cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.8.23.124 By Nicolas Coolman (2015/08/23)
~ Run by Emilien (Administrator) (2015/12/03 07:53:50)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Emilien\Desktop\ZHPDiag.txt
~ Report: C:\Users\Emilien\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 32-bit (Build 7600)

---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v47.0.2526.73
MFIE: Mozilla Firefox 35.0.1 (x86 fr) v35.0.1
MSIE: Internet Explorer v8.0.7600.16385

---\\ Windows Product Information (4) - 34s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ System protection software (2) - 2s
Avast Free Antivirus v11.1.2241
Windows Defender W7 (Activate)

---\\ System optimization software (1) - 3s
CCleaner v5.11

---\\ Surveillance software (2) - 3s
Adobe Flash Player 19 NPAPI
Adobe Reader XI - Français

---\\ Sharing software PeerToPeer (2) - 3s
eMule
µTorrent v3.1.3

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3133.952 MB (44% free)
~ System Restore: Activé (Enable)
~ System drive C: has 38 GB free of 79 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: EMILIEN-PC2
~ User Name: Emilien
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 38 GB free of 79 GB (System)
~ Drive Z: has 240 GB free of 530 GB

---\\ State of the Windows Security Center (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (23) - 1s
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2614272]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.1DBC7303366C0C9B80E51C4B4BECB7ED] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [245328]

---\\ Process running (49) - 7s
[MD5.EB3CD3CDE7B9EBE0D46458F466801A73] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 189.8.) -- C:\Windows\System32\nvvsvc.exe [219752] [PID.996]
[MD5.EB3CD3CDE7B9EBE0D46458F466801A73] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 189.8.) -- C:\Windows\System32\nvvsvc.exe [219752] [PID.1508]
[MD5.199D3FA1AF32FCE46A38E8EB64FFF520] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416] [PID.1952]
[MD5.45586DC24ACF54EBB7D0D494653942E9] - (.Acronis - Acronis Scheduler 2.) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288] [PID.1664]
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1576]
[MD5.2F2BD5EFFA8E91295F4DB493D85534B5] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.1684]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.852]
[MD5.1778EBA872274C1226D869CD9486847E] - (.InterVideo Inc. - Capture Device Service.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168] [PID.1928]
[MD5.85A6662B5F12B84D599A74119F04B381] - (.Kenonic Controls Ltd. - CrypKey NT Service.) -- C:\Windows\System32\Crypserv.exe [52224] [PID.1948]
[MD5.55F6F3E0DF82E0113082852347BF2C16] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files\Launch Manager\dsiwmis.exe [325200] [PID.748]
[MD5.0796C1E47ADB9825269E64B9DAB4E741] - (.Teruten - FsUsbDevice.) -- C:\Windows\System32\FsUsbExService.Exe [233472] [PID.2112]
[MD5.10DBAA1703253FB511D0F5C5F6064B00] - (.France Telecom SA - .) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [77824] [PID.2136]
[MD5.7485FBCEF9136F530953575E2977859D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE [268824] [PID.2912]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [360224] [PID.2960]
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.3068]
[MD5.C9B9373A0A430C11F0213E359D0772B2] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2848168] [PID.3136]
[MD5.800E8F1DC5F6A200B6DFCA2B3C21365E] - (...) -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [493200] [PID.3188]
[MD5.AFF18EF97532D04BA7ADB00B8C13C007] - (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\TSIRCSRV.exe [102400] [PID.3248]
[MD5.DCB892A9DCB166FA2B6AF74C3A0E21AC] - (.Copyright © 2013 - TBear.Maintenance.) -- C:\Program Files\TunnelBear\TBear.Maintenance.exe [35264] [PID.3268]
[MD5.5E7C103F8475C4289847D15E129C20F7] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713904] [PID.3320]
[MD5.DAF0C7D1F4E9B057C8151D0B92A6BDA5] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [194304] [PID.3460]
[MD5.2F722690B624C9AD160EDC24DCA880DF] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376] [PID.2328]
[MD5.0B1E2A37AAB87034314D8014F23221B2] - (.Vimicro - Vimicro.) -- C:\Windows\vmsnap3.exe [49152] [PID.2204]
[MD5.2EA68E33DFF41A10F1BAB15FC3A28076] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616] [PID.3912]
[MD5.AEB950D128BC96D1E736F55A458FA0A7] - (.VoipBuster - Client to make VoIP calls..) -- C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe [23224928] [PID.3080]
[MD5.2C19AC2C2964699AAD0866927B164A3E] - (.Copyright Holiline 2012-2015 - Holiline Reminder.) -- C:\Program Files\Holiline\Holiline Reminder\holiline.exe [4275712] [PID.4300]
[MD5.5425B0E1A2FBEE08E5FE3F8A54FE487F] - (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632] [PID.5204]
[MD5.0D67D271267F3B8175A0D2CEC2FB0A41] - (.Thomas Ascher - ATnotes.) -- C:\Program Files\ATnotes\ATnotes.exe [1015808] [PID.5236]
[MD5.528C31AC57D7DC707DACD2F1EE28D4C6] - (.Copyright (C) 2003 - Ditto.) -- C:\Program Files\Ditto\Ditto.exe [831488] [PID.5284]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.5360]
[MD5.066EC2FC69960F66C424F47DB174EAC6] - (.THe UDS - InstantTimeZone - multiple world time zone.) -- C:\Program Files\InstantTimeZone\InstantTimeZone.exe [1733633] [PID.5448]
[MD5.78F7BB9F4924BE164294C59B8C3FC096] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [737616] [PID.5620]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [168960] [PID.6084]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.1748]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.5144]
[MD5.765F2DD351BA064F657751D8D75E58C0] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE [2320920] [PID.6008]
[MD5.0EBCD3C26F9584864A9C8337DABB0185] - (.Avast Software - AvastVirtualBox Interface.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4390776] [PID.7672]
[MD5.2BE214B5C2258B4CE9F7E767126B0A90] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [50509440] [PID.4060]
[MD5.5EBE396DB0ED20910A4C51E235539F9F] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [179024] [PID.5528]
[MD5.092CEE4669E5B335D644614DBE1294DD] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [127312] [PID.5712]
[MD5.C5F837D6C30A81B7352382B461684D8B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704] [PID.2820]
[MD5.C5F837D6C30A81B7352382B461684D8B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704] [PID.4864]
[MD5.C5F837D6C30A81B7352382B461684D8B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704] [PID.6764]
[MD5.C5F837D6C30A81B7352382B461684D8B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704] [PID.7740]
[MD5.C5F837D6C30A81B7352382B461684D8B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704] [PID.6608]
[MD5.C5F837D6C30A81B7352382B461684D8B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704] [PID.7896]
[MD5.547D533A69FB1699D2182041646A9278] - (.EJIE Technology - Clover.) -- C:\Program Files\Clover\clover.exe [891392] [PID.4932]
[MD5.C5F837D6C30A81B7352382B461684D8B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704] [PID.6552]
[MD5.84867350CFF4C8551E5F5A3D355D8CB3] - (.Nicolas Coolman - ZHPDiag.) -- Z:\Personal Documents\Aa EMILIEN\Telechargements\ZHPDiag3.exe [1901056] [PID.7944]

---\\ Google Chrome, Start,Search,Extensions (5) - 0s
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [mblmlcbknbnfebdfjnolmcapmdofhmme] __MSG_themeName__
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (19) - 2s
M0 - MFSP: prefs.js [Emilien - moa3n8yx.default] http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggReAoPUA9IRBgad1gJTA0SEQ0OIVteABRAQAZCIgwNWVhBQwQFIk0FA18DB0VXfWFoKB8fHHFRIV5XD3sDQFtAKA==
P2 - EXT FILE: (...) -- C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\moa3n8yx.default\extensions\{cba1be0d-f6d3-4548-bccd-fb56885b460e}.xpi
P2 - EXT FILE: (...) -- C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\moa3n8yx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\moa3n8yx.default\searchplugins\default.xml
P2 - EXT FILE: (...) -- C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\moa3n8yx.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_19_0_0_245.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

---\\ Internet Explorer Extensions, Start, Search (12) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr-mg42.mail.yahoo.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (3) - 3s
0
0

~ Nombre lignes détournées 0

84520 (Hosts file redirected)

---\\ Browser Helper Object (BHO) (10) - 1s
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: TabExplorerHelper - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} . (.EJIE Technology - Clover Tab Explorer Helper.) -- C:\Program Files\Clover\TabHelper32.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

---\\ Internet Explorer Toolbars (1) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)

---\\ Auto loading programs from Registry and folders (23) - 0s
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [VMSnap3] . (.Vimicro - Vimicro.) -- C:\Windows\vmsnap3.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [VoipBuster] . (.VoipBuster - Client to make VoIP calls..) -- C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
O4 - HKCU\..\Run: [*LABAL*] (Orphean)
O4 - HKCU\..\Run: [Holiline Reminder] . (.Copyright Holiline 2012-2015 - Holiline Reminder.) -- C:\Program Files\Holiline\Holiline Reminder\holiline.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKCU\..\Run: [KiesPDLR.exe] . (.Samsung - .) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_ED9D41CED56E02B3B2AC6FC8764019AD] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [VoipBuster] . (.VoipBuster - Client to make VoIP calls..) -- C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [*LABAL*] (Orphean)
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [Holiline Reminder] . (.Copyright Holiline 2012-2015 - Holiline Reminder.) -- C:\Program Files\Holiline\Holiline Reminder\holiline.exe
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [KiesPDLR.exe] . (.Samsung - .) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-1527468150-2506527094-3101465068-1000\..\Run: [GoogleChromeAutoLaunch_ED9D41CED56E02B3B2AC6FC8764019AD] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

---\\ Global shortcuts Startup (6) - 7s
O4 - GS\Desktop [Administrator]: Elite Unzip.lnk . (.Mindspark Interactive Network, Inc. - Elite Unzip.) C:\Program Files\EliteUnzip\EliteUnzip.exe =>PUP.Optional.MyWebSearch
O4 - GS\Quicklaunch [Administrator]: Launch WhiteSmokeTranslator.lnk . (...) C:\Program Files\WhiteSmokeTranslator\WSTrayDictMode.exe =>PUP.Optional.WhiteSmoke
O4 - GS\Desktop [Emilien]: Elite Unzip.lnk . (.Mindspark Interactive Network, Inc. - Elite Unzip.) C:\Program Files\EliteUnzip\EliteUnzip.exe =>PUP.Optional.MyWebSearch
O4 - GS\Quicklaunch [Emilien]: Launch WhiteSmokeTranslator.lnk . (...) C:\Program Files\WhiteSmokeTranslator\WSTrayDictMode.exe =>PUP.Optional.WhiteSmoke
O4 - GS\Desktop [Guest]: Elite Unzip.lnk . (.Mindspark Interactive Network, Inc. - Elite Unzip.) C:\Program Files\EliteUnzip\EliteUnzip.exe =>PUP.Optional.MyWebSearch
O4 - GS\Quicklaunch [Guest]: Launch WhiteSmokeTranslator.lnk . (...) C:\Program Files\WhiteSmokeTranslator\WSTrayDictMode.exe =>PUP.Optional.WhiteSmoke

---\\ Lop.com/Domain Hijackers (9) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.18.11.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.18.11.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 172.18.11.1

---\\ Extra protocols (27) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} . (.Microsoft Corporation - Microsoft SharePoint Portal Server Object M.) -- C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype4COM.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - AppInit_DLLs: . (.Adobe Systems, Inc. - 3D Capture.) - C:\Windows\System32\acaptuser32.dll

---\\ Non Microsoft non disabled Windows Services (21) - 2s
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service (Capture Device Service) . (.InterVideo Inc. - Capture Device Service.) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\System32\FsUsbExService.Exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - .) - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HOSTS Anti-PUPs (HOSTS Anti-PUPs) . (. - HOSTS Anti-PUPs/Adwares.) - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 189.8.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) . (...) - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TSI Remote Control Service (TSIRCSRV) . (.LapLink, Inc. - Remote Control Component.) - C:\Windows\System32\TSIRCSRV.exe
O23 - Service: TunnelBear Maintenance (TunnelBearMaintenance) . (.Copyright © 2013 - TBear.Maintenance.) - C:\Program Files\TunnelBear\TBear.Maintenance.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE

---\\ BootExecute (BEX) (1) - 0s
O34 - HKLM BootExecute: (sdnclean.exe)

---\\ Task Planned Automatically (61) - 7s
[MD5.280A526E8111AC6A5BCC1A059E1E0340] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269000]
[MD5.6E125A3FB6F411DC8EF64BCF5DB59EDD] [APT] [Alarm] (.Unknown Artist.) -- Z:\Personal Documents\Musique\Musique Kia\My Life.mp3 [3642130]
[MD5.8A6D1C082176864414E85ACF6696331D] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1510320]
[MD5.E49FD011745BFC5621C586CCD07FF81E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6564776]
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200]
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{25A8200C-F723-411E-A253-878CEDE6BFFC}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{356E1573-3392-4CB9-824F-BB3CF9B174B6}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{36DA5CA9-68D2-42E1-AE7B-62A79134E1DF}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{4D19C133-4FC9-4357-8BE5-2AE1E5860684}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{4F831090-0DC3-4FF0-BAA4-34E5C820472F}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{703ADA2A-D681-4A0A-BCEE-04FA8428C8EE}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{75051C0C-6833-434D-B9DF-3864676E85FC}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{7FB5F9DF-7CE2-4596-ACD7-6B523F3DB7C6}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{8D0E65D6-3B8A-4750-A32E-479FBD820606}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{9755EDB4-02A6-4FAC-ABB1-58ED7F727BDC}] (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{B0D495BE-3A86-4CFB-92B6-B854A7A842CD}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.2BE214B5C2258B4CE9F7E767126B0A90] [APT] [{E67A8F68-4870-4B13-BE1B-6A1462E561AC}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [50509440]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{F3601450-24F8-43C0-A0C0-EC018256FC8B}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{F878EE8E-67F0-4661-929E-D5A34283E67F}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
[MD5.C5F837D6C30A81B7352382B461684D8B] [APT] [{FB06E8B4-D7D1-4685-A940-F48765105749}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [741704]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [882] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [886] =>.Google Inc.
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated
O39 - APT: Alarm - (.Unknown Artist.) -- C:\Windows\System32\Tasks\Alarm [3484] =>.Unknown Artist
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [3924] =>.AVAST Software
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2776] =>.Piriform Ltd
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3630] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3882] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\TTTT [2848]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{019F2300-8A51-4B70-908E-3004C12C46A2} [3080]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{0E5B523A-8DA5-4704-B061-80CF8A2B81BA} [3174]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{121A1A69-29CF-4753-9CB9-168D9B374E06} [3280]
O39 - APT: {25A8200C-F723-411E-A253-878CEDE6BFFC} - (.Google Inc..) -- C:\Windows\System32\Tasks\{25A8200C-F723-411E-A253-878CEDE6BFFC} [3094] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{34A80BD5-2744-4B75-BBC2-6A1471EED433} [3648]
O39 - APT: {356E1573-3392-4CB9-824F-BB3CF9B174B6} - (.Google Inc..) -- C:\Windows\System32\Tasks\{356E1573-3392-4CB9-824F-BB3CF9B174B6} [3162] =>.Google Inc.
O39 - APT: {36DA5CA9-68D2-42E1-AE7B-62A79134E1DF} - (.Google Inc..) -- C:\Windows\System32\Tasks\{36DA5CA9-68D2-42E1-AE7B-62A79134E1DF} [3148] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{38D0D7AD-03C6-427F-929B-413DE391E16F} [3132]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{4966CCCA-7D03-4C8C-B068-9A66BF7ECCB3} [3138]
O39 - APT: {4D19C133-4FC9-4357-8BE5-2AE1E5860684} - (.Google Inc..) -- C:\Windows\System32\Tasks\{4D19C133-4FC9-4357-8BE5-2AE1E5860684} [3148] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{4EE49669-5CB2-4FF7-BA26-BF0B3C826482} [3132]
O39 - APT: {4F831090-0DC3-4FF0-BAA4-34E5C820472F} - (.Google Inc..) -- C:\Windows\System32\Tasks\{4F831090-0DC3-4FF0-BAA4-34E5C820472F} [3100] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{6F451AE3-4EDA-4FA6-8A98-CCDD0C1F727A} [3080]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{6F6F30CC-F000-40A4-86B1-8EBD1AB9D448} [3278]
O39 - APT: {703ADA2A-D681-4A0A-BCEE-04FA8428C8EE} - (.Google Inc..) -- C:\Windows\System32\Tasks\{703ADA2A-D681-4A0A-BCEE-04FA8428C8EE} [3152] =>.Google Inc.
O39 - APT: {75051C0C-6833-434D-B9DF-3864676E85FC} - (.Google Inc..) -- C:\Windows\System32\Tasks\{75051C0C-6833-434D-B9DF-3864676E85FC} [3100] =>.Google Inc.
O39 - APT: {7FB5F9DF-7CE2-4596-ACD7-6B523F3DB7C6} - (.Google Inc..) -- C:\Windows\System32\Tasks\{7FB5F9DF-7CE2-4596-ACD7-6B523F3DB7C6} [3100] =>.Google Inc.
O39 - APT: {8D0E65D6-3B8A-4750-A32E-479FBD820606} - (.Google Inc..) -- C:\Windows\System32\Tasks\{8D0E65D6-3B8A-4750-A32E-479FBD820606} [3100] =>.Google Inc.
O39 - APT: {9755EDB4-02A6-4FAC-ABB1-58ED7F727BDC} - (.Google Inc..) -- C:\Windows\System32\Tasks\{9755EDB4-02A6-4FAC-ABB1-58ED7F727BDC} [3078] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{A8AB3774-B102-4B12-B1BE-A204E2BE8B66} [3040]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{AD759EDD-8377-4AEF-AFDA-F4F67A6617AA} [3080]
O39 - APT: {B0D495BE-3A86-4CFB-92B6-B854A7A842CD} - (.Google Inc..) -- C:\Windows\System32\Tasks\{B0D495BE-3A86-4CFB-92B6-B854A7A842CD} [3094] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{D2A02D4D-BE4F-4BA4-B646-FB485E893E5E} [3288]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{D561DB5B-3BB7-43EA-9599-7B454914D8B8} [3164]
O39 - APT: {E67A8F68-4870-4B13-BE1B-6A1462E561AC} - (.Skype Technologies S.A..) -- C:\Windows\System32\Tasks\{E67A8F68-4870-4B13-BE1B-6A1462E561AC} [2854] =>.Skype Technologies S.A.
O39 - APT: {F3601450-24F8-43C0-A0C0-EC018256FC8B} - (.Google Inc..) -- C:\Windows\System32\Tasks\{F3601450-24F8-43C0-A0C0-EC018256FC8B} [3094] =>.Google Inc.
O39 - APT: {F878EE8E-67F0-4661-929E-D5A34283E67F} - (.Google Inc..) -- C:\Windows\System32\Tasks\{F878EE8E-67F0-4661-929E-D5A34283E67F} [3094] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{F983BC62-6BEC-4733-A505-9A80A5B5A00D} [3080]
O39 - APT: {FB06E8B4-D7D1-4685-A940-F48765105749} - (.Google Inc..) -- C:\Windows\System32\Tasks\{FB06E8B4-D7D1-4685-A940-F48765105749} [3100] =>.Google Inc.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{FFACDB71-2301-42ED-B5EB-561DC6D56C48} [3142]

---\\ Software installed (140) - 16s
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0 - (.Nokia.) [HKLM] -- 17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382
O42 - Logiciel: Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM] -- 72A50F48CC5601190B9C4E74D81161693133E7F7
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Agent Ransack Version 1.7.3 - (...) [HKLM] -- Agent Ransack_is1
O42 - Logiciel: ATnotes Version 9.5 - (.Thomas Ascher.) [HKLM] -- ATnotes_is1
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: AVS Video Converter 6 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 6_is1
O42 - Logiciel: Bibliorom - (...) [HKLM] -- Bookshelf96F
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter
O42 - Logiciel: Card Detector for Huawei E1752 and E1552 - (...) [HKLM] -- CardDetectorHUAWEI1752_1552
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Clover 3.0 - (.EJIE Technology.) [HKLM] -- Clover
O42 - Logiciel: Ditto 3.17.0.17 - (.Scott Brogden.) [HKLM] -- Ditto_is1
O42 - Logiciel: E-Calc (Supprimer uniquement) - (...) [HKLM] -- E-Calc
O42 - Logiciel: Windows Driver Package - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM] -- E0AC723A3DE3A04256288CADBBB011B112AED454
O42 - Logiciel: Elite Unzip - (.Mindspark Interactive Network.) [HKLM] -- Elite Unzip =>PUP.Optional.MyWebSearch
O42 - Logiciel: eMule - (...) [HKLM] -- eMule
O42 - Logiciel: FastStone Capture 5.3 (French) - (.FastStone Soft.) [HKLM] -- FastStone Capture
O42 - Logiciel: FastStone Image Viewer 4.6 - (.FastStone Soft.) [HKLM] -- FastStone Image Viewer
O42 - Logiciel: FastStone Photo Resizer 3.3 - (.FastStone Soft..) [HKLM] -- FastStone Photo Resizer
O42 - Logiciel: FileZilla Client 3.8.0 - (.Tim Kosse.) [HKLM] -- FileZilla Client
O42 - Logiciel: Free Mp3 Wma Converter V 2.2 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- Free PDF to Word Doc Converter_is1
O42 - Logiciel: Free WebM Video Converter version 5.0.61.805 - (.DVDVideoSoft Ltd..) [HKLM] -- Free WebM Video Converter_is1
O42 - Logiciel: FreeFileSync v3.7 - (...) [HKLM] -- FreeFileSync
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Holiline Reminder 3.3.0 - (...) [HKLM] -- Holiline Reminder
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: iColorFolder - (...) [HKLM] -- iColorFolder
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: C-Map PCMCIA and USB drivers - (.C-Map.) [HKLM] -- InstallShield_{98C61F22-8B4F-416E-A4BF-54FCC10509E0}
O42 - Logiciel: Ulead VideoStudio 11 - (.InterVideo Digital Technology Corporation.) [HKLM] -- InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}
O42 - Logiciel: InstantTimeZone - (...) [HKLM] -- InstantTimeZone
O42 - Logiciel: Les Chemins de la Lecture CP-CE1 - (...) [HKLM] -- IRJ2w32.exe
O42 - Logiciel: Java 2 Runtime Environment Standard Edition v1.3.1_02 - (...) [HKLM] -- JRE 1.3.1_02
O42 - Logiciel: JumpStart Math for Second Graders v1.3 - (...) [HKLM] -- JS2GM_1.3
O42 - Logiciel: Kelly Club(TM) CD-ROM - (...) [HKLM] -- Kelly Club(TM) CD-ROM
O42 - Logiciel: Coup de Pouce Maternelle 3 v1.0 - (...) [HKLM] -- KG_1.0
O42 - Logiciel: Lapin Malin CE1 + Atelier de dessins & de musique - (...) [HKLM] -- Lapin Malin CE1 + Atelier de dessins & de musique
O42 - Logiciel: LapLink Gold - (...) [HKLM] -- LapLink 2000
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM] -- LManager
O42 - Logiciel: Map Merge utility - (...) [HKLM] -- Map Merge Utility for OziExplorer_is1
O42 - Logiciel: MediaCoder 0.6.2 - (.Stanley Huang.) [HKLM] -- MediaCoder
O42 - Logiciel: Elite Unzip - (.Mindspark Interactive Network.) [HKLM] -- Mindspark Elite Unzip =>PUP.Optional.MyWebSearch
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail Ltd..) [HKLM] -- Photo Notifier and Animation Creator
O42 - Logiciel: Portrait Professional Studio 9.0 - (.Anthropics Technology Ltd..) [HKLM] -- Portrait Professional Studio 9_is1
O42 - Logiciel: PrimoPDF - (.activePDF.) [HKLM] -- PrimoPDF2.0
O42 - Logiciel: Sentinel System Driver - (...) [HKLM] -- Rainbow Sentinel Driver
O42 - Logiciel: Lapin Malin Maternelle 2 - (...) [HKLM] -- rrpw32.exe
O42 - Logiciel: SequoiaView - (...) [HKLM] -- SequoiaView
O42 - Logiciel: SHAREit - (.Lenovo Group Limited.) [HKLM] -- SHAREit_is1
O42 - Logiciel: Les noms de famille de France - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: TeamViewer 7 - (.TeamViewer.) [HKLM] -- TeamViewer 7
O42 - Logiciel: NCH Toolbox - (.NCH Software.) [HKLM] -- ToolBox
O42 - Logiciel: TrueCrypt - (.TrueCrypt Foundation.) [HKLM] -- TrueCrypt
O42 - Logiciel: Ultra MKV Converter 3.2.0610 - (.Aone Software.) [HKLM] -- Ultra MKV Converter_is1
O42 - Logiciel: UltraISO Premium V8.63 - (...) [HKLM] -- UltraISO_is1
O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker
O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent
O42 - Logiciel: Virtual DJ Pro Full - Atomix Productions - (...) [HKLM] -- Virtual DJ Pro Full - Atomix Productions
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VoipBuster - (.Finarea S.A. Switzerland.) [HKLM] -- VoipBuster_is1
O42 - Logiciel: Microsoft Expression Web - (.Microsoft Corporation.) [HKLM] -- WebDesigner
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp
O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] -- WinPcapInst
O42 - Logiciel: WinX YouTube Downloader 4.0.1 - (.Digiarty Software, Inc..) [HKLM] -- WinX YouTube Downloader_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {025E78AC-BD91-4E9E-B165-3C09D4084BA4}
O42 - Logiciel: Je chante et je joue avec Lapin Malin - (...) [HKLM] -- {075429DA-47AF-43F1-B889-91BAD1942442}
O42 - Logiciel: FotoMix version 8.7.2 - (.Digital Photo Software.) [HKLM] -- {10A0255E-0B73-4397-AB4E-E3667EDA70E4}_is1
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {1C3D2F92-D25E-4D98-B810-3F3B0857BF26}
O42 - Logiciel: Wondershare MobileGo for Android ( Version 4.3.0 ) - (.Wondershare.) [HKLM] -- {1E04C795-7359-4E05-8A0E-5644F777AA08}_is1
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {29373274-977E-413C-A4DE-DC0F8E80C429}
O42 - Logiciel: DHTML Editing Component - (.Microsoft.) [HKLM] -- {2EA870FA-585F-4187-903D-CB9FFD21E2E0}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: LG Android Driver - (.LG Electronics.) [HKLM] -- {4E4F8163-9889-4BAB-B2E7-DBAAE248C1EB}
O42 - Logiciel: CorelDRAW Graphics Suite 12 - (.Corel Corporation.) [HKLM] -- {505AFDC0-5E72-4928-8368-5DEA385E3647}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: InterVideo DeviceService - (.InterVideo.) [HKLM] -- {521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: Conjugaison - (...) [HKLM] -- {5F82B545-AE13-45ED-A8A2-67E56F3165BC}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Skype™ 7.15 - (.Skype Technologies S.A..) [HKLM] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19}
O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: TunnelBear - (.TunnelBear.) [HKLM] -- {6EAC2C14-B6A2-412E-9EFB-733501AEC428}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM] -- {7FE25256-B7C1-480D-B736-10A67A833AEA}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {817750FA-EC6A-485D-9901-0683AE6FFDF1}
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- {866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: TunnelBear - (.TunnelBear.) [HKLM] -- {8f67e3e6-0ad7-4b14-af73-1db4b6990d69}
O42 - Logiciel: Microsoft Expression Web - (.Microsoft Corporation.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Expression Web MUI (English) - (.Microsoft Corporation.) [HKLM] -- {90120000-0026-0409-0000-0000000FF1CE}
O42 - Logiciel: Classic Menu for Office 2010 and 2013 - (.Detong Technology Ltd..) [HKLM] -- {90710DE9-45E4-4F31-AA8F-86A4C96FA386}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
O42 - Logiciel: Classic Menu for Office Enterprise 2010 and 2013 v5.85 - (.Addintools.) [HKLM] -- {9A7CEBDF-37E2-4B63-A384-2A9FD5CE0A80}_is1
O42 - Logiciel: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}
O42 - Logiciel: Adobe Reader XI - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: G-Cube Notebook Web Camera - (...) [HKLM] -- {ADE16A9D-FBDC-4ecc-B6BD-9C31E51D303B}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
O42 - Logiciel: Internet Everywhere - (...) [HKLM] -- {BEWINTERNET-FR-DMGP-V2}.UninstallSuite
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}
O42 - Logiciel: G-Cube Notebook Web Camera - (.A4.) [HKLM] -- {CE3B8E96-B0AF-4871-9178-1519B58E3A93}
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Acronis True Image Home - (.Acronis.) [HKLM] -- {E5343B27-55DF-40BD-9FCF-A643C1331E8A}
O42 - Logiciel: PDF to Word - (.Quick PDF.) [HKLM] -- {E6CBC979-E613-49E6-A37B-3C342DE35235}_is1
O42 - Logiciel: HP Deskjet All-In-One Driver Software 13.0 Rel. 1 - (.HP.) [HKLM] -- {EB773820-0871-46A8-9B96-F2B04F8B34F0}
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: PL-2303 Vista Driver Installer - (.Prolific.) [HKLM] -- {EEC010D0-1252-4E1D-BAD9-F1B8F414535C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}
O42 - Logiciel: Lapin Malin Initiation à l'anglais Maternelle - (...) [HKLM] -- {FECF47C9-E521-420B-8186-70441FE7D69E}
O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKCU] -- BitTorrent
O42 - Logiciel: Chromium - (.Chromium.) [HKCU] -- Chromium
O42 - Logiciel: MyFreeCodec - (...) [HKCU] -- MyFreeCodec
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU] -- PhotoFiltre 7

---\\ HKCU & HKLM Software Keys (250) - 16s
HKLM\SOFTWARE\A4
HKLM\SOFTWARE\ACD Systems
HKLM\SOFTWARE\Acronis
HKLM\SOFTWARE\activePDF
HKLM\SOFTWARE\AddinTools
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\AFPL Ghostscript
HKLM\SOFTWARE\Agent_EXE
HKLM\SOFTWARE\Ahead
HKLM\SOFTWARE\America Online
HKLM\SOFTWARE\Anthropics
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ArcticLine
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\Audible
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\AVS4YOU
HKLM\SOFTWARE\Axaware
HKLM\SOFTWARE\BcmSetup
HKLM\SOFTWARE\Bunndle
HKLM\SOFTWARE\C-Map
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\CDDC
HKLM\SOFTWARE\Corel
HKLM\SOFTWARE\Cygwin
HKLM\SOFTWARE\Dritek
HKLM\SOFTWARE\DVDVideoSoft
HKLM\SOFTWARE\Earth Resource Mapping
HKLM\SOFTWARE\EasyBoot Systems
HKLM\SOFTWARE\EBP
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\FileZilla 3
HKLM\SOFTWARE\FileZilla Client
HKLM\SOFTWARE\Firetrust
HKLM\SOFTWARE\FRANCE TELECOM
HKLM\SOFTWARE\FreeFileSync
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\I&M
HKLM\SOFTWARE\iColorFolder
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\IZSoftware
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\Knowledge Adventure
HKLM\SOFTWARE\Knowledge Adventure et Edusoft
HKLM\SOFTWARE\Kodak
HKLM\SOFTWARE\LapLink
HKLM\SOFTWARE\Lenovo
HKLM\SOFTWARE\LG Electronics
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Logitech
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Macrovision
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MaxPower
HKLM\SOFTWARE\MAXSOFT-OCRON
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\MimarSinan
HKLM\SOFTWARE\Mindscape
HKLM\SOFTWARE\Mindspark
HKLM\SOFTWARE\Mio
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Myfree Codec
HKLM\SOFTWARE\Mythicsoft
HKLM\SOFTWARE\NCH Software
HKLM\SOFTWARE\NCH Swift Sound
HKLM\SOFTWARE\ND
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\Netscape
HKLM\SOFTWARE\Nokia
HKLM\SOFTWARE\Nullsoft
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OldTimer Tools
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\PC Connectivity Solution
HKLM\SOFTWARE\PCSuite
HKLM\SOFTWARE\Pervasive Software
HKLM\SOFTWARE\Photo Notifier and Animation Creator
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Prolific
HKLM\SOFTWARE\Prolific Technology INC
HKLM\SOFTWARE\RAINBOW TECHNOLOGIES
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Revenger inc.
HKLM\SOFTWARE\Rokario
HKLM\SOFTWARE\Safer Networking Limited
HKLM\SOFTWARE\SAMSUNG
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SOFTWARE
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Sony Corporation
HKLM\SOFTWARE\SRS Labs
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\The Learning Company
HKLM\SOFTWARE\The Silicon Realms Toolworks
HKLM\SOFTWARE\TLC-Edusoft
HKLM\SOFTWARE\Traveling Software
HKLM\SOFTWARE\TrendMicro
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\TunnelBear
HKLM\SOFTWARE\Ulead Systems
HKLM\SOFTWARE\VDownloader
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\VirtualDJ
HKLM\SOFTWARE\Vivendi Universal
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\Waves Audio
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\Wondershare
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Xi
HKLM\SOFTWARE\Yahoo
HKLM\SOFTWARE\ZSMC
HKCU\SOFTWARE\#title
HKCU\SOFTWARE\ACD Systems
HKCU\SOFTWARE\Acronis
HKCU\SOFTWARE\AddinTools
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Agent_EXE
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\Anthropics
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Ascher
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\Axaware
HKCU\SOFTWARE\Bandwidth Monitor
HKCU\SOFTWARE\Binary Fortress Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Bsd Concept
HKCU\SOFTWARE\Bugsplat
HKCU\SOFTWARE\Canneverbe Limited
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Clover
HKCU\SOFTWARE\Convar
HKCU\SOFTWARE\Corel
HKCU\SOFTWARE\Cygwin
HKCU\SOFTWARE\Digital Photo Software
HKCU\SOFTWARE\Digital River
HKCU\SOFTWARE\Ditto
HKCU\SOFTWARE\Dr. Regener
HKCU\SOFTWARE\Dritek
HKCU\SOFTWARE\DVDVideoSoft
HKCU\SOFTWARE\Earth Resource Mapping
HKCU\SOFTWARE\EasyBits
HKCU\SOFTWARE\EasyBoot Systems
HKCU\SOFTWARE\eMule
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Firetrust
HKCU\SOFTWARE\FLEXnet
HKCU\SOFTWARE\FreeAudioVideo
HKCU\SOFTWARE\Gladinet
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GPSur
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\Holiline
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\IncrediMail
HKCU\SOFTWARE\Informatique & Mer
HKCU\SOFTWARE\InstallShield
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\InterVideo
HKCU\SOFTWARE\KinKo
HKCU\SOFTWARE\LapLink
HKCU\SOFTWARE\Le Généalogiste Deluxe 2008
HKCU\SOFTWARE\Lenovo
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Ligos
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Micro Application
HKCU\SOFTWARE\Mio
HKCU\SOFTWARE\mioreader
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Myfree Codec
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\NCH Swift Sound
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nokia
HKCU\SOFTWARE\Notepad2
HKCU\SOFTWARE\Nuance
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PC SOFT
HKCU\SOFTWARE\PhotoFiltre 7
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Revenger inc.
HKCU\SOFTWARE\Rokario
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\SequoiaView
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\TelekomatNET
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\THe UDS
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\TunnelBear
HKCU\SOFTWARE\Ulead
HKCU\SOFTWARE\Ulead Systems
HKCU\SOFTWARE\UtilKit
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VirtualDJ
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\VoipBuster
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\wincy
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\woohook
HKCU\SOFTWARE\Xi
HKCU\SOFTWARE\XunK Entertainment
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\Zyrax Software

---\\ Contents of the Common Files folders (501) - 23s
O43 - CFD: 2014/11/22 14:02:02 - [0] D -- C:\Program Files\360 =>PUP.Optional.Generic
O43 - CFD: 2013/03/21 03:24:50 - [] D -- C:\Program Files\@Last Software
O43 - CFD: 2011/11/23 09:15:44 - [] D -- C:\Program Files\Acronis
O43 - CFD: 2012/11/22 18:12:56 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/09/12 10:25:27 - [0] D -- C:\Program Files\adslTV
O43 - CFD: 2011/12/06 15:56:41 - [] D -- C:\Program Files\Apowersoft
O43 - CFD: 2015/05/05 06:01:25 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2012/06/09 10:24:34 - [] D -- C:\Program Files\ATnotes
O43 - CFD: 2015/04/24 06:32:50 - [] D -- C:\Program Files\AVAST Software
O43 - CFD: 2012/10/16 00:47:05 - [] D -- C:\Program Files\AVS4YOU
O43 - CFD: 2012/12/19 14:27:02 - [] D -- C:\Program Files\Axaware
O43 - CFD: 2014/05/03 18:34:21 - [] D -- C:\Program Files\BandwidthMonitor
O43 - CFD: 2013/03/30 01:11:57 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2011/11/12 21:59:27 - [] D -- C:\Program Files\Broadcom
O43 - CFD: 2012/02/06 09:30:16 - [] D -- C:\Program Files\BSD Concept
O43 - CFD: 2012/10/28 07:05:02 - [] D -- C:\Program Files\C-Map
O43 - CFD: 2012/10/04 13:34:22 - [] D -- C:\Program Files\CardDetector
O43 - CFD: 2015/07/29 14:06:36 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2011/11/13 07:22:02 - [] D -- C:\Program Files\CDDC-ECalc
O43 - CFD: 2011/11/12 22:00:23 - [] D -- C:\Program Files\Cisco
O43 - CFD: 2015/01/11 20:50:21 - [] D -- C:\Program Files\Classic Menu for Office
O43 - CFD: 2014/05/03 23:59:14 - [] D -- C:\Program Files\Clover
O43 - CFD: 2015/09/21 13:39:06 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/02/14 18:30:26 - [] D -- C:\Program Files\Conjugaison
O43 - CFD: 2011/11/23 19:30:51 - [] D -- C:\Program Files\Convar
O43 - CFD: 2011/11/17 06:07:11 - [] D -- C:\Program Files\Corel
O43 - CFD: 2014/11/14 12:43:34 - [] D -- C:\Program Files\Desktop Currency Converter
O43 - CFD: 2011/11/15 05:22:10 - [] D -- C:\Program Files\DIFX
O43 - CFD: 2015/06/06 17:56:04 - [] D -- C:\Program Files\Digiarty
O43 - CFD: 2011/12/03 14:58:57 - [] D -- C:\Program Files\Digital Photo Software
O43 - CFD: 2011/12/30 18:01:28 - [] D -- C:\Program Files\Ditto
O43 - CFD: 2009/07/14 08:50:29 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/08/15 06:51:48 - [] D -- C:\Program Files\DVDVideoSoft
O43 - CFD: 2011/12/12 19:12:43 - [] D -- C:\Program Files\EBP
O43 - CFD: 2015/08/06 11:41:36 - [] D -- C:\Program Files\EliteUnzip =>PUP.Optional.MyWebSearch
O43 - CFD: 2011/11/13 06:36:47 - [] D -- C:\Program Files\eMule
O43 - CFD: 2013/03/19 04:10:13 - [] D -- C:\Program Files\ESET
O43 - CFD: 2012/05/19 07:03:39 - [] D -- C:\Program Files\Eye On Network
O43 - CFD: 2011/11/13 12:17:49 - [] D -- C:\Program Files\FastStone Capture
O43 - CFD: 2012/08/24 02:41:42 - [] D -- C:\Program Files\FastStone Image Viewer
O43 - CFD: 2015/01/07 18:16:50 - [] D -- C:\Program Files\FastStone Photo Resizer
O43 - CFD: 2014/05/19 23:57:54 - [] D -- C:\Program Files\FileZilla FTP Client
O43 - CFD: 2012/12/17 14:48:58 - [] D -- C:\Program Files\Firetrust
O43 - CFD: 2012/11/01 08:22:02 - [] D -- C:\Program Files\Free mp3 Wma Converter
O43 - CFD: 2011/11/23 19:21:45 - [] D -- C:\Program Files\Free PDF to Word Doc Converter
O43 - CFD: 2012/11/10 04:00:40 - [] D -- C:\Program Files\FreeFileSync
O43 - CFD: 2015/07/29 11:09:03 - [] D -- C:\Program Files\Google
O43 - CFD: 2012/11/06 16:36:04 - [] D -- C:\Program Files\GPSoftware
O43 - CFD: 2015/06/10 14:13:53 - [] D -- C:\Program Files\Holiline
O43 - CFD: 2014/05/03 23:59:53 - [] D -- C:\Program Files\Hosts_Anti_Adwares_PUPs
O43 - CFD: 2015/04/09 05:48:34 - [] D -- C:\Program Files\HP
O43 - CFD: 2012/10/28 07:02:54 - [] D -- C:\Program Files\I&M
O43 - CFD: 2011/11/13 04:37:13 - [] D -- C:\Program Files\iColorFolder
O43 - CFD: 2012/12/05 04:13:30 - [] D -- C:\Program Files\IEPro
O43 - CFD: 2015/12/01 04:18:52 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2015/08/12 13:31:10 - [] D -- C:\Program Files\InstantTimeZone
O43 - CFD: 2011/11/12 22:18:05 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/09/05 05:24:20 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/09/11 04:56:39 - [] D -- C:\Program Files\iPod
O43 - CFD: 2015/09/11 05:01:03 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2012/01/29 00:22:41 - [] D -- C:\Program Files\Java
O43 - CFD: 2012/10/28 07:08:24 - [] D -- C:\Program Files\JavaSoft
O43 - CFD: 2012/09/24 08:46:48 - [] D -- C:\Program Files\Kelly(TM)
O43 - CFD: 2012/06/09 13:21:45 - [] D -- C:\Program Files\kplan
O43 - CFD: 2015/05/02 09:08:56 - [] D -- C:\Program Files\Labtec
O43 - CFD: 2015/12/02 06:40:53 - [] D -- C:\Program Files\LapLink Gold
O43 - CFD: 2011/11/12 22:25:56 - [] D -- C:\Program Files\Launch Manager
O43 - CFD: 2015/09/03 14:28:08 - [] D -- C:\Program Files\Lenovo
O43 - CFD: 2012/02/06 13:38:45 - [] D -- C:\Program Files\Les noms de famille de France
O43 - CFD: 2013/05/01 14:19:33 - [] D -- C:\Program Files\LG Electronics
O43 - CFD: 2015/05/02 08:44:54 - [] D -- C:\Program Files\Logitech
O43 - CFD: 2011/11/26 21:59:36 - [] D -- C:\Program Files\MarkAny
O43 - CFD: 2013/05/27 10:21:00 - [] D -- C:\Program Files\MediaCoder
O43 - CFD: 2012/12/02 03:14:54 - [] D -- C:\Program Files\Meta Tools
O43 - CFD: 2014/11/09 09:41:02 - [] D -- C:\Program Files\Metfone 3G
O43 - CFD: 2012/02/06 09:30:06 - [] D -- C:\Program Files\Micro Application
O43 - CFD: 2012/12/17 14:50:30 - [0] D -- C:\Program Files\Microsoft
O43 - CFD: 2012/08/30 01:57:58 - [] D -- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 2012/08/10 03:52:58 - [] D -- C:\Program Files\Microsoft Expression
O43 - CFD: 2009/07/14 08:50:24 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2012/12/24 09:16:53 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2011/11/13 05:47:04 - [] D -- C:\Program Files\Microsoft Référence
O43 - CFD: 2015/09/12 10:25:30 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2014/11/10 12:58:01 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2012/08/30 02:03:36 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 2012/08/30 02:04:44 - [] D -- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 2012/08/10 03:52:47 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 2012/12/24 13:06:43 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2012/08/10 03:53:09 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 2012/07/10 00:39:44 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2012/12/12 09:08:04 - [] D -- C:\Program Files\Mindscape
O43 - CFD: 2014/11/14 12:48:16 - [0] D -- C:\Program Files\Mioplanet
O43 - CFD: 2015/03/25 19:41:21 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2013/03/13 10:45:28 - [] D -- C:\Program Files\Mozilla Firefox 4.0 Beta 11
O43 - CFD: 2015/04/24 14:34:07 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2012/12/24 13:06:53 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2012/06/05 03:59:22 - [] D -- C:\Program Files\MSECache
O43 - CFD: 2012/12/30 09:23:54 - [] D -- C:\Program Files\MyFree Codec
O43 - CFD: 2012/11/04 10:34:20 - [] D -- C:\Program Files\Mythicsoft
O43 - CFD: 2013/05/26 10:32:19 - [] D -- C:\Program Files\NCH Swift Sound
O43 - CFD: 2015/07/30 06:38:24 - [] D -- C:\Program Files\Nokia
O43 - CFD: 2011/11/12 22:21:36 - [] D -- C:\Program Files\NVIDIA Corporation
O43 - CFD: 2014/11/09 09:43:43 - [] D -- C:\Program Files\OpenCPN
O43 - CFD: 2014/11/03 13:52:38 - [] D -- C:\Program Files\Opera
O43 - CFD: 2012/10/04 13:35:36 - [] D -- C:\Program Files\Orange
O43 - CFD: 2011/12/28 16:57:40 - [] D -- C:\Program Files\OutClock
O43 - CFD: 2015/07/28 08:08:05 - [] D -- C:\Program Files\PC Connectivity Solution
O43 - CFD: 2014/05/04 11:30:30 - [] D -- C:\Program Files\PDF to Word
O43 - CFD: 2012/12/01 02:04:33 - [] D -- C:\Program Files\Photo Notifier and Animation Creator
O43 - CFD: 2015/05/14 16:51:36 - [] D -- C:\Program Files\PhotoFiltre 7
O43 - CFD: 2012/03/07 18:35:58 - [] D -- C:\Program Files\Portrait Professional Studio 9
O43 - CFD: 2012/11/23 13:37:46 - [] D -- C:\Program Files\PrimoPDF
O43 - CFD: 2012/10/26 09:25:21 - [] D -- C:\Program Files\Prolific
O43 - CFD: 2011/11/12 21:57:21 - [] D -- C:\Program Files\Realtek
O43 - CFD: 2009/07/14 05:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2013/03/21 03:13:38 - [] D -- C:\Program Files\Render Plus Systems
O43 - CFD: 2015/12/01 04:14:36 - [] D -- C:\Program Files\Samsung
O43 - CFD: 2011/11/13 12:28:49 - [] D -- C:\Program Files\SequoiaView
O43 - CFD: 2015/09/23 16:04:00 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2012/06/09 13:23:05 - [] D -- C:\Program Files\SoftNote 2005
O43 - CFD: 2011/12/21 21:43:34 - [] D -- C:\Program Files\Sony
O43 - CFD: 2012/12/06 07:54:14 - [] D -- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 2014/11/11 06:55:49 - [] D -- C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 2012/05/18 06:58:29 - [0] D -- C:\Program Files\StatnPerf
O43 - CFD: 2012/06/16 08:30:16 - [] D -- C:\Program Files\TeamViewer
O43 - CFD: 2012/02/03 09:09:43 - [] D -- C:\Program Files\TrueCrypt
O43 - CFD: 2015/10/17 05:19:32 - [] D -- C:\Program Files\TunnelBear
O43 - CFD: 2011/11/23 04:04:55 - [] D -- C:\Program Files\Ulead Systems
O43 - CFD: 2011/12/07 00:14:17 - [] D -- C:\Program Files\Ultra MKV Converter
O43 - CFD: 2013/01/06 14:27:29 - [] D -- C:\Program Files\UltraISO
O43 - CFD: 2012/02/04 03:39:59 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 2012/09/25 07:00:17 - [] D -- C:\Program Files\uTorrent
O43 - CFD: 2011/11/21 01:16:06 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/05/02 10:35:19 - [] D -- C:\Program Files\Vimicro
O43 - CFD: 2012/10/14 18:20:08 - [] D -- C:\Program Files\VirtualDJ
O43 - CFD: 2012/01/20 09:50:27 - [] D -- C:\Program Files\VoipBuster.com
O43 - CFD: 2012/05/27 11:51:41 - [] D -- C:\Program Files\Webteh
O43 - CFD: 2012/11/01 08:10:10 - [] D -- C:\Program Files\Winamp
O43 - CFD: 2009/07/14 05:56:49 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2009/07/14 08:50:04 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2014/11/10 12:57:21 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2011/11/17 04:51:45 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2011/11/23 04:06:06 - [] D -- C:\Program Files\Windows Media Components
O43 - CFD: 2011/12/12 19:12:47 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2009/07/14 05:52:30 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2009/07/14 05:56:49 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2012/12/05 04:15:51 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2009/07/14 05:56:49 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2013/05/19 00:22:31 - [] D -- C:\Program Files\WinPcap
O43 - CFD: 2014/11/20 23:20:11 - [] D -- C:\Program Files\Wondershare
O43 - CFD: 2015/01/16 04:39:55 - [] D -- C:\Program Files\Yahoo!
O43 - CFD: 2015/06/06 17:45:50 - [] D -- C:\Program Files\Youtube Downloader HD
O43 - CFD: 2015/01/05 04:52:06 - [] D -- C:\Program Files\ZHPDiag
O43 - CFD: 2015/01/11 16:29:38 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2011/11/21 03:13:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
O43 - CFD: 2011/11/12 19:27:11 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/11/09 09:43:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack
O43 - CFD: 2014/11/09 09:43:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATnotes
O43 - CFD: 2015/04/24 06:59:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2012/10/16 00:47:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 2014/05/03 18:34:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandwidth Monitor
O43 - CFD: 2011/11/13 07:21:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDDC-ECalc
O43 - CFD: 2015/01/11 20:50:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Menu for Office
O43 - CFD: 2014/05/03 23:59:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clover
O43 - CFD: 2011/11/17 06:08:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite 12
O43 - CFD: 2015/06/06 17:56:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
O43 - CFD: 2011/12/03 14:58:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Photo Software
O43 - CFD: 2012/06/10 03:42:13 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive
O43 - CFD: 2014/11/09 09:43:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditto
O43 - CFD: 2014/11/09 07:25:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSPP
O43 - CFD: 2015/08/15 06:51:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
O43 - CFD: 2011/11/13 06:36:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
O43 - CFD: 2012/05/18 04:19:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye On Network
O43 - CFD: 2011/11/13 12:17:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
O43 - CFD: 2012/08/24 02:41:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
O43 - CFD: 2011/11/13 12:18:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
O43 - CFD: 2014/05/19 23:57:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 2011/11/13 12:21:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
O43 - CFD: 2012/11/01 08:21:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
O43 - CFD: 2014/11/09 09:43:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
O43 - CFD: 2015/05/02 10:36:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G-Cube Notebook Web Camera
O43 - CFD: 2012/12/01 02:16:02 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/29 11:09:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/11/25 02:05:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 2015/06/10 14:13:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holiline
O43 - CFD: 2015/01/27 06:53:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2011/11/13 04:37:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iColorFolder
O43 - CFD: 2012/12/01 02:16:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
O43 - CFD: 2011/11/17 23:51:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstantTimeZone
O43 - CFD: 2015/09/11 05:01:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2012/10/28 07:08:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2 Runtime Environment
O43 - CFD: 2012/09/24 08:47:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kelly(TM)
O43 - CFD: 2012/03/13 07:04:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knowledge Adventure
O43 - CFD: 2015/05/02 09:08:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Labtec
O43 - CFD: 2012/10/29 08:18:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LapLink Gold 11.5
O43 - CFD: 2015/09/03 14:28:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
O43 - CFD: 2013/05/02 00:02:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
O43 - CFD: 2009/07/14 05:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2011/11/23 22:57:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaCoder
O43 - CFD: 2012/06/20 04:45:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application
O43 - CFD: 2012/08/10 03:54:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
O43 - CFD: 2012/12/24 13:18:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2012/08/30 06:30:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
O43 - CFD: 2015/09/05 05:30:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2012/06/21 08:19:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mindscape
O43 - CFD: 2014/11/14 12:48:10 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mioplanet
O43 - CFD: 2012/12/30 09:23:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
O43 - CFD: 2013/05/26 10:32:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Toolbox
O43 - CFD: 2012/03/13 07:04:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netMarket
O43 - CFD: 2015/07/30 06:39:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
O43 - CFD: 2015/07/29 15:23:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
O43 - CFD: 2011/12/28 16:57:38 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OutClock
O43 - CFD: 2014/11/09 09:43:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OziExplorer
O43 - CFD: 2014/11/09 09:43:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF to Word
O43 - CFD: 2013/06/13 10:55:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 2011/12/21 21:44:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
O43 - CFD: 2011/12/30 09:21:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portrait Professional Studio 9
O43 - CFD: 2014/11/09 09:43:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoPDF
O43 - CFD: 2012/10/16 04:20:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programmes audio
O43 - CFD: 2015/12/01 04:19:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 2011/11/13 12:28:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SequoiaView
O43 - CFD: 2012/12/24 13:18:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 2015/09/21 13:39:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/06/19 06:27:23 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/05/18 04:19:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stat 'n' Perf
O43 - CFD: 2012/10/16 04:20:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suite NCH Software
O43 - CFD: 2009/07/14 08:48:45 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2011/12/27 01:25:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLC-Edusoft
O43 - CFD: 2012/02/03 08:27:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
O43 - CFD: 2015/08/06 09:53:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
O43 - CFD: 2011/11/23 04:06:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio 11
O43 - CFD: 2014/11/09 09:43:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra MKV Converter
O43 - CFD: 2014/11/09 09:43:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 2013/05/26 10:32:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
O43 - CFD: 2012/05/18 04:17:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UtilKit DLUL Meter Free
O43 - CFD: 2012/10/14 18:18:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
O43 - CFD: 2015/01/13 10:32:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipBuster
O43 - CFD: 2014/11/20 23:20:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 2014/11/09 23:43:31 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 2014/11/21 23:59:26 - [] SHD -- C:\ProgramData\360Quarant
O43 - CFD: 2011/11/23 08:16:51 - [] D -- C:\ProgramData\Acronis
O43 - CFD: 2013/04/02 03:31:39 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2011/11/19 16:12:34 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 2013/05/23 11:29:00 - [] D -- C:\ProgramData\AppData
O43 - CFD: 2015/09/11 04:51:35 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/09/11 04:56:37 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/04/24 06:32:50 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2011/12/06 15:48:54 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 2012/02/06 13:11:37 - [0] D -- C:\ProgramData\BSD
O43 - CFD: 2011/11/23 19:24:49 - [] D -- C:\ProgramData\Canneverbe Limited
O43 - CFD: 2011/12/12 18:40:25 - [] D -- C:\ProgramData\Ciel
O43 - CFD: 2013/04/01 03:19:03 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2014/11/09 09:40:54 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2011/12/12 19:03:02 - [] D -- C:\ProgramData\EBP
O43 - CFD: 2011/11/13 06:31:42 - [] D -- C:\ProgramData\eMule
O43 - CFD: 2013/03/19 04:10:13 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2014/11/05 15:09:22 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2013/03/21 12:14:40 - [] D -- C:\ProgramData\Google
O43 - CFD: 2011/11/23 21:15:12 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2015/01/26 20:04:06 - [] D -- C:\ProgramData\HP
O43 - CFD: 2015/01/26 20:03:57 - [] D -- C:\ProgramData\HP Product Assistant
O43 - CFD: 2012/12/01 02:05:10 - [] D -- C:\ProgramData\IM
O43 - CFD: 2012/12/01 02:03:37 - [] D -- C:\ProgramData\IncrediMail
O43 - CFD: 2015/07/28 11:06:17 - [] D -- C:\ProgramData\Installations
O43 - CFD: 2011/11/23 04:06:33 - [] D -- C:\ProgramData\InterVideo
O43 - CFD: 2013/05/02 00:04:32 - [] D -- C:\ProgramData\LGMOBILEAX
O43 - CFD: 2015/04/09 05:49:41 - [] D -- C:\ProgramData\Licenses
O43 - CFD: 2015/01/11 19:48:27 - [] D -- C:\ProgramData\Logs
O43 - CFD: 2014/11/05 15:09:22 - [] D -- C:\ProgramData\Macrovision
O43 - CFD: 2014/11/10 06:57:04 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2011/11/14 23:46:12 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2014/05/03 18:39:50 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 2014/11/11 06:52:07 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2012/12/24 13:18:10 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2012/12/25 06:36:08 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/05/26 10:32:21 - [] D -- C:\ProgramData\NCH Swift Sound
O43 - CFD: 2015/07/30 06:38:24 - [0] D -- C:\ProgramData\Nokia
O43 - CFD: 2015/07/28 08:02:36 - [] D -- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 2014/11/12 00:32:51 - [] D -- C:\ProgramData\Nuance
O43 - CFD: 2011/11/12 22:27:21 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2015/08/06 09:54:28 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2011/11/15 05:23:41 - [] D -- C:\ProgramData\PC Suite
O43 - CFD: 2012/12/01 02:04:33 - [] D -- C:\ProgramData\Photo Notifier and Animation Creator
O43 - CFD: 2015/07/29 11:09:07 - [] D -- C:\ProgramData\QcYjZouXl
O43 - CFD: 2015/07/30 12:50:23 - [] D -- C:\ProgramData\Radio
O43 - CFD: 2015/12/01 04:17:54 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 2014/11/12 00:17:52 - [] D -- C:\ProgramData\ScanSoft
O43 - CFD: 2015/12/02 16:45:34 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2011/12/21 21:43:33 - [] D -- C:\ProgramData\Sony Corporation
O43 - CFD: 2014/11/11 06:52:07 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2012/01/29 00:23:44 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/12/02 17:27:55 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/01/09 17:43:24 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2012/06/04 20:36:25 - [] D -- C:\ProgramData\Ulead Systems
O43 - CFD: 2012/12/08 10:40:17 - [] D -- C:\ProgramData\Visan
O43 - CFD: 2015/01/27 06:54:07 - [] D -- C:\ProgramData\WEBREG
O43 - CFD: 2015/01/14 09:45:40 - [] D -- C:\ProgramData\WinZip
O43 - CFD: 2014/11/05 15:13:57 - [] D -- C:\ProgramData\zeon
O43 - CFD: 2015/07/29 12:11:26 - [] D -- C:\ProgramData\ZWinManProZ
O43 - CFD: 2011/12/04 18:31:06 - [] D -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 2011/11/14 01:18:07 - [] D -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
O43 - CFD: 2015/04/24 05:51:07 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2012/08/24 02:43:02 - [] D -- C:\Program Files\Common Files\ACD Systems
O43 - CFD: 2011/11/23 09:15:42 - [] D -- C:\Program Files\Common Files\Acronis
O43 - CFD: 2012/12/05 04:08:39 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2011/11/24 21:54:11 - [] D -- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 2015/09/11 04:56:37 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2012/10/16 00:46:57 - [] D -- C:\Program Files\Common Files\AVSMedia
O43 - CFD: 2011/12/12 18:40:18 - [] D -- C:\Program Files\Common Files\Ciel
O43 - CFD: 2011/11/17 06:08:14 - [] D -- C:\Program Files\Common Files\Corel
O43 - CFD: 2012/12/24 09:37:53 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2015/08/15 06:51:36 - [] D -- C:\Program Files\Common Files\DVDVideoSoft
O43 - CFD: 2011/11/13 01:32:01 - [] D -- C:\Program Files\Common Files\EZB Systems
O43 - CFD: 2012/12/25 03:27:33 - [] D -- C:\Program Files\Common Files\France Telecom
O43 - CFD: 2015/01/16 04:31:30 - [] D -- C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 2015/01/26 20:01:11 - [] D -- C:\Program Files\Common Files\HP
O43 - CFD: 2011/11/23 04:06:29 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2011/11/23 04:06:53 - [] D -- C:\Program Files\Common Files\InterVideo
O43 - CFD: 2012/01/29 00:23:43 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2012/11/20 13:37:12 - [] D -- C:\Program Files\Common Files\Knowledge Adventure
O43 - CFD: 2011/11/13 01:10:44 - [] D -- C:\Program Files\Common Files\LapLink
O43 - CFD: 2015/09/03 14:28:20 - [] D -- C:\Program Files\Common Files\LENOVO
O43 - CFD: 2015/05/02 09:09:11 - [0] D -- C:\Program Files\Common Files\LogiShrd
O43 - CFD: 2012/12/04 04:22:41 - [] D -- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 2014/11/10 12:55:46 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2015/07/30 06:38:16 - [] D -- C:\Program Files\Common Files\Nokia
O43 - CFD: 2015/07/30 06:22:19 - [] D -- C:\Program Files\Common Files\PCSuite
O43 - CFD: 2011/11/12 22:18:12 - [] D -- C:\Program Files\Common Files\postureAgent
O43 - CFD: 2009/07/14 03:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2015/09/21 13:39:06 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2009/07/14 03:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2012/06/10 03:23:35 - [0] D -- C:\Program Files\Common Files\SWF Studio
O43 - CFD: 2012/12/24 09:16:56 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2011/11/23 04:06:03 - [] D -- C:\Program Files\Common Files\Ulead Systems
O43 - CFD: 2014/11/10 06:01:34 - [] D -- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2014/11/20 23:20:25 - [] D -- C:\Program Files\Common Files\Wondershare
O43 - CFD: 2011/12/16 14:43:45 - [] D -- C:\Users\Emilien\AppData\Roaming\ACD Systems
O43 - CFD: 2012/12/05 04:10:54 - [] D -- C:\Users\Emilien\AppData\Roaming\Adobe
O43 - CFD: 2012/02/12 03:22:59 - [] D -- C:\Users\Emilien\AppData\Roaming\Ahead
O43 - CFD: 2011/12/06 15:57:13 - [] D -- C:\Users\Emilien\AppData\Roaming\Apowersoft
O43 - CFD: 2015/09/11 05:02:34 - [] D -- C:\Users\Emilien\AppData\Roaming\Apple Computer
O43 - CFD: 2015/04/24 07:09:38 - [] D -- C:\Users\Emilien\AppData\Roaming\AVAST Software
O43 - CFD: 2011/12/06 15:48:54 - [] D -- C:\Users\Emilien\AppData\Roaming\AVS4YOU
O43 - CFD: 2015/06/09 15:39:55 - [] D -- C:\Users\Emilien\AppData\Roaming\BitTorrent
O43 - CFD: 2015/01/01 07:55:33 - [] D -- C:\Users\Emilien\AppData\Roaming\BRT
O43 - CFD: 2012/02/06 09:43:58 - [] D -- C:\Users\Emilien\AppData\Roaming\BSD
O43 - CFD: 2012/02/06 09:43:59 - [] D -- C:\Users\Emilien\AppData\Roaming\BSD Concept
O43 - CFD: 2012/05/27 12:00:24 - [] D -- C:\Users\Emilien\AppData\Roaming\BSplayer
O43 - CFD: 2012/05/27 11:51:42 - [] D -- C:\Users\Emilien\AppData\Roaming\BSplayer Pro
O43 - CFD: 2011/11/23 19:24:55 - [] D -- C:\Users\Emilien\AppData\Roaming\Canneverbe_Limited
O43 - CFD: 2012/12/05 12:55:40 - [0] D -- C:\Users\Emilien\AppData\Roaming\ChromePlus
O43 - CFD: 2011/11/17 06:11:44 - [] D -- C:\Users\Emilien\AppData\Roaming\Corel
O43 - CFD: 2014/11/14 12:45:04 - [] D -- C:\Users\Emilien\AppData\Roaming\Desktop Apps
O43 - CFD: 2015/06/06 17:56:07 - [] D -- C:\Users\Emilien\AppData\Roaming\Digiarty
O43 - CFD: 2015/12/03 07:52:13 - [] D -- C:\Users\Emilien\AppData\Roaming\Ditto
O43 - CFD: 2012/10/29 04:51:09 - [] D -- C:\Users\Emilien\AppData\Roaming\Dr. Regener
O43 - CFD: 2012/02/13 06:21:37 - [] D -- C:\Users\Emilien\AppData\Roaming\dvdcss
O43 - CFD: 2015/08/15 06:52:08 - [] D -- C:\Users\Emilien\AppData\Roaming\DVDVideoSoft
O43 - CFD: 2011/12/12 19:03:02 - [] D -- C:\Users\Emilien\AppData\Roaming\EBP
O43 - CFD: 2015/01/07 18:17:16 - [] D -- C:\Users\Emilien\AppData\Roaming\FastStone
O43 - CFD: 2014/11/14 12:49:52 - [] D -- C:\Users\Emilien\AppData\Roaming\FileZilla
O43 - CFD: 2012/12/03 08:32:53 - [0] D -- C:\Users\Emilien\AppData\Roaming\Firetrust
O43 - CFD: 2014/11/05 15:19:21 - [] D -- C:\Users\Emilien\AppData\Roaming\FLEXnet
O43 - CFD: 2012/10/16 00:22:43 - [] D -- C:\Users\Emilien\AppData\Roaming\FreeAudioPack
O43 - CFD: 2012/11/10 04:03:02 - [] D -- C:\Users\Emilien\AppData\Roaming\FreeFileSync
O43 - CFD: 2012/10/29 04:49:57 - [] D -- C:\Users\Emilien\AppData\Roaming\GetRightToGo
O43 - CFD: 2013/03/21 12:14:40 - [] D -- C:\Users\Emilien\AppData\Roaming\Google
O43 - CFD: 2011/12/12 17:36:39 - [] D -- C:\Users\Emilien\AppData\Roaming\Grisbi
O43 - CFD: 2011/12/12 18:31:50 - [] D -- C:\Users\Emilien\AppData\Roaming\gtk-2.0
O43 - CFD: 2015/01/27 06:54:07 - [] D -- C:\Users\Emilien\AppData\Roaming\HP
O43 - CFD: 2015/01/18 06:49:31 - [] D -- C:\Users\Emilien\AppData\Roaming\HpUpdate
O43 - CFD: 2011/11/12 19:34:24 - [] D -- C:\Users\Emilien\AppData\Roaming\Identities
O43 - CFD: 2011/11/12 21:59:19 - [] D -- C:\Users\Emilien\AppData\Roaming\InstallShield
O43 - CFD: 2011/11/13 00:42:34 - [] D -- C:\Users\Emilien\AppData\Roaming\Macromedia
O43 - CFD: 2012/12/18 18:43:53 - [] D -- C:\Users\Emilien\AppData\Roaming\MailWasherPro
O43 - CFD: 2012/12/06 03:14:45 - [] D -- C:\Users\Emilien\AppData\Roaming\Malwarebytes
O43 - CFD: 2009/07/14 08:48:45 - [0] D -- C:\Users\Emilien\AppData\Roaming\Media Center Programs
O43 - CFD: 2012/09/14 17:16:48 - [] D -- C:\Users\Emilien\AppData\Roaming\Metfone 3G
O43 - CFD: 2012/02/06 09:31:28 - [] D -- C:\Users\Emilien\AppData\Roaming\Micro Application
O43 - CFD: 2012/11/30 06:39:09 - [] SD -- C:\Users\Emilien\AppData\Roaming\Microsoft
O43 - CFD: 2014/11/03 14:03:08 - [] D -- C:\Users\Emilien\AppData\Roaming\Mozilla
O43 - CFD: 2012/11/01 08:37:47 - [] D -- C:\Users\Emilien\AppData\Roaming\NCH Swift Sound
O43 - CFD: 2012/01/29 07:04:39 - [] D -- C:\Users\Emilien\AppData\Roaming\NetMeter
O43 - CFD: 2015/07/30 06:37:37 - [] D -- C:\Users\Emilien\AppData\Roaming\Nokia
O43 - CFD: 2015/07/30 06:37:37 - [0] D -- C:\Users\Emilien\AppData\Roaming\Nokia Suite
O43 - CFD: 2014/11/05 15:11:14 - [] D -- C:\Users\Emilien\AppData\Roaming\Nuance
O43 - CFD: 2014/11/03 13:52:35 - [0] D -- C:\Users\Emilien\AppData\Roaming\Opera
O43 - CFD: 2011/11/15 05:23:45 - [] D -- C:\Users\Emilien\AppData\Roaming\PC Suite
O43 - CFD: 2013/06/13 10:55:23 - [] D -- C:\Users\Emilien\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 2012/12/03 04:04:14 - [] D -- C:\Users\Emilien\AppData\Roaming\PowerISO
O43 - CFD: 2015/04/24 05:44:46 - [0] D -- C:\Users\Emilien\AppData\Roaming\rmi
O43 - CFD: 2012/01/31 14:22:22 - [] D -- C:\Users\Emilien\AppData\Roaming\Rokario
O43 - CFD: 2012/02/24 07:25:11 - [] D -- C:\Users\Emilien\AppData\Roaming\Rovio
O43 - CFD: 2015/08/15 06:51:15 - [] D -- C:\Users\Emilien\AppData\Roaming\RPEng
O43 - CFD: 2015/12/01 04:21:25 - [] D -- C:\Users\Emilien\AppData\Roaming\Samsung
O43 - CFD: 2014/11/05 15:18:39 - [] D -- C:\Users\Emilien\AppData\Roaming\ScanSoft
O43 - CFD: 2015/12/03 07:52:49 - [] D -- C:\Users\Emilien\AppData\Roaming\Skype
O43 - CFD: 2011/12/13 03:56:58 - [] D -- C:\Users\Emilien\AppData\Roaming\skypePM
O43 - CFD: 2011/12/21 21:49:12 - [] D -- C:\Users\Emilien\AppData\Roaming\Sony Corporation
O43 - CFD: 2012/01/29 02:30:04 - [] D -- C:\Users\Emilien\AppData\Roaming\Steganos
O43 - CFD: 2012/10/29 07:02:14 - [] D -- C:\Users\Emilien\AppData\Roaming\TeamViewer
O43 - CFD: 2012/12/31 00:56:24 - [0] D -- C:\Users\Emilien\AppData\Roaming\Temp
O43 - CFD: 2012/12/25 09:11:19 - [] D -- C:\Users\Emilien\AppData\Roaming\Thunderbird
O43 - CFD: 2015/08/08 06:02:38 - [0] D -- C:\Users\Emilien\AppData\Roaming\Todae
O43 - CFD: 2012/02/03 09:16:18 - [] D -- C:\Users\Emilien\AppData\Roaming\TrueCrypt
O43 - CFD: 2015/01/09 17:42:17 - [] D -- C:\Users\Emilien\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/08/06 09:56:15 - [] D -- C:\Users\Emilien\AppData\Roaming\TunnelBear
O43 - CFD: 2011/11/23 04:19:56 - [] D -- C:\Users\Emilien\AppData\Roaming\Ulead Systems
O43 - CFD: 2014/11/09 07:56:33 - [] D -- C:\Users\Emilien\AppData\Roaming\uTorrent
O43 - CFD: 2015/12/03 07:18:32 - [] D -- C:\Users\Emilien\AppData\Roaming\vlc
O43 - CFD: 2012/09/04 17:52:57 - [] D -- C:\Users\Emilien\AppData\Roaming\VoipBuster
O43 - CFD: 2015/01/12 13:49:23 - [] D -- C:\Users\Emilien\AppData\Roaming\VoipConnect
O43 - CFD: 2015/08/15 07:49:58 - [] D -- C:\Users\Emilien\AppData\Roaming\Winamp
O43 - CFD: 2014/11/20 23:20:11 - [] D -- C:\Users\Emilien\AppData\Roaming\Wondershare
O43 - CFD: 2012/02/20 15:52:21 - [] D -- C:\Users\Emilien\AppData\Roaming\Xi
O43 - CFD: 2015/01/16 04:39:53 - [] D -- C:\Users\Emilien\AppData\Roaming\Yahoo!
O43 - CFD: 2015/06/06 11:52:55 - [] D -- C:\Users\Emilien\AppData\Roaming\Youtube Downloader HD
O43 - CFD: 2014/11/12 00:33:50 - [0] D -- C:\Users\Emilien\AppData\Roaming\Zeon
O43 - CFD: 2015/12/03 07:54:51 - [] D -- C:\Users\Emilien\AppData\Roaming\ZHP
O43 - CFD: 2011/12/30 09:15:35 - [] D -- C:\Users\Emilien\AppData\Local\ACD Systems
O43 - CFD: 2015/06/19 06:26:28 - [] D -- C:\Users\Emilien\AppData\Local\Adobe
O43 - CFD: 2011/11/19 16:22:00 - [] D -- C:\Users\Emilien\AppData\Local\Ahead
O43 - CFD: 2011/11/21 07:19:03 - [] D -- C:\Users\Emilien\AppData\Local\Apple
O43 - CFD: 2012/12/25 05:31:38 - [] D -- C:\Users\Emilien\AppData\Local\Apple Computer
O43 - CFD: 2011/11/12 19:34:06 - [0] SHD -- C:\Users\Emilien\AppData\Local\Application Data
O43 - CFD: 2014/05/03 18:37:51 - [] D -- C:\Users\Emilien\AppData\Local\Avg2013
O43 - CFD: 2012/12/19 14:18:11 - [] D -- C:\Users\Emilien\AppData\Local\Axaware
O43 - CFD: 2011/11/18 15:44:30 - [] D -- C:\Users\Emilien\AppData\Local\BitTorrent
O43 - CFD: 2015/09/03 14:26:38 - [] D -- C:\Users\Emilien\AppData\Local\Chromium
O43 - CFD: 2014/05/03 23:59:15 - [] D -- C:\Users\Emilien\AppData\Local\Clover
O43 - CFD: 2015/01/01 08:29:27 - [0] D -- C:\Users\Emilien\AppData\Local\CRE
O43 - CFD: 2015/12/01 09:07:27 - [0] D -- C:\Users\Emilien\AppData\Local\Diagnostics
O43 - CFD: 2015/12/01 04:15:46 - [] D -- C:\Users\Emilien\AppData\Local\Downloaded Installations
O43 - CFD: 2011/12/12 19:02:06 - [] D -- C:\Users\Emilien\AppData\Local\EBP
O43 - CFD: 2015/11/01 13:25:37 - [0] D -- C:\Users\Emilien\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2011/11/13 06:31:01 - [] D -- C:\Users\Emilien\AppData\Local\eMule
O43 - CFD: 2013/03/18 05:39:03 - [] D -- C:\Users\Emilien\AppData\Local\ESET
O43 - CFD: 2015/01/07 18:17:16 - [] D -- C:\Users\Emilien\AppData\Local\FastStone
O43 - CFD: 2012/10/16 04:14:08 - [] D -- C:\Users\Emilien\AppData\Local\GermaniXSoft
O43 - CFD: 2014/11/05 23:08:00 - [] D -- C:\Users\Emilien\AppData\Local\gladinet
O43 - CFD: 2015/09/16 12:14:16 - [] D -- C:\Users\Emilien\AppData\Local\Google
O43 - CFD: 2012/10/29 04:51:09 - [] D -- C:\Users\Emilien\AppData\Local\GPSur
O43 - CFD: 2011/11/12 19:34:06 - [0] SHD -- C:\Users\Emilien\AppData\Local\History
O43 - CFD: 2015/03/04 05:52:33 - [] D -- C:\Users\Emilien\AppData\Local\HockeyApp
O43 - CFD: 2014/12/09 14:26:03 - [0] D -- C:\Users\Emilien\AppData\Local\HockeyCrashes
O43 - CFD: 2015/06/10 14:03:15 - [] D -- C:\Users\Emilien\AppData\Local\Holiline
O43 - CFD: 2015/01/16 04:51:38 - [] D -- C:\Users\Emilien\AppData\Local\HP
O43 - CFD: 2012/12/01 02:03:58 - [0] D -- C:\Users\Emilien\AppData\Local\IM
O43 - CFD: 2014/10/13 15:15:33 - [] D -- C:\Users\Emilien\AppData\Local\IsolatedStorage
O43 - CFD: 2015/09/03 14:29:15 - [] D -- C:\Users\Emilien\AppData\Local\Lenovo
O43 - CFD: 2012/09/27 03:15:25 - [] D -- C:\Users\Emilien\AppData\Local\Macromedia
O43 - CFD: 2013/04/01 03:19:03 - [] D -- C:\Users\Emilien\AppData\Local\MFAData
O43 - CFD: 2015/01/27 06:57:47 - [] D -- C:\Users\Emilien\AppData\Local\Microsoft
O43 - CFD: 2011/11/12 23:27:24 - [0] D -- C:\Users\Emilien\AppData\Local\Microsoft Help
O43 - CFD: 2013/03/14 02:01:51 - [0] DC -- C:\Users\Emilien\AppData\Local\MigWiz
O43 - CFD: 2015/08/06 11:41:51 - [] D -- C:\Users\Emilien\AppData\Local\Mindspark_Interactive_Net
O43 - CFD: 2014/05/11 05:43:39 - [] D -- C:\Users\Emilien\AppData\Local\Mozilla
O43 - CFD: 2015/07/28 08:14:48 - [] D -- C:\Users\Emilien\AppData\Local\Nokia
O43 - CFD: 2015/07/30 06:37:37 - [] D -- C:\Users\Emilien\AppData\Local\NokiaAccount
O43 - CFD: 2014/11/03 13:52:37 - [0] D -- C:\Users\Emilien\AppData\Local\Opera
O43 - CFD: 2014/11/03 07:48:32 - [] D -- C:\Users\Emilien\AppData\Local\Programs
O43 - CFD: 2015/12/01 04:21:32 - [] D -- C:\Users\Emilien\AppData\Local\Samsung
O43 - CFD: 2014/11/05 15:18:39 - [] D -- C:\Users\Emilien\AppData\Local\ScanSoft
O43 - CFD: 2014/05/03 19:17:30 - [] D -- C:\Users\Emilien\AppData\Local\Skype
O43 - CFD: 2015/12/03 07:53:38 - [] D -- C:\Users\Emilien\AppData\Local\Temp
O43 - CFD: 2011/11/12 19:34:06 - [0] SHD -- C:\Users\Emilien\AppData\Local\Temporary Internet Files
O43 - CFD: 2012/12/25 09:11:19 - [] D -- C:\Users\Emilien\AppData\Local\Thunderbird
O43 - CFD: 2015/01/09 17:42:17 - [] D -- C:\Users\Emilien\AppData\Local\TuneUp Software
O43 - CFD: 2011/11/18 15:47:53 - [] D -- C:\Users\Emilien\AppData\Local\uTorrent
O43 - CFD: 2015/11/01 12:11:52 - [] D -- C:\Users\Emilien\AppData\Local\VirtualStore
O43 - CFD: 2012/01/29 03:58:39 - [] D -- C:\Users\Emilien\AppData\Local\VS Revo Group
O43 - CFD: 2014/11/15 00:39:37 - [] D -- C:\Users\Emilien\AppData\Local\Windows Live
O43 - CFD: 2014/11/20 23:20:27 - [] D -- C:\Users\Emilien\AppData\Local\Wondershare
O43 - CFD: 2015/09/03 14:24:55 - [] D -- C:\Users\Emilien\AppData\Local\{8D81BBDD-A929-D765-C4B1-F28DE0D90E15}
O43 - CFD: 2009/07/14 05:42:04 - [] RD -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/29 11:11:48 - [] SD -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2012/10/16 00:47:00 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 2011/11/13 07:21:32 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDDC-ECalc
O43 - CFD: 2011/11/23 19:30:51 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
O43 - CFD: 2015/08/06 11:41:36 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elite Unzip =>PUP.Optional.MyWebSearch
O43 - CFD: 2012/06/10 03:33:39 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2011/11/13 02:36:17 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hachette Oxford
O43 - CFD: 2011/11/13 04:37:12 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iColorFolder
O43 - CFD: 2015/04/26 14:12:48 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Knowledge Adventure et Edusoft
O43 - CFD: 2009/07/14 05:37:42 - [] RD -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2011/11/23 22:57:37 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
O43 - CFD: 2014/11/14 12:48:10 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mioplanet
O43 - CFD: 2015/05/14 16:51:36 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 2012/11/23 13:37:47 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrimoPDF
O43 - CFD: 2012/11/15 04:11:53 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programmes audio
O43 - CFD: 2011/11/13 12:28:50 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SequoiaView
O43 - CFD: 2015/07/29 15:23:30 - [] SD -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/11/15 04:11:53 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suite NCH Software
O43 - CFD: 2011/11/14 00:59:33 - [] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 2012/10/14 18:18:46 - [0] D -- C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ

---\\ Latest files created in Prefetcher (1) - 6s
O45 - LFCP:[MD5.5480A1EEDFF2B53CE1EF3E95C69436C4] 2015/12/01 19:00:13 A -- C:\Windows\Prefetch\ELITEUNZIP.EXE-CC8EE1B3.pf =>PUP.Optional.MyWebSearch

---\\ ShareTools MSconfig StartupReg (31) - 1s
O53 - SMSR:HKLM\...\startupreg\command . (.Samsung - .) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 8.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Acrobat Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\AmIcoSinglun [Key] . (...) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\ATnotes.exe [Key] . (.Thomas Ascher - ATnotes.) -- C:\Program Files\ATnotes\ATnotes.exe
O53 - SMSR:HKLM\...\startupreg\BEWINTERNET-FR-DMGP-V2SessionManager [Key] . (.France Telecom SA - .) -- C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (...) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\BigDog303 [Key] . (.Vimicro - Vimicro.) -- C:\Windows\VM303_STI.EXE
O53 - SMSR:HKLM\...\startupreg\CardDetectorHUAWEI1752_1552 [Key] . (.France Telecom SA - .) -- C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
O53 - SMSR:HKLM\...\startupreg\Ditto [Key] . (.Copyright (C) 2003 - Ditto.) -- C:\Program Files\Ditto\Ditto.exe
O53 - SMSR:HKLM\...\startupreg\Domino [Key] . (.Copyright (C) - .) -- C:\Windows\Domino.exe
O53 - SMSR:HKLM\...\startupreg\GoogleChromeAutoLaunch_315F4253D70920605E77AA15DA1334F1 [Key] . (.The Chromium Authors - Chromium.) -- C:\Users\Emilien\AppData\Local\Chromium\Application\chrome.exe
O53 - SMSR:HKLM\...\startupreg\HOSTS Anti-Adware_PUPs [Key] . (. - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O53 - SMSR:HKLM\...\startupreg\HW_OPENEYE_OUC_Metfone 3G [Key] . (...) -- C:\Program Files\Metfone 3G\UpdateDog\ouc.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\KiesAirMessage [Key] . (...) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\KiesPDLR [Key] . (.Samsung - .) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O53 - SMSR:HKLM\...\startupreg\KiesPDLR.exe [Key] . (.Samsung - .) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O53 - SMSR:HKLM\...\startupreg\KiesPreload [Key] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O53 - SMSR:HKLM\...\startupreg\KiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O53 - SMSR:HKLM\...\startupreg\LapLink Scheduler [Key] . (.LapLink, Inc. - Quick Scheduler Component.) -- C:\Program Files\Common Files\LapLink\Scheduler\Llsched.exe
O53 - SMSR:HKLM\...\startupreg\LManager [Key] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (...) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (...) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.Microsoft Corporation - Windows host process (Rundll32).) -- RUNDLL32.EXE (.not file.)
O53 - SMSR:HKLM\...\startupreg\OpAgent [Key] . (...) -- OpAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PC Suite Tray [Key] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O53 - SMSR:HKLM\...\startupreg\PMBVolumeWatcher [Key] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

---\\ System Drivers List (121) - 12s
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976]
O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512]
O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400]
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79952]
O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312]
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [23616]
O58 - SDL:2009/12/01 11:21:32 A . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\System32\drivers\AmUStor.sys [25600]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608]
O58 - SDL:2015/12/01 08:19:34 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [24016]
O58 - SDL:2015/12/01 08:19:34 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [81168]
O58 - SDL:2015/12/01 08:19:34 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [81728]
O58 - SDL:2015/12/01 08:19:34 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [49776]
O58 - SDL:2015/12/01 08:19:10 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [794952]
O58 - SDL:2015/12/01 08:19:34 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [435464]
O58 - SDL:2015/12/01 08:19:34 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [117200]
O58 - SDL:2015/12/01 08:19:34 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [209432]
O58 - SDL:2010/02/13 09:48:20 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athr.sys [1781760]
O58 - SDL:2007/08/17 09:14:44 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athrusb.sys [891392]
O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888]
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568]
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248]
O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128]
O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336]
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904]
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080]
O58 - SDL:2013/01/23 04:31:50 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\drivers\ccdcmb.sys [18560]
O58 - SDL:2013/01/23 04:31:50 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\drivers\ccdcmbo.sys [23168]
O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952]
O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720]
O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712]
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160]
O58 - SDL:2012/08/21 07:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26840]
O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624]
O58 - SDL:2009/09/17 05:54:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECI.sys [41088]
O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152]
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332352]
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040]
O58 - SDL:2010/11/01 05:03:26 A . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS.) -- C:\Windows\System32\drivers\k57nd60x.sys [348712]
O58 - SDL:2010/01/11 04:29:36 A . (.Google Inc - ADB Interface.) -- C:\Windows\System32\drivers\lgandadb.sys [25728]
O58 - SDL:2010/01/25 00:11:22 A . (.LG Electronics Inc. - LGE Android Driver.) -- C:\Windows\System32\drivers\lgandbus.sys [14336]
O58 - SDL:2010/01/25 00:11:30 A . (.LG Electronics Inc. - LGE Android Driver.) -- C:\Windows\System32\drivers\lganddiag.sys [20864]
O58 - SDL:2010/01/25 00:11:32 A . (.LG Electronics Inc. - LGE Android Driver.) -- C:\Windows\System32\drivers\lgandgps.sys [19968]
O58 - SDL:2010/01/25 00:11:24 A . (.LG Electronics Inc. - LGE Android Driver.) -- C:\Windows\System32\drivers\lgandmodem.sys [24960]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824]
O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584]
O58 - SDL:2013/04/03 14:09:42 A . (...) -- C:\Windows\System32\drivers\MoborobAssDriver.sys [12072]
O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624]
O58 - SDL:2015/12/01 08:19:05 A . (.AVAST Software - avast! NG snapshot driver.) -- C:\Windows\System32\drivers\ngvss.sys [121368]
O58 - SDL:2010/01/27 03:09:02 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [50704]
O58 - SDL:2010/01/28 00:25:04 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda32v.sys [68200]
O58 - SDL:2010/04/26 20:16:44 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [9940232]
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117312]
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [142416]
O58 - SDL:2012/10/17 08:53:46 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\drivers\pccsmcfd.sys [19072]
O58 - SDL:2011/09/19 04:56:56 A . (.PROLINK Corporation - PROLINK Corporation.) -- C:\Windows\System32\drivers\PROLiNKusbdiag.sys [107648]
O58 - SDL:2011/09/19 04:56:56 A . (.PROLINK Corporation - PROLINK Corporation.) -- C:\Windows\System32\drivers\PROLiNKusbmodem.sys [107648]
O58 - SDL:2011/09/19 04:56:56 A . (.PROLINK Corporation - PROLINK Corporation.) -- C:\Windows\System32\drivers\PROLiNKusbnmea.sys [107648]
O58 - SDL:2011/09/19 04:56:56 A . (.PROLINK Corporation - PROLINK Corporation.) -- C:\Windows\System32\drivers\PROLiNKusbvoice.sys [107648]
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488]
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064]
O58 - SDL:2010/01/29 07:37:50 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [3013344]
O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480]
O58 - SDL:2003/11/16 23:38:08 A . (.Rainbow Technologies, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\Windows\System32\drivers\SENTINEL.SYS [76288]
O58 - SDL:2009/07/17 10:53:38 A . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\Windows\System32\drivers\ser2pl.sys [80384]
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016]
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888]
O58 - SDL:2011/11/18 00:01:27 A . (.Acronis - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman.sys [129248]
O58 - SDL:2003/11/16 23:38:08 A . (.Rainbow Technologies Inc. - Rainbow Technologies Sentinel Device Driver.) -- C:\Windows\System32\drivers\SNTNLUSB.SYS [26120]
O58 - SDL:2011/10/27 02:25:46 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_cm.sys [12544]
O58 - SDL:2011/10/27 02:25:46 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_wh.sys [12416]
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [89984]
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [184192]
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\Windows\System32\drivers\ssudserd.sys [184192]
O58 - SDL:2006/07/25 01:05:00 A . (...) -- C:\Windows\System32\drivers\StarOpen.sys [5632]
O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072]
O58 - SDL:2014/08/12 03:45:30 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap-tb-0901.sys [33280]
O58 - SDL:2011/11/18 00:01:18 A . (.Acronis - Acronis Try&Decide and Restore Points Volum.) -- C:\Windows\System32\drivers\tdrpman.sys [368736]
O58 - SDL:2011/11/18 00:01:38 A . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\System32\drivers\tifsfilt.sys [44384]
O58 - SDL:2011/11/18 00:01:38 A . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\System32\drivers\timntr.sys [441760]
O58 - SDL:2012/02/03 09:09:43 A . (.TrueCrypt Foundation - TrueCrypt Driver.) -- C:\Windows\System32\drivers\truecrypt.sys [231376]
O58 - SDL:2003/06/19 02:19:48 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\TSIKBF5.sys [9728]
O58 - SDL:2003/06/19 02:19:24 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\tsikbfd.sys [8704]
O58 - SDL:2003/06/19 02:20:28 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\TSIMSF5.sys [5632]
O58 - SDL:2003/06/19 02:20:10 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\TSIMSFD.sys [5120]
O58 - SDL:2003/06/19 02:21:22 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\TSIRCINK.SYS [9216]
O58 - SDL:2003/06/19 02:21:48 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\tsircmir.sys [2816]
O58 - SDL:2003/06/19 05:25:20 A . (.LapLink, Inc. - LAPLINK Core Component.) -- C:\Windows\System32\drivers\tsiregmo.sys [5824]
O58 - SDL:2003/06/19 05:06:20 A . (.LapLink, Inc. - LAPLINK TBird Component.) -- C:\Windows\System32\drivers\tsiser.sys [42560]
O58 - SDL:2003/06/19 02:20:46 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\TSISTRM.SYS [5120]
O58 - SDL:2003/06/19 02:21:04 A . (.LapLink, Inc. - Remote Control Component.) -- C:\Windows\System32\drivers\TSISTRMX.SYS [5120]
O58 - SDL:2013/01/23 04:31:50 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\Windows\System32\drivers\usbser_lowerflt.sys [8192]
O58 - SDL:2013/01/23 04:31:50 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys [8192]
O58 - SDL:2007/05/15 04:14:24 A . (.Vimicro Corporation - Video and Capture Device Driver.) -- C:\Windows\System32\drivers\usbVM303.sys [1472768]
O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976]
O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904]
O58 - SDL:2007/06/23 22:45:58 A . (.Vimicro Corporation - Filter Prototype.) -- C:\Windows\System32\drivers\vvftav303.sys [480128]
O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2000/02/03 20:53:12 A . (...) -- C:\Windows\System32\Ckldrv.sys [24608]
O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2013/03/20 09:07:16 A . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [37344]
O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:2005/08/03 10:05:02 A . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\Windows\System32\SER9PL.sys [35892]

---\\ Last modified or created user files (3) - 28s
O61 - LFC: 2015/12/03 07:50:39 A . (.Copyright (C) 2015 Nicolas Coolman.) -- C:\Users\Emilien\ZHPDiag3.exe [1979392]
O61 - LFC: 2015/12/02 16:55:47 A . (..) -- C:\Users\Emilien\AppData\Roaming\Microsoft\UProof\CMAdj.12.bin [302]
O61 - LFC: 2015/12/03 07:52:43 A . (..) -- C:\Users\Emilien\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]

---\\ File Associations Shell Spawning (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (20) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.The Chromium Authors - Chromium.) -- C:\Users\Emilien\AppData\Local\Chromium\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.The Chromium Authors - Chromium.) -- C:\Users\Emilien\AppData\Local\Chromium\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.The Chromium Authors - Chromium.) -- C:\Users\Emilien\AppData\Local\Chromium\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.The Chromium Authors - Chromium.) -- C:\Users\Emilien\AppData\Local\Chromium\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)

---\\ Search Browser Infection (11) - 3s
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("browser.search.searchengine.ptid", "tugs"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("browser.search.searchengine.uid", "WDCXWD6400BPVT-75HXZT1_WD-WX71C90M8256M8256"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("extensions.DigiHelp.asul", "1421512082563"); =>PUP.Optional.DigiHelp
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("extensions.DigiHelp.aul", "1421513290335"); =>PUP.Optional.DigiHelp
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("extensions.DigiHelp.irl", true); =>PUP.Optional.DigiHelp
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("extensions.DigiHelp.is", "isgiwhFR"); =>PUP.Optional.DigiHelp
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("extensions.DigiHelp.ug", "2819E65A-4B00-45B8-8C3E-5D4F63897715"); =>PUP.Optional.DigiHelp
O69 - SBI: prefs.js [Emilien - moa3n8yx.default] user_pref("extensions.DragonBranch.cg", "2837169e-97a1-4c08-abfa-1a3ab558a0b1"); =>PUP.Optional.DragonBranch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Search Provided by Yahoo) - http://fr.yhs4.search.yahoo.com/ =>PUP.Optional.Browser
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (33) - 0s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [168448]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [591360]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [667136]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [473088]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [285184]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [241664]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [543232]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [589312]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [497152]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [46592]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [162816]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [749056]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [99328]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [102400]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [149504]

---\\ Firewall Active Exception List (33) - 5s
O87 - FAEL: "{903DEE5D-D901-4197-922C-6777EE3371D5}" [In-None-P6-TRUE] .(.VoipBuster - Client to make VoIP calls..) -- C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
O87 - FAEL: "{7CC2526B-AB21-40A5-8017-346E356C3921}" [In-None-P17-TRUE] .(.VoipBuster - Client to make VoIP calls..) -- C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
O87 - FAEL: "TCP Query User{BDC7C79C-6184-4408-B5EB-A740769AA183}C:\program files\laplink gold\laplink.exe" [In-None-P6-TRUE] .(.LapLink, Inc. - LAPLINK Core Component.) -- C:\program files\laplink gold\laplink.exe
O87 - FAEL: "UDP Query User{38D5F890-313E-48EF-95A8-54C5B9375ADD}C:\program files\laplink gold\laplink.exe" [In-None-P17-TRUE] .(.LapLink, Inc. - LAPLINK Core Component.) -- C:\program files\laplink gold\laplink.exe
O87 - FAEL: "TCP Query User{C42EAB13-ED5F-4A1C-8F05-DC3FACB43478}C:\program files\emule\emule.exe" [In-None-P6-TRUE] .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{9BEAAC9B-6A20-4D4D-A970-AB4EDC007D85}C:\program files\emule\emule.exe" [In-None-P17-TRUE] .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "{1D6DDD45-8ECD-4040-8D32-29EE3A5F511E}" [In-None-P6-TRUE] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{77F20E28-55CC-4710-9371-709ACA5E5832}" [In-None-P17-TRUE] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{38BB8B24-DA90-4B94-A5E2-0B722DE9547C}C:\program files\voipbuster.com\voipbuster\voipbuster.exe" [In-None-P6-TRUE] .(.VoipBuster - Client to make VoIP calls..) -- C:\program files\voipbuster.com\voipbuster\voipbuster.exe
O87 - FAEL: "UDP Query User{F00AE1E2-817E-4722-9A0C-94081B6E7C6D}C:\program files\voipbuster.com\voipbuster\voipbuster.exe" [In-None-P17-TRUE] .(.VoipBuster - Client to make VoIP calls..) -- C:\program files\voipbuster.com\voipbuster\voipbuster.exe
O87 - FAEL: "{9F6D7BE3-73D8-4901-908F-0B2688941DD7}" [In-None-P6-TRUE] .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{8ECE0F56-92AB-4888-9714-AE65AD7CBE13}" [In-None-P17-TRUE] .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "TCP Query User{B7B98978-6571-4C7C-B9E2-C3A9A35B5BC1}C:\program files\laplink gold\laplink.exe" [In-None-P6-TRUE] .(.LapLink, Inc. - LAPLINK Core Component.) -- C:\program files\laplink gold\laplink.exe
O87 - FAEL: "UDP Query User{60E73107-4DFB-4063-9ADF-86D310E2FBF2}C:\program files\laplink gold\laplink.exe" [In-None-P17-TRUE] .(.LapLink, Inc. - LAPLINK Core Component.) -- C:\program files\laplink gold\laplink.exe
O87 - FAEL: "TCP Query User{65241CD9-CF91-4001-9F51-4D2801186044}C:\program files\atnotes\atnotes.exe" [In-None-P6-TRUE] .(.Thomas Ascher - ATnotes.) -- C:\program files\atnotes\atnotes.exe
O87 - FAEL: "UDP Query User{93CFDFF6-DE6D-4539-91E6-FF530097EAA3}C:\program files\atnotes\atnotes.exe" [In-None-P17-TRUE] .(.Thomas Ascher - ATnotes.) -- C:\program files\atnotes\atnotes.exe
O87 - FAEL: "{9BCC99BA-C18C-47CA-AFE4-CDF783971422}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{FD42DC8F-BC07-4C5B-96F1-0DFE5803C255}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{96C1DB2A-CE3F-4082-AF89-C0A24EB6C786}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{18A0E7EA-8FF4-4250-A9B2-ED1A77108AE9}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{4CBD0DEE-7427-4D38-BC25-76B6B01DE03A}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{0EC12A2B-5E31-46F9-A2D3-8A6FC61A0B7E}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{37F38B11-AC95-4353-A43A-2CABBF30B7EF}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{F600192C-73B0-445F-88A5-9443C32F060B}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{ECB995EB-4E7D-4600-8FD9-104FCF0CBBB5}" [In-None-P6-TRUE] .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Emilien\AppData\Roaming\BitTorrent\BitTorrent.exe
O87 - FAEL: "{AD041FF6-82D8-4568-8191-8BBA89BBD034}" [In-None-P17-TRUE] .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Emilien\AppData\Roaming\BitTorrent\BitTorrent.exe
O87 - FAEL: "TCP Query User{2BC3AB5F-E3DE-444B-A673-711A01CEC112}C:\program files\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P6-TRUE] .(.Wondershare - MobileGo Device Listen Service.) -- C:\program files\wondershare\mobilego for android\mobilegoservice.exe
O87 - FAEL: "UDP Query User{64008165-74B8-422F-9EE1-705C690B2ABF}C:\program files\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P17-TRUE] .(.Wondershare - MobileGo Device Listen Service.) -- C:\program files\wondershare\mobilego for android\mobilegoservice.exe
O87 - FAEL: "TCP Query User{53595CEA-4EB3-43BE-9F41-B4A4F4DD6C7B}C:\program files\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P6-TRUE] .(.Wondershare - MobileGo Device Listen Service.) -- C:\program files\wondershare\mobilego for android\mobilegoservice.exe
O87 - FAEL: "UDP Query User{B1164958-8025-46BF-B2A6-397A729E819F}C:\program files\wondershare\mobilego for android\mobilegoservice.exe" [In-None-P17-TRUE] .(.Wondershare - MobileGo Device Listen Service.) -- C:\program files\wondershare\mobilego for android\mobilegoservice.exe
O87 - FAEL: "{C970FB39-8E97-40D5-B1EA-119B63EB8F29}" [In-None-P17-TRUE] .(.Copyright © 2005 Hewlett-Packard Company - HP CUE-Print Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O87 - FAEL: "{E8C4475F-A281-4320-9888-16AEA5628609}" [In-None-P17-TRUE] .(.The Chromium Authors - Chromium.) -- C:\Users\Emilien\AppData\Local\Chromium\Application\chrome.exe
O87 - FAEL: "{F27A69DF-7A1B-48B0-A80B-50C0680E5A75}" [In-None-P17-TRUE] .(.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

---\\ Windows Installer Scan (1) - 9s
[MD5.] [WIS][2015/05/07 19:56:31] (.Boxore OU - Windows Installer XML Toolset (3.8.1128.0).) -- C:\Windows\Installer\1abd7f.msi [5685248] =>PUP.Optional.Boxore

---\\ Services not Microsoft (SR=Run, SS=Stop) (12) - 26s
SR - Auto [2010/02/25 15:35:04] [ 325200] Dritek WMI Service (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files\Launch Manager\dsiwmis.exe
SS - Demand [2012/12/05 14:05:08] [ 651720] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - Auto [2013/03/20 09:07:18] [ 233472] FsUsbExService (FsUsbExService) . (.Teruten.) - C:\Windows\System32\FsUsbExService.Exe
SR - Auto [2009/08/25 15:06:20] [ 77824] France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
SS - Auto [2015/08/27 21:46:52] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2015/08/27 21:46:52] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Auto [2014/05/03 23:59:51] [ 285795] HOSTS Anti-PUPs (HOSTS Anti-PUPs) . (...) - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe
SR - Auto [2009/10/24 12:18:54] [ 360224] PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SR - Auto [2012/10/23 10:47:48] [ 2848168] TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
SR - Auto [2007/10/08 20:19:10] [ 493200] Acronis Try And Decide Service (TryAndDecideService) . (...) - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
SR - Auto [2003/06/19 02:22:14] [ 102400] TSI Remote Control Service (TSIRCSRV) . (.LapLink, Inc..) - C:\Windows\System32\TSIRCSRV.exe
SR - Auto [2015/07/17 12:30:22] [ 35264] TunnelBear Maintenance (TunnelBearMaintenance) . (.Copyright © 2013.) - C:\Program Files\TunnelBear\TBear.Maintenance.exe

---\\ Search Tracing Registry Key (2) - 2s
HKLM\SOFTWARE\Microsoft\Tracing\EliteUnzip_RASAPI32 =>PUP.Optional.MyWebSearch
HKLM\SOFTWARE\Microsoft\Tracing\EliteUnzip_RASMANCS =>PUP.Optional.MyWebSearch

---\\ Additional Scan (O88) (12) - 0s
C:\Users\Emilien\AppData\Roaming\Mozilla\Firefox\Profiles\moa3n8yx.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional.BDYahoo
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Elite Unzip =>PUP.Optional.MyWebSearch
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mindspark Elite Unzip =>PUP.Optional.MyWebSearch
HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
C:\Program Files\360 =>PUP.Optional.Generic
C:\Program Files\EliteUnzip =>PUP.Optional.MyWebSearch
C:\Users\Emilien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elite Unzip =>PUP.Optional.MyWebSearch
C:\Windows\Prefetch\ELITEUNZIP.EXE-CC8EE1B3.pf =>PUP.Optional.MyWebSearch
C:\Windows\Installer\1abd7f.msi =>PUP.Optional.Boxore
HKLM\SOFTWARE\Microsoft\Tracing\EliteUnzip_RASAPI32 =>PUP.Optional.MyWebSearch
HKLM\SOFTWARE\Microsoft\Tracing\EliteUnzip_RASMANCS =>PUP.Optional.MyWebSearch

---\\ Summary of the elements found (11) - 0s
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
http://www.nicolascoolman.fr/pup-whitesmoke/ =>PUP.Optional.WhiteSmoke
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxComputerCleaner
http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/blog =>PUP.Optional.DigiHelp
http://www.nicolascoolman.fr/pup-dragonBranch/ =>PUP.Optional.DragonBranch
http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser
http://www.nicolascoolman.fr/adware-boxore/ =>PUP.Optional.Boxore

~ End of the scan, 34431 items in 214 seconds (1549)(0)()

Publicité


Signaler le contenu de ce document

Publicité