~ Rapport de ZHPDiag v2014.12.13.173 - Nicolas Coolman  (13/12/2014)
~ Lancé par Baptiste (14/12/2014 22:26:46)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.19019
MFIE: Mozilla Firefox 14.0.1
GCIE: Google Chrome v36.0.1985.125 (Defaut)
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.7.342
Malwarebytes Anti-Malware version 2.0.4.1028

---\\ Logiciels d'optimisation du système
CCleaner v4.14

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader 9.5.5 - Français
Java 7 Update 71

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3038 MB (84% free)
System Restore: Activé (Enable)
System drive C: has 149 GB (51%) free of 288 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-BAPTISTE
~ User Name: Baptiste
~ All Users Names: Baptiste, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Baptiste\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Baptiste\AppData\Roaming\
~ %Desktop% : C:\Users\Baptiste\Desktop\
~ %Favorites% : C:\Users\Baptiste\Favorites\
~ %LocalAppData% : C:\Users\Baptiste\AppData\Local\
~ %StartMenu% : C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 149 Go of 288 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 11 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Hard drive, Flash drive, Thumb drive (Free 256 Go of 932 Go)
H: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowControlPanel: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 42 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.29/10/2008 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.74BCC23D622F32DA0450D164735ACAB1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/12/2010 - 07:27:04.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:24:49.) -- C:\Windows\System32\Winlogon.exe [314880]
[MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:16:42.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.9C0E70031905ADBF94EDB9EA14AF943B] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2009 - 06:37:49.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/01/2008 - 03:23:02.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:24:14.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/01/2008 - 03:23:22.) -- C:\Windows\system32\Drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.21/01/2008 - 03:24:59.) -- C:\Windows\system32\Drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.21/01/2008 - 03:25:00.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.21/01/2008 - 03:24:53.) -- C:\Windows\system32\Drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/01/2008 - 03:23:21.) -- C:\Windows\system32\Drivers\volsnap.sys [227896]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1453
~ Mes musiques (My Musics) : 1/10147
~ Mes Videos (My Videos) : 1/459
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 9/5379
~ Mon Bureau (My Desktop) : 1/6867
~ Menu demarrer (Programs) : 1/51
~ Hidden Files:  Scanned in 01mn 40s



---\\ Processus lancés
[MD5.BCEB6836486FB978F25A8D6FF30B3619] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8140288] [PID.1580]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe   [61440] [PID.0]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][StartupURLs] http://www.google.fr/", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwg0vVcE8XwPk6kAjUh09doxz043jTy2TQNyuIuljtgKpCM9eTApg2JwPNfuxt-TSLfa2ddOUPyDLs1VBjJPF1YzYX6PSGWNapk362ZUVHQDbxGb0HrmERYikFRg1J7pN8rXqXghS08yOA,,  =>Hijacker.SmartBar
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [ajebcmdcgoggdncokkbdifohckmfpgnb] Gojee Food v.4.0 (Activé)
G2 - GCE: Preference [User Data\Default] [alelhddbbhepgpmgidjdcjakblofbmce] Superbe capture d'écran : capturer et annoter v.3.7.21, (Désactivé)
G2 - GCE: Preference [User Data\Default] [alnfdikmbdfgkcbdodjcbmedanjinmkk] Beatlab v.1.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [bfaallhmecaoankkogggengniooongoa] Piano Player v.0.0.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [bkgoccjhfjgjedhkiefaclppgbmoobnk] Audiotool v.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ccnfinpfichedahfpkjopilbkingahem] Minuterie de détente et relaxation v.1.3.0.28 (Activé)
G2 - GCE: Preference [User Data\Default] [cmedhionkhpnakcndndgjdbohmhepckk] Adblock pour Youtubeâ„¢ v.2.23 (Activé)
G2 - GCE: Preference [User Data\Default] [edlfafigoeaoafhcodgjgagjpibckpmk] ANNO Online v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [flliilndjeohchalpbbcdekjklbdgfkk] Protection Web Avira v.1.4.3, (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ggdljnjjajocmjaldkldaapkkclbaclb] Goodgame Empire v.10 (Activé)
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.14.4, (Activé)
G2 - GCE: Preference [User Data\Default] [gjjapmfdikcnbajhfcjaphipdpkacbaf] Airlines-Manager v.1.5 (Activé)
G2 - GCE: Preference [User Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.4 (Désactivé)
G2 - GCE: Preference [User Data\Default] [kdmmkfaghgcicheaimnpffeeekheafkb] Autodesk Homestyler v.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [kpckgflgdapkpabemgkielbefdildaio] Magic Player v.1.1.36 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ldmpnniidmdgipcakbcdlhojnlhkdmmh] 90 seconds relaxation exercise v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [lkgfemnodkdnenmfkblebnkjpckkjcae] AudioSauna v.0.404 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo> HTML5 DivX Plus Web Player v.2.1.2.172 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ochbjojkpcmlfeagbaahkofepalngihg] TS Magic Player v.1.1.36 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ofmpffnppnlgkgmbgidhhjcglloeejpg] Caméra v.3.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pckogiikkcdjefncaekfjbdkmlfniagf] Entraînement Cérébral de CogniFit v.0.0.0.3 (Activé)
G2 - GCE: Preference [User Data\Default] [pcoohmdcpejoeggdnihdfhohjgdbllgm] Avira SearchFree Toolbar plus Web Protection v.32.5, (Désactivé)  =>Toolbar.Avira

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb [Gojee Food]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [Superbe capture d'écran : capturer et annoter]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\alnfdikmbdfgkcbdodjcbmedanjinmkk [Beatlab]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfaallhmecaoankkogggengniooongoa [Piano Player]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [Audiotool]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccnfinpfichedahfpkjopilbkingahem [Minuterie de détente et relaxation]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [Adblock pour Youtubeâ„¢]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlfafigoeaoafhcodgjgagjpibckpmk [ANNO Online]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [Protection Web Avira]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdljnjjajocmjaldkldaapkkclbaclb [Goodgame Empire]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjapmfdikcnbajhfcjaphipdpkacbaf [Airlines-Manager]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [RealPlayer HTML5Video Downloader Extension]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [Autodesk Homestyler]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpckgflgdapkpabemgkielbefdildaio [Magic Player]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmpnniidmdgipcakbcdlhojnlhkdmmh [90 seconds relaxation exercise]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [AudioSauna]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [\u003Cvideo> HTML5 DivX Plus Web Player]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmpffnppnlgkgmbgidhhjcglloeejpg [Caméra]
G2 - EXT: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pckogiikkcdjefncaekfjbdkmlfniagf [Entraînement Cérébral de CogniFit]
~ Google Lines Browser: 55 Scanned in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\prefs.js
C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\user.js
M3 - MFPP: Plugins - [Baptiste] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Baptiste] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M2 - MFEP: prefs.js [Baptiste - o0fczfgg.default\2020Player_WEB@2020Technologies.com] [] Visualisateur 3D de 20-20 v5.0.9.0 (..)
M2 - MFEP: prefs.js [Baptiste - o0fczfgg.default\firefox@tvunetworks.com] [] TVU Web Player v2,5,3,1 (..)
M2 - MFEP: prefs.js [Baptiste - o0fczfgg.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.22 (..)
M2 - MFEP: prefs.js [Baptiste - o0fczfgg.default\{d8649812-4f8e-e759-832e-48225392a89c}] [] Shopping Helper Smartbar v4.9.22 (..)  =>Hijacker.SmartBar
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Plus Web Player Plug-In,version=1.0.0] - (.DivX, LLC - DivX Plus Web Player version 2.3.1.50.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll  =>.Google Inc
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.25.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.25.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.25.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=14] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
P2 - FPN: [HKLM] [@pages.tvunetworks.com/WebPlayer] - (.TVU networks - 2,5,3,1.) -- C:\Program Files\TVUPlayer\npTVUAx.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.647] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.647] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.652] - (.RealNetworks, Inc. - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.652] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.647] - (.RealNetworks, Inc. - 12.0.1.647.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.19] - (.Veetle Inc - Version 0.9.19, Copyright 2006-2012 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll
P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.8] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll  =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@acestream.net/acestreamplugin,version=2.2.1.2-next] - (.Innovative Digital Technologies - ACE Stream Plug-in Version 2.2.5.1-next, Copyright (c) 2012-2014 Innov.) -- C:\Users\Baptiste\AppData\Roaming\ACEStream\player\npace_plugin.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Baptiste\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@stonetrip.com/ShiVaWebPlayer,version=1.8.1.0] - (.Stonetrip - ShiVa3D Plugin 1,8,1,1 for 3D real-time applications made with ShiVa E.) -- C:\Users\Baptiste\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Baptiste\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Baptiste\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.6.0f2.) -- C:\Users\Baptiste\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 50 Scanned in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Unity Technologies ApS - Unity Player 4.6.0f2.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 17 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;<local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 63.141.249.37:8089
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} . (.AnchorFree Inc. - Pas de description.) -- C:\Program Files\Expat Shield\HssIE\ExpatIE.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
~ BHO: 16 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41564952-412D-5637-4300-7A786E7484D7} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Baptiste]: Search.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe http://feed.snapdo.com  =>Hijacker.SmartBar
O4 - GS\Desktop [Baptiste]: Continue Free PDF to TEXT Converter.lnk . (...)  -- C:\Users\Baptiste\AppData\Local\Temp\instract.exe (.not file.)
~ Global Startup: 2 Scanned in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe   =>.RealNetworks, Inc
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
O4 - HKLM\..\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe 
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe 
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Baptiste\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe 
O4 - HKCU\..\Run: [Wahoo] . (...) -- C:\Program Files\KowMedia\WahOO\Wahoo.exe 
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKCU\..\Run: [DriverMax] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-21-2408955341-3784255893-676370202-1000\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe 
O4 - HKUS\S-1-5-21-2408955341-3784255893-676370202-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Baptiste\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe 
O4 - HKUS\S-1-5-21-2408955341-3784255893-676370202-1000\..\Run: [Wahoo] . (...) -- C:\Program Files\KowMedia\WahOO\Wahoo.exe 
O4 - HKUS\S-1-5-21-2408955341-3784255893-676370202-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2408955341-3784255893-676370202-1000\..\Run: [DriverMax] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe 
~ Application:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{49CF6C8C-4349-4B48-9D73-9DACFED0A61D}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE4B23C3-1F48-4C4D-B8D4-B2173684FBB0}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{49CF6C8C-4349-4B48-9D73-9DACFED0A61D}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CE4B23C3-1F48-4C4D-B8D4-B2173684FBB0}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{49CF6C8C-4349-4B48-9D73-9DACFED0A61D}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CE4B23C3-1F48-4C4D-B8D4-B2173684FBB0}: DhcpNameServer = 10.188.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.188.0.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Expat Shield Service (ExpatShieldService) . (...) - C:\Program Files\Expat Shield\bin\openvpnas.exe
O23 - Service: Expat Shield Routing Service (ExpatSrv) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files\Expat Shield\HssWPR\hsssrv.exe
O23 - Service: Expat Shield Monitoring Service (ExpatWd) . (...) - C:\Program Files\Expat Shield\bin\hsswd.exe
O23 - Service: Service Google Update (gupdate1ca2edd156d087a) (gupdate1ca2edd156d087a) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - SolutionsFrameworkService.) - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
O23 - Service: Power Control [2009/06/15 04:03:46] ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
~ Services: 19 Scanned in 00mn 03s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:  - (..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000Core.job   [1086]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000Core   [1086]
O39 - APT:  - (..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000UA.job   [1108]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000UA   [1108]
O39 - APT:  - (..) -- C:\Windows\Tasks\Google Software Updater.job   [1000]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Google Software Updater   [1000]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9f43d3d91b25.job   [1052]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf9f43d3d91b25   [1052]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff5d69d58e950.job   [1052]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cff5d69d58e950   [1052]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0026a1866bec0.job   [1052]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0026a1866bec0   [1052]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1056]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1056]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000Core.job   [1038]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000Core   [1038]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000UA.job   [1090]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2408955341-3784255893-676370202-1000UA   [1090]
O39 - APT:  - (..) -- C:\Windows\Tasks\ReclaimerUpdateXML_Baptiste.job   [378]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ReclaimerUpdateXML_Baptiste   [378]
~ Scheduled Task: 10 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\Windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
~ Active Setup: 13 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (avgtp) . (.AVG Technologies - Pas de description.) - C:\Windows\system32\drivers\avgtpx86.sys
O41 - Driver:  (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver:  (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver:  (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 75 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2}
O42 - Logiciel: 4K Video Downloader 3.4 - (.Open Media LLC.) [HKLM] -- 4K Video Downloader_is1
O42 - Logiciel: Ace Stream Media 2.2.1.2-next - (.Ace Stream Media.) [HKCU] -- AceStream
O42 - Logiciel: Active WebCam - (...) [HKLM] -- Active WebCam
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.5.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {D9DAD0FF-495A-472B-9F10-BAE430A26682}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {18D47FA1-0440-48D3-A7E0-DA09537FF471}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}  =>.Apple Inc
O42 - Logiciel: Ares 2.1.4 - (.Ares Development Group.) [HKLM] -- Ares
O42 - Logiciel: Audacity 1.2.6 - (...) [HKLM] -- Audacity_is1
O42 - Logiciel: Audacity Recovery Utility - (.Markus Meyer.) [HKLM] -- AURC_is1
O42 - Logiciel: Auslogics BoostSpeed - (.Auslogics Labs Pty Ltd.) [HKLM] -- {7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1
O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: AutoCAD 2011 - Français - (.Autodesk.) [HKLM] -- AutoCAD 2011 - Français
O42 - Logiciel: AutoCAD 2011 - Français - (.Autodesk.) [HKLM] -- {5783F2D7-9001-040C-0002-0060B0CE6BBA}
O42 - Logiciel: AutoCAD 2011 - Français Version 2.1 - (.Autodesk.) [HKLM] -- AutoCAD 2011 - Français Version 2.1
O42 - Logiciel: Autodesk Material Library 2011 - (.Autodesk.) [HKLM] -- {9DEABCB6-B759-4D52-92F8-51B34A2B4D40}
O42 - Logiciel: Autodesk Material Library 2011 Base Image library - (.Autodesk.) [HKLM] -- {CD1E078C-A6B9-47DA-B035-6365C85C7832}
O42 - Logiciel: Avira Free Antivirus v14.0.7.342 - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Avira SearchFree Toolbar v12.10.3.4691 - (.APN, LLC.) [HKLM] -- {41564952-412D-5637-4300-A758B70C0A03}  =>Toolbar.Avira
O42 - Logiciel: Avira v1.1.27.25527 - (.Avira Operations & Co. KG.) [HKLM] -- {21388E37-9EC5-4549-95CA-95D9B2D327A4}
O42 - Logiciel: Avira v1.1.27.25527 - (.Avira Operations & Co. KG.) [HKLM] -- {e7c7c227-b742-4878-9425-f09bbf9951db}
O42 - Logiciel: Battlefield 2(TM) - (...) [HKLM] -- {04858915-9F49-4B2A-AED4-DC49A7DE6A7B}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Broadcom 802.11 Wireless LAN Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Wireless LAN Adapter
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: COWON J3 User's Guide - (...) [HKLM] -- {45184324-E8A6-4C38-B020-85D359EDF9FC}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {187817E2-6407-461C-B59B-56CE73363D34}
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: Conseiller de mise à niveau vers Windows 7 - (.Microsoft Corporation.) [HKLM] -- {9D10CB57-B085-44c3-B435-2D193BA153F0}
O42 - Logiciel: ControlMK 0.232 - (.Redcl0ud.) [HKLM] -- ControlMK
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite  =>.DT Soft Ltd
O42 - Logiciel: Debut Video Capture Software - (.NCH Software.) [HKLM] -- Debut
O42 - Logiciel: DeskPins (remove only) - (...) [HKLM] -- DeskPins
O42 - Logiciel: DriverMax 7 - (.Innovative Solutions.) [HKLM] -- DMX5_is1
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: EaseUS Todo PCTrans 6.5 Free - (.EaseUS.) [HKLM] -- EaseUS Todo PCTrans_is1
O42 - Logiciel: Everest Poker.fr (Remove Only) - (...) [HKLM] -- Everest Poker.fr
O42 - Logiciel: Expat Shield 2.06 - (.AnchorFree.) [HKLM] -- ExpatShield
O42 - Logiciel: FARO LS 1.1.406.58 - (.FARO Scanner Production.) [HKLM] -- {951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Folder Size 2.8.0.0 - (.MindGems, Inc..) [HKLM] -- {2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1
O42 - Logiciel: Free YouTube to MP3 Converter version 3.12.44.820 - (.DVDVideoSoft Ltd..) [HKLM] -- Free YouTube to MP3 Converter_is1
O42 - Logiciel: GanttProject - (...) [HKLM] -- GanttProject
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
O42 - Logiciel: Guitar Pro 6 Demo - (.Arobas Music.) [HKLM] -- {14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1
O42 - Logiciel: HP Common Access Service Library - (.Hewlett-Packard.) [HKLM] -- {732A3F80-008B-4350-BD58-EC5AE98707B8}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM] -- {A7AC8E69-01FF-494E-9A2C-423B82CEA604}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP Photosmart All-In-One Driver Software 10.0 Rel .2 - (.HP.) [HKLM] -- {86D3D561-D1FD-4d57-8395-20030467E0F9}  =>.Hewlett-Packard Co
O42 - Logiciel: HP Quick Launch Buttons 6.40 L1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard.) [HKLM] -- {4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}  =>.Hewlett-Packard Co
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM] -- {44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}
O42 - Logiciel: HP TVPlay - (...) [HKLM] -- {AC4FCBA9-2BB0-11DA-A373-0050BAE317E1}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard Company.) [HKLM] -- {95A747E0-DF19-46CB-A622-20A0107201BD}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {97486FBE-A3FC-4783-8D55-EA37E9D171CC}
O42 - Logiciel: HP User Guides 0134 - (.Hewlett-Packard.) [HKLM] -- {6ABE0E28-3A8E-4ADC-A050-784064B76236}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {E5E29403-3D25-40C6-892B-F9FEE2A95585}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM] -- {6D6664A9-3342-4948-9B7E-034EFE366F0F}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: JMicron JMB38X Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0}
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM] -- LAME_is1
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LibUSB-Win32-0.1.10.1 - (.LibUSB-Win32.) [HKLM] -- LibUSB-Win32_is1
O42 - Logiciel: LightScribe System Software  1.14.17.1 - (.LightScribe.) [HKLM] -- {0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Media Go Network Downloader - (.Sony.) [HKLM] -- {5562F05F-908C-4F15-9B3C-98D5FD32DCAB}
O42 - Logiciel: Media Go Video Playback Engine 2.4.127.12060 - (.Sony.) [HKLM] -- {7C5AEEE1-6D7C-8922-4548-7BF9096077EC}
O42 - Logiciel: Metacafe - (...) [HKLM] -- Metacafe
O42 - Logiciel: Microsoft Age of Empires II - (...) [HKLM] -- Age of Empires 2.0
O42 - Logiciel: Microsoft Age of Empires II: The Conquerors Expansion - (...) [HKLM] -- Age of Empires II: The Conquerors Expansion 1.0
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: MixMeister BPM Analyzer 1.0 - (.MixMeister Technology LLC.) [HKLM] -- MixMeister BPM Analyzer_is1
O42 - Logiciel: MotioninJoy ds3 driver version 0.6.0005 - (.www.motioninjoy.com.) [HKLM] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1
O42 - Logiciel: Mozilla Firefox 14.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 14.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall  =>.WildTangent
O42 - Logiciel: Need For Speed™ World - (.Electronic Arts.) [HKLM] -- {3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}
O42 - Logiciel: OSSearch version 0.7.1 - (.Parcouss.) [HKLM] -- {BFCA578C-F5EB-49BF-B1C7-4ABE70471E22}_is1
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {97B3824E-B2D2-4C49-A860-BCA56F10B040}
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM] -- Origin
O42 - Logiciel: Package de pilotes Windows - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) - (.ENE.) [HKLM] -- 7DE39862CC26DCE2446838AAF7CD5C163F835A57
O42 - Logiciel: Perfect Uninstaller v6.3.3.9 - (.www.PerfectUninstaller.com.) [HKLM] -- Perfect Uninstaller_is1
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerMenu 1.51 - (.Thong Nguyen.) [HKLM] -- PowerMenu
O42 - Logiciel: ProtectSmart Hard Drive Protection - (.Hewlett-Packard.) [HKLM] -- {9D615069-AA8F-4E89-AE9D-77AAE90F529F}
O42 - Logiciel: Proun - (...) [HKLM] -- Proun
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM] -- PunkBusterSvc
O42 - Logiciel: Python 2.7.3 - (.Python Software Foundation.) [HKLM] -- {C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}
O42 - Logiciel: Python 3.3.0 - (.Python Software Foundation.) [HKLM] -- {526b1417-92c1-3737-8247-4abc49ccc8e4}
O42 - Logiciel: Quick Zip 5.1 - (.Quick Zip Dev.) [HKLM] -- {87AF4C0E-D953-424B-8108-3127CA217E6F}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: RomStation - (.RomStation.) [HKLM] -- {223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Shopping Helper Smartbar - (.ReSoft Ltd..) [HKLM] -- {B2A302E7-8FA4-4585-AB7F-12C4DEBC0D32}  =>Hijacker.SmartBar
O42 - Logiciel: Shopping Helper Smartbar Engine - (.ReSoft Ltd..) [HKCU] -- {e72594bd-da28-4714-ad28-02284b7615ae}  =>Hijacker.SmartBar
O42 - Logiciel: Skype™ 6.20 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: SoftPerfect WiFi Guard version 1.0.4 - (.SoftPerfect Research.) [HKLM] -- {38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1
O42 - Logiciel: Sony Vegas Pro 8.0 - (.Sony.) [HKLM] -- {1246FF64-3035-4A92-8FE6-A968275495EB}
O42 - Logiciel: SopCast 3.5.0 - (.www.sopcast.com.) [HKLM] -- SopCast
O42 - Logiciel: Spotify - (...) [HKLM] -- Spotify
O42 - Logiciel: Steam(TM) - (.Valve.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: Subtitle Workshop 2.51 - (...) [HKLM] -- SubtitleWorkshop
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM] -- {1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}
O42 - Logiciel: TVUPlayer 2.5.3.1 - (.TVU networks.) [HKLM] -- TVUPlayer
O42 - Logiciel: TmNationsForever - (.Nadeo.) [HKLM] -- TmNationsForever_is1
O42 - Logiciel: Total War: SHOGUN 2 - (.The Creative Assembly.) [HKLM] -- Steam App 34330
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player  =>.VideoLAN
O42 - Logiciel: Veetle TV - (.Veetle, Inc.) [HKLM] -- Veetle TV
O42 - Logiciel: VirtualDub Plugin Pack 1.0.0.6 Fr - (.Trad-Fr.) [HKLM] -- {D6E6B04E-0498-4794-B272-2EDE12E02837}_is1
O42 - Logiciel: WahOO - (.Kow Media.) [HKLM] -- {0271A4CB-D48C-4CDF-826F-62EE8D91663F}_is1
O42 - Logiciel: WinAVI Video Capture 2.0 - (...) [HKLM] -- WinAVI Video Capture_is1
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}  =>.Microsoft Corporation
O42 - Logiciel: Wipeout 2097 - (...) [HKLM] -- Wipeout2097
O42 - Logiciel: Xvid 1.2.1 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {0718A90E-93AA-49AF-A4FE-0165ACD91DF0}
O42 - Logiciel: jetAudio 8 - Traduction française - (.Dominic Desbiens.) [HKLM] -- Traduction française jetAudio 8.0x_is1
O42 - Logiciel: muvee Reveal - (.muvee Technologies Pte Ltd.) [HKLM] -- {E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 115 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\4kdownload.com]
[HKCU\Software\AC3Filter]
[HKCU\Software\AMD]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Stonetrip]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ares]
[HKCU\Software\Arobas Music]
[HKCU\Software\AskPartnerNetwork]  =>Toolbar.AskBar
[HKCU\Software\Audacity]
[HKCU\Software\Auslogics]
[HKCU\Software\Autodesk]
[HKCU\Software\Avira]
[HKCU\Software\Binary Noise]
[HKCU\Software\BiromSoft]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\CDDB]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\DSS]
[HKCU\Software\DT Soft]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Earth Resource Mapping]
[HKCU\Software\EaseUS]
[HKCU\Software\EasyBits]
[HKCU\Software\Electronic Arts]
[HKCU\Software\Elias Fotinis]
[HKCU\Software\ExpatShield]
[HKCU\Software\Facebook]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IDT]
[HKCU\Software\IGA]
[HKCU\Software\IM Providers]
[HKCU\Software\Innovative Solutions]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KowMedia]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee Consumer)]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConcept (Muvee2)]
[HKCU\Software\MainConcept]
[HKCU\Software\Matroska Pack]
[HKCU\Software\Metacafe]
[HKCU\Software\Monitored]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\N3NNetwork]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Native Instruments]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\OB]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Opera Software]
[HKCU\Software\Parcouss Apps]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PowerMenu]
[HKCU\Software\PySoft]
[HKCU\Software\QtProject]
[HKCU\Software\Quick Zip Dev]
[HKCU\Software\RealNetworks]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\Spotify]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\System Requirements Lab]
[HKCU\Software\TAdvCheckList]
[HKCU\Software\TVU networks]
[HKCU\Software\TeleCharger]
[HKCU\Software\The Creative Assembly]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\VNT]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Valve]
[HKCU\Software\Veetle]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WahOO]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Wondershare]
[HKCU\Software\ZjSoft]
[HKCU\Software\cppguru]
[HKCU\Software\geissplugin]
[HKCU\Software\keyhole.com]
[HKCU\Software\settings]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AskPartnerNetwork]  =>Toolbar.AskBar
[HKLM\Software\Auslogics]
[HKLM\Software\Autodesk]
[HKLM\Software\Avira]
[HKLM\Software\BcmSetup]
[HKLM\Software\Broadcom]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\COWON]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Communicator]
[HKLM\Software\Cyberlink]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\DICE]
[HKLM\Software\DT Soft]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Debug]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Dropbox]
[HKLM\Software\Earth Resource Mapping]
[HKLM\Software\EaseUS]
[HKLM\Software\EasyBits]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Elias Fotinis]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard Company]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\HighCriteria]
[HKLM\Software\IDT]
[HKLM\Software\IM Providers]
[HKLM\Software\Innovative Solutions]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kaydara]
[HKLM\Software\LabelPrint_Upgrade]
[HKLM\Software\Lame For Audacity]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\My Company Name]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\Native Instruments]
[HKLM\Software\Netscape]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Opera Software]
[HKLM\Software\Origin Games]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PDR_Upgrade]
[HKLM\Software\Perfect Uninstaller]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Product_Upgrade]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\Psygnosis]
[HKLM\Software\PySoft]
[HKLM\Software\Python]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Sony Media Software]
[HKLM\Software\Sports Interactive Ltd]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TVU networks]
[HKLM\Software\Trad-FR]
[HKLM\Software\URUSoft]
[HKLM\Software\VST]
[HKLM\Software\Valve]
[HKLM\Software\Veetle]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WildTangent]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wondershare]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yuan High-Tech]
[HKLM\Software\mozilla.org]
~ Key Software: 509 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/04/2014 - 22:25:35 - [] ----D C:\Program Files\4KDownload
O43 - CFD: 16/06/2011 - 12:42:45 - [0] ----D C:\Program Files\7-Zip
O43 - CFD: 20/01/2009 - 23:20:21 - [] ----D C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 29/02/2012 - 17:15:56 - [] ----D C:\Program Files\Active WebCam
O43 - CFD: 02/01/2011 - 14:31:11 - [] ----D C:\Program Files\Adobe
O43 - CFD: 26/08/2011 - 19:55:13 - [] ----D C:\Program Files\Apple Software Update  =>.Apple Inc
O43 - CFD: 12/07/2011 - 14:59:08 - [] ----D C:\Program Files\Apple Software Update(21)  =>.Apple Inc
O43 - CFD: 06/02/2010 - 14:23:40 - [] ----D C:\Program Files\Ares
O43 - CFD: 29/12/2012 - 23:43:51 - [] ----D C:\Program Files\ASIO4ALL v2
O43 - CFD: 13/05/2014 - 16:35:25 - [] ----D C:\Program Files\AskPartnerNetwork  =>Toolbar.AskBar
O43 - CFD: 15/06/2009 - 02:22:35 - [] ----D C:\Program Files\ATI
O43 - CFD: 15/06/2009 - 02:24:23 - [] ----D C:\Program Files\ATI Technologies
O43 - CFD: 09/11/2013 - 16:44:19 - [] ----D C:\Program Files\Audacity
O43 - CFD: 06/12/2014 - 21:29:39 - [] ----D C:\Program Files\Audacity Recovery Utility
O43 - CFD: 08/06/2014 - 15:06:45 - [] ----D C:\Program Files\Auslogics
O43 - CFD: 29/12/2012 - 15:18:29 - [] ----D C:\Program Files\Autodesk
O43 - CFD: 14/12/2014 - 10:13:02 - [] ----D C:\Program Files\Avira
O43 - CFD: 31/01/2013 - 13:31:45 - [] ----D C:\Program Files\AviSynth 2.5
O43 - CFD: 27/07/2013 - 08:04:06 - [0] ----D C:\Program Files\battery bar
O43 - CFD: 25/08/2009 - 20:26:17 - [] ----D C:\Program Files\Biromsoft
O43 - CFD: 08/01/2012 - 12:44:49 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 15/06/2009 - 02:28:27 - [] ----D C:\Program Files\Broadcom
O43 - CFD: 08/06/2014 - 16:23:10 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 28/09/2014 - 17:34:35 - [] ----D C:\Program Files\Common Files
O43 - CFD: 10/02/2013 - 14:17:24 - [] ----D C:\Program Files\ControlMK
O43 - CFD: 15/07/2012 - 11:42:19 - [] ----D C:\Program Files\COWON
O43 - CFD: 20/01/2009 - 23:30:47 - [] ----D C:\Program Files\CyberLink
O43 - CFD: 10/04/2012 - 20:21:51 - [] ----D C:\Program Files\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 27/11/2013 - 22:00:08 - [] ----D C:\Program Files\DeskPins
O43 - CFD: 15/06/2009 - 02:25:55 - [] ----D C:\Program Files\DIFX
O43 - CFD: 04/05/2013 - 14:18:26 - [] ----D C:\Program Files\DivX
O43 - CFD: 24/07/2013 - 11:59:38 - [] ----D C:\Program Files\Dropbox
O43 - CFD: 05/09/2014 - 17:40:34 - [] ----D C:\Program Files\DVDVideoSoft
O43 - CFD: 02/11/2012 - 11:03:03 - [] ----D C:\Program Files\EA GAMES
O43 - CFD: 23/05/2014 - 09:23:40 - [] ----D C:\Program Files\EaseUS
O43 - CFD: 20/01/2009 - 23:31:18 - [] ----D C:\Program Files\EasyBits For Kids
O43 - CFD: 09/06/2014 - 10:48:26 - [] ----D C:\Program Files\Everest Poker.fr
O43 - CFD: 26/08/2011 - 20:59:11 - [] ----D C:\Program Files\Expat Shield
O43 - CFD: 10/02/2013 - 11:38:49 - [0] ----D C:\Program Files\Fifa 13
O43 - CFD: 26/10/2013 - 09:33:31 - [] ----D C:\Program Files\Folder Size
O43 - CFD: 12/05/2014 - 21:47:39 - [] ----D C:\Program Files\GanttProject
O43 - CFD: 13/12/2013 - 17:19:29 - [] ----D C:\Program Files\Google
O43 - CFD: 18/08/2011 - 19:16:04 - [] ----D C:\Program Files\Guitar Pro 6
O43 - CFD: 12/08/2013 - 23:08:45 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 12/08/2013 - 22:51:49 - [] ----D C:\Program Files\HP
O43 - CFD: 11/10/2009 - 16:55:29 - [] ----D C:\Program Files\HP DVB-T TV Tuner
O43 - CFD: 27/09/2011 - 11:33:58 - [] ----D C:\Program Files\HP Games
O43 - CFD: 24/01/2013 - 13:05:11 - [] ----D C:\Program Files\HTC
O43 - CFD: 04/08/2013 - 10:28:37 - [] ----D C:\Program Files\IDT
O43 - CFD: 30/07/2013 - 13:42:43 - [] ----D C:\Program Files\Innovative Solutions
O43 - CFD: 17/11/2014 - 15:37:25 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/06/2009 - 02:29:25 - [] ----D C:\Program Files\Intel
O43 - CFD: 14/08/2013 - 00:09:49 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 01/06/2014 - 18:06:08 - [] ----D C:\Program Files\iPod
O43 - CFD: 12/07/2011 - 14:56:17 - [] ----D C:\Program Files\iPod(127)
O43 - CFD: 12/08/2013 - 15:54:12 - [] ----D C:\Program Files\iPod(22)
O43 - CFD: 01/06/2014 - 18:07:20 - [] ----D C:\Program Files\iTunes
O43 - CFD: 12/07/2011 - 14:57:34 - [] ----D C:\Program Files\iTunes(128)
O43 - CFD: 18/10/2014 - 10:48:24 - [] ----D C:\Program Files\Java
O43 - CFD: 22/10/2012 - 19:51:12 - [] ----D C:\Program Files\JetAudio
O43 - CFD: 02/10/2014 - 18:46:05 - [] ----D C:\Program Files\KowMedia
O43 - CFD: 09/11/2013 - 16:27:02 - [] ----D C:\Program Files\Lame For Audacity
O43 - CFD: 10/02/2013 - 15:47:31 - [] ----D C:\Program Files\LibUSB-Win32-0.1.10.1
O43 - CFD: 08/05/2014 - 18:39:36 - [0] ----D C:\Program Files\LPT  =>Adware.Incredibar
O43 - CFD: 12/08/2013 - 15:54:12 - [] ----D C:\Program Files\ma-config.com
O43 - CFD: 13/12/2014 - 23:02:32 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 18/11/2012 - 22:28:42 - [] ----D C:\Program Files\Metacafe
O43 - CFD: 13/08/2013 - 00:55:18 - [] ----D C:\Program Files\Microsoft
O43 - CFD: 14/05/2010 - 19:42:50 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 13/08/2013 - 22:50:07 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 07/11/2014 - 14:31:21 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 22/08/2009 - 15:23:32 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 27/10/2009 - 19:57:06 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 27/10/2009 - 19:54:08 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 13/05/2014 - 15:17:57 - [] ----D C:\Program Files\Microsoft Windows 7 Upgrade Advisor
O43 - CFD: 13/08/2013 - 00:39:18 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 22/10/2012 - 17:13:32 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 14/08/2012 - 13:54:22 - [] ----D C:\Program Files\MixMeister BPM Analyzer
O43 - CFD: 10/02/2013 - 14:35:23 - [] ----D C:\Program Files\MotioninJoy
O43 - CFD: 10/02/2013 - 15:39:20 - [] ----D C:\Program Files\MotioninJoy2
O43 - CFD: 13/08/2013 - 07:07:08 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 14/12/2014 - 18:22:22 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 09/08/2012 - 22:06:10 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 27/10/2009 - 19:57:15 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 13/02/2010 - 17:33:06 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 15/06/2009 - 03:15:52 - [] ----D C:\Program Files\muvee Technologies
O43 - CFD: 04/09/2012 - 08:03:29 - [] ----D C:\Program Files\NCH Software
O43 - CFD: 22/08/2009 - 12:38:08 - [] R---D C:\Program Files\Online Services
O43 - CFD: 07/06/2010 - 20:03:29 - [] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 08/06/2014 - 16:35:11 - [] ----D C:\Program Files\Origin
O43 - CFD: 08/06/2014 - 16:43:11 - [] ----D C:\Program Files\Origin Games
O43 - CFD: 08/08/2013 - 08:48:01 - [] ----D C:\Program Files\OSSearch
O43 - CFD: 09/06/2014 - 10:57:21 - [] ----D C:\Program Files\Perfect Uninstaller
O43 - CFD: 27/11/2013 - 21:36:19 - [] ----D C:\Program Files\PowerMenu
O43 - CFD: 06/07/2011 - 13:44:49 - [] ----D C:\Program Files\Proun
O43 - CFD: 06/11/2012 - 13:08:38 - [] ----D C:\Program Files\python
O43 - CFD: 06/11/2012 - 13:18:27 - [] ----D C:\Program Files\python3
O43 - CFD: 05/03/2014 - 13:28:06 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 11/08/2013 - 10:31:23 - [] ----D C:\Program Files\QuickTime(42)
O43 - CFD: 11/06/2011 - 17:06:59 - [] ----D C:\Program Files\QuickZip
O43 - CFD: 19/06/2011 - 15:10:50 - [] ----D C:\Program Files\Real
O43 - CFD: 15/06/2009 - 02:27:33 - [] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 18/11/2014 - 20:32:50 - [] ----D C:\Program Files\RomStation
O43 - CFD: 14/05/2013 - 21:01:14 - [] ----D C:\Program Files\Safari
O43 - CFD: 30/08/2010 - 10:15:49 - [] ----D C:\Program Files\Samsung
O43 - CFD: 26/09/2012 - 21:05:07 - [] ----D C:\Program Files\SEGA
O43 - CFD: 28/09/2014 - 17:34:35 - [] R---D C:\Program Files\Skype
O43 - CFD: 07/11/2014 - 13:59:59 - [] ----D C:\Program Files\SMINST
O43 - CFD: 24/09/2014 - 16:18:25 - [] ----D C:\Program Files\SoftPerfect WiFi Guard
O43 - CFD: 14/10/2014 - 16:21:13 - [] ----D C:\Program Files\Sony
O43 - CFD: 22/06/2014 - 14:14:40 - [] ----D C:\Program Files\Sony Media Go Install
O43 - CFD: 14/07/2014 - 13:36:26 - [] ----D C:\Program Files\Sony Setup
O43 - CFD: 30/01/2013 - 19:08:56 - [] ----D C:\Program Files\SopCast
O43 - CFD: 24/01/2013 - 13:05:11 - [] ----D C:\Program Files\Spirent Communications
O43 - CFD: 22/07/2012 - 18:35:26 - [] ----D C:\Program Files\Spotify
O43 - CFD: 07/11/2014 - 15:21:32 - [] ----D C:\Program Files\Synaptics
O43 - CFD: 25/04/2014 - 15:31:07 - [] ----D C:\Program Files\SystemRequirementsLab
O43 - CFD: 28/10/2013 - 23:11:07 - [] ----D C:\Program Files\TmNationsForever
O43 - CFD: 30/01/2013 - 19:53:24 - [] ----D C:\Program Files\TVUPlayer
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 08/10/2013 - 21:35:43 - [] ----D C:\Program Files\URUSoft
O43 - CFD: 23/05/2012 - 12:43:10 - [] ----D C:\Program Files\Valve
O43 - CFD: 30/01/2013 - 20:05:08 - [] ----D C:\Program Files\Veetle
O43 - CFD: 22/08/2009 - 15:15:33 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 31/01/2013 - 11:21:09 - [] ----D C:\Program Files\Virtualdub
O43 - CFD: 13/05/2014 - 16:35:26 - [] ----D C:\Program Files\VNT
O43 - CFD: 08/01/2014 - 19:27:06 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 14/07/2014 - 14:33:46 - [] ----D C:\Program Files\Vstplugins
O43 - CFD: 10/05/2014 - 17:52:27 - [] ----D C:\Program Files\Winamp
O43 - CFD: 29/02/2012 - 17:23:54 - [] ----D C:\Program Files\WinAVI Video Capture
O43 - CFD: 21/01/2009 - 06:20:06 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 21/01/2009 - 06:20:06 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 21/01/2009 - 06:20:06 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 21/01/2009 - 06:20:06 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 20/07/2010 - 20:20:38 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 22/08/2009 - 15:22:06 - [] ----D C:\Program Files\Windows Live SkyDrive
O43 - CFD: 13/08/2013 - 07:07:18 - [] ----D C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 14/08/2013 - 00:09:24 - [] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 22/08/2009 - 12:35:22 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 21/01/2009 - 06:20:06 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 22/08/2009 - 12:38:06 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 19/01/2013 - 16:22:48 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 10/10/2014 - 22:25:57 - [] ----D C:\Program Files\Wipeout 2097
O43 - CFD: 10/07/2010 - 08:40:30 - [] ----D C:\Program Files\Xvid
O43 - CFD: 14/12/2014 - 22:26:33 - [] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 26/07/2011 - 14:48:11 - [] ----D C:\Program Files\ZipGenius 6
O43 - CFD: 18/08/2012 - 01:25:04 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 01/06/2014 - 18:06:07 - [] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 29/12/2012 - 15:29:02 - [] ----D C:\Program Files\Common Files\Autodesk Shared
O43 - CFD: 20/01/2009 - 23:19:20 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 04/05/2013 - 14:17:05 - [] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 05/09/2014 - 17:40:07 - [] ----D C:\Program Files\Common Files\DVDVideoSoft
O43 - CFD: 08/06/2014 - 16:43:45 - [] --H-D C:\Program Files\Common Files\EAInstaller
O43 - CFD: 29/07/2013 - 20:28:03 - [] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 29/07/2013 - 20:28:10 - [] ----D C:\Program Files\Common Files\HP
O43 - CFD: 11/10/2009 - 16:58:26 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 18/10/2014 - 10:48:24 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 15/06/2009 - 03:02:03 - [] ----D C:\Program Files\Common Files\LightScribe
O43 - CFD: 29/12/2012 - 15:21:28 - [] ----D C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 13/08/2013 - 00:29:11 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 15/06/2009 - 03:15:57 - [] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 29/12/2012 - 23:54:36 - [] ----D C:\Program Files\Common Files\Native Instruments
O43 - CFD: 17/07/2011 - 17:28:29 - [] ----D C:\Program Files\Common Files\PC Tools
O43 - CFD: 30/07/2012 - 01:24:02 - [] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 19/06/2011 - 15:04:39 - [] ----D C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 12:18:33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 28/09/2014 - 17:34:35 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 22/06/2014 - 14:16:25 - [] ----D C:\Program Files\Common Files\Sony Shared
O43 - CFD: 02/11/2006 - 12:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 25/10/2014 - 18:52:57 - [] ----D C:\Program Files\Common Files\Steam
O43 - CFD: 13/08/2013 - 22:36:59 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 22/08/2009 - 15:17:20 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 13/05/2014 - 14:35:57 - [] ----D C:\Program Files\Common Files\Wondershare
O43 - CFD: 19/06/2011 - 15:10:45 - [] ----D C:\Program Files\Common Files\xing shared
O43 - CFD: 01/06/2014 - 18:07:21 - [] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 11/08/2013 - 10:37:59 - [] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1(45)
O43 - CFD: 02/01/2013 - 13:21:43 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 13/05/2014 - 16:35:01 - [] ----D C:\ProgramData\APN
O43 - CFD: 09/02/2014 - 10:57:51 - [] ----D C:\ProgramData\Apple
O43 - CFD: 22/08/2009 - 14:56:57 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 13/05/2014 - 16:35:25 - [] ----D C:\ProgramData\AskPartnerNetwork  =>Toolbar.AskBar
O43 - CFD: 15/06/2009 - 03:19:48 - [] ----D C:\ProgramData\ATI
O43 - CFD: 08/06/2014 - 15:07:15 - [] ----D C:\ProgramData\Auslogics
O43 - CFD: 29/12/2012 - 15:38:35 - [] ----D C:\ProgramData\Autodesk
O43 - CFD: 20/08/2014 - 13:48:08 - [] ----D C:\ProgramData\Avira
O43 - CFD: 22/08/2009 - 12:35:22 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 30/07/2013 - 13:41:45 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 17/11/2014 - 15:31:51 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/05/2010 - 19:26:10 - [] ----D C:\ProgramData\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 04/05/2013 - 14:18:37 - [] ----D C:\ProgramData\DivX
O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 08/06/2014 - 18:43:38 - [] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 22/08/2009 - 12:35:22 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 29/12/2012 - 15:32:29 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 19/09/2011 - 17:36:48 - [] ----D C:\ProgramData\Google Updater
O43 - CFD: 01/07/2010 - 16:33:24 - [0] ----D C:\ProgramData\Guitar Pro 6
O43 - CFD: 12/08/2013 - 23:20:32 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 29/07/2013 - 20:21:19 - [] ----D C:\ProgramData\HP
O43 - CFD: 12/01/2014 - 10:50:48 - [] ----D C:\ProgramData\InstallMate  =>PUP.Tarma
O43 - CFD: 26/10/2009 - 13:54:25 - [] ----D C:\ProgramData\LightScribe
O43 - CFD: 11/08/2013 - 22:17:52 - [] ----D C:\ProgramData\ma-config.com
O43 - CFD: 10/04/2014 - 15:56:11 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 29/07/2013 - 14:36:13 - [0] ----D C:\ProgramData\Media Center Programs
O43 - CFD: 22/06/2014 - 13:02:12 - [] ----D C:\ProgramData\MediaMonkey
O43 - CFD: 22/08/2009 - 12:35:22 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 18/11/2012 - 22:28:48 - [] ----D C:\ProgramData\Metacafe
O43 - CFD: 12/08/2013 - 16:18:39 - [] ----D C:\ProgramData\Microsoft
O43 - CFD: 10/05/2014 - 18:19:22 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 26/10/2013 - 09:33:28 - [] ----D C:\ProgramData\MindGems
O43 - CFD: 22/08/2009 - 12:35:22 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 09/08/2012 - 22:06:08 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 15/07/2012 - 11:35:10 - [] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 18/11/2012 - 14:20:07 - [] ----D C:\ProgramData\Native Instruments
O43 - CFD: 30/08/2012 - 19:49:44 - [] ----D C:\ProgramData\NCH Software
O43 - CFD: 13/08/2010 - 16:19:28 - [] ----D C:\ProgramData\Norton
O43 - CFD: 20/01/2009 - 22:24:39 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 18/10/2014 - 10:05:55 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 08/06/2014 - 19:33:08 - [] ----D C:\ProgramData\Origin
O43 - CFD: 14/12/2014 - 10:13:20 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 11/10/2009 - 16:37:48 - [] ----D C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD: 25/08/2009 - 20:35:27 - [0] ----D C:\ProgramData\PY_Software
O43 - CFD: 28/09/2014 - 17:30:34 - [] ----D C:\ProgramData\Real
O43 - CFD: 28/09/2014 - 17:34:51 - [] ----D C:\ProgramData\Skype
O43 - CFD: 29/07/2013 - 14:38:51 - [] ----D C:\ProgramData\Software  =>Adware.Boxore
O43 - CFD: 14/07/2014 - 14:33:16 - [] ----D C:\ProgramData\Sony
O43 - CFD: 22/06/2014 - 14:15:41 - [] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/08/2010 - 14:18:42 - [] ----D C:\ProgramData\Sun
O43 - CFD: 01/09/2009 - 17:43:35 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 14/07/2014 - 15:23:51 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 14:02:04 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 31/12/2012 - 17:53:50 - [] ----D C:\ProgramData\TmForever
O43 - CFD: 30/01/2013 - 19:53:24 - [] ----D C:\ProgramData\TVU Networks
O43 - CFD: 27/09/2011 - 11:33:58 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 18/10/2009 - 12:41:48 - [] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 15/06/2011 - 15:35:33 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 20/01/2009 - 23:20:22 - [] ----D C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 22/05/2010 - 17:30:33 - [] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 29/08/2012 - 11:15:02 - [] ----D C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
O43 - CFD: 22/08/2009 - 14:57:07 - [] ----D C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
O43 - CFD: 09/12/2014 - 01:54:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
O43 - CFD: 14/08/2013 - 00:09:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/08/2013 - 00:09:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 06/02/2010 - 14:23:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 06/12/2014 - 20:49:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity Recovery Utility
O43 - CFD: 08/06/2014 - 15:06:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
O43 - CFD: 29/12/2012 - 15:20:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
O43 - CFD: 14/12/2014 - 10:13:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
O43 - CFD: 25/08/2009 - 20:34:49 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biromsoft WebCam
O43 - CFD: 15/06/2009 - 02:24:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
O43 - CFD: 10/02/2013 - 14:17:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ControlMK
O43 - CFD: 15/07/2012 - 11:42:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COWON
O43 - CFD: 10/04/2012 - 20:23:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 27/11/2013 - 22:00:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeskPins
O43 - CFD: 04/05/2013 - 14:17:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
O43 - CFD: 30/07/2013 - 13:42:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
O43 - CFD: 05/09/2014 - 17:40:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
O43 - CFD: 02/11/2012 - 11:03:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
O43 - CFD: 23/05/2014 - 09:23:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 6.5
O43 - CFD: 07/07/2011 - 10:52:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everest Poker.fr
O43 - CFD: 26/08/2011 - 20:58:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield
O43 - CFD: 21/01/2008 - 03:42:47 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 26/10/2013 - 09:33:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
O43 - CFD: 20/01/2009 - 22:55:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 12/05/2014 - 21:47:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject
O43 - CFD: 13/12/2013 - 17:20:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth  =>.Google Inc
O43 - CFD: 01/07/2010 - 16:27:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
O43 - CFD: 12/08/2013 - 23:09:10 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 11/10/2009 - 16:59:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP TVPlay
O43 - CFD: 24/01/2013 - 13:05:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
O43 - CFD: 01/06/2014 - 18:07:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 18/10/2014 - 10:06:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 10/02/2013 - 15:47:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibUSB-Win32
O43 - CFD: 15/06/2009 - 03:02:04 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
O43 - CFD: 02/11/2006 - 13:56:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 13/12/2014 - 23:02:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 31/01/2013 - 12:55:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Matroska Pack
O43 - CFD: 18/11/2012 - 22:28:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metacafe
O43 - CFD: 14/05/2010 - 19:51:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
O43 - CFD: 27/10/2009 - 19:58:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 13/08/2013 - 00:55:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
O43 - CFD: 07/11/2014 - 14:20:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 13/08/2013 - 00:39:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
O43 - CFD: 14/08/2012 - 13:54:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
O43 - CFD: 31/01/2013 - 13:17:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
O43 - CFD: 10/02/2013 - 15:39:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
O43 - CFD: 15/07/2012 - 11:45:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
O43 - CFD: 15/06/2009 - 03:15:58 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee
O43 - CFD: 27/09/2011 - 11:33:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My HP Games
O43 - CFD: 08/06/2014 - 16:43:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed World
O43 - CFD: 22/08/2009 - 12:38:08 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
O43 - CFD: 07/06/2010 - 20:05:52 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
O43 - CFD: 08/08/2013 - 08:48:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSSearch
O43 - CFD: 19/09/2011 - 17:36:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outil de mise à jour Google
O43 - CFD: 09/06/2014 - 10:56:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller
O43 - CFD: 27/11/2013 - 21:36:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerMenu
O43 - CFD: 10/10/2014 - 22:25:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psygnosis
O43 - CFD: 25/08/2009 - 20:35:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PY Software
O43 - CFD: 06/11/2012 - 13:08:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
O43 - CFD: 06/11/2012 - 13:18:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.3
O43 - CFD: 05/03/2014 - 13:28:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 19/06/2011 - 15:11:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
O43 - CFD: 20/01/2009 - 23:37:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager
O43 - CFD: 24/05/2014 - 18:23:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RomStation
O43 - CFD: 22/08/2009 - 12:38:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Services en ligne
O43 - CFD: 28/09/2014 - 17:34:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 24/09/2014 - 16:18:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
O43 - CFD: 14/10/2014 - 16:20:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 30/01/2013 - 19:08:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
O43 - CFD: 15/08/2013 - 23:15:08 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 02/11/2006 - 13:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 28/10/2013 - 23:11:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
O43 - CFD: 30/01/2013 - 19:27:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TVUPlayer
O43 - CFD: 23/05/2012 - 12:43:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
O43 - CFD: 14/08/2012 - 13:02:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
O43 - CFD: 02/10/2014 - 18:46:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WahOO
O43 - CFD: 29/02/2012 - 17:23:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Capture
O43 - CFD: 20/07/2010 - 20:22:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 19/01/2013 - 16:22:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 10/07/2010 - 08:40:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
O43 - CFD: 14/12/2014 - 22:26:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.Nicolas Coolman
O43 - CFD: 26/07/2011 - 14:46:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipGenius 6
O43 - CFD: 13/12/2014 - 17:56:00 - [] ----D C:\Users\Baptiste\AppData\Roaming\.ACEStream
O43 - CFD: 26/10/2014 - 18:04:31 - [] ----D C:\Users\Baptiste\AppData\Roaming\.Torrent Stream
O43 - CFD: 14/12/2014 - 00:15:24 - [0] -SH-D C:\Users\Baptiste\AppData\Roaming\3600540-NN
O43 - CFD: 26/10/2014 - 18:11:11 - [] ----D C:\Users\Baptiste\AppData\Roaming\ACEStream
O43 - CFD: 22/08/2009 - 18:07:01 - [] ----D C:\Users\Baptiste\AppData\Roaming\Adobe
O43 - CFD: 14/03/2012 - 18:21:27 - [] ----D C:\Users\Baptiste\AppData\Roaming\Apowersoft
O43 - CFD: 14/05/2013 - 21:15:27 - [] ----D C:\Users\Baptiste\AppData\Roaming\Apple Computer
O43 - CFD: 22/08/2009 - 12:46:42 - [] ----D C:\Users\Baptiste\AppData\Roaming\ATI
O43 - CFD: 09/11/2013 - 16:41:55 - [] ----D C:\Users\Baptiste\AppData\Roaming\Audacity
O43 - CFD: 29/07/2013 - 14:36:25 - [] ----D C:\Users\Baptiste\AppData\Roaming\Auslogics
O43 - CFD: 02/01/2013 - 14:40:45 - [] ----D C:\Users\Baptiste\AppData\Roaming\Autodesk
O43 - CFD: 13/05/2014 - 16:35:01 - [] ----D C:\Users\Baptiste\AppData\Roaming\Avira
O43 - CFD: 07/09/2012 - 09:11:44 - [0] ----D C:\Users\Baptiste\AppData\Roaming\COWON
O43 - CFD: 27/05/2012 - 23:45:47 - [] ----D C:\Users\Baptiste\AppData\Roaming\CyberLink
O43 - CFD: 17/11/2014 - 20:29:18 - [] ----D C:\Users\Baptiste\AppData\Roaming\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 23/07/2011 - 16:20:07 - [] ----D C:\Users\Baptiste\AppData\Roaming\DivX
O43 - CFD: 21/08/2014 - 18:31:59 - [] ----D C:\Users\Baptiste\AppData\Roaming\Dropbox
O43 - CFD: 21/08/2013 - 10:43:29 - [] ----D C:\Users\Baptiste\AppData\Roaming\dvdcss
O43 - CFD: 05/09/2014 - 17:40:58 - [] ----D C:\Users\Baptiste\AppData\Roaming\DVDVideoSoft
O43 - CFD: 09/07/2012 - 16:15:16 - [] ----D C:\Users\Baptiste\AppData\Roaming\GetRightToGo
O43 - CFD: 02/01/2011 - 14:44:03 - [] ----D C:\Users\Baptiste\AppData\Roaming\GTek
O43 - CFD: 02/07/2010 - 22:22:33 - [] ----D C:\Users\Baptiste\AppData\Roaming\Guitar Pro 6
O43 - CFD: 12/08/2013 - 23:20:32 - [] ----D C:\Users\Baptiste\AppData\Roaming\Hewlett-Packard
O43 - CFD: 12/08/2013 - 23:33:07 - [0] ----D C:\Users\Baptiste\AppData\Roaming\HP Support Assistant  =>.Hewlett-Packard Co
O43 - CFD: 22/08/2009 - 12:38:10 - [] ----D C:\Users\Baptiste\AppData\Roaming\HP TCS
O43 - CFD: 12/08/2013 - 23:27:38 - [] ----D C:\Users\Baptiste\AppData\Roaming\hpqLog
O43 - CFD: 23/11/2014 - 12:43:28 - [] ----D C:\Users\Baptiste\AppData\Roaming\HpUpdate
O43 - CFD: 22/08/2009 - 12:46:15 - [] ----D C:\Users\Baptiste\AppData\Roaming\Identities
O43 - CFD: 12/08/2013 - 23:22:57 - [] ----D C:\Users\Baptiste\AppData\Roaming\InstallShield
O43 - CFD: 22/08/2009 - 14:49:42 - [] ----D C:\Users\Baptiste\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Media Center Programs
O43 - CFD: 22/06/2014 - 13:07:14 - [] ----D C:\Users\Baptiste\AppData\Roaming\MediaMonkey
O43 - CFD: 10/09/2012 - 10:48:10 - [] -S--D C:\Users\Baptiste\AppData\Roaming\Microsoft
O43 - CFD: 31/01/2013 - 12:42:53 - [] ----D C:\Users\Baptiste\AppData\Roaming\mkvtoolnix
O43 - CFD: 10/02/2013 - 15:02:40 - [] ----D C:\Users\Baptiste\AppData\Roaming\MotioninJoy
O43 - CFD: 23/07/2014 - 19:36:44 - [] ----D C:\Users\Baptiste\AppData\Roaming\Mozilla
O43 - CFD: 15/07/2012 - 11:35:51 - [] ----D C:\Users\Baptiste\AppData\Roaming\muvee Technologies
O43 - CFD: 14/08/2012 - 13:06:21 - [] ----D C:\Users\Baptiste\AppData\Roaming\NCH Software
O43 - CFD: 08/06/2014 - 19:21:29 - [] ----D C:\Users\Baptiste\AppData\Roaming\Need for Speed World
O43 - CFD: 07/06/2010 - 20:06:01 - [] ----D C:\Users\Baptiste\AppData\Roaming\OpenOffice.org
O43 - CFD: 06/09/2009 - 12:51:41 - [] ----D C:\Users\Baptiste\AppData\Roaming\Opera
O43 - CFD: 31/05/2014 - 18:48:52 - [] ----D C:\Users\Baptiste\AppData\Roaming\Origin
O43 - CFD: 23/04/2010 - 18:01:26 - [0] ----D C:\Users\Baptiste\AppData\Roaming\PeerNetworking
O43 - CFD: 14/07/2014 - 14:36:24 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Publish Providers
O43 - CFD: 11/06/2011 - 17:32:19 - [] ----D C:\Users\Baptiste\AppData\Roaming\QuickZip
O43 - CFD: 08/01/2014 - 19:21:27 - [] ----D C:\Users\Baptiste\AppData\Roaming\Real
O43 - CFD: 03/07/2011 - 16:22:34 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Samsung
O43 - CFD: 01/12/2012 - 17:57:00 - [] R-H-D C:\Users\Baptiste\AppData\Roaming\SecuROM
O43 - CFD: 09/11/2014 - 17:12:36 - [] ----D C:\Users\Baptiste\AppData\Roaming\Skype
O43 - CFD: 30/10/2011 - 17:25:35 - [] ----D C:\Users\Baptiste\AppData\Roaming\skypePM
O43 - CFD: 14/07/2014 - 14:35:43 - [] ----D C:\Users\Baptiste\AppData\Roaming\Sony
O43 - CFD: 25/09/2012 - 19:20:04 - [] ----D C:\Users\Baptiste\AppData\Roaming\Sports Interactive
O43 - CFD: 27/11/2014 - 01:04:51 - [] ----D C:\Users\Baptiste\AppData\Roaming\Spotify
O43 - CFD: 16/08/2012 - 11:21:53 - [] ----D C:\Users\Baptiste\AppData\Roaming\StoneTrip
O43 - CFD: 25/04/2014 - 15:30:52 - [] ----D C:\Users\Baptiste\AppData\Roaming\SystemRequirementsLab
O43 - CFD: 31/03/2011 - 19:37:30 - [] ----D C:\Users\Baptiste\AppData\Roaming\Template
O43 - CFD: 11/10/2014 - 16:39:56 - [] ----D C:\Users\Baptiste\AppData\Roaming\The Creative Assembly
O43 - CFD: 30/07/2012 - 01:24:20 - [] ----D C:\Users\Baptiste\AppData\Roaming\Todae
O43 - CFD: 26/10/2014 - 18:04:31 - [0] ----D C:\Users\Baptiste\AppData\Roaming\TorrentStream
O43 - CFD: 23/07/2014 - 19:36:44 - [] ----D C:\Users\Baptiste\AppData\Roaming\TuneUpMedia
O43 - CFD: 06/02/2013 - 12:38:40 - [0] ----D C:\Users\Baptiste\AppData\Roaming\U3
O43 - CFD: 14/11/2014 - 20:46:35 - [] ----D C:\Users\Baptiste\AppData\Roaming\Unity
O43 - CFD: 14/12/2014 - 22:14:42 - [] ----D C:\Users\Baptiste\AppData\Roaming\vlc
O43 - CFD: 22/08/2009 - 18:14:32 - [] ----D C:\Users\Baptiste\AppData\Roaming\WildTangent
O43 - CFD: 10/05/2014 - 19:18:06 - [] ----D C:\Users\Baptiste\AppData\Roaming\Winamp
O43 - CFD: 19/01/2013 - 16:23:07 - [] ----D C:\Users\Baptiste\AppData\Roaming\WinRAR
O43 - CFD: 14/12/2014 - 22:28:47 - [] ----D C:\Users\Baptiste\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 26/07/2011 - 14:50:14 - [] ----D C:\Users\Baptiste\AppData\Roaming\ZipGenius
O43 - CFD: 12/08/2013 - 23:07:26 - [] ----D C:\Users\Baptiste\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
O43 - CFD: 08/06/2014 - 16:38:50 - [] ----D C:\Users\Baptiste\AppData\Local\4kdownload.com
O43 - CFD: 18/08/2012 - 01:24:37 - [] ----D C:\Users\Baptiste\AppData\Local\Adobe
O43 - CFD: 22/08/2009 - 14:55:50 - [] ----D C:\Users\Baptiste\AppData\Local\Apple
O43 - CFD: 08/07/2012 - 15:21:25 - [] ----D C:\Users\Baptiste\AppData\Local\Apple Computer
O43 - CFD: 22/08/2009 - 12:35:33 - [] -SH-D C:\Users\Baptiste\AppData\Local\Application Data
O43 - CFD: 05/12/2009 - 14:45:38 - [] ----D C:\Users\Baptiste\AppData\Local\Apps
O43 - CFD: 23/05/2014 - 00:22:54 - [] ----D C:\Users\Baptiste\AppData\Local\Ares
O43 - CFD: 17/05/2014 - 16:55:37 - [] ----D C:\Users\Baptiste\AppData\Local\AskPartnerNetwork  =>Toolbar.AskBar
O43 - CFD: 22/08/2009 - 12:46:42 - [] ----D C:\Users\Baptiste\AppData\Local\ATI
O43 - CFD: 12/11/2014 - 13:55:57 - [] ----D C:\Users\Baptiste\AppData\Local\Autodesk
O43 - CFD: 09/08/2013 - 10:40:17 - [0] ----D C:\Users\Baptiste\AppData\Local\BeamNG
O43 - CFD: 25/09/2012 - 20:27:44 - [] ----D C:\Users\Baptiste\AppData\Local\Chromium
O43 - CFD: 14/12/2014 - 18:25:37 - [0] ----D C:\Users\Baptiste\AppData\Local\CrashDumps
O43 - CFD: 09/07/2012 - 16:13:21 - [] ----D C:\Users\Baptiste\AppData\Local\CRE
O43 - CFD: 17/02/2011 - 16:05:23 - [] ----D C:\Users\Baptiste\AppData\Local\CyberLink
O43 - CFD: 27/07/2013 - 08:02:49 - [] ----D C:\Users\Baptiste\AppData\Local\Duomart.com
O43 - CFD: 08/06/2014 - 18:44:00 - [] ----D C:\Users\Baptiste\AppData\Local\Electronic_Arts_Inc
O43 - CFD: 27/11/2011 - 18:13:57 - [] ----D C:\Users\Baptiste\AppData\Local\Facebook
O43 - CFD: 06/03/2010 - 17:32:31 - [] ----D C:\Users\Baptiste\AppData\Local\Google
O43 - CFD: 29/08/2012 - 11:18:17 - [] ----D C:\Users\Baptiste\AppData\Local\Hewlett-Packard
O43 - CFD: 22/08/2009 - 12:35:33 - [] -SH-D C:\Users\Baptiste\AppData\Local\Historique
O43 - CFD: 30/07/2013 - 13:42:46 - [] ----D C:\Users\Baptiste\AppData\Local\Innovative Solutions
O43 - CFD: 02/10/2014 - 18:59:44 - [] ----D C:\Users\Baptiste\AppData\Local\KowMedia
O43 - CFD: 02/08/2012 - 19:37:11 - [] ----D C:\Users\Baptiste\AppData\Local\Macromedia
O43 - CFD: 29/12/2012 - 23:41:08 - [] ----D C:\Users\Baptiste\AppData\Local\Mailocash
O43 - CFD: 22/06/2014 - 13:04:44 - [] ----D C:\Users\Baptiste\AppData\Local\MediaMonkey
O43 - CFD: 12/08/2013 - 16:18:38 - [] ----D C:\Users\Baptiste\AppData\Local\Microsoft
O43 - CFD: 13/05/2014 - 15:19:38 - [] ----D C:\Users\Baptiste\AppData\Local\Microsoft Corporation
O43 - CFD: 28/10/2009 - 20:50:40 - [] ----D C:\Users\Baptiste\AppData\Local\Microsoft Games
O43 - CFD: 10/05/2014 - 18:02:17 - [] ----D C:\Users\Baptiste\AppData\Local\Microsoft Help
O43 - CFD: 26/08/2011 - 21:04:12 - [] ----D C:\Users\Baptiste\AppData\Local\Mozilla
O43 - CFD: 06/09/2009 - 12:51:41 - [] ----D C:\Users\Baptiste\AppData\Local\Opera
O43 - CFD: 31/05/2014 - 18:38:48 - [] ----D C:\Users\Baptiste\AppData\Local\Origin
O43 - CFD: 01/01/2011 - 02:48:32 - [] ----D C:\Users\Baptiste\AppData\Local\P5
O43 - CFD: 17/02/2011 - 16:05:22 - [] ----D C:\Users\Baptiste\AppData\Local\PowerCinema
O43 - CFD: 02/11/2012 - 20:50:15 - [] ----D C:\Users\Baptiste\AppData\Local\PunkBuster
O43 - CFD: 11/06/2011 - 17:32:33 - [] ----D C:\Users\Baptiste\AppData\Local\Quick_Zip_Dev
O43 - CFD: 28/09/2014 - 17:35:01 - [] ----D C:\Users\Baptiste\AppData\Local\Skype
O43 - CFD: 18/11/2012 - 14:15:32 - [] ----D C:\Users\Baptiste\AppData\Local\Software
O43 - CFD: 14/07/2014 - 14:35:43 - [] ----D C:\Users\Baptiste\AppData\Local\Sony
O43 - CFD: 25/09/2012 - 19:20:04 - [] ----D C:\Users\Baptiste\AppData\Local\Sports Interactive
O43 - CFD: 27/11/2014 - 01:02:36 - [] ----D C:\Users\Baptiste\AppData\Local\Spotify
O43 - CFD: 14/12/2014 - 22:26:36 - [] ----D C:\Users\Baptiste\AppData\Local\Temp
O43 - CFD: 22/08/2009 - 12:35:33 - [] -SH-D C:\Users\Baptiste\AppData\Local\Temporary Internet Files
O43 - CFD: 11/10/2009 - 17:07:20 - [] ----D C:\Users\Baptiste\AppData\Local\TVPlay
O43 - CFD: 30/01/2013 - 19:53:24 - [] ----D C:\Users\Baptiste\AppData\Local\TVU Networks
O43 - CFD: 14/11/2014 - 19:27:59 - [] ----D C:\Users\Baptiste\AppData\Local\Unity
O43 - CFD: 04/07/2010 - 20:47:46 - [] ----D C:\Users\Baptiste\AppData\Local\VirtualStore
O43 - CFD: 13/05/2014 - 16:35:39 - [] ----D C:\Users\Baptiste\AppData\Local\VNT
O43 - CFD: 22/10/2012 - 19:05:59 - [] ----D C:\Users\Baptiste\AppData\Local\WahOO
O43 - CFD: 24/09/2014 - 16:19:12 - [] ----D C:\Users\Baptiste\AppData\Local\WiFi Guard
O43 - CFD: 13/05/2014 - 14:35:58 - [] ----D C:\Users\Baptiste\AppData\Local\Wondershare
O43 - CFD: 21/01/2008 - 03:42:46 - [] R---D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 22/08/2009 - 12:46:21 - [] R---D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 06/02/2010 - 14:23:17 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares
O43 - CFD: 29/12/2012 - 23:43:51 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
O43 - CFD: 09/08/2013 - 10:39:45 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG-Techdemo-0.3
O43 - CFD: 10/02/2013 - 14:17:24 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ControlMK
O43 - CFD: 15/06/2009 - 03:14:57 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
O43 - CFD: 27/11/2013 - 22:00:08 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeskPins
O43 - CFD: 15/08/2014 - 21:41:42 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 12/05/2014 - 21:47:38 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GanttProject
O43 - CFD: 29/07/2013 - 15:24:53 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 15/06/2009 - 03:11:28 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 12/02/2010 - 18:53:15 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Le compte est il juste
O43 - CFD: 21/01/2008 - 03:42:46 - [] R---D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 27/11/2013 - 21:36:19 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerMenu
O43 - CFD: 06/07/2011 - 13:44:49 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proun
O43 - CFD: 25/08/2009 - 20:35:27 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PY Software
O43 - CFD: 11/06/2011 - 17:07:00 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Zip 5.1
O43 - CFD: 08/01/2014 - 19:27:07 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 30/01/2013 - 19:08:49 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
O43 - CFD: 14/12/2014 - 10:00:31 - [] R---D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 16/08/2012 - 11:20:20 - [0] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StoneTrip
O43 - CFD: 19/01/2013 - 16:22:48 - [] ----D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 470 Scanned in 00mn 03s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9FA727A846DE14DDD937072CCDB4235F] - 07/12/2014 - 12:10:19 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [498440]
O44 - LFC:[MD5.8E2E9CCD873ABF180F48BCAEEEBE347D] - 14/12/2014 - 18:38:11 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys   [114904]
O44 - LFC:[MD5.7AE1A70B102168C210DB5A5A31ACAACE] - 14/12/2014 - 21:06:35 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [9497]
O44 - LFC:[MD5.B99516E55BD20C92FE0FA2AD8CBB9FAE] - 14/12/2014 - 22:03:24 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1470810]
O44 - LFC:[MD5.E4F633694F3AA7F00F67C820105BC00F] - 14/12/2014 - 22:03:24 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [101250]
O44 - LFC:[MD5.75276902AC093A70FB50FB838A3564BA] - 14/12/2014 - 22:03:24 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [123556]
O44 - LFC:[MD5.59A545441BC70DB59DC92D5F60DCF798] - 14/12/2014 - 22:03:24 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [587178]
O44 - LFC:[MD5.3F5F371407095634B64100F8D1E16A71] - 14/12/2014 - 22:03:24 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [669566]
O44 - LFC:[MD5.1EA53B1A1872E8684E7AD777BCF5E577] - 14/12/2014 - 22:22:45 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0   [3216]
O44 - LFC:[MD5.1EA53B1A1872E8684E7AD777BCF5E577] - 14/12/2014 - 22:22:45 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0   [3216]
O44 - LFC:[MD5.AD7488D8586F8A8F65C583018AA143DB] - 14/12/2014 - 22:25:05 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.4AAB9B55B5166FD43BEB59981F622815] - 14/12/2014 - 22:25:44 ---A- . (...) -- C:\Windows\ntbtlog.txt   [800748]
~ Files: 12 Scanned in 00mn 06s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ CSB: 15 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{3099ddaa-7306-11df-abf8-00238bf033c1}\AutoRun\command. (...) -- F:\Memorybar.exe (.not file.)
O51 - MPSK:{7d72f9be-6b05-11e2-8bbe-0023a6a72f8b}\AutoRun\command. (...) -- I:\LaunchU3.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \Drivers32\"VIDC.IV41"="IR41_32.AX" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\IR41_32.AX
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\System32\xvidvfw.dll
~ TDSD: 11 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher  [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\APSDaemon  [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\ares  [Key] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe
O53 - SMSR:HKLM\...\startupreg\avgnt  [Key] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer for HP TouchSmart  [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite  [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe  =>.DT Soft Ltd
O53 - SMSR:HKLM\...\startupreg\DivXMediaServer  [Key] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O53 - SMSR:HKLM\...\startupreg\DivXUpdate  [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O53 - SMSR:HKLM\...\startupreg\DriverMax  [Key] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
O53 - SMSR:HKLM\...\startupreg\DriverMax_RESTART  [Key] . (.Innovative Solutions - DriverMax.) -- C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
O53 - SMSR:HKLM\...\startupreg\DriverScanner  [Key] . (...) -- C:\Program Files\Uniblue\DRIVER~1\launcher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DVDAgent  [Key] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
O53 - SMSR:HKLM\...\startupreg\ehTray.exe  [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O53 - SMSR:HKLM\...\startupreg\Facebook Update  [Key] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Baptiste\AppData\Local\Facebook\Update\FacebookUpdate.exe
O53 - SMSR:HKLM\...\startupreg\Google Update  [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Baptiste\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O53 - SMSR:HKLM\...\startupreg\HP Software Update  [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Co
O53 - SMSR:HKLM\...\startupreg\iTunesHelper  [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel  [Key] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O53 - SMSR:HKLM\...\startupreg\NCPluginUpdater  [Key] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O53 - SMSR:HKLM\...\startupreg\PCSpeedUp  [Key] . (...) -- C:\Program Files\Accelerer PC\PCSpeedUp.lnk (.not file.)  =>Rogue.PCSpeedUp
O53 - SMSR:HKLM\...\startupreg\QlbCtrl.exe  [Key] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task  [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\SmartMenu  [Key] . (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O53 - SMSR:HKLM\...\startupreg\Spotify Web Helper  [Key] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Baptiste\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC  [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe  =>.Advanced Micro Devices, Inc
O53 - SMSR:HKLM\...\startupreg\swg  [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O53 - SMSR:HKLM\...\startupreg\SynTPEnh  [Key] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O53 - SMSR:HKLM\...\startupreg\SysTrayApp  [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O53 - SMSR:HKLM\...\startupreg\TkBellExe  [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe  =>.RealNetworks, Inc
O53 - SMSR:HKLM\...\startupreg\TorrentStream  [Key] . (...) -- C:\Users\Baptiste\AppData\Roaming\TorrentStream\engine\tsengine.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TSMAgent  [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O53 - SMSR:HKLM\...\startupreg\TVAgent  [Key] . (...) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TVPService  [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\HP\TVPlay\TVPService.exe
O53 - SMSR:HKLM\...\startupreg\UCam_Menu  [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdateLBPShortCut  [Key] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdateP2GoShortCut  [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdatePDIRShortCut  [Key] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdatePSTShortCut  [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\WinampAgent  [Key] . (.Nullsoft, Inc. - Winamp Agent.) -- C:\Program Files\Winamp\winampa.exe
O53 - SMSR:HKLM\...\startupreg\Windows Defender  [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O53 - SMSR:HKLM\...\startupreg\WirelessAssistant  [Key] . (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG  [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe  =>.Microsoft Corporation
~ SMSR Keys: 43 Scanned in 00mn 01s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "TaskbarNoNotification"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HideSCAHealth"=0
~ MWPE Keys: 2 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13/05/2011 - 17:57:20 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys   [35896]
O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422968]
O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys   [300600]
O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys   [101432]
O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys   [149560]
O58 - SDL:21/01/2009 - 06:37:49 ----- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys   [17464]
O58 - SDL:14/03/2013 - 21:17:44 ---A- . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\Windows\System32\Drivers\amdkmafd.sys   [15968]
O58 - SDL:30/12/2010 - 15:19:40 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys   [16640]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys   [79416]
O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [79928]
O58 - SDL:24/04/2013 - 18:18:02 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys   [10070016]
O58 - SDL:24/04/2013 - 16:47:52 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys   [290304]
O58 - SDL:14/10/2014 - 12:09:47 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys   [98160]  =>.Avira Operations GmbH
O58 - SDL:30/07/2013 - 13:41:58 ---A- . (.AVG Technologies - Pas de description.) -- C:\Windows\System32\Drivers\avgtpx86.sys   [37664]
O58 - SDL:14/10/2014 - 12:09:49 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys   [136216]  =>.Avira Operations GmbH
O58 - SDL:25/02/2014 - 14:04:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys   [37352]  =>.Avira Operations GmbH
O58 - SDL:12/08/2013 - 23:22:24 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL6.SYS   [2438648]
O58 - SDL:02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys   [13568]
O58 - SDL:02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys   [5248]
O58 - SDL:02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys   [71808]
O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys   [62336]
O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys   [12160]
O58 - SDL:02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys   [11904]
O58 - SDL:21/01/2009 - 06:37:49 ----- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys   [19000]
O58 - SDL:02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys   [71272]
O58 - SDL:10/04/2012 - 20:21:51 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys   [242240]
O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\System32\Drivers\E1G60I32.sys   [118784]
O58 - SDL:21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [342584]
O58 - SDL:04/09/2008 - 18:47:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\System32\Drivers\enecir.sys   [54784]
O58 - SDL:21/08/2012 - 13:01:22 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys   [26840]
O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys   [40504]
O58 - SDL:13/05/2011 - 17:57:42 ---A- . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\Drivers\hpdskflt.sys   [25656]
O58 - SDL:18/06/2007 - 16:12:04 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\HpqKbFiltr.sys   [16768]
O58 - SDL:25/05/2011 - 00:40:10 ---A- . (.AnchorFree Inc. - Expat Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv.sys   [37376]
O58 - SDL:23/06/2010 - 10:23:44 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys   [23040]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys   [235064]
O58 - SDL:02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys   [41576]
O58 - SDL:02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys   [35944]
O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys   [35944]
O58 - SDL:26/04/2013 - 10:40:18 ---A- . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\Drivers\jmcr.sys   [148720]
O58 - SDL:30/11/2011 - 14:53:18 ---A- . (.JMicron Technology Corp. - OHCI1394 upper filter driver.) -- C:\Windows\System32\Drivers\johci.sys   [23128]
O58 - SDL:09/03/2005 - 20:50:16 ---A- . (...) -- C:\Windows\System32\Drivers\libusb0.sys   [33792]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys   [96312]
O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [89656]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys   [96312]
O58 - SDL:21/11/2014 - 06:14:06 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [23256]
O58 - SDL:21/11/2014 - 06:14:10 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys   [75480]
O58 - SDL:14/12/2014 - 18:38:11 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys   [114904]
O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys   [31288]
O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys   [386616]
O58 - SDL:02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys   [33384]
O58 - SDL:21/11/2014 - 06:14:16 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys   [51928]
O58 - SDL:21/01/2008 - 03:23:20 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETw3v32.sys   [2225664]
O58 - SDL:02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys   [45160]
O58 - SDL:02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys   [20608]
O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [102968]
O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [45112]
O58 - SDL:23/05/2014 - 17:28:01 ---A- . (...) -- C:\Windows\System32\Drivers\PnkBstrK.sys   [138992]
O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys   [1122360]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys   [106088]
O58 - SDL:06/08/2008 - 17:26:08 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\Drivers\Rtlh86.sys   [124928]
O58 - SDL:02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [20480]
O58 - SDL:03/02/2009 - 16:36:58 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\System32\Drivers\sfdrv01.sys   [59000]
O58 - SDL:03/02/2009 - 16:39:23 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\Windows\System32\Drivers\sfdrv01a.sys   [63096]
O58 - SDL:14/06/2006 - 15:56:56 ---A- . (.Protection Technology (StarForce) - FrontLine Helper Driver.) -- C:\Windows\System32\Drivers\sfhlp02.sys   [13680]
O58 - SDL:08/02/2007 - 18:44:43 ---A- . (.Protection Technology (StarForce) - FrontLine File System Driver.) -- C:\Windows\System32\Drivers\sfvfs02.sys   [83320]
O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [74808]
O58 - SDL:25/02/2014 - 14:05:01 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys   [28520]
O58 - SDL:24/07/2006 - 15:05:00 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys   [5632]
O58 - SDL:03/06/2009 - 19:43:18 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt.sys   [407040]
O58 - SDL:02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys   [35944]
O58 - SDL:02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys   [31848]
O58 - SDL:02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys   [34920]
O58 - SDL:30/04/2009 - 19:01:52 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys   [209456]
O58 - SDL:18/06/2012 - 12:58:52 ---A- . (.SysNucleus - USBDeviceShare Device Stub.) -- C:\Windows\System32\Drivers\udsstub.sys   [16000]
O58 - SDL:21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys   [238648]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys   [98408]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys   [115816]
O58 - SDL:21/01/2009 - 06:37:49 ----- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [20024]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [130616]
O58 - SDL:02/11/2006 - 08:30:56 ---A- . (.Marvell - Pilote miniport NDIS6.0 pour contrôleur Ethernet Marvell Yukon.) -- C:\Windows\System32\Drivers\yk60x86.sys   [194048]
O58 - SDL:13/10/2006 - 20:36:36 ---A- . (.DiBcom SA - DVB-T USB2.0 adapter BDA driver.) -- C:\Windows\System32\Drivers\yuanmodbda2.sys   [32256]
O58 - SDL:02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 97 Scanned in 00mn 36s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 09/12/2014 - 22:30:13 ---A- . (.Open Media LLC.) -- C:\Users\Baptiste\Music\Videos\The Office US - The Complete Season 7 [HDTV]\4kvideodownloader_3.4 (2).exe   [23859608]
O61 - LFC: 09/12/2014 - 22:30:13 ---A- . (.Open Media LLC.) -- C:\Users\Baptiste\Music\Videos\The Office US - The Complete Season 7 [HDTV]\4kyoutubetomp3_2.9.exe   [23803096]
O61 - LFC: 10/12/2014 - 22:30:13 ---A- . (.Google Inc..) -- C:\Users\Baptiste\Music\Videos\The Office US - The Complete Season 7 [HDTV]\googlesketchupwfr.exe   [40356320]
O61 - LFC: 14/12/2014 - 22:30:05 ---A- . (...) -- C:\Users\Baptiste\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin   [90316]
O61 - LFC: 14/12/2014 - 22:30:10 ---A- . (.Nicolas Coolman.) -- C:\Users\Baptiste\Desktop\ZHPDiag2.exe   [6867254]  =>.Nicolas Coolman
~ 3 Fichiers temporaires (Temporary files)
~ 13 Fichiers cookies (Cookies files)
~ Files: 5 Scanned in 00mn 36s



---\\ Fichiers Alternate Data Stream (ADS) (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\pbsvc.exe:Zone.Identifier
~ ADS:  Scanned in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adp94xx.sys (adp94xx)  .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adpahci.sys (adpahci)  .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adpu160m.sys (adpu160m)  .(.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) - LEGACY_ADPU160M
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adpu320.sys (adpu320)  .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) - LEGACY_ADPU320
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\djsvs.sys (aic78xx)  .(.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) - LEGACY_AIC78XX
O64 - Services: CurCS - 21/01/2009 - C:\Windows\System32\drivers\aliide.sys (aliide)  .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\arc.sys (arc)  .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\arcsas.sys (arcsas)  .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS
O64 - Services: CurCS - 30/07/2013 - C:\Windows\system32\drivers\avgtpx86.sys (avgtp)  .(.AVG Technologies - Pas de description.) - LEGACY_AVGTP
O64 - Services: CurCS - 21/01/2009 - C:\Windows\System32\drivers\cmdide.sys (cmdide)  .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\elxstor.sys (elxstor)  .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\hpcisss.sys (HpCISSs)  .(.Hewlett-Packard Company - Smart Array Storport Driver.) - LEGACY_HPCISSS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\iastorv.sys (iaStorV)  .(.Intel Corporation - Intel Matrix Storage Manager driver (base).) - LEGACY_IASTORV
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\iirsp.sys (iirsp)  .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\iteatapi.sys (iteatapi)  .(.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) - LEGACY_ITEATAPI
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\iteraid.sys (iteraid)  .(.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) - LEGACY_ITERAID
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\lsi_fc.sys (LSI_FC)  .(.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\lsi_sas.sys (LSI_SAS)  .(.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\lsi_scsi.sys (LSI_SCSI)  .(.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\megasas.sys (megasas)  .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\megasr.sys (MegaSR)  .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\mraid35x.sys (Mraid35x)  .(.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\nfrd960.sys (nfrd960)  .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nvraid.sys (nvraid)  .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nvstor.sys (nvstor)  .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\ql2300.sys (ql2300)  .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\ql40xx.sys (ql40xx)  .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX
O64 - Services: CurCS - 03/02/2009 - C:\Windows\System32\drivers\sfdrv01.sys (sfdrv01)  .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01
O64 - Services: CurCS - 14/06/2006 - C:\Windows\System32\drivers\sfhlp02.sys (sfhlp02)  .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02
O64 - Services: CurCS - 08/02/2007 - C:\Windows\System32\drivers\sfvfs02.sys (sfvfs02)  .(.Protection Technology (StarForce) - FrontLine File System Driver.) - LEGACY_SFVFS02
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\sisraid4.sys (SiSRaid4)  .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\symc8xx.sys (Symc8xx)  .(.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\sym_hi.sys (Sym_hi)  .(.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\sym_u3.sys (Sym_u3)  .(.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) - LEGACY_SYM_U3
O64 - Services: CurCS - 16/03/1745 - C:\Windows\system32\TrueSight.sys (TrueSight) .(...) - LEGACY_TRUESIGHT
O64 - Services: CurCS - 16/03/1745 - C:\Windows\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) .(...) - LEGACY_TRUSTEDINSTALLER
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\uliahci.sys (uliahci)  .(.ULi Electronics Inc. - ULi SATA Controller Driver.) - LEGACY_ULIAHCI
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\ulsata.sys (UlSata)  .(.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) - LEGACY_ULSATA
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\ulsata2.sys (ulsata2)  .(.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) - LEGACY_ULSATA2
O64 - Services: CurCS - 21/01/2009 - C:\Windows\System32\drivers\viaide.sys (viaide)  .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\vsmraid.sys (vsmraid)  .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID
~ Legacy: 211 Scanned in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.scr> <AutoCADScriptFile>[HKCU\..\open\Command] (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
~ FASS Keys: 12 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Baptiste - o0fczfgg.default] user_pref("browser.search.selectedEngine", "Web Search");
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [574464]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [438272]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [314368]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll   [260608]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll   [448512]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1929952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [758272]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [190464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153600]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [161792]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [603648]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [68096]
O83 - Search Svchost Services: ezSharedSvc (ezSharedSvc) . (.EasyBits Sofware AS - Shared EasyBits services for Windows.) -- C:\Windows\System32\ezsvc7.dll   [129992]
~ Services: 32 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.475048300F9919381C60A3701430CFD7] [SPRF][02/11/2012] (...) -- C:\Users\Baptiste\AppData\Roaming\PnkBstrK.sys   [138904]
[MD5.031CA1819A3DB0273428B5880FF2ED37] [SPRF][20/01/2012] (...) -- C:\Users\Baptiste\AppData\Roaming\wklnhst.dat   [138]
[MD5.809B9E5A11370873E7BE81B66E5B7924] [SPRF][07/11/2014] (.Hewlett-Packard - Pas de description.) -- C:\Users\Baptiste\Desktop\sp43932.exe   [27529328]
[MD5.129BAC813708B5C9269B33DCED401BEE] [SPRF][14/12/2014] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\Baptiste\Desktop\ZHPDiag2.exe   [6867254]
[MD5.58AE9C7AF536B70B68099448A29657DA] [SPRF][10/02/2010] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll   [113888]
[MD5.40F1C0C36B6413E57E1FECA4E12159CC] [SPRF][16/02/2010] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll   [116040]
~ Files: 6 Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "25946514D214736534007A857BC0A030" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-4300-A758B70C0A03}\ToolbarIcon.exe  =>Toolbar.Avira
~ Update Products: 1 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D9FA3671832A6780A693151382D777B9] [WIS][13/05/2014] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\25e99a.msi   [809472]  =>Toolbar.Avira
[MD5.5BDA0B476CF166E8EEE8CF0DED2E983F] [WIS][08/05/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\3f92dcc0.msi   [444416]  =>Adware.IncrediBar
~ WIS: 2 Scanned in 00mn 07s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7}] (Avira SearchFree Toolbar)  =>Toolbar.Avira
~ BCK: 7853 Scanned in 00mn 15s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Baptiste at 14/12/2014 22:33:24
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll acpi.sys ataport.SYS PCIIDEX.SYS msahci.sys 
C:\Windows\system32\DRIVERS\hpdskflt.sys Hewlett-Packard Company Mobile Data Protection System
1 ntkrnlpa!IofCallDriver[0x822FA20F] >> \Device\Harddisk0\DR0[0x85CF8AC8]
3 CLASSPNP[0x805CD745] >> ntkrnlpa!IofCallDriver[0x822FA20F] >> [0x85CF8020]
5 hpdskflt[0x8B5E0F92] >> ntkrnlpa!IofCallDriver[0x822FA20F] >> [0x85AD38B0]
7 acpi[0x806956A0] >> ntkrnlpa!IofCallDriver[0x822FA20F] >> \Device\Ide\IdeDeviceP0T0L0-0[0x85AF08A8]
kernel: MBR read successfully
user & kernel MBR OK 
~ MBR: 15 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Baptiste at 14/12/2014 22:33:26
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite  =>.DT Soft Ltd
~ Emulateurs:  Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (13/12/2014)
Clés trouvées (Keys found) : 14
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 9
Fichiers trouvés  (Files found) : 3

[HKLM\Software\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm]   =>Toolbar.Avira^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{41564952-412D-5637-4300-A758B70C0A03}]   =>Toolbar.Avira^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2A302E7-8FA4-4585-AB7F-12C4DEBC0D32}]   =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{e72594bd-da28-4714-ad28-02284b7615ae}]   =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PCSpeedUp]   =>Rogue.PCSpeedUp^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]   =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]   =>Adware.Agent
[HKLM\Software\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]   =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]   =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}]   =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\esrv.EXE]   =>PUP.Babylon
[HKCU\Software\AskPartnerNetwork]   =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork]   =>Toolbar.Ask
C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm   =>Toolbar.Avira^
C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\extensions\{d8649812-4f8e-e759-832e-48225392a89c}   =>Hijacker.SmartBar^
C:\Program Files\AskPartnerNetwork   =>Toolbar.AskBar^
C:\Program Files\LPT   =>Adware.Incredibar^
C:\ProgramData\AskPartnerNetwork   =>Toolbar.AskBar^
C:\ProgramData\InstallMate   =>PUP.Tarma^
C:\ProgramData\Software   =>Adware.Boxore^
C:\Users\Baptiste\AppData\Local\AskPartnerNetwork   =>Toolbar.AskBar^
C:\Users\Baptiste\AppData\Local\Software   =>Adware.Boxore
C:\Windows\Installer\25e99a.msi   =>Toolbar.Avira^
C:\Windows\Installer\3f92dcc0.msi   =>Adware.IncrediBar^
[HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7}] (Avira SearchFree Toolbar)   =>Toolbar.Avira^
~ Additionnel Scan: 670470 Items scanned in 00mn 32s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g0-page-de-demarrage-google-chrome/  =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/g2-google-chrome-extensions/  =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/  =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/  =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 7 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/hijacker-smartbar  =>Hijacker.SmartBar
http://www.nicolascoolman.fr/blog/  =>Toolbar.AskBar
http://nicolascoolman.fr/adware-incredibar  =>Adware.Incredibar
http://nicolascoolman.fr/pup-tarma  =>PUP.Tarma
http://nicolascoolman.fr/adware-boxore  =>Adware.Boxore
http://nicolascoolman.fr/rogue-pcspeedup  =>Rogue.PCSpeedUp
http://www.nicolascoolman.fr/blog/  =>Adware.Agent
http://www.nicolascoolman.fr/blog/  =>Toolbar.Agent
http://nicolascoolman.fr/pup-babylon  =>PUP.Babylon
http://nicolascoolman.fr/toolbar-ask  =>Toolbar.Ask
~ MSI: 10 link(s) detected in 00mn 00s



End of the scan (1911 lines in 07mn 19s)(0)