MyOSProtect / pcwatch.sys / PCTRunner /

Bonjour,


C'est complétement à bout de nerfs que je viens chercher un peu d'aide pour mon ordinateur.

En effet depuis deux jours, impossible de me connecter à internet. La connexion s'effectue normalement mais Mozilla reste sur une page blanche.
Mon antivirus Avast signalait une erreur et plantait régulièrement lors du scan. J'ai supprimé Avast car il faisait planter mon ordi.

Adwcleaner m'a signalé MyOSProtect, pcwatch.sys et PCTRunner entre autre mais impossible à supprimer.

Pareil pour HiJackThis et RogueKiller. Je n'arrive pas à supprimer quoi que ce soit.

Après avoir lu ici même de télécharger ZHPDiag, je me retrouve perdu face à un rapport d'analyse. Je vous le poste ici.

Merci d'avance pour tout aide.

~ Rapport de ZHPDiag v2014.10.16.146 - Nicolas Coolman (16/10/2014)
~ Lancé par Arnaud (17/10/2014 23:30:07)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.19561
MFIE: Mozilla Firefox 32.0.3 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6CJ97
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système

---\\ Logiciels d'optimisation du système
CCleaner v4.14

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader 9.5.5 - Français
Java 7 Update 67

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3065 MB (67% free)
System Restore: Activé (Enable)
System drive C: has 144 GB (64%) free of 223 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-ARNAUD
~ User Name: Arnaud
~ All Users Names: Mcx1, Arnaud, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Arnaud\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Arnaud\AppData\Roaming\
~ %Desktop% : C:\Users\Arnaud\Desktop\
~ %Favorites% : C:\Users\Arnaud\Favorites\
~ %LocalAppData% : C:\Users\Arnaud\AppData\Local\
~ %StartMenu% : C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 144 Go of 223 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go)
F: Floppy drive, Flash card reader, USB Key (Free 15 Go of 15 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.58249A416243FE96FC68610B692DDA6B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/08/2014 - 02:46:36.) -- C:\Windows\System32\wininet.dll [916992]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/327
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/147
~ Mes Documents (My Documents) : 9/129
~ Mon Bureau (My Desktop) : 1/6145
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.04AF1033DA631C180CB606571BD05B65] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [156968] [PID.464]
[MD5.81CB1A5F6CDEA9D644A8538ADEE23FFB] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [202024] [PID.1668]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.1432]
[MD5.CE938E3957A780A1810DCF91D9D059B6] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6793760] [PID.2732]
[MD5.2F2DF068BED6E62E4C007DF7446B4F19] - (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [200704] [PID.3044]
[MD5.6C4878F3483B959891408B804DE4475C] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344] [PID.3076]
[MD5.B2994EC6452DBD04E57828EEFEDFB93C] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\Arnaud\AppData\Local\Temp\RtkBtMnt.exe [204800] [PID.3288]
[MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe [168960] [PID.3356]
[MD5.BA43FD9118D05F2F4F3DA1F552B0688D] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe [866824] [PID.3500]
[MD5.632D5B4CECA11FAC1ED5D3D8FD5EECD5] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600] [PID.3516]
[MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [199464] [PID.3568]
[MD5.98E216DEF3BFA62E9A849FD3E3B6AFDB] - (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288] [PID.3580]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.3612]
[MD5.308F2EE28005510DE616409148CF077B] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896] [PID.3632]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3644]
[MD5.9029943CC4A2E9BD58036F070D8713E3] - (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe [707104] [PID.4008]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1296]
[MD5.C8649EDF4955DE896A7AED515C932B09] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.3492]
[MD5.E118A2F45E8440DC84BCD55D14EE28D7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8113152] [PID.3280]
[MD5.C8BCEFFE0E985B2DF352F9C899450A60] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 179.3.) -- C:\Windows\system32\nvvsvc.exe [203296] [PID.872]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1376]
[MD5.EFBC44FBD75E4F80BD927AEBF6E7EADE] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\system32\agrsmsvc.exe [13312] [PID.1748]
[MD5.2B272D0A6E5071829B516FFDC7F841CA] - (.Pas de propriétaire - CLHNService Module.) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048] [PID.1972]
[MD5.4186146FD69EACC966DC755655B91C9C] - (.Acer Incorporated - ePowerSvc.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [703008] [PID.832]
[MD5.77F8AD024059A9A8E17E654B887D1EF0] - (.EgisTec Inc. - MyWinLocker Service.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe [306736] [PID.1860]
[MD5.944E3911888B9FFFD843B91C8ABBD3F6] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [61184] [PID.692]
[MD5.58751F9248D50BCE1053976C9E2F0859] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632] [PID.2120]
[MD5.AA3CB22FB23CC6BFA1D30F7849C17C3A] - (.Acer Incorporated - ePowerEvent.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe [453152] [PID.2944]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3368]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@divx.com/DivX Web Player Plug-In,version=1.0.0] - (.DivX, LLC - DivX Web Player version 3.2.1.977.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.67.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.67.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.67.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@t-immersion.com/DFusionHomeWebPlugIn] - (.Total Immersion - D'Fusion @Home Web Plug-In (3.00.15927.0).) -- C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Arnaud\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.4.2f2.) -- C:\Users\Arnaud\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 31 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Unity Technologies ApS - Unity Player 3.4.2f2.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (.Unity Technologies ApS - Unity Player 3.4.2f2.) (No version) -- (.not file.)
~ IE Browser: 10 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D7F26D0E-9801-45C3-A091-8A65E4ED73B5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
O4 - HKLM\..\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTrayLauncher.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] . (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
O4 - HKLM\..\Run: [PlayMovie] . (.Acer Corp. - Acer Arcade Deluxe PlayMovie Resident Progr.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [mbot_fr_120] Clé orpheline
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Arnaud\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Xvid] . (...) -- C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-1444603853-2418088647-1521484213-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1444603853-2418088647-1521484213-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Arnaud\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1444603853-2418088647-1521484213-1000\..\Run: [Xvid] . (...) -- C:\Program Files\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-1444603853-2418088647-1521484213-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8604B7E6-C1C3-418C-8B8D-BF345150A631}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8604B7E6-C1C3-418C-8B8D-BF345150A631}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe
O23 - Service: CLHNService (CLHNService) . (.Pas de propriétaire - CLHNService Module.) - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: MyWinLocker Service (MWLService) . (.EgisTec Inc. - MyWinLocker Service.) - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 179.3.) - C:\Windows\System32\nvvsvc.exe
~ Services: 7 Scanned in 00mn 07s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1444603853-2418088647-1521484213-1000Core.job [910]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1444603853-2418088647-1521484213-1000Core [910]
O39 - APT: - (..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1444603853-2418088647-1521484213-1000UA.job [932]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1444603853-2418088647-1521484213-1000UA [932]
~ Scheduled Task: 3 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Reader - {05466845-FF44-4671-92C1-A5FD0F9EEE1C} . (.Microsoft Corporation - Microsoft Reader.) -- C:\Program Files\Microsoft Reader\msreader.exe
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 14.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_14_0_0_145.ocx
~ Active Setup: 13 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: (pcwatch) . (...) - C:\Windows\system32\Drivers\pcwatch.sys =>PUP.WebProtect
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 44 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AVI ReComp 1.5.6 - (.Mateusz Gola (aka Prozac).) [HKLM] -- AVI ReComp
O42 - Logiciel: AVS Video ReMaker 4.3.1.161 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Video ReMaker_is1
O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Acer Crystal Eye Webcam - (.Suyin Optronics Corp.) [HKLM] -- {A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}
O42 - Logiciel: Acer GridVista - (...) [HKLM] -- GridVista
O42 - Logiciel: Acer PowerSmart Manager - (.Acer Incorporated.) [HKLM] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}
O42 - Logiciel: Acer ScreenSaver - (.Acer.) [HKLM] -- Acer Screensaver
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.5.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: AviSynth 2.5 - (...) [HKLM] -- Avisynth
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent =>P2P.BitTorrent
O42 - Logiciel: Broadcom Gigabit NetLink Controller - (.Broadcom Corporation.) [HKLM] -- {9AF0B106-56F1-461B-A270-95BC1682E282}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CamfrogWEB Advanced ActiveX Plugin (remove only) - (...) [HKLM] -- CFWebAdvancedU
O42 - Logiciel: Change Extension - (...) [HKLM] -- Change Extension
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: Crescendo 5 Deb - (...) [HKLM] -- Crescendo 5 Deb
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Freemake Video Converter version 4.1.2 - (.Ellora Assets Corporation.) [HKLM] -- Freemake Video Converter_is1
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Haali Media Splitter - (...) [HKLM] -- HaaliMkx
O42 - Logiciel: IZArc 4.1 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1
O42 - Logiciel: Java 7 Update 67 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217067FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM] -- LManager
O42 - Logiciel: LauncherMA - (.Micro Application.) [HKLM] -- {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Media Player Codec Pack 4.3.2 - (.Media Player Codec Pack.) [HKLM] -- Media Player - Codec Pack
O42 - Logiciel: Microsoft Reader - (...) [HKLM] -- {B6F7DBE7-2FE2-458F-A738-B10832746036}
O42 - Logiciel: Microsoft Reader Text-to-Speech pour le français - (.Microsoft Corporation.) [HKLM] -- {6F1547AA-8DA7-4FAC-BA11-BE1659E7086E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mozilla Firefox 32.0.3 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 32.0.3 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: MyWinLocker - (.EgisTec.) [HKLM] -- {68301905-2DEA-41CE-A4D4-E8B443B099BA}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Orion - (.Convesoft.) [HKLM] -- {5B63A470-9334-44D1-AF61-6CE2DB565AE9}
O42 - Logiciel: PhotoFiltre - (...) [HKCU] -- PhotoFiltre
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Satsuki Decoder Pack 4301 - (...) [HKLM] -- Satsuki Decoder Pack
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skweek version V1.0 - (.Abandonware-France.) [HKLM] -- {08DB621F-98FD-440E-9E6A-13C7AC95821E}_is1
O42 - Logiciel: Skype(TM) 6.20 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Total Immersion D'Fusion @Home Web Plug-In - (.Total Immersion.) [HKLM] -- D'Fusion @Home Web Plug-In
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: VC 9.0 Runtime - (.Check Point Software Technologies Ltd.) [HKLM] -- {02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Visual C++ 9.0 CRT (x86) WinSXS MSM - (.Microsoft Corporation.) [HKLM] -- {0138F525-6C8A-333F-A105-14AE030B9A54}
O42 - Logiciel: VobSub 2.23 - (.Gabest.) [HKLM] -- VobSub
O42 - Logiciel: WinZip 12.1 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM] -- Xvid Video Codec 1.3.2
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: ffdshow [rev 3233] [2010-01-28] - (...) [HKLM] -- ffdshow_is1
~ Logic: 49 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVI ReComp]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\DivX]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Big Fish Games]
[HKCU\Software\Camfrog]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Facebook]
[HKCU\Software\Freemake]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Game Maker]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\IZSoftware]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\LAV]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MPC-HC]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Media Player - Codec Pack]
[HKCU\Software\Micro Application]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Nico Mak Computing]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\PCTRunner] =>PUP.WebProtect
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\QSetup_Dyn_Data]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Satsuki Decoder Pack]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Software]
[HKCU\Software\Sonix]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Test3D]
[HKCU\Software\Touro Cloud Backup]
[HKCU\Software\Trend Micro]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Unity]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinZip Computing]
[HKCU\Software\Wistron]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Zone Labs]
[HKCU\Software\deps81@gmail.com]
[HKCU\Software\eSobi]
[HKCU\Software\mellowac@gmail.com]
[HKCU\Software\taketwotablets]
[HKCU\Software\test]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Agere]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AviSynth]
[HKLM\Software\Big Fish Games]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EgisTec Egis Software Update]
[HKLM\Software\EgisTec]
[HKLM\Software\Freemake]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\I.P.E]
[HKLM\Software\IM Providers]
[HKLM\Software\IZSoftware]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\L&H]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\Nico Mak Computing]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\PCDRunner] =>PUP.WebProtect
[HKLM\Software\PCTRunner] =>PUP.WebProtect
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RST]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SI-App]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Suyin Optronics Corp]
[HKLM\Software\Synaptics]
[HKLM\Software\Total Immersion]
[HKLM\Software\Touro Cloud Backup.com]
[HKLM\Software\TuneUp]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinUpd]
[HKLM\Software\Windows]
[HKLM\Software\Wistron]
[HKLM\Software\Xvid Team]
[HKLM\Software\mozilla.org]
[HKLM\Software\nSplitter]
[HKLM\Software\tourocloudbackup.com]
~ Key Software: 280 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/10/2009 - 16:57:34 - [] ----D C:\Program Files\Acer
O43 - CFD: 22/05/2009 - 15:34:20 - [] ----D C:\Program Files\Acer Arcade Deluxe
O43 - CFD: 05/10/2010 - 18:49:37 - [] ----D C:\Program Files\Acer GameZone
O43 - CFD: 22/05/2009 - 15:34:44 - [] ----D C:\Program Files\Acer Inc
O43 - CFD: 31/01/2014 - 19:09:37 - [] ----D C:\Program Files\Adobe
O43 - CFD: 19/10/2010 - 16:51:17 - [] ----D C:\Program Files\Alwil Software
O43 - CFD: 19/03/2013 - 09:29:26 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 17/10/2014 - 12:51:21 - [0] ----D C:\Program Files\AVAST Software
O43 - CFD: 07/08/2014 - 22:02:41 - [] ----D C:\Program Files\AVI ReComp
O43 - CFD: 07/08/2014 - 22:00:30 - [] ----D C:\Program Files\AviSynth 2.5
O43 - CFD: 05/01/2014 - 12:50:44 - [] ----D C:\Program Files\AVS4YOU
O43 - CFD: 25/04/2011 - 15:04:41 - [] ----D C:\Program Files\BitTorrent =>P2P.BitTorrent
O43 - CFD: 11/02/2009 - 22:16:56 - [] ----D C:\Program Files\Broadcom
O43 - CFD: 13/06/2014 - 15:44:39 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 13/10/2009 - 22:15:37 - [] ----D C:\Program Files\CFWebAdvancedU
O43 - CFD: 30/05/2011 - 20:52:54 - [] ----D C:\Program Files\Change Extension
O43 - CFD: 19/09/2014 - 14:58:48 - [] ----D C:\Program Files\Common Files
O43 - CFD: 03/03/2009 - 04:02:36 - [] ----D C:\Program Files\Cyberlink
O43 - CFD: 17/06/2014 - 20:45:19 - [] ----D C:\Program Files\DivX
O43 - CFD: 22/05/2009 - 15:32:18 - [] ----D C:\Program Files\EgisTec
O43 - CFD: 22/05/2009 - 15:32:20 - [] ----D C:\Program Files\EgisTec Egis Software Update
O43 - CFD: 22/05/2009 - 15:33:34 - [] ----D C:\Program Files\eSobi
O43 - CFD: 09/10/2009 - 16:56:06 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 04/01/2014 - 20:24:03 - [] ----D C:\Program Files\Freemake
O43 - CFD: 07/08/2014 - 22:02:37 - [] ----D C:\Program Files\Gabest
O43 - CFD: 20/05/2010 - 22:44:01 - [] ----D C:\Program Files\Google
O43 - CFD: 07/10/2013 - 22:22:02 - [] ----D C:\Program Files\Haali
O43 - CFD: 17/01/2010 - 19:27:31 - [] ----D C:\Program Files\I.P.E
O43 - CFD: 30/08/2013 - 12:38:26 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/02/2009 - 22:12:53 - [] ----D C:\Program Files\Intel
O43 - CFD: 10/09/2014 - 10:36:45 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 07/05/2010 - 09:53:20 - [] ----D C:\Program Files\IZArc
O43 - CFD: 15/08/2014 - 16:44:10 - [] ----D C:\Program Files\Java
O43 - CFD: 22/05/2009 - 15:23:29 - [] ----D C:\Program Files\Launch Manager
O43 - CFD: 05/10/2010 - 18:51:22 - [] ----D C:\Program Files\Micro Application
O43 - CFD: 23/10/2010 - 19:25:44 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 23/10/2010 - 19:30:40 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 03/03/2009 - 03:44:13 - [] ----D C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 30/08/2013 - 12:38:28 - [] ----D C:\Program Files\Microsoft Reader
O43 - CFD: 24/07/2014 - 18:03:09 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 23/10/2010 - 19:30:38 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/10/2010 - 19:30:38 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 23/10/2010 - 19:31:37 - [] ----D C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 23/10/2010 - 19:29:06 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 10/10/2012 - 08:35:30 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 23/10/2010 - 19:30:38 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 05/10/2010 - 18:29:45 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 25/09/2014 - 12:16:43 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 25/09/2014 - 19:05:46 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 23/10/2010 - 19:32:42 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 03/03/2009 - 03:00:07 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 22/05/2009 - 15:25:13 - [] ----D C:\Program Files\NewTech Infosystems
O43 - CFD: 17/10/2014 - 12:41:23 - [] ----D C:\Program Files\PCTRunner =>PUP.WebProtect
O43 - CFD: 20/02/2012 - 20:00:25 - [] ----D C:\Program Files\PhotoFiltre
O43 - CFD: 21/05/2014 - 22:52:59 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 22/05/2009 - 15:19:42 - [] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 16/10/2009 - 17:16:09 - [] ----D C:\Program Files\Satsuki Decoder Pack
O43 - CFD: 23/01/2010 - 22:55:18 - [] ----D C:\Program Files\SkyDownloader
O43 - CFD: 19/09/2014 - 14:58:49 - [] R---D C:\Program Files\Skype
O43 - CFD: 22/05/2009 - 15:21:10 - [] ----D C:\Program Files\Synaptics
O43 - CFD: 22/05/2009 - 15:20:22 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 30/08/2011 - 23:07:22 - [] ----D C:\Program Files\Total Immersion
O43 - CFD: 17/10/2014 - 21:26:21 - [] ----D C:\Program Files\Trend Micro
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 09/08/2014 - 00:19:06 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 05/10/2010 - 18:29:45 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 05/10/2010 - 18:29:43 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 05/10/2010 - 18:29:40 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 11/07/2014 - 09:00:51 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 21/02/2013 - 00:17:39 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 11/04/2012 - 08:37:21 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 16/10/2010 - 09:14:33 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 09/10/2009 - 16:56:06 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 05/10/2010 - 18:29:43 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 06/10/2010 - 11:40:47 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 05/10/2010 - 18:29:44 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 22/01/2010 - 11:39:17 - [] ----D C:\Program Files\WinZip
O43 - CFD: 07/08/2014 - 22:02:25 - [] ----D C:\Program Files\Xvid
O43 - CFD: 17/10/2014 - 23:08:39 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 31/01/2014 - 19:10:46 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 08/05/2010 - 22:55:16 - [] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 05/01/2014 - 12:50:37 - [] ----D C:\Program Files\Common Files\AVSMedia
O43 - CFD: 14/05/2014 - 10:44:27 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 09/08/2013 - 07:45:02 - [] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 22/05/2009 - 15:32:21 - [] ----D C:\Program Files\Common Files\EgisTec
O43 - CFD: 22/05/2009 - 15:19:39 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 15/08/2014 - 16:45:22 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 30/08/2013 - 12:40:11 - [] ----D C:\Program Files\Common Files\L&H
O43 - CFD: 30/08/2013 - 12:40:10 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 24/01/2010 - 12:43:39 - [] ----D C:\Program Files\Common Files\Oberon Media
O43 - CFD: 09/01/2011 - 19:37:11 - [] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 03/03/2009 - 15:36:03 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 19/09/2014 - 14:58:48 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 02/08/2011 - 20:36:48 - [] ----D C:\Program Files\Common Files\Steam
O43 - CFD: 10/12/2012 - 23:49:37 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 03/03/2009 - 04:03:37 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 26/05/2010 - 23:10:21 - [] ----D C:\ProgramData\1912 Titanic Mystery
O43 - CFD: 31/01/2014 - 19:10:13 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 26/05/2010 - 08:14:32 - [] ----D C:\ProgramData\AirportMania
O43 - CFD: 19/10/2010 - 16:51:17 - [] ----D C:\ProgramData\Alwil Software
O43 - CFD: 08/05/2010 - 22:55:05 - [] ----D C:\ProgramData\Apple
O43 - CFD: 21/05/2014 - 22:52:15 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 09/10/2009 - 16:56:06 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 17/10/2014 - 12:49:32 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 05/01/2014 - 12:51:09 - [] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 09/10/2009 - 16:56:06 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 19/10/2010 - 17:31:17 - [] ----D C:\ProgramData\CheckPoint
O43 - CFD: 04/01/2014 - 20:24:06 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 09/10/2009 - 18:37:56 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 17/06/2014 - 20:45:22 - [] ----D C:\ProgramData\DivX
O43 - CFD: 09/10/2009 - 16:56:06 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 09/10/2009 - 16:58:23 - [] ----D C:\ProgramData\EgisTec
O43 - CFD: 22/05/2009 - 15:33:44 - [] ----D C:\ProgramData\eSobi
O43 - CFD: 09/10/2009 - 16:56:06 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 04/01/2014 - 20:25:53 - [] ----D C:\ProgramData\Freemake
O43 - CFD: 20/05/2010 - 19:15:20 - [] ----D C:\ProgramData\Google
O43 - CFD: 19/10/2010 - 16:46:42 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 09/10/2009 - 16:56:06 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 26/05/2010 - 22:57:18 - [] ----D C:\ProgramData\Micro Application
O43 - CFD: 02/02/2014 - 11:03:28 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 10/09/2014 - 10:19:55 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 09/10/2009 - 16:56:06 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 03/05/2012 - 12:16:13 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 01/01/2011 - 23:06:00 - [0] ----D C:\ProgramData\NtiDvdCopy
O43 - CFD: 12/12/2013 - 10:17:49 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 15/08/2014 - 16:45:31 - [0] ----D C:\ProgramData\Oracle
O43 -