Adobe
O43 - CFD: 13/08/2011 - 12:13:06 - [31,186] ----D C:\Users\sandrine\AppData\Local\Ahead
O43 - CFD: 24/09/2011 - 16:01:48 - [0,001] ----D C:\Users\sandrine\AppData\Local\AlwaysNeat
O43 - CFD: 03/12/2011 - 10:51:35 - [0,000] ----D C:\Users\sandrine\AppData\Local\AMD
O43 - CFD: 30/07/2011 - 09:39:19 - [0] ----D C:\Users\sandrine\AppData\Local\Application Data
O43 - CFD: 17/09/2012 - 12:23:18 - [1,487] ----D C:\Users\sandrine\AppData\Local\Apps
O43 - CFD: 03/12/2011 - 10:51:08 - [0,087] ----D C:\Users\sandrine\AppData\Local\ATI
O43 - CFD: 21/07/2012 - 10:39:53 - [0] ----D C:\Users\sandrine\AppData\Local\Conduit
O43 - CFD: 17/09/2012 - 12:23:49 - [0] ----D C:\Users\sandrine\AppData\Local\Deployment
O43 - CFD: 22/10/2012 - 13:57:21 - [0] ----D C:\Users\sandrine\AppData\Local\Diagnostics
O43 - CFD: 20/10/2012 - 21:48:30 - [0,097] ----D C:\Users\sandrine\AppData\Local\ElevatedDiagnostics
O43 - CFD: 06/04/2012 - 23:29:25 - [7,427] ----D C:\Users\sandrine\AppData\Local\Facebook
O43 - CFD: 17/09/2012 - 12:27:48 - [564,753] ----D C:\Users\sandrine\AppData\Local\Google
O43 - CFD: 30/07/2011 - 09:39:19 - [0] ----D C:\Users\sandrine\AppData\Local\Historique
O43 - CFD: 18/03/2012 - 07:58:15 - [0] ----D C:\Users\sandrine\AppData\Local\JollyBear
O43 - CFD: 24/02/2012 - 21:11:19 - [0,002] ----D C:\Users\sandrine\AppData\Local\Menge
O43 - CFD: 19/10/2012 - 21:30:25 - [700,609] ----D C:\Users\sandrine\AppData\Local\Microsoft
O43 - CFD: 23/09/2012 - 08:26:56 - [0,339] ----D C:\Users\sandrine\AppData\Local\Microsoft Games
O43 - CFD: 02/12/2011 - 13:12:14 - [0] ----D C:\Users\sandrine\AppData\Local\Microsoft Help
O43 - CFD: 22/12/2011 - 00:58:10 - [0,929] ----D C:\Users\sandrine\AppData\Local\MPlayer
O43 - CFD: 15/06/2012 - 11:19:55 - [50,751] ----D C:\Users\sandrine\AppData\Local\Oberon Games
O43 - CFD: 16/11/2011 - 21:24:44 - [0] ----D C:\Users\sandrine\AppData\Local\PackageAware
O43 - CFD: 14/09/2011 - 21:01:46 - [4,105] ----D C:\Users\sandrine\AppData\Local\SoftGrid Client
O43 - CFD: 22/12/2011 - 00:53:51 - [0] ----D C:\Users\sandrine\AppData\Local\Software
O43 - CFD: 17/02/2012 - 15:45:17 - [0,251] ----D C:\Users\sandrine\AppData\Local\sowhat
O43 - CFD: 22/10/2012 - 17:22:26 - [24,861] ----D C:\Users\sandrine\AppData\Local\Temp
O43 - CFD: 30/07/2011 - 09:39:19 - [0] ----D C:\Users\sandrine\AppData\Local\Temporary Internet Files
O43 - CFD: 08/01/2012 - 11:34:02 - [0] ----D C:\Users\sandrine\AppData\Local\uTorrent
O43 - CFD: 13/06/2012 - 08:27:38 - [111,273] ----D C:\Users\sandrine\AppData\Local\VirtualStore
O43 - CFD: 16/09/2012 - 16:53:22 - [0,054] ----D C:\Users\sandrine\AppData\Local\Wajam
O43 - CFD: 01/08/2011 - 11:29:16 - [0,003] ----D C:\Users\sandrine\AppData\Local\WBFSManager
O43 - CFD: 18/08/2012 - 20:38:49 - [0,125] ----D C:\Users\sandrine\AppData\Local\Windows Live
O43 - CFD: 27/08/2011 - 08:28:05 - [0,620] ----D C:\Users\sandrine\AppData\Local\Windows Live Writer
O43 - CFD: 22/10/2012 - 07:38:52 - [0] ----D C:\Users\sandrine\AppData\Local\{01AE8AE2-76E0-4903-ABB8-C000A7EB3937}
O43 - CFD: 20/10/2012 - 10:19:55 - [0] ----D C:\Users\sandrine\AppData\Local\{5D4D69E6-3771-467B-BFA1-D5E5AF9951B8}
O43 - CFD: 21/10/2012 - 09:25:04 - [0] ----D C:\Users\sandrine\AppData\Local\{AF20BE5E-5883-4F18-B8B1-1583A682A8CE}
O43 - CFD: 19/10/2012 - 22:12:40 - [0] ----D C:\Users\sandrine\AppData\Local\{D7DFC33C-5DE6-42E5-9F9B-E0FFCAC136CC}
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/07/2012 - 08:46:41 - [0,000] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20/10/2012 - 15:06:25 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 17/09/2012 - 12:28:19 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 19/10/2012 - 14:35:11 - [0,000] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/08/2011 - 11:28:17 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager
O43 - CFD: 30/07/2011 - 10:35:27 - [0,003] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 01/12/2011 - 14:39:02 - [160,429] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 20/10/2012 - 11:42:07 - [2,145] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 20/10/2012 - 11:42:20 - [0,389] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 20/10/2012 - 11:38:57 - [54,082] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [268,020] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 12/01/2012 - 12:58:38 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 04/12/2011 - 23:30:53 - [5,825] ----D C:\Program Files (x86)\Google
O43 - CFD: 16/09/2012 - 16:54:02 - [7,701] ----D C:\Program Files (x86)\GPLGS
O43 - CFD: 12/02/2012 - 11:42:28 - [1,905] ----D C:\Program Files (x86)\HP
O43 - CFD: 13/10/2011 - 16:04:59 - [60,076] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 23/09/2012 - 07:56:42 - [4,917] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/08/2012 - 12:39:53 - [205,986] ----D C:\Program Files (x86)\Java
O43 - CFD: 22/03/2011 - 07:18:38 - [7,749] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 21/07/2012 - 21:48:20 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 27/09/2012 - 08:46:58 - [1,182] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/05/2012 - 21:00:02 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 22/03/2011 - 07:40:31 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 08/01/2012 - 22:23:13 - [0,090] ----D C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 01/08/2011 - 07:52:04 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 18/09/2012 - 11:13:07 - [0,071] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 31/07/2011 - 10:25:25 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 13/08/2011 - 12:02:58 - [798,107] ----D C:\Program Files (x86)\Nero
O43 - CFD: 22/12/2010 - 14:48:04 - [359,037] ----D C:\Program Files (x86)\NTI
O43 - CFD: 14/08/2011 - 12:27:16 - [0,009] ----D C:\Program Files (x86)\Object
O43 - CFD: 19/04/2012 - 20:33:29 - [338,128] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 27/06/2012 - 17:41:43 - [33,205] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 22/03/2011 - 07:00:59 - [50,159] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 30/07/2011 - 11:01:15 - [1113,917] ----D C:\Program Files (x86)\Packard Bell Games
O43 - CFD: 20/12/2011 - 16:44:13 - [3,731] ----D C:\Program Files (x86)\RealArcade
O43 - CFD: 22/12/2010 - 14:30:52 - [9,821] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/08/2012 - 15:10:21 - [47,858] R---D C:\Program Files (x86)\Skype
O43 - CFD: 22/12/2010 - 14:45:29 - [24,751] ----D C:\Program Files (x86)\Social Networks
O43 - CFD: 16/09/2012 - 21:11:04 - [0] ----D C:\Program Files (x86)\Software
O43 - CFD: 04/04/2012 - 12:34:24 - [0,000] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 01/06/2012 - 06:50:35 - [0,855] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 22/03/2011 - 07:43:36 - [31,577] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 31/07/2011 - 11:32:37 - [80,965] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 23/09/2012 - 08:28:50 - [11,674] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 22/03/2011 - 15:53:42 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/04/2012 - 23:10:24 - [167,317] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 02/08/2011 - 10:20:50 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 02/08/2011 - 10:20:50 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 02/08/2011 - 10:20:49 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 02/08/2011 - 10:20:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 02/08/2011 - 10:20:50 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/07/2011 - 10:16:06 - [0,000] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 19/11/2011 - 17:28:37 - [0] ----D C:\Program Files (x86)\Xvid
O43 - CFD: 22/10/2012 - 17:24:03 - [10,013] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 12/07/2012 - 09:26:42 - [27,341] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/12/2010 - 15:13:21 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 22/03/2011 - 07:21:51 - [2,737] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [1,184] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/03/2011 - 07:36:53 - [0,827] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 04/12/2011 - 23:29:10 - [21,855] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 13/08/2011 - 12:15:49 - [132,736] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/02/2012 - 19:57:25 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/11/2011 - 09:00:09 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/03/2011 - 07:37:35 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 24s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B449193E20D8B8A3E901FD3058753BE3] - 22/10/2012 - 16:08:54 ---A- . (...) -- C:\Windows\WindowsUpdate.log [223810]
O44 - LFC:[MD5.B0EC8C6756A84C17ADB89B58786DD8E4] - 22/10/2012 - 16:05:37 ---A- . (...) -- C:\Windows\setupact.log [280]
O44 - LFC:[MD5.1F9296230F28803C435906EFE0E92843] - 22/10/2012 - 16:05:32 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2012 - 14:00:36 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.F5D37F55E359A9A767ABB118F6A15CAC] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [3138008]
O44 - LFC:[MD5.6C5042478968582CC7B2B2D84D8440B2] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [3592788]
O44 - LFC:[MD5.DE915DD32C6E5270E351D33C87BF6529] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [3784678]
O44 - LFC:[MD5.497640ADDDC42696D6374FF058D045DC] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [10918200]
O44 - LFC:[MD5.CCF02D9D2BE906BAB2B9C5E887987E18] - 20/10/2012 - 21:26:05 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [5426]
O44 - LFC:[MD5.CCF02D9D2BE906BAB2B9C5E887987E18] - 20/10/2012 - 21:26:05 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [5426]
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 20/10/2012 - 17:43:27 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.BEED8C6A6FD73662221381415B3F06A0] - 20/10/2012 - 10:35:06 ---A- . (.AMD - CoInstaller DLL.) -- C:\Windows\SysNative\coinst_9.001.dll [70144]
O44 - LFC:[MD5.347DA9FAB81A768E64B5B149B2A586C0] - 20/10/2012 - 10:35:06 ---A- . (.Advanced Micro Devices, Inc. - atiuxpag.dll.) -- C:\Windows\SysNative\atiuxp64.dll [129536]
O44 - LFC:[MD5.D5B0DFEDCCF103ABA393405D9FF1B052] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atiicdxx.dat [14848]]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atimpc64.dll [14848]]]
O44 - LFC:[MD5.A8B491478B6F329B1D25305E816526A3] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atimuixx.dll [14848]]]]
O44 - LFC:[MD5.0116298C92177F0DDC2C9D94F9738FE0] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atio6axx.dll [14848]]]]]
O44 - LFC:[MD5.B29C2402B8FB33CB9C02C455AE286893] - 20/10/2012 - 10:35:05 ---A- . (.AMD - AMD External Events Client Module.) -- C:\Windows\SysNative\atieclxx.exe [536064]
O44 - LFC:[MD5.AA4433349A9D526CD8018FA0AA630B86] - 20/10/2012 - 10:35:05 ---A- . (.AMD - AMD External Events Service Module.) -- C:\Windows\SysNative\atiesrxx.exe [239616]
O44 - LFC:[MD5.A8B491478B6F329B1D25305E816526A3] - 20/10/2012 - 10:35:05 ---A- . (.AMD - Multi-language DPPE DLL.) -- C:\Windows\SysNative\atimuixx.dll [21504]
O44 - LFC:[MD5.5BF8A8C9F053CB0C4A8CFAB24BAF3FD5] - 20/10/2012 - 10:35:05 ---A- . (.AMD - TMM Clone Control Module.) -- C:\Windows\SysNative\atitmm64.dll [120320]
O44 - LFC:[MD5.66B62583C79EFF5C921E980B10745F14] - 20/10/2012 - 10:35:05 ---A- . (.ATI Technologies, Inc. - atiedu64.) -- C:\Windows\SysNative\atiedu64.dll [59392]
O44 - LFC:[MD5.C3AB6F0A8819B576F7130995F10C9919] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices Inc. - ATI CAL DD.) -- C:\Windows\SysNative\aticaldd64.dll [16082432]
O44 - LFC:[MD5.B64031083AA1A58DE2EFD13B67A1B5C3] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices Inc. - ATI CAL runtime.) -- C:\Windows\SysNative\aticalrt64.dll [51200]
O44 - LFC:[MD5.0116298C92177F0DDC2C9D94F9738FE0] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - AMD OpenGL driver.) -- C:\Windows\SysNative\atio6axx.dll [23825920]
O44 - LFC:[MD5.899D8E974EF9045F4844FA490A5BD148] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Graphics DEM.) -- C:\Windows\SysNative\atidemgy.dll [442368]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\SysNative\amdpcom64.dll [56320]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\SysNative\atimpc64.dll [56320]
O44 - LFC:[MD5.AD599057D897EB7C002DD9CDBEB7D6FE] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) -- C:\Windows\SysNative\atiumd6a.dll [3127296]
O44 - LFC:[MD5.731974382E9635A599536090300B79DB] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atigktxx.dll.) -- C:\Windows\SysNative\atig6txx.dll [41984]
O44 - LFC:[MD5.8C6F122293CC55BB9BA3D9013E054E34] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\SysNative\atig6pxx.dll [17920]
O44 - LFC:[MD5.BBCBCB5D98BE8890C1631912DCA0F6D8] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\SysNative\atiglpxx.dll [14848]
O44 - LFC:[MD5.BBCBCB5D98BE8890C1631912DCA0F6D8] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atiglpxx.dll [14848]
O44 - LFC:[MD5.3A0608812564BEB10536BCD6CD5C5CF3] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiu9pag.dll.) -- C:\Windows\SysNative\atiu9p64.dll [103424]
O44 - LFC:[MD5.3098C0853538A9D7F49AD35602B77479] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiumdag.dll.) -- C:\Windows\SysNative\atiumd64.dll [6704128]
O44 - LFC:[MD5.47F95631EA439C0813602FD7B03BBC40] - 20/10/2012 - 10:35:04 ---A- . (.Advanced Micro Devices Inc. - ATI CAL compiler runtime.) -- C:\Windows\SysNative\aticalcl64.dll [44544]
O44 - LFC:[MD5.08B21410BE4D3E46F4E90BC54FCE4ABA] - 20/10/2012 - 10:35:04 ---A- . (.Advanced Micro Devices, Inc. - ADL.) -- C:\Windows\SysNative\atiadlxx.dll [595456]
O44 - LFC:[MD5.FA3F5B9639E16AFF2E9EFBB5688236CA] - 20/10/2012 - 10:35:04 ---A- . (.Advanced Micro Devices, Inc. - atiapfxx Application.) -- C:\Windows\SysNative\atiapfxx.exe [163840]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 27/09/2012 - 07:47:43 ---A- . (...) -- C:\Windows\epplauncher.mif [1912]
O44 - LFC:[MD5.BEED8C6A6FD73662221381415B3F06A0] - 13/09/2012 - 17:46:08 . (...) -- C:\Windows\System32\coinst_9.001.dll [204952]]
O44 - LFC:[MD5.5E56610B8B5FC8A4AE4219578B595D7E] - 13/09/2012 - 17:45:02 ---A- . (...) -- C:\Windows\SysNative\atiapfxx.blb [300864]
O44 - LFC:[MD5.5E56610B8B5FC8A4AE4219578B595D7E] - 13/09/2012 - 17:45:02 ---A- . (...) -- C:\Windows\System32\atiapfxx.blb [300864]
O44 - LFC:[MD5.FA3F5B9639E16AFF2E9EFBB5688236CA] - 13/09/2012 - 17:42:12 . (...) -- C:\Windows\System32\atiapfxx.exe [300864]]
O44 - LFC:[MD5.B64031083AA1A58DE2EFD13B67A1B5C3] - 13/09/2012 - 17:40:52 . (...) -- C:\Windows\System32\aticalrt64.dll [300864]]]]]
O44 - LFC:[MD5.47F95631EA439C0813602FD7B03BBC40] - 13/09/2012 - 17:40:44 . (...) -- C:\Windows\System32\aticalcl64.dll [300864]]]
O44 - LFC:[MD5.C3AB6F0A8819B576F7130995F10C9919] - 13/09/2012 - 17:40:32 . (...) -- C:\Windows\System32\aticaldd64.dll [300864]]]]
O44 - LFC:[MD5.5BF8A8C9F053CB0C4A8CFAB24BAF3FD5] - 13/09/2012 - 17:17:14 . (...) -- C:\Windows\System32\atitmm64.dll [3917]]
O44 - LFC:[MD5.AD599057D897EB7C002DD9CDBEB7D6FE] - 13/09/2012 - 17:13:42 . (...) -- C:\Windows\System32\atiumd6a.dll [3917]]]]]]
O44 - LFC:[MD5.DA9ADC2072E2C7C7196B3852865B7E92] - 13/09/2012 - 17:12:18 . (...) -- C:\Windows\System32\atiumd6a.cap [3917]]]]]
O44 - LFC:[MD5.DA9ADC2072E2C7C7196B3852865B7E92] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\SysNative\atiumd6a.cap [2886016]
O44 - LFC:[MD5.7C163EDE63854539828F5B2C1BC529FD] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\SysNative\ativvsva.dat [157144]
O44 - LFC:[MD5.219D7091DD1D93728392337FE9C7ADD6] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\SysNative\ativvsvl.dat [204952]
O44 - LFC:[MD5.7C163EDE63854539828F5B2C1BC529FD] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\System32\ativvsva.dat [157144]
O44 - LFC:[MD5.219D7091DD1D93728392337FE9C7ADD6] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\System32\ativvsvl.dat [204952]
O44 - LFC:[MD5.3098C0853538A9D7F49AD35602B77479] - 13/09/2012 - 17:06:56 . (...) -- C:\Windows\System32\atiumd64.dll [3917]]]]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 13/09/2012 - 16:56:10 . (...) -- C:\Windows\System32\amdpcom64.dll []
O44 - LFC:[MD5.347DA9FAB81A768E64B5B149B2A586C0] - 13/09/2012 - 16:54:20 . (...) -- C:\Windows\System32\atiuxp64.dll [3917]]]]]]]
O44 - LFC:[MD5.3A0608812564BEB10536BCD6CD5C5CF3] - 13/09/2012 - 16:54:06 . (...) -- C:\Windows\System32\atiu9p64.dll [3917]]]
O44 - LFC:[MD5.FD538967D22849B1CDC5BD2E47167AE8] - 04/09/2012 - 15:10:40 ---A- . (...) -- C:\Windows\atiogl.xml [38204]
O44 - LFC:[MD5.402B44B31C7183FCF2C4E1083AF317FA] - 20/08/2012 - 19:46:22 . (...) -- C:\Windows\System32\conhost.exe [204952]]]
O44 - LFC:[MD5.D5B0DFEDCCF103ABA393405D9FF1B052] - 23/05/2012 - 10:31:04 ---A- . (...) -- C:\Windows\SysNative\atiicdxx.dat [632252]
O44 - LFC:[MD5.64A0869F18560CD529120ADE00155C3E] - 12/09/2011 - 17:06:18 ---A- . (...) -- C:\Windows\SysNative\atipblag.dat [3917]
O44 - LFC:[MD5.64A0869F18560CD529120ADE00155C3E] - 12/09/2011 - 17:06:18 ---A- . (...) -- C:\Windows\System32\atipblag.dat [3917]
~ Scan Files in 00mn 23s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\sandrine\AppData\Local\Facebook\Update\FacebookUpdate.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\sandrine\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\LManager [Key] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (...) -- ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NBKeyScan [Key] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 13/09/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 18s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML.JRRO7OUDDBWEKWIFEEZWRJAJQQ>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML.JRRO7OUDDBWEKWIFEEZWRJAJQQ>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0D7562AE-8EF6-416d-A838-AB665251703A} - (Facemoods Search) - http://start.facemoods.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - https://isearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (GadgetBox) - http://ww12.gboxapp.com
O69 - SBI: SearchScopes [HKCU] {D6CED522-2DB9-4D1E-A529-EAE070793FC8} - (Yahoo! Search) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - https://search.sweetim.com/
O69 - SBI: SearchScopes [HKCU] {f3d17ef2-8118-4fa3-afea-bb2e18a69054} - (iadah) - https://www.hugedomains.com/domain_profile.cfm?d=iadah&e=com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'applic
---// HKCU et HKLM
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload]
[HKCU\Software\AMD]
[HKCU\Software\ATI]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\searchcoretoolbar]
[HKCU\Software\AppDataLow\Software\searchqutoolbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Artogon]
[HKCU\Software\BitComet]
[HKCU\Software\BitTorrent]
[HKCU\Software\BrowserTemp]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Conexant]
[HKCU\Software\CyberLink]
[HKCU\Software\Datamngr]
[HKCU\Software\Digital River]
[HKCU\Software\Dritek]
[HKCU\Software\Facebook]
[HKCU\Software\Fenomen Games]
[HKCU\Software\GOG]
[HKCU\Software\Good games]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaFinder]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PCTuto]
[HKCU\Software\ParetoLogic]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\PowerPack]
[HKCU\Software\RSB]
[HKCU\Software\Screentime Media]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\SuperSoftwarePackage]
[HKCU\Software\SweetIM]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamViewer]
[HKCU\Software\Test3D]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\ValuSoft]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\YourFileDownloader]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Acer]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\DataMngr]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\ObviousIdea]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Two Pilots]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\Boxore]
[HKLM\Software\Wow6432Node\BrowserMngr]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\FREEzeFrog]
[HKLM\Software\Wow6432Node\Freeze.com]
[HKLM\Software\Wow6432Node\GPL Ghostscript]
[HKLM\Software\Wow6432Node\GameInstaller]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OfferBox]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\PCTuto]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\ParetoLogic]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\RSB]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\TeamViewer]
[HKLM\Software\Wow6432Node\Trymedia Systems]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\W3i]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\YourFileDownloader]
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/12/2011 - 14:39:02 - [160,429] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 20/10/2012 - 11:42:07 - [2,145] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 20/10/2012 - 11:42:20 - [0,389] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 20/10/2012 - 11:38:57 - [54,082] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [268,020] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 12/01/2012 - 12:58:38 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 04/12/2011 - 23:30:53 - [5,825] ----D C:\Program Files (x86)\Google
O43 - CFD: 16/09/2012 - 16:54:02 - [7,701] ----D C:\Program Files (x86)\GPLGS
O43 - CFD: 12/02/2012 - 11:42:28 - [1,905] ----D C:\Program Files (x86)\HP
O43 - CFD: 13/10/2011 - 16:04:59 - [60,076] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 23/09/2012 - 07:56:42 - [4,917] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/08/2012 - 12:39:53 - [205,986] ----D C:\Program Files (x86)\Java
O43 - CFD: 22/03/2011 - 07:18:38 - [7,749] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 21/07/2012 - 21:48:20 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 27/09/2012 - 08:46:58 - [1,182] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/05/2012 - 21:00:02 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 22/03/2011 - 07:40:31 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 08/01/2012 - 22:23:13 - [0,090] ----D C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 01/08/2011 - 07:52:04 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 18/09/2012 - 11:13:07 - [0,071] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 31/07/2011 - 10:25:25 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 13/08/2011 - 12:02:58 - [798,107] ----D C:\Program Files (x86)\Nero
O43 - CFD: 22/12/2010 - 14:48:04 - [359,037] ----D C:\Program Files (x86)\NTI
O43 - CFD: 14/08/2011 - 12:27:16 - [0,009] ----D C:\Program Files (x86)\Object
O43 - CFD: 19/04/2012 - 20:33:29 - [338,128] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 27/06/2012 - 17:41:43 - [33,205] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 22/03/2011 - 07:00:59 - [50,159] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 30/07/2011 - 11:01:15 - [1113,917] ----D C:\Program Files (x86)\Packard Bell Games
O43 - CFD: 20/12/2011 - 16:44:13 - [3,731] ----D C:\Program Files (x86)\RealArcade
O43 - CFD: 22/12/2010 - 14:30:52 - [9,821] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/08/2012 - 15:10:21 - [47,858] R---D C:\Program Files (x86)\Skype
O43 - CFD: 22/12/2010 - 14:45:29 - [24,751] ----D C:\Program Files (x86)\Social Networks
O43 - CFD: 16/09/2012 - 21:11:04 - [0] ----D C:\Program Files (x86)\Software
O43 - CFD: 04/04/2012 - 12:34:24 - [0,000] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 01/06/2012 - 06:50:35 - [0,855] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 22/03/2011 - 07:43:36 - [31,577] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 31/07/2011 - 11:32:37 - [80,965] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 23/09/2012 - 08:28:50 - [11,674] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 22/03/2011 - 15:53:42 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/04/2012 - 23:10:24 - [167,317] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 02/08/2011 - 10:20:50 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 02/08/2011 - 10:20:50 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 02/08/2011 - 10:20:49 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 02/08/2011 - 10:20:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 02/08/2011 - 10:20:50 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/07/2011 - 10:16:06 - [0,000] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 19/11/2011 - 17:28:37 - [0] ----D C:\Program Files (x86)\Xvid
O43 - CFD: 22/10/2012 - 17:24:03 - [10,013] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 12/07/2012 - 09:26:42 - [27,341] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/12/2010 - 15:13:21 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 22/03/2011 - 07:21:51 - [2,737] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [1,184] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/03/2011 - 07:36:53 - [0,827] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 04/12/2011 - 23:29:10 - [21,855] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 13/08/2011 - 12:15:49 - [132,736] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/02/2012 - 19:57:25 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/11/2011 - 09:00:09 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/03/2011 - 07:37:35 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 22/12/2010 - 14:43:57 - [0,000] ----D C:\ProgramData\Acer
O43 - CFD: 28/08/2012 - 07:22:45 - [123,359] ----D C:\ProgramData\Adobe
O43 - CFD: 20/10/2012 - 11:42:24 - [0,004] ----D C:\ProgramData\AMD
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 20/10/2012 - 11:50:15 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 22/12/2010 - 14:49:02 - [1,114] ----D C:\ProgramData\BackupManager
O43 - CFD: 22/02/2012 - 14:19:07 - [0,000] ----D C:\ProgramData\Becky Brogan
O43 - CFD: 19/10/2012 - 14:05:04 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 21/07/2012 - 11:48:43 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 30/07/2011 - 09:47:44 - [0,009] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 31/07/2011 - 13:42:46 - [0,067] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 08/02/2012 - 20:20:00 - [0] ----D C:\ProgramData\HP
O43 - CFD: 16/09/2012 - 20:42:53 - [2,650] ----D C:\ProgramData\InstallMate
O43 - CFD: 28/08/2012 - 07:20:16 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 21/07/2012 - 21:48:20 - [628,471] -S--D C:\ProgramData\Microsoft
O43 - CFD: 02/12/2011 - 13:12:17 - [0,048] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 30/07/2011 - 09:39:03 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 13/08/2011 - 12:02:59 - [4,953] ----D C:\ProgramData\Nero
O43 - CFD: 30/07/2011 - 10:16:55 - [0,000] ----D C:\ProgramData\Norton
O43 - CFD: 22/12/2010 - 15:09:25 - [15,594] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 30/07/2011 - 09:41:24 - [0,002] ----D C:\ProgramData\OEM
O43 - CFD: 30/08/2012 - 12:19:50 - [0,316] ----D C:\ProgramData\OptimizerPro1
O43 - CFD: 22/12/2010 - 14:53:06 - [1,666] ----D C:\ProgramData\Packard Bell
O43 - CFD: 03/10/2011 - 20:04:49 - [0] ----D C:\ProgramData\Premium
O43 - CFD: 19/10/2012 - 21:16:00 - [29,125] ----D C:\ProgramData\Skype
O43 - CFD: 22/12/2011 - 11:05:08 - [0] ----D C:\ProgramData\Software
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 03/10/2011 - 20:30:11 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 18/09/2012 - 11:29:34 - [2,624] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 31/07/2012 - 10:21:23 - [0] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 18/09/2011 - 14:24:53 - [2,653] ----D C:\ProgramData\Trymedia
O43 - CFD: 03/12/2011 - 10:38:03 - [0] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 23/09/2012 - 08:24:45 - [1363,556] ----D C:\ProgramData\WildTangent
O43 - CFD: 01/12/2011 - 14:42:34 - [6,488] ----D C:\Users\sandrine\AppData\Roaming\Adobe
O43 - CFD: 15/02/2012 - 13:47:34 - [0,015] ----D C:\Users\sandrine\AppData\Roaming\Anarchy
O43 - CFD: 01/02/2012 - 17:15:31 - [0,056] ----D C:\Users\sandrine\AppData\Roaming\Artogon
O43 - CFD: 03/12/2011 - 10:51:08 - [0] ----D C:\Users\sandrine\AppData\Roaming\ATI
O43 - CFD: 27/11/2011 - 21:05:27 - [4,933] ----D C:\Users\sandrine\AppData\Roaming\Azureus
O43 - CFD: 16/09/2012 - 16:55:12 - [0,068] ----D C:\Users\sandrine\AppData\Roaming\Babylon
O43 - CFD: 27/02/2012 - 13:57:17 - [58,565] ----D C:\Users\sandrine\AppData\Roaming\Big Fish Games
O43 - CFD: 12/12/2011 - 21:43:04 - [0,541] ----D C:\Users\sandrine\AppData\Roaming\BitComet
O43 - CFD: 03/11/2011 - 14:18:20 - [0,099] ----D C:\Users\sandrine\AppData\Roaming\casualArts
O43 - CFD: 17/02/2012 - 15:35:40 - [0,006] ----D C:\Users\sandrine\AppData\Roaming\cerasus.media
O43 - CFD: 14/09/2011 - 11:17:25 - [0,021] ----D C:\Users\sandrine\AppData\Roaming\Coyotes Tale
O43 - CFD: 30/07/2011 - 09:47:39 - [0,002] ----D C:\Users\sandrine\AppData\Roaming\CyberLink
O43 - CFD: 08/01/2012 - 11:58:58 - [0] ----D C:\Users\sandrine\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 29/01/2012 - 15:20:21 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\DarkParablesBriarRose_BFG
O43 - CFD: 12/01/2012 - 15:46:47 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\DriverCure
O43 - CFD: 17/10/2012 - 19:26:47 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\dvdcss
O43 - CFD: 18/06/2012 - 08:18:06 - [0] ----D C:\Users\sandrine\AppData\Roaming\ElementalsTheMagicKey
O43 - CFD: 13/09/2012 - 16:33:46 - [0,247] ----D C:\Users\sandrine\AppData\Roaming\Enki Games
O43 - CFD: 24/06/2012 - 12:32:27 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\Enlightenus
O43 - CFD: 10/07/2012 - 22:32:40 - [8,213] ----D C:\Users\sandrine\AppData\Roaming\Enlightenus2SE_BFG
O43 - CFD: 15/02/2012 - 12:54:02 - [0,713] ----D C:\Users\sandrine\AppData\Roaming\ERS Game Studios
O43 - CFD: 14/09/2011 - 07:55:35 - [0,018] ----D C:\Users\sandrine\AppData\Roaming\Flood Light Games
O43 - CFD: 25/08/2011 - 17:13:26 - [0,011] ----D C:\Users\sandrine\AppData\Roaming\FloodLightGames
O43 - CFD: 10/12/2011 - 17:05:32 - [7,200] ----D C:\Users\sandrine\AppData\Roaming\FlyWheelGames
O43 - CFD: 25/02/2012 - 14:30:05 - [6,188] ----D C:\Users\sandrine\AppData\Roaming\Frogwares
O43 - CFD: 20/02/2012 - 21:12:55 - [0,013] ----D C:\Users\sandrine\AppData\Roaming\GameHousev1002
O43 - CFD: 24/06/2012 - 17:02:46 - [0,045] ----D C:\Users\sandrine\AppData\Roaming\Gamenauts
O43 - CFD: 14/09/2012 - 15:21:23 - [0,100] ----D C:\Users\sandrine\AppData\Roaming\GamersDigital
O43 - CFD: 22/02/2012 - 14:37:24 - [0,036] ----D C:\Users\sandrine\AppData\Roaming\Games
O43 - CFD: 13/09/2012 - 19:15:37 - [0,020] ----D C:\Users\sandrine\AppData\Roaming\HdO Adventure
O43 - CFD: 14/03/2012 - 14:42:44 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\Identities
O43 - CFD: 17/08/2011 - 00:13:42 - [0,028] ----D C:\Users\sandrine\AppData\Roaming\Lazy Turtle Games
O43 - CFD: 17/08/2012 - 16:30:37 - [0,008] ----D C:\Users\sandrine\AppData\Roaming\LegacyInteractive
O43 - CFD: 30/07/2011 - 09:41:24 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\Macromedia
O43 - CFD: 16/08/2011 - 10:47:36 - [0,010] ----D C:\Users\sandrine\AppData\Roaming\Magnet's Story
O43 - CFD: 14/08/2011 - 12:22:20 - [0,004] ----D C:\Users\sandrine\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\sandrine\AppData\Roaming\Media Center Programs
O43 - CFD: 30/01/2012 - 09:14:14 - [0,014] ----D C:\Users\sandrine\AppData\Roaming\Media Finder
O43 - CFD: 12/01/2012 - 12:55:16 - [11,196] -S--D C:\Users\sandrine\AppData\Roaming\Microsoft
O43 - CFD: 29/02/2012 - 16:29:02 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\MissTeriTale3
O43 - CFD: 05/09/2011 - 19:32:09 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\Monkey Barrel Games
O43 - CFD: 28/01/2012 - 23:44:45 - [4,713] ----D C:\Users\sandrine\AppData\Roaming\Mozilla
O43 - CFD: 14/09/2011 - 19:00:10 - [0,002] ----D C:\Users\sandrine\AppData\Roaming\MysteryStudio
O43 - CFD: 13/08/2011 - 12:22:40 - [0,318] ----D C:\Users\sandrine\AppData\Roaming\Nero
O43 - CFD: 29/03/2012 - 20:25:13 - [0] ----D C:\Users\sandrine\AppData\Roaming\ObviousIdea
O43 - CFD: 29/11/2011 - 19:04:50 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\OfferBox
O43 - CFD: 19/04/2012 - 20:41:39 - [1,608] ----D C:\Users\sandrine\AppData\Roaming\OpenOffice.org
O43 - CFD: 16/06/2012 - 11:49:05 - [0,018] ----D C:\Users\sandrine\AppData\Roaming\Orneon
O43 - CFD: 12/01/2012 - 15:46:47 - [0] ----D C:\Users\sandrine\AppData\Roaming\ParetoLogic
O43 - CFD: 04/11/2011 - 19:07:53 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\PhotoFiltre
O43 - CFD: 29/10/2011 - 15:13:52 - [6,683] ----D C:\Users\sandrine\AppData\Roaming\SecondLife
O43 - CFD: 09/11/2011 - 09:23:57 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\sekrbfgfr
O43 - CFD: 19/10/2012 - 14:08:11 - [4,604] ----D C:\Users\sandrine\AppData\Roaming\Skype
O43 - CFD: 02/02/2012 - 19:17:35 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\SNS
O43 - CFD: 04/12/2011 - 23:27:51 - [1,763] ----D C:\Users\sandrine\AppData\Roaming\SoftGrid Client
O43 - CFD: 15/02/2012 - 10:50:00 - [0,012] ----D C:\Users\sandrine\AppData\Roaming\SpinTop Games
O43 - CFD: 05/11/2011 - 18:30:28 - [4,076] ----D C:\Users\sandrine\AppData\Roaming\SulusGames
O43 - CFD: 13/02/2012 - 13:55:41 - [0,029] ----D C:\Users\sandrine\AppData\Roaming\SunRay Games
O43 - CFD: 19/10/2012 - 14:16:18 - [0,181] ----D C:\Users\sandrine\AppData\Roaming\TeamViewer
O43 - CFD: 06/03/2012 - 10:35:52 - [0,007] ----D C:\Users\sandrine\AppData\Roaming\Total Eclipse
O43 - CFD: 02/12/2011 - 13:01:40 - [0] ----D C:\Users\sandrine\AppData\Roaming\TP
O43 - CFD: 24/10/2011 - 08:48:03 - [6,091] ----D C:\Users\sandrine\AppData\Roaming\Urban Legends The Maze Strategy Guide
O43 - CFD: 22/10/2012 - 17:21:09 - [3,758] ----D C:\Users\sandrine\AppData\Roaming\uTorrent
O43 - CFD: 23/10/2011 - 19:48:03 - [0,055] ----D C:\Users\sandrine\AppData\Roaming\VampireSagaHL
O43 - CFD: 08/09/2011 - 15:50:34 - [0,074] ----D C:\Users\sandrine\AppData\Roaming\vlc
O43 - CFD: 18/06/2012 - 08:19:00 - [0,390] ----D C:\Users\sandrine\AppData\Roaming\Vogat Interactive
O43 - CFD: 23/09/2012 - 08:24:50 - [88,866] ----D C:\Users\sandrine\AppData\Roaming\WildTangent
O43 - CFD: 10/08/2011 - 09:59:49 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\Windows Live Writer
O43 - CFD: 30/07/2011 - 10:35:29 - [0,000] ----D C:\Users\sandrine\AppData\Roaming\WinRAR
O43 - CFD: 18/09/2012 - 11:13:14 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\YourFileDownloader
O43 - CFD: 01/12/2011 - 14:37:39 - [15,614] ----D C:\Users\sandrine\AppData\Local\Adobe
O43 - CFD: 13/08/2011 - 12:13:06 - [31,186] ----D C:\Users\sandrine\AppData\Local\Ahead
O43 - CFD: 24/09/2011 - 16:01:48 - [0,001] ----D C:\Users\sandrine\AppData\Local\AlwaysNeat
O43 - CFD: 03/12/2011 - 10:51:35 - [0,000] ----D C:\Users\sandrine\AppData\Local\AMD
O43 - CFD: 30/07/2011 - 09:39:19 - [0] ----D C:\Users\sandrine\AppData\Local\Application Data
O43 - CFD: 17/09/2012 - 12:23:18 - [1,487] ----D C:\Users\sandrine\AppData\Local\Apps
O43 - CFD: 03/12/2011 - 10:51:08 - [0,087] ----D C:\Users\sandrine\AppData\Local\ATI
O43 - CFD: 21/07/2012 - 10:39:53 - [0] ----D C:\Users\sandrine\AppData\Local\Conduit
O43 - CFD: 17/09/2012 - 12:23:49 - [0] ----D C:\Users\sandrine\AppData\Local\Deployment
O43 - CFD: 22/10/2012 - 13:57:21 - [0] ----D C:\Users\sandrine\AppData\Local\Diagnostics
O43 - CFD: 20/10/2012 - 21:48:30 - [0,097] ----D C:\Users\sandrine\AppData\Local\ElevatedDiagnostics
O43 - CFD: 06/04/2012 - 23:29:25 - [7,427] ----D C:\Users\sandrine\AppData\Local\Facebook
O43 - CFD: 17/09/2012 - 12:27:48 - [564,753] ----D C:\Users\sandrine\AppData\Local\Google
O43 - CFD: 30/07/2011 - 09:39:19 - [0] ----D C:\Users\sandrine\AppData\Local\Historique
O43 - CFD: 18/03/2012 - 07:58:15 - [0] ----D C:\Users\sandrine\AppData\Local\JollyBear
O43 - CFD: 24/02/2012 - 21:11:19 - [0,002] ----D C:\Users\sandrine\AppData\Local\Menge
O43 - CFD: 19/10/2012 - 21:30:25 - [700,609] ----D C:\Users\sandrine\AppData\Local\Microsoft
O43 - CFD: 23/09/2012 - 08:26:56 - [0,339] ----D C:\Users\sandrine\AppData\Local\Microsoft Games
O43 - CFD: 02/12/2011 - 13:12:14 - [0] ----D C:\Users\sandrine\AppData\Local\Microsoft Help
O43 - CFD: 22/12/2011 - 00:58:10 - [0,929] ----D C:\Users\sandrine\AppData\Local\MPlayer
O43 - CFD: 15/06/2012 - 11:19:55 - [50,751] ----D C:\Users\sandrine\AppData\Local\Oberon Games
O43 - CFD: 16/11/2011 - 21:24:44 - [0] ----D C:\Users\sandrine\AppData\Local\PackageAware
O43 - CFD: 14/09/2011 - 21:01:46 - [4,105] ----D C:\Users\sandrine\AppData\Local\SoftGrid Client
O43 - CFD: 22/12/2011 - 00:53:51 - [0] ----D C:\Users\sandrine\AppData\Local\Software
O43 - CFD: 17/02/2012 - 15:45:17 - [0,251] ----D C:\Users\sandrine\AppData\Local\sowhat
O43 - CFD: 22/10/2012 - 17:22:26 - [24,861] ----D C:\Users\sandrine\AppData\Local\Temp
O43 - CFD: 30/07/2011 - 09:39:19 - [0] ----D C:\Users\sandrine\AppData\Local\Temporary Internet Files
O43 - CFD: 08/01/2012 - 11:34:02 - [0] ----D C:\Users\sandrine\AppData\Local\uTorrent
O43 - CFD: 13/06/2012 - 08:27:38 - [111,273] ----D C:\Users\sandrine\AppData\Local\VirtualStore
O43 - CFD: 16/09/2012 - 16:53:22 - [0,054] ----D C:\Users\sandrine\AppData\Local\Wajam
O43 - CFD: 01/08/2011 - 11:29:16 - [0,003] ----D C:\Users\sandrine\AppData\Local\WBFSManager
O43 - CFD: 18/08/2012 - 20:38:49 - [0,125] ----D C:\Users\sandrine\AppData\Local\Windows Live
O43 - CFD: 27/08/2011 - 08:28:05 - [0,620] ----D C:\Users\sandrine\AppData\Local\Windows Live Writer
O43 - CFD: 22/10/2012 - 07:38:52 - [0] ----D C:\Users\sandrine\AppData\Local\{01AE8AE2-76E0-4903-ABB8-C000A7EB3937}
O43 - CFD: 20/10/2012 - 10:19:55 - [0] ----D C:\Users\sandrine\AppData\Local\{5D4D69E6-3771-467B-BFA1-D5E5AF9951B8}
O43 - CFD: 21/10/2012 - 09:25:04 - [0] ----D C:\Users\sandrine\AppData\Local\{AF20BE5E-5883-4F18-B8B1-1583A682A8CE}
O43 - CFD: 19/10/2012 - 22:12:40 - [0] ----D C:\Users\sandrine\AppData\Local\{D7DFC33C-5DE6-42E5-9F9B-E0FFCAC136CC}
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/07/2012 - 08:46:41 - [0,000] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20/10/2012 - 15:06:25 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 17/09/2012 - 12:28:19 - [0,005] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 19/10/2012 - 14:35:11 - [0,000] R---D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/08/2011 - 11:28:17 - [0,001] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager
O43 - CFD: 30/07/2011 - 10:35:27 - [0,003] ----D C:\Users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 01/12/2011 - 14:39:02 - [160,429] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 20/10/2012 - 11:42:07 - [2,145] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 20/10/2012 - 11:42:20 - [0,389] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 20/10/2012 - 11:38:57 - [54,082] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [268,020] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 12/01/2012 - 12:58:38 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 04/12/2011 - 23:30:53 - [5,825] ----D C:\Program Files (x86)\Google
O43 - CFD: 16/09/2012 - 16:54:02 - [7,701] ----D C:\Program Files (x86)\GPLGS
O43 - CFD: 12/02/2012 - 11:42:28 - [1,905] ----D C:\Program Files (x86)\HP
O43 - CFD: 13/10/2011 - 16:04:59 - [60,076] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 23/09/2012 - 07:56:42 - [4,917] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/08/2012 - 12:39:53 - [205,986] ----D C:\Program Files (x86)\Java
O43 - CFD: 22/03/2011 - 07:18:38 - [7,749] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 21/07/2012 - 21:48:20 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 27/09/2012 - 08:46:58 - [1,182] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/05/2012 - 21:00:02 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 22/03/2011 - 07:40:31 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 08/01/2012 - 22:23:13 - [0,090] ----D C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 01/08/2011 - 07:52:04 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 18/09/2012 - 11:13:07 - [0,071] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 31/07/2011 - 10:25:25 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 13/08/2011 - 12:02:58 - [798,107] ----D C:\Program Files (x86)\Nero
O43 - CFD: 22/12/2010 - 14:48:04 - [359,037] ----D C:\Program Files (x86)\NTI
O43 - CFD: 14/08/2011 - 12:27:16 - [0,009] ----D C:\Program Files (x86)\Object
O43 - CFD: 19/04/2012 - 20:33:29 - [338,128] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 27/06/2012 - 17:41:43 - [33,205] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 22/03/2011 - 07:00:59 - [50,159] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 30/07/2011 - 11:01:15 - [1113,917] ----D C:\Program Files (x86)\Packard Bell Games
O43 - CFD: 20/12/2011 - 16:44:13 - [3,731] ----D C:\Program Files (x86)\RealArcade
O43 - CFD: 22/12/2010 - 14:30:52 - [9,821] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/08/2012 - 15:10:21 - [47,858] R---D C:\Program Files (x86)\Skype
O43 - CFD: 22/12/2010 - 14:45:29 - [24,751] ----D C:\Program Files (x86)\Social Networks
O43 - CFD: 16/09/2012 - 21:11:04 - [0] ----D C:\Program Files (x86)\Software
O43 - CFD: 04/04/2012 - 12:34:24 - [0,000] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 01/06/2012 - 06:50:35 - [0,855] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 22/03/2011 - 07:43:36 - [31,577] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 31/07/2011 - 11:32:37 - [80,965] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 23/09/2012 - 08:28:50 - [11,674] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 22/03/2011 - 15:53:42 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/04/2012 - 23:10:24 - [167,317] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 02/08/2011 - 10:20:50 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 02/08/2011 - 10:20:50 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 02/08/2011 - 10:20:49 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 02/08/2011 - 10:20:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 02/08/2011 - 10:20:50 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/07/2011 - 10:16:06 - [0,000] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 19/11/2011 - 17:28:37 - [0] ----D C:\Program Files (x86)\Xvid
O43 - CFD: 22/10/2012 - 17:24:03 - [10,013] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 12/07/2012 - 09:26:42 - [27,341] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/12/2010 - 15:13:21 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 22/03/2011 - 07:21:51 - [2,737] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 31/08/2012 - 12:41:23 - [1,184] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/03/2011 - 07:36:53 - [0,827] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 04/12/2011 - 23:29:10 - [21,855] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 13/08/2011 - 12:15:49 - [132,736] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/02/2012 - 19:57:25 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/11/2011 - 09:00:09 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/03/2011 - 07:37:35 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 24s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B449193E20D8B8A3E901FD3058753BE3] - 22/10/2012 - 16:08:54 ---A- . (...) -- C:\Windows\WindowsUpdate.log [223810]
O44 - LFC:[MD5.B0EC8C6756A84C17ADB89B58786DD8E4] - 22/10/2012 - 16:05:37 ---A- . (...) -- C:\Windows\setupact.log [280]
O44 - LFC:[MD5.1F9296230F28803C435906EFE0E92843] - 22/10/2012 - 16:05:32 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2012 - 14:00:36 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.F5D37F55E359A9A767ABB118F6A15CAC] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [3138008]
O44 - LFC:[MD5.6C5042478968582CC7B2B2D84D8440B2] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [3592788]
O44 - LFC:[MD5.DE915DD32C6E5270E351D33C87BF6529] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [3784678]
O44 - LFC:[MD5.497640ADDDC42696D6374FF058D045DC] - 20/10/2012 - 21:26:06 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [10918200]
O44 - LFC:[MD5.CCF02D9D2BE906BAB2B9C5E887987E18] - 20/10/2012 - 21:26:05 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [5426]
O44 - LFC:[MD5.CCF02D9D2BE906BAB2B9C5E887987E18] - 20/10/2012 - 21:26:05 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [5426]
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 20/10/2012 - 17:43:27 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.BEED8C6A6FD73662221381415B3F06A0] - 20/10/2012 - 10:35:06 ---A- . (.AMD - CoInstaller DLL.) -- C:\Windows\SysNative\coinst_9.001.dll [70144]
O44 - LFC:[MD5.347DA9FAB81A768E64B5B149B2A586C0] - 20/10/2012 - 10:35:06 ---A- . (.Advanced Micro Devices, Inc. - atiuxpag.dll.) -- C:\Windows\SysNative\atiuxp64.dll [129536]
O44 - LFC:[MD5.D5B0DFEDCCF103ABA393405D9FF1B052] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atiicdxx.dat [14848]]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atimpc64.dll [14848]]]
O44 - LFC:[MD5.A8B491478B6F329B1D25305E816526A3] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atimuixx.dll [14848]]]]
O44 - LFC:[MD5.0116298C92177F0DDC2C9D94F9738FE0] - 20/10/2012 - 10:35:05 . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atio6axx.dll [14848]]]]]
O44 - LFC:[MD5.B29C2402B8FB33CB9C02C455AE286893] - 20/10/2012 - 10:35:05 ---A- . (.AMD - AMD External Events Client Module.) -- C:\Windows\SysNative\atieclxx.exe [536064]
O44 - LFC:[MD5.AA4433349A9D526CD8018FA0AA630B86] - 20/10/2012 - 10:35:05 ---A- . (.AMD - AMD External Events Service Module.) -- C:\Windows\SysNative\atiesrxx.exe [239616]
O44 - LFC:[MD5.A8B491478B6F329B1D25305E816526A3] - 20/10/2012 - 10:35:05 ---A- . (.AMD - Multi-language DPPE DLL.) -- C:\Windows\SysNative\atimuixx.dll [21504]
O44 - LFC:[MD5.5BF8A8C9F053CB0C4A8CFAB24BAF3FD5] - 20/10/2012 - 10:35:05 ---A- . (.AMD - TMM Clone Control Module.) -- C:\Windows\SysNative\atitmm64.dll [120320]
O44 - LFC:[MD5.66B62583C79EFF5C921E980B10745F14] - 20/10/2012 - 10:35:05 ---A- . (.ATI Technologies, Inc. - atiedu64.) -- C:\Windows\SysNative\atiedu64.dll [59392]
O44 - LFC:[MD5.C3AB6F0A8819B576F7130995F10C9919] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices Inc. - ATI CAL DD.) -- C:\Windows\SysNative\aticaldd64.dll [16082432]
O44 - LFC:[MD5.B64031083AA1A58DE2EFD13B67A1B5C3] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices Inc. - ATI CAL runtime.) -- C:\Windows\SysNative\aticalrt64.dll [51200]
O44 - LFC:[MD5.0116298C92177F0DDC2C9D94F9738FE0] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - AMD OpenGL driver.) -- C:\Windows\SysNative\atio6axx.dll [23825920]
O44 - LFC:[MD5.899D8E974EF9045F4844FA490A5BD148] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Graphics DEM.) -- C:\Windows\SysNative\atidemgy.dll [442368]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\SysNative\amdpcom64.dll [56320]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\SysNative\atimpc64.dll [56320]
O44 - LFC:[MD5.AD599057D897EB7C002DD9CDBEB7D6FE] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) -- C:\Windows\SysNative\atiumd6a.dll [3127296]
O44 - LFC:[MD5.731974382E9635A599536090300B79DB] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atigktxx.dll.) -- C:\Windows\SysNative\atig6txx.dll [41984]
O44 - LFC:[MD5.8C6F122293CC55BB9BA3D9013E054E34] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\SysNative\atig6pxx.dll [17920]
O44 - LFC:[MD5.BBCBCB5D98BE8890C1631912DCA0F6D8] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\SysNative\atiglpxx.dll [14848]
O44 - LFC:[MD5.BBCBCB5D98BE8890C1631912DCA0F6D8] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atiglpxx.dll [14848]
O44 - LFC:[MD5.3A0608812564BEB10536BCD6CD5C5CF3] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiu9pag.dll.) -- C:\Windows\SysNative\atiu9p64.dll [103424]
O44 - LFC:[MD5.3098C0853538A9D7F49AD35602B77479] - 20/10/2012 - 10:35:05 ---A- . (.Advanced Micro Devices, Inc. - atiumdag.dll.) -- C:\Windows\SysNative\atiumd64.dll [6704128]
O44 - LFC:[MD5.47F95631EA439C0813602FD7B03BBC40] - 20/10/2012 - 10:35:04 ---A- . (.Advanced Micro Devices Inc. - ATI CAL compiler runtime.) -- C:\Windows\SysNative\aticalcl64.dll [44544]
O44 - LFC:[MD5.08B21410BE4D3E46F4E90BC54FCE4ABA] - 20/10/2012 - 10:35:04 ---A- . (.Advanced Micro Devices, Inc. - ADL.) -- C:\Windows\SysNative\atiadlxx.dll [595456]
O44 - LFC:[MD5.FA3F5B9639E16AFF2E9EFBB5688236CA] - 20/10/2012 - 10:35:04 ---A- . (.Advanced Micro Devices, Inc. - atiapfxx Application.) -- C:\Windows\SysNative\atiapfxx.exe [163840]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 27/09/2012 - 07:47:43 ---A- . (...) -- C:\Windows\epplauncher.mif [1912]
O44 - LFC:[MD5.BEED8C6A6FD73662221381415B3F06A0] - 13/09/2012 - 17:46:08 . (...) -- C:\Windows\System32\coinst_9.001.dll [204952]]
O44 - LFC:[MD5.5E56610B8B5FC8A4AE4219578B595D7E] - 13/09/2012 - 17:45:02 ---A- . (...) -- C:\Windows\SysNative\atiapfxx.blb [300864]
O44 - LFC:[MD5.5E56610B8B5FC8A4AE4219578B595D7E] - 13/09/2012 - 17:45:02 ---A- . (...) -- C:\Windows\System32\atiapfxx.blb [300864]
O44 - LFC:[MD5.FA3F5B9639E16AFF2E9EFBB5688236CA] - 13/09/2012 - 17:42:12 . (...) -- C:\Windows\System32\atiapfxx.exe [300864]]
O44 - LFC:[MD5.B64031083AA1A58DE2EFD13B67A1B5C3] - 13/09/2012 - 17:40:52 . (...) -- C:\Windows\System32\aticalrt64.dll [300864]]]]]
O44 - LFC:[MD5.47F95631EA439C0813602FD7B03BBC40] - 13/09/2012 - 17:40:44 . (...) -- C:\Windows\System32\aticalcl64.dll [300864]]]
O44 - LFC:[MD5.C3AB6F0A8819B576F7130995F10C9919] - 13/09/2012 - 17:40:32 . (...) -- C:\Windows\System32\aticaldd64.dll [300864]]]]
O44 - LFC:[MD5.5BF8A8C9F053CB0C4A8CFAB24BAF3FD5] - 13/09/2012 - 17:17:14 . (...) -- C:\Windows\System32\atitmm64.dll [3917]]
O44 - LFC:[MD5.AD599057D897EB7C002DD9CDBEB7D6FE] - 13/09/2012 - 17:13:42 . (...) -- C:\Windows\System32\atiumd6a.dll [3917]]]]]]
O44 - LFC:[MD5.DA9ADC2072E2C7C7196B3852865B7E92] - 13/09/2012 - 17:12:18 . (...) -- C:\Windows\System32\atiumd6a.cap [3917]]]]]
O44 - LFC:[MD5.DA9ADC2072E2C7C7196B3852865B7E92] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\SysNative\atiumd6a.cap [2886016]
O44 - LFC:[MD5.7C163EDE63854539828F5B2C1BC529FD] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\SysNative\ativvsva.dat [157144]
O44 - LFC:[MD5.219D7091DD1D93728392337FE9C7ADD6] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\SysNative\ativvsvl.dat [204952]
O44 - LFC:[MD5.7C163EDE63854539828F5B2C1BC529FD] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\System32\ativvsva.dat [157144]
O44 - LFC:[MD5.219D7091DD1D93728392337FE9C7ADD6] - 13/09/2012 - 17:12:18 ---A- . (...) -- C:\Windows\System32\ativvsvl.dat [204952]
O44 - LFC:[MD5.3098C0853538A9D7F49AD35602B77479] - 13/09/2012 - 17:06:56 . (...) -- C:\Windows\System32\atiumd64.dll [3917]]]]
O44 - LFC:[MD5.5763C262B4212CB0527B5946AF86D4F5] - 13/09/2012 - 16:56:10 . (...) -- C:\Windows\System32\amdpcom64.dll []
O44 - LFC:[MD5.347DA9FAB81A768E64B5B149B2A586C0] - 13/09/2012 - 16:54:20 . (...) -- C:\Windows\System32\atiuxp64.dll [3917]]]]]]]
O44 - LFC:[MD5.3A0608812564BEB10536BCD6CD5C5CF3] - 13/09/2012 - 16:54:06 . (...) -- C:\Windows\System32\atiu9p64.dll [3917]]]
O44 - LFC:[MD5.FD538967D22849B1CDC5BD2E47167AE8] - 04/09/2012 - 15:10:40 ---A- . (...) -- C:\Windows\atiogl.xml [38204]
O44 - LFC:[MD5.402B44B31C7183FCF2C4E1083AF317FA] - 20/08/2012 - 19:46:22 . (...) -- C:\Windows\System32\conhost.exe [204952]]]
O44 - LFC:[MD5.D5B0DFEDCCF103ABA393405D9FF1B052] - 23/05/2012 - 10:31:04 ---A- . (...) -- C:\Windows\SysNative\atiicdxx.dat [632252]
O44 - LFC:[MD5.64A0869F18560CD529120ADE00155C3E] - 12/09/2011 - 17:06:18 ---A- . (...) -- C:\Windows\SysNative\atipblag.dat [3917]
O44 - LFC:[MD5.64A0869F18560CD529120ADE00155C3E] - 12/09/2011 - 17:06:18 ---A- . (...) -- C:\Windows\System32\atipblag.dat [3917]
~ Scan Files in 00mn 23s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\sandrine\AppData\Local\Facebook\Update\FacebookUpdate.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\sandrine\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\LManager [Key] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (...) -- ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NBKeyScan [Key] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 13/09/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 18s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML.JRRO7OUDDBWEKWIFEEZWRJAJQQ>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML.JRRO7OUDDBWEKWIFEEZWRJAJQQ>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome.JRRO7OUDDBWEKWIFEEZWRJAJQQ> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\sandrine\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0D7562AE-8EF6-416d-A838-AB665251703A} - (Facemoods Search) - http://start.facemoods.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - https://isearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (GadgetBox) - http://ww12.gboxapp.com
O69 - SBI: SearchScopes [HKCU] {D6CED522-2DB9-4D1E-A529-EAE070793FC8} - (Yahoo! Search) - https://fr.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - https://search.sweetim.com/
O69 - SBI: SearchScopes [HKCU] {f3d17ef2-8118-4fa3-afea-bb2e18a69054} - (iadah) - https://www.hugedomains.com/domain_profile.cfm?d=iadah&e=com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'applic