Auteur : Kisios88
Posté le 13 septembre 2012
Télécharger | Reposter | Pleine largeur

Rapport ZHP Diag

Rapport de ZHPDiag v1.31.19 par Nicolas Coolman, Update du 06/09/2012
Run by A1 at 13/09/2012 14:34:57
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3838 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 51 GB (66%) free of 77 GB

---\\ Logged in mode
~ Computer Name: TOSH
~ User Name: A1
~ All Users Names: HomeGroupUser$, ASPNET, Administrateur, A1,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\A1\AppData\Roaming\
~ %Desktop% : C:\Users\A1\Desktop\
~ %Favorites% : D:\MesDossiers\MonInternet\Favoris\Favoris\
~ %LocalAppData% : C:\Users\A1\AppData\Local\
~ %StartMenu% : C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 51 Go of 77 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 107 Go of 149 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Hard drive, Flash drive, Thumb drive (Free 220 Go of 293 Go)
H:\ Hard drive, Flash drive, Thumb drive (Free 235 Go of 293 Go)
I:\ Hard drive, Flash drive, Thumb drive (Free 277 Go of 346 Go)
S:\ Hard drive, Flash drive, Thumb drive (Free 51 Go of 52 Go)
W:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 20 Go)



---\\ Security Center & Tools Informations
~ UAC deactivate by user
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.8EA68FD3780DDDD5072F8CB830B3CB3D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.29/06/2012 - 04:49:11.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/10608
~ Mes musiques (My Musics) : 2/9
~ Mes Videos (My Video) : 0/0
~ Mes Favoris (My Favorites) : 1/159
~ Mes Documents (My Documents) : 1/2554
~ Mon Bureau (My Desktop) : 0/16
~ Menu demarrer (Programs) : 0/36
~ Scan Hidden Files in 00mn 21s



---\\ Processus lancés
[MD5.4CE0626245E0F0AC4970AF913FB6964A] - (...) -- D:\ZHPDiag\ZHPDiag.exe [3764736] [PID.2020]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [A1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\fcmdSrchadj.xml
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.5.0] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.5.0] - (.Oracle Corporation - Next Generation Java Plug-in 10.5.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://saamu.net
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (. Microsoft Corporation - 5.1.10411.0.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 04s
~ Nombre de lignes (Lines number): 15170



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: (no name) [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} Clé orpheline
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: (no name) [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} Clé orpheline
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)
O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.)
O4 - HKLM\..\Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.)
O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.)
O4 - HKLM\..\Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe (.not file.)
O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.)
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [Teco] C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe (.not file.)
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [PicPick Start] . (.NTeWORKS - PicPick.) -- C:\Program Files (x86)\PicPick\picpick.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2361314600-1348788477-4057349206-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2361314600-1348788477-4057349206-1000\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-2361314600-1348788477-4057349206-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-2361314600-1348788477-4057349206-1000\..\Run: [PicPick Start] . (.NTeWORKS - PicPick.) -- C:\Program Files (x86)\PicPick\picpick.exe
O4 - HKUS\S-1-5-21-2361314600-1348788477-4057349206-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\A1\Desktop\7zFM.exe - Raccourci.lnk . (.Igor Pavlov.) -- C:\Program Files (x86)\7-Zip\7zFM.exe
O4 - Global Startup: C:\Users\A1\Desktop\Advanced Uninstaller PRO 11.lnk . (.Innovative Solutions.) -- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
O4 - Global Startup: C:\Users\A1\Desktop\CrystalDiskInfo.lnk . (.Crystal Dew World.) -- C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
O4 - Global Startup: C:\Users\A1\Desktop\Disk Cleanup.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\cleanmgr.exe
O4 - Global Startup: C:\Users\A1\Desktop\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Users\A1\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: C:\Users\A1\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\A1\Desktop\Microsoft Office Excel 2003.lnk . (...) -- C:\Windows\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
O4 - Global Startup: C:\Users\A1\Desktop\Microsoft Office Outlook 2003.lnk . (...) -- C:\Windows\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
O4 - Global Startup: C:\Users\A1\Desktop\Microsoft Office Word 2003.lnk . (...) -- C:\Windows\Installer\{9112040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
O4 - Global Startup: C:\Users\A1\Desktop\Microsoft Security Essentials.lnk . (...) -- C:\Program Files (x86)\Microsoft Security Client\msseces.exe (.not file.)
O4 - Global Startup: C:\Users\A1\Desktop\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\SnippingTool.exe
O4 - Global Startup: C:\Users\A1\Desktop\SumatraPDF.lnk . (.Krzysztof Kowalczyk.) -- C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe
O4 - Global Startup: C:\Users\A1\Desktop\SUMo Home Page.URL . (.Krzysztof Kowalczyk.) -- C:\Users\A1\Desktop\SUMo Home Page.URL
O4 - Global Startup: C:\Users\A1\Desktop\SUMo.lnk . (.KC Softwares.) -- C:\Program Files (x86)\KC Softwares\SUMo\SUMo.exe
O4 - Global Startup: C:\Users\A1\Desktop\SyncToy 2.1(x64).lnk . (...) -- C:\Windows\Installer\{88DAAF05-5A72-46D2-A7C5-C3759697E943}\_6FEFF9B68218417F98F549.exe
O4 - Global Startup: C:\Users\A1\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\A1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: C:\Users\A1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IE 64.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\A1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\A1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\les-pages.com.lnk - Clé orpheline
O4 - Global Startup: C:\Users\A1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WLM.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} () - http://logicielsgratuits.orange.fr/download_service/Install/OrangeInstaller.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B359C13-9336-4F28-81C6-6602D4964BBA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{92F782BF-2D42-4980-ADCB-D15BEDC586B7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7B359C13-9336-4F28-81C6-6602D4964BBA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{92F782BF-2D42-4980-ADCB-D15BEDC586B7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7B359C13-9336-4F28-81C6-6602D4964BBA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{92F782BF-2D42-4980-ADCB-D15BEDC586B7}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: mso-offdap11 [64Bits] - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION - ConfigFree Gadget Process Service.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEM (TemproMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
~ Scan Scheduled Task in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Advanced Uninstaller PRO - Version 11 - (.Innovative Solutions.) [HKLM] -- AU11_is1
O42 - Logiciel: ArcSoft Panorama Maker 3 - (.ArcSoft.) [HKLM] -- {A5F68DC8-0278-4AD8-B413-861509B5F25B}
O42 - Logiciel: BurnAware Free 4.4 - (.Burnaware Technologies.) [HKLM] -- BurnAware Free_is1
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}
O42 - Logiciel: CrystalDiskInfo 5.0.4 - (.Crystal Dew World.) [HKLM] -- CrystalDiskInfo_is1
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Digital Image Recovery 1.47 - (.Alexander Grau.) [HKLM] -- Digital Image Recovery_is1
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HD Tune 2.55 - (.EFD Software.) [HKLM] -- HD Tune_is1
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: KC Softwares SUMo - (.KC Softwares.) [HKLM] -- KC Softwares SUMo_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.65.0.1400 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Standard Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9112040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 - (.Microsoft Corporation.) [HKLM] -- {E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Nikon FotoShare - (.Pas de propriétaire.) [HKLM] -- Nikon FotoShare
O42 - Logiciel: Nikon Message Center - (.Pas de propriétaire.) [HKLM] -- {D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier
O42 - Logiciel: Orange Web Player 1.213932 - (.Orange.) [HKLM] -- Orange Web Player_is1
O42 - Logiciel: PicPick - (.NTeWORKS.) [HKLM] -- PicPick
O42 - Logiciel: PictureProject - (.Nikon.) [HKLM] -- {FF3999BE-1A7B-4738-88AA-97BF14094A4A}
O42 - Logiciel: PrintPratic - (.Micro Application.) [HKLM] -- PrintPratic
O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Realtek WLAN Driver - (.Realtek.) [HKLM] -- {0FB630AB-7BD8-40AE-B223-60397D57C3C9}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: SumatraPDF - (.Krzysztof Kowalczyk.) [HKLM] -- SumatraPDF
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {F3529665-D75E-4D6D-98F0-745C78C68E9B}
O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}
O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Pas de propriétaire.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM] -- {5279374D-87FE-4879-9385-F17278EBB9D3}
O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}
O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}
O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM] -- {AC6569FA-6919-442A-8552-073BE69E247A}
O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA CORPORATION.) [HKLM] -- {51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}
O42 - Logiciel: TOSHIBA TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}
O42 - Logiciel: TRORMCLauncher - (.Pas de propriétaire.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: TeamViewer 7 - (.TeamViewer.) [HKLM] -- TeamViewer 7
O42 - Logiciel: Toshiba Assist - (.TOSHIBA.) [HKLM] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978}
O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}
O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}
O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- {0823A2E3-69DD-A37A-7CD9-1CBEB037545C}
O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217
O42 - Logiciel: VLC media player 2.0.3 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Wise Registry Cleaner 7.43 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Registry Cleaner_is1

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Loc]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKLM\Software\7-Zip]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\America Online]
[HKLM\Software\ArcSoft]
[HKLM\Software\Big Fish Games]
[HKLM\Software\Borland]
[HKLM\Software\COMPAL]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Corel]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\Debug]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\I.R.I.S.]
[HKLM\Software\ICE]
[HKLM\Software\INNOVATIVE]
[HKLM\Software\IncrediMail]
[HKLM\Software\Innovative Solutions]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KC Softwares]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nikon]
[HKLM\Software\ODBC]
[HKLM\Software\Orange]
[HKLM\Software\Planets]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\TOSHIBA]
[HKLM\Software\TeamViewer]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Windows]
[HKLM\Software\WiseCleaner]
[HKLM\Software\Yahoo]
[HKLM\Software\pixology]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/02/2011 - 19:39:03 - [0,054] ----D C:\Program Files (x86)\123envoi
O43 - CFD: 22/04/2011 - 00:25:13 - [4,591] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 01/03/2010 - 15:13:11 - [37,840] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 23/02/2010 - 15:51:31 - [80,729] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 02/06/2012 - 22:13:30 - [23,132] ----D C:\Program Files (x86)\BurnAware Free
O43 - CFD: 02/09/2012 - 14:24:40 - [425,162] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 10/09/2012 - 23:00:54 - [3,956] ----D C:\Program Files (x86)\CrystalDiskInfo
O43 - CFD: 22/05/2012 - 14:25:51 - [1066,342] ----D C:\Program Files (x86)\Digital Image Recovery
O43 - CFD: 16/04/2011 - 17:04:09 - [0] ----D C:\Program Files (x86)\EASEUS
O43 - CFD: 23/08/2012 - 13:16:14 - [22,283] ----D C:\Program Files (x86)\Google
O43 - CFD: 09/11/2010 - 20:46:27 - [7,701] ----D C:\Program Files (x86)\GPLGS
O43 - CFD: 10/05/2012 - 08:56:16 - [1,239] ----D C:\Program Files (x86)\HD Tune
O43 - CFD: 06/02/2011 - 18:05:34 - [233,650] ----D C:\Program Files (x86)\HP
O43 - CFD: 27/03/2012 - 01:16:59 - [0,061] ----D C:\Program Files (x86)\hpmon
O43 - CFD: 14/07/2012 - 15:36:56 - [20,760] ----D C:\Program Files (x86)\Innovative Solutions
O43 - CFD: 06/09/2010 - 19:27:58 - [143,304] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 15/08/2012 - 14:10:43 - [5,363] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/08/2012 - 11:47:02 - [92,509] ----D C:\Program Files (x86)\Java
O43 - CFD: 30/12/2011 - 02:52:35 - [3,315] ----D C:\Program Files (x86)\KC Softwares
O43 - CFD: 07/05/2010 - 20:44:29 - [0] ----D C:\Program Files (x86)\Logitech Touch Mouse Server
O43 - CFD: 11/09/2012 - 16:55:43 - [18,297] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 25/02/2010 - 03:26:54 - [62,083] ----D C:\Program Files (x86)\Micro Application
O43 - CFD: 20/12/2010 - 01:57:01 - [0] ----D C:\Program Files (x86)\Microsoft Antimalware
O43 - CFD: 29/06/2011 - 09:42:19 - [227,030] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 28/05/2012 - 10:12:45 - [1,126] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 10/05/2012 - 11:16:48 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 24/02/2010 - 12:53:35 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 24/02/2010 - 17:45:11 - [4,312] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 01/10/2010 - 10:55:04 - [0,140] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 08/01/2012 - 21:32:18 - [0,002] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 07/02/2011 - 12:21:04 - [38,094] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 11/06/2010 - 13:09:37 - [27,989] ----D C:\Program Files (x86)\Nikon
O43 - CFD: 14/07/2012 - 15:40:03 - [35,634] ----D C:\Program Files (x86)\Orange
O43 - CFD: 27/05/2012 - 21:22:40 - [7,641] ----D C:\Program Files (x86)\PicPick
O43 - CFD: 23/02/2010 - 16:05:30 - [13,562] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 23/02/2010 - 16:08:08 - [3,987] ----D C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 18/07/2012 - 22:37:06 - [16,855] R---D C:\Program Files (x86)\Skype
O43 - CFD: 26/09/2011 - 23:52:22 - [8,194] ----D C:\Program Files (x86)\SumatraPDF
O43 - CFD: 30/11/2011 - 15:09:34 - [28,916] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 23/02/2010 - 16:00:23 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 10/05/2012 - 17:14:28 - [0,000] ----D C:\Program Files (x86)\Toolbar Uninstaller
O43 - CFD: 23/02/2010 - 16:13:13 - [285,899] ----D C:\Program Files (x86)\TOSHIBA
O43 - CFD: 04/02/2011 - 13:52:24 - [10,895] ----D C:\Program Files (x86)\Toshiba TEMPRO
O43 - CFD: 10/04/2010 - 01:26:02 - [0,055] ----D C:\Program Files (x86)\Total Immersion
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 25/02/2010 - 12:06:48 - [0,221] ----D C:\Program Files (x86)\Unlocker
O43 - CFD: 16/04/2010 - 18:48:48 - [92,145] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 21/05/2012 - 15:19:50 - [0] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/07/2012 - 15:46:49 - [94,272] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 23/02/2011 - 02:33:31 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 23/02/2011 - 02:33:30 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 23/02/2011 - 02:33:30 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 23/02/2011 - 02:33:30 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 23/02/2011 - 02:33:31 - [6,780] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 02/09/2012 - 16:31:32 - [5,221] ----D C:\Program Files (x86)\Wise
O43 - CFD: 21/05/2012 - 01:17:22 - [18,490] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 17/01/2011 - 01:19:36 - [7,320] ----D C:\Program Files (x86)\Common Files\Borland Shared
O43 - CFD: 24/02/2010 - 12:53:46 - [0,082] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 01/03/2010 - 18:31:02 - [0,951] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 01/03/2010 - 18:31:21 - [5,403] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 14/07/2012 - 15:37:12 - [1,012] ----D C:\Program Files (x86)\Common Files\Innovative Solutions
O43 - CFD: 02/01/2011 - 14:21:19 - [12,546] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 30/08/2012 - 09:30:49 - [0,003] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 14/07/2012 - 15:43:50 - [284,385] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 26/02/2010 - 13:45:09 - [7,413] ----D C:\Program Files (x86)\Common Files\muvee Technologies
O43 - CFD: 11/06/2010 - 13:10:07 - [28,237] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 06/02/2012 - 03:55:40 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/07/2012 - 15:47:45 - [27,228] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 23/02/2010 - 16:13:19 - [0,759] ----D C:\Program Files (x86)\Common Files\Toshiba Shared
O43 - CFD: 09/09/2009 - 17:51:19 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 04/02/2011 - 13:52:29 - [8,563] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 23/08/2012 - 13:16:29 - [0] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 23/02/2010 - 15:53:10 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 23/02/2010 - 17:54:06 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 04/10/2011 - 13:29:14 - [0] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 21/05/2012 - 12:50:41 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 26/02/2010 - 13:46:53 - [0,000] ----D C:\ProgramData\EnterNHelp
O43 - CFD: 23/02/2010 - 17:54:06 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 28/12/2011 - 22:11:17 - [0,020] ----D C:\ProgramData\Freemake
O43 - CFD: 23/08/2012 - 13:16:18 - [0,491] ----D C:\ProgramData\Google
O43 - CFD: 23/02/2010 - 20:50:12 - [0,215] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 06/02/2011 - 18:04:42 - [28,576] ----D C:\ProgramData\HP
O43 - CFD: 06/02/2011 - 18:03:52 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 02/07/2011 - 22:53:27 - [0,000] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 24/06/2012 - 12:42:04 - [9,566] ----D C:\ProgramData\Innovative Solutions
O43 - CFD: 02/01/2011 - 14:21:54 - [0] ----D C:\ProgramData\InstallShield
O43 - CFD: 11/12/2011 - 12:29:02 - [0,004] ----D C:\ProgramData\iolo
O43 - CFD: 23/02/2010 - 15:45:41 - [0,025] ----D C:\ProgramData\IsolatedStorage
O43 - CFD: 03/03/2010 - 03:24:01 - [6,680] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 14/07/2012 - 15:45:16 - [553,495] -S--D C:\ProgramData\Microsoft
O43 - CFD: 23/02/2010 - 18:57:17 - [0,055] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 24/02/2010 - 13:26:52 - [0,057] ----D C:\ProgramData\MSScanAppDataDir
O43 - CFD: 17/03/2011 - 02:29:33 - [0] ----D C:\ProgramData\NCH Software
O43 - CFD: 11/06/2010 - 13:10:02 - [6,674] ----D C:\ProgramData\Nikon
O43 - CFD: 26/07/2011 - 16:51:42 - [0,626] ----D C:\ProgramData\Orange
O43 - CFD: 09/09/2009 - 17:42:19 - [0,000] ----D C:\ProgramData\SiteAdvisor
O43 - CFD: 18/07/2012 - 22:37:14 - [60,828] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 10/04/2010 - 19:45:59 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 23/02/2010 - 16:13:14 - [5,019] ----D C:\ProgramData\Toshiba
O43 - CFD: 04/02/2011 - 13:52:45 - [0,006] ----D C:\ProgramData\TOSHIBA Tempro
O43 - CFD: 23/02/2010 - 17:54:23 - [0,001] ----D C:\ProgramData\ToshibaEurope
O43 - CFD: 26/02/2010 - 13:46:53 - [0,000] ----D C:\ProgramData\Ultima_T15
O43 - CFD: 23/02/2010 - 15:53:43 - [2,158] ----D C:\ProgramData\Vista32
O43 - CFD: 23/02/2010 - 15:53:43 - [3,146] ----D C:\ProgramData\Vista64
O43 - CFD: 01/03/2010 - 18:55:07 - [0,000] ----D C:\ProgramData\WEBREG
O43 - CFD: 01/11/2010 - 12:35:08 - [4,839] ----D C:\ProgramData\WildTangent
O43 - CFD: 23/02/2010 - 15:55:54 - [2,117] ----D C:\ProgramData\win7_32
O43 - CFD: 23/02/2010 - 15:55:54 - [3,069] ----D C:\ProgramData\win7_64
O43 - CFD: 29/11/2010 - 01:40:12 - [1,577] ----D C:\Users\A1\AppData\Roaming\Adobe
O43 - CFD: 23/02/2010 - 17:57:33 - [0] ----D C:\Users\A1\AppData\Roaming\ATI
O43 - CFD: 03/05/2010 - 23:20:04 - [0] ----D C:\Users\A1\AppData\Roaming\BatteryBar
O43 - CFD: 04/10/2011 - 13:29:13 - [0,001] ----D C:\Users\A1\AppData\Roaming\Canneverbe Limited
O43 - CFD: 13/09/2012 - 14:02:07 - [27,723] ----D C:\Users\A1\AppData\Roaming\Dropbox
O43 - CFD: 06/08/2010 - 18:54:57 - [0,000] ----D C:\Users\A1\AppData\Roaming\FreeBurner
O43 - CFD: 23/02/2010 - 18:16:07 - [0] ----D C:\Users\A1\AppData\Roaming\Google
O43 - CFD: 06/02/2011 - 18:28:02 - [0,300] ----D C:\Users\A1\AppData\Roaming\HP
O43 - CFD: 18/08/2012 - 23:52:58 - [0,021] ----D C:\Users\A1\AppData\Roaming\HpUpdate
O43 - CFD: 30/11/2010 - 18:50:02 - [0,009] ----D C:\Users\A1\AppData\Roaming\Icones
O43 - CFD: 23/02/2010 - 17:56:53 - [0] ----D C:\Users\A1\AppData\Roaming\Identities
O43 - CFD: 04/04/2011 - 16:56:13 - [0] ----D C:\Users\A1\AppData\Roaming\InstallShield
O43 - CFD: 30/12/2011 - 02:53:39 - [0,019] ----D C:\Users\A1\AppData\Roaming\KC Softwares
O43 - CFD: 07/05/2010 - 11:39:37 - [0,003] ----D C:\Users\A1\AppData\Roaming\Logishrd
O43 - CFD: 07/05/2010 - 11:39:37 - [0] ----D C:\Users\A1\AppData\Roaming\Logitech
O43 - CFD: 09/09/2009 - 17:33:54 - [0,000] ----D C:\Users\A1\AppData\Roaming\Macromedia
O43 - CFD: 03/03/2010 - 03:24:08 - [0,109] ----D C:\Users\A1\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 17:35:05 - [0] ----D C:\Users\A1\AppData\Roaming\Media Center Programs
O43 - CFD: 17/06/2012 - 16:20:33 - [6,240] -S--D C:\Users\A1\AppData\Roaming\Microsoft
O43 - CFD: 26/02/2010 - 13:50:06 - [45,913] ----D C:\Users\A1\AppData\Roaming\Nikon
O43 - CFD: 22/04/2012 - 01:45:03 - [0] ----D C:\Users\A1\AppData\Roaming\Orange
O43 - CFD: 10/01/2011 - 13:35:38 - [0] ----D C:\Users\A1\AppData\Roaming\PeerNetworking
O43 - CFD: 27/04/2010 - 00:05:40 - [0,000] ----D C:\Users\A1\AppData\Roaming\PhotoFiltre
O43 - CFD: 01/09/2012 - 16:08:41 - [0,002] ----D C:\Users\A1\AppData\Roaming\picpick
O43 - CFD: 17/01/2011 - 01:33:07 - [0] ----D C:\Users\A1\AppData\Roaming\picpick_temp
O43 - CFD: 13/09/2012 - 14:06:45 - [5,473] ----D C:\Users\A1\AppData\Roaming\Skype
O43 - CFD: 14/12/2010 - 17:01:35 - [0,069] ----D C:\Users\A1\AppData\Roaming\skypePM
O43 - CFD: 05/04/2012 - 00:58:47 - [0,520] ----D C:\Users\A1\AppData\Roaming\SumatraPDF
O43 - CFD: 30/11/2011 - 15:08:03 - [0,915] ----D C:\Users\A1\AppData\Roaming\TeamViewer
O43 - CFD: 14/10/2010 - 10:17:17 - [0] ----D C:\Users\A1\AppData\Roaming\TinyPic Uploader
O43 - CFD: 30/12/2011 - 12:46:57 - [2,110] ----D C:\Users\A1\AppData\Roaming\Toshiba
O43 - CFD: 12/09/2012 - 23:40:03 - [0,080] ----D C:\Users\A1\AppData\Roaming\vlc
O43 - CFD: 13/09/2012 - 00:01:06 - [0] ----D C:\Users\A1\AppData\Roaming\Windows Live Writer
O43 - CFD: 28/05/2012 - 10:04:42 - [0,492] ----D C:\Users\A1\AppData\Roaming\Wise Registry Cleaner
O43 - CFD: 26/02/2010 - 03:04:18 - [0] ----D C:\Users\A1\AppData\Roaming\Yahoo!
O43 - CFD: 25/05/2010 - 22:49:09 - [13,830] ----D C:\Users\A1\AppData\Local\Adobe
O43 - CFD: 23/02/2010 - 17:54:13 - [0] ----D C:\Users\A1\AppData\Local\Application Data
O43 - CFD: 16/04/2010 - 18:45:55 - [0] ----D C:\Users\A1\AppData\Local\Apps
O43 - CFD: 23/02/2010 - 17:57:33 - [0,057] ----D C:\Users\A1\AppData\Local\ATI
O43 - CFD: 10/09/2012 - 22:44:57 - [0,582] ----D C:\Users\A1\AppData\Local\ElevatedDiagnostics
O43 - CFD: 13/07/2012 - 00:26:07 - [0] ----D C:\Users\A1\AppData\Local\Google
O43 - CFD: 23/02/2010 - 17:54:13 - [0] ----D C:\Users\A1\AppData\Local\Historique
O43 - CFD: 01/03/2010 - 19:09:07 - [45,323] ----D C:\Users\A1\AppData\Local\HP
O43 - CFD: 14/07/2012 - 15:02:49 - [0,001] ----D C:\Users\A1\AppData\Local\Innovative Solutions
O43 - CFD: 10/03/2010 - 18:55:58 - [1,080] ----D C:\Users\A1\AppData\Local\Micro Application
O43 - CFD: 19/06/2012 - 15:54:39 - [614,525] ----D C:\Users\A1\AppData\Local\Microsoft
O43 - CFD: 10/03/2010 - 18:55:55 - [0,008] ----D C:\Users\A1\AppData\Local\Micro_Application
O43 - CFD: 20/11/2011 - 01:52:15 - [0] ----D C:\Users\A1\AppData\Local\MigWiz
O43 - CFD: 28/02/2010 - 13:55:38 - [0,000] ----D C:\Users\A1\AppData\Local\Orange
O43 - CFD: 22/02/2011 - 14:04:43 - [0] ----D C:\Users\A1\AppData\Local\PackageAware
O43 - CFD: 09/05/2011 - 12:58:53 - [0] ----D C:\Users\A1\AppData\Local\Pixology
O43 - CFD: 13/09/2010 - 18:49:21 - [0,000] ----D C:\Users\A1\AppData\Local\Songr
O43 - CFD: 14/07/2012 - 15:22:17 - [0,003] ----D C:\Users\A1\AppData\Local\Temp
O43 - CFD: 23/02/2010 - 17:54:13 - [0] ----D C:\Users\A1\AppData\Local\Temporary Internet Files
O43 - CFD: 02/03/2010 - 16:35:58 - [0,001] ----D C:\Users\A1\AppData\Local\Toshiba
O43 - CFD: 23/02/2010 - 18:41:30 - [0,000] ----D C:\Users\A1\AppData\Local\TOSHIBA_Corporation
O43 - CFD: 23/02/2010 - 17:56:47 - [0] ----D C:\Users\A1\AppData\Local\VirtualStore
O43 - CFD: 09/06/2012 - 16:16:01 - [0,006] ----D C:\Users\A1\AppData\Local\Western Digital
O43 - CFD: 19/08/2012 - 00:32:50 - [0,066] ----D C:\Users\A1\AppData\Local\Windows Live
O43 - CFD: 13/09/2012 - 00:01:15 - [0,618] ----D C:\Users\A1\AppData\Local\Windows Live Writer
O43 - CFD: 02/09/2012 - 20:43:56 - [0] ----D C:\Users\A1\AppData\Local\{29921A8E-00F7-4603-9C88-2F2C51FFAFDD}
O43 - CFD: 13/09/2012 - 12:12:20 - [0] ----D C:\Users\A1\AppData\Local\{3036FF91-536B-4FB8-BB53-44475342B186}
O43 - CFD: 02/09/2012 - 08:43:19 - [0] ----D C:\Users\A1\AppData\Local\{5D63F4A2-C9AD-4489-A225-0414ECC846C9}
O43 - CFD: 11/09/2012 - 23:37:01 - [0] ----D C:\Users\A1\AppData\Local\{8F506D85-DD6C-477E-891B-D8A532DC3B76}
O43 - CFD: 11/09/2012 - 09:16:19 - [0] ----D C:\Users\A1\AppData\Local\{AA1149FB-4DF4-446B-B305-B43FEB9F0767}
O43 - CFD: 12/09/2012 - 12:11:09 - [0] ----D C:\Users\A1\AppData\Local\{AB474FC5-81DA-4E3F-A2C0-4115AFADB76F}
O43 - CFD: 13/09/2012 - 00:11:44 - [0] ----D C:\Users\A1\AppData\Local\{D30151A3-769A-494A-9F0C-05DC8DC92FE4}
O43 - CFD: 10/09/2012 - 20:33:35 - [0] ----D C:\Users\A1\AppData\Local\{DEB74B8A-8791-4C86-AEB0-A6ACA485B4FB}
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/07/2012 - 14:47:43 - [0,000] R---D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/06/2010 - 22:42:55 - [0,003] ----D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Defraggler
O43 - CFD: 16/01/2012 - 21:00:20 - [0,002] ----D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 21/02/2011 - 00:48:36 - [0,002] ----D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 13/02/2012 - 12:10:46 - [0] ----D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Application
O43 - CFD: 02/09/2012 - 11:38:44 - [0,002] R---D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 24/02/2010 - 16:58:09 - [0,002] --H-D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup (Disabled by Starter)
O43 - CFD: 13/07/2010 - 23:40:55 - [0,005] ----D C:\Users\A1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 04/02/2011 - 19:39:03 - [0,054] ----D C:\Program Files (x86)\123envoi
O43 - CFD: 22/04/2011 - 00:25:13 - [4,591] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 01/03/2010 - 15:13:11 - [37,840] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 23/02/2010 - 15:51:31 - [80,729] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 02/06/2012 - 22:13:30 - [23,132] ----D C:\Program Files (x86)\BurnAware Free
O43 - CFD: 02/09/2012 - 14:24:40 - [425,162] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 10/09/2012 - 23:00:54 - [3,956] ----D C:\Program Files (x86)\CrystalDiskInfo
O43 - CFD: 22/05/2012 - 14:25:51 - [1066,342] ----D C:\Program Files (x86)\Digital Image Recovery
O43 - CFD: 16/04/2011 - 17:04:09 - [0] ----D C:\Program Files (x86)\EASEUS
O43 - CFD: 23/08/2012 - 13:16:14 - [22,283] ----D C:\Program Files (x86)\Google
O43 - CFD: 09/11/2010 - 20:46:27 - [7,701] ----D C:\Program Files (x86)\GPLGS
O43 - CFD: 10/05/2012 - 08:56:16 - [1,239] ----D C:\Program Files (x86)\HD Tune
O43 - CFD: 06/02/2011 - 18:05:34 - [233,650] ----D C:\Program Files (x86)\HP
O43 - CFD: 27/03/2012 - 01:16:59 - [0,061] ----D C:\Program Files (x86)\hpmon
O43 - CFD: 14/07/2012 - 15:36:56 - [20,760] ----D C:\Program Files (x86)\Innovative Solutions
O43 - CFD: 06/09/2010 - 19:27:58 - [143,304] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 15/08/2012 - 14:10:43 - [5,363] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/08/2012 - 11:47:02 - [92,509] ----D C:\Program Files (x86)\Java
O43 - CFD: 30/12/2011 - 02:52:35 - [3,315] ----D C:\Program Files (x86)\KC Softwares
O43 - CFD: 07/05/2010 - 20:44:29 - [0] ----D C:\Program Files (x86)\Logitech Touch Mouse Server
O43 - CFD: 11/09/2012 - 16:55:43 - [18,297] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 25/02/2010 - 03:26:54 - [62,083] ----D C:\Program Files (x86)\Micro Application
O43 - CFD: 20/12/2010 - 01:57:01 - [0] ----D C:\Program Files (x86)\Microsoft Antimalware
O43 - CFD: 29/06/2011 - 09:42:19 - [227,030] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 28/05/2012 - 10:12:45 - [1,126] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 10/05/2012 - 11:16:48 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 24/02/2010 - 12:53:35 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 24/02/2010 - 17:45:11 - [4,312] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 01/10/2010 - 10:55:04 - [0,140] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 08/01/2012 - 21:32:18 - [0,002] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 07/02/2011 - 12:21:04 - [38,094] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 11/06/2010 - 13:09:37 - [27,989] ----D C:\Program Files (x86)\Nikon
O43 - CFD: 14/07/2012 - 15:40:03 - [35,634] ----D C:\Program Files (x86)\Orange
O43 - CFD: 27/05/2012 - 21:22:40 - [7,641] ----D C:\Program Files (x86)\PicPick
O43 - CFD: 23/02/2010 - 16:05:30 - [13,562] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 23/02/2010 - 16:08:08 - [3,987] ----D C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 18/07/2012 - 22:37:06 - [16,855] R---D C:\Program Files (x86)\Skype
O43 - CFD: 26/09/2011 - 23:52:22 - [8,194] ----D C:\Program Files (x86)\SumatraPDF
O43 - CFD: 30/11/2011 - 15:09:34 - [28,916] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 23/02/2010 - 16:00:23 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 10/05/2012 - 17:14:28 - [0,000] ----D C:\Program Files (x86)\Toolbar Uninstaller
O43 - CFD: 23/02/2010 - 16:13:13 - [285,899] ----D C:\Program Files (x86)\TOSHIBA
O43 - CFD: 04/02/2011 - 13:52:24 - [10,895] ----D C:\Program Files (x86)\Toshiba TEMPRO
O43 - CFD: 10/04/2010 - 01:26:02 - [0,055] ----D C:\Program Files (x86)\Total Immersion
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 25/02/2010 - 12:06:48 - [0,221] ----D C:\Program Files (x86)\Unlocker
O43 - CFD: 16/04/2010 - 18:48:48 - [92,145] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 21/05/2012 - 15:19:50 - [0] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/07/2012 - 15:46:49 - [94,272] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 23/02/2011 - 02:33:31 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 23/02/2011 - 02:33:30 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 23/02/2011 - 02:33:30 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 23/02/2011 - 02:33:30 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 23/02/2011 - 02:33:31 - [6,780] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 02/09/2012 - 16:31:32 - [5,221] ----D C:\Program Files (x86)\Wise
O43 - CFD: 21/05/2012 - 01:17:22 - [18,490] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 17/01/2011 - 01:19:36 - [7,320] ----D C:\Program Files (x86)\Common Files\Borland Shared
O43 - CFD: 24/02/2010 - 12:53:46 - [0,082] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 01/03/2010 - 18:31:02 - [0,951] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 01/03/2010 - 18:31:21 - [5,403] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 14/07/2012 - 15:37:12 - [1,012] ----D C:\Program Files (x86)\Common Files\Innovative Solutions
O43 - CFD: 02/01/2011 - 14:21:19 - [12,546] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 30/08/2012 - 09:30:49 - [0,003] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 14/07/2012 - 15:43:50 - [284,385] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 26/02/2010 - 13:45:09 - [7,413] ----D C:\Program Files (x86)\Common Files\muvee Technologies
O43 - CFD: 11/06/2010 - 13:10:07 - [28,237] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 06/02/2012 - 03:55:40 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/07/2012 - 15:47:45 - [27,228] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 23/02/2010 - 16:13:19 - [0,759] ----D C:\Program Files (x86)\Common Files\Toshiba Shared
O43 - CFD: 09/09/2009 - 17:51:19 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 04/02/2011 - 13:52:29 - [8,563] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
~ Scan Program Folder in 00mn 21s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0C7AAE36BCEF8B6BD5CB8DBE764A760D] - 13/09/2012 - 13:34:29 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1163306]
O44 - LFC:[MD5.F357A483DD73B4F3A04952D577F13B92] - 13/09/2012 - 13:33:33 ---A- . (...) -- C:\Windows\ntbtlog.txt [1237260]
O44 - LFC:[MD5.DDDE02458C60C796CCD110B5FDBDEAAE] - 13/09/2012 - 13:33:22 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.5A217AC556B0C6FE0BC0958A6930851D] - 13/09/2012 - 13:06:11 . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 []
O44 - LFC:[MD5.5A217AC556B0C6FE0BC0958A6930851D] - 13/09/2012 - 13:06:11 . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 []]
O44 - LFC:[MD5.5A217AC556B0C6FE0BC0958A6930851D] - 13/09/2012 - 13:06:11 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19248]
O44 - LFC:[MD5.5A217AC556B0C6FE0BC0958A6930851D] - 13/09/2012 - 13:06:11 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19248]
O44 - LFC:[MD5.AA0DBD1DE05C74032F9B15C2A9E59AB7] - 13/09/2012 - 13:00:45 ---A- . (...) -- C:\Windows\setupact.log [5656]
O44 - LFC:[MD5.B5BA196D98EA8C88D1EAE51C490FE2AF] - 12/09/2012 - 15:51:00 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1606292]
O44 - LFC:[MD5.CA4246D3481A9ABF853FA28C5D4DC447] - 12/09/2012 - 15:51:00 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [114648]
O44 - LFC:[MD5.490A3A2F0915482545DE1550535A079F] - 12/09/2012 - 15:51:00 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [140020]
O44 - LFC:[MD5.5CD318E9EB7A6171CA980BAA01B96456] - 12/09/2012 - 15:51:00 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [634368]
O44 - LFC:[MD5.24B47F1F1E080096DA663270BD15F06F] - 12/09/2012 - 15:51:00 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [724006]
O44 - LFC:[MD5.B5BA196D98EA8C88D1EAE51C490FE2AF] - 12/09/2012 - 15:51:00 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1606292]
O44 - LFC:[MD5.513F21A2328E2F5AD0FDC3BA524A05E7] - 11/09/2012 - 08:13:28 ---A- . (...) -- C:\Windows\PFRO.log [5700]
O44 - LFC:[MD5.B9FC4CCE5758B816F27DD4D1EED11841] - 07/09/2012 - 16:04:46 . (...) -- C:\Windows\System32\Drivers\mbam.sys []]
O44 - LFC:[MD5.9A1FEB3BB492384BF70E5B54FA31FE2C] - 02/09/2012 - 13:24:43 ---A- . (...) -- C:\AdwCleaner[S3].txt [8928]
O44 - LFC:[MD5.F782CAD3CEDBB3F9FFE3BF2775D92DDC] - 22/08/2012 - 19:12:50 . (...) -- C:\Windows\System32\Drivers\tcpip.sys []]]]]]
O44 - LFC:[MD5.760E38053BF56E501D562B70AD796B88] - 22/08/2012 - 19:12:40 . (...) -- C:\Windows\System32\Drivers\ndis.sys []]]
O44 - LFC:[MD5.7942B7AC3FF598F8A1736D51ADAF04E8] - 22/08/2012 - 19:12:40 . (...) -- C:\Windows\System32\Drivers\netio.sys []]]]
O44 - LFC:[MD5.910DD6694848872FD3B8F42BAF801D0A] - 22/08/2012 - 19:12:33 . (...) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS []
O44 - LFC:[MD5.0E01641D96889BDEB22DE12D30575B08] - 04/07/2012 - 21:26:03 . (...) -- C:\Windows\System32\Drivers\RNDISMP.sys []]]]]
~ Scan Files in 00mn 06s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.A2C56196C881B2251AA6389B7C7AB371] - 30/12/1899 - 13:24:20 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [2828]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 02/07/2009 - C:\Windows\System32\DRIVERS\LPCFilter.sys (LPCFilter) .(.COMPAL ELECTRONIC INC. - LPCFilter.) - LEGACY_LPCFILTER
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.D8FB851A9FBD62352FD74283F9C14C77] [SPRF][10/06/2005] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [417792]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{4F9D5387-4382-4386-8B86-DE15040D43B6}" | In - None - P6 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe
O87 - FAEL: "{9C989F63-9253-42AD-B9E4-F4DA9C4B7046}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{454B684D-BF7B-4DC4-8C4C-2C70B0E26791}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{4A2AE0BD-B2D2-4F24-884E-640C3D7F099B}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{42C063DC-78A0-4395-9F7F-83A6E8CF4051}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{E53B1A3A-9CD7-4A3F-9CF1-3B0FD09262F3}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{A6C3B308-A00C-40F3-B65F-963E278DAE83}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{5221E921-B32F-4041-B383-59D44248B86E}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
O87 - FAEL: "{2A29C044-0D5C-46D5-9038-5FB86BB57F74}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{808E74D7-D8EE-48DE-A817-2404CADCCEAC}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O87 - FAEL: "{09C2589A-0F1B-4A20-ABBA-D6D6765B058F}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\A1\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{FF78A0BC-D884-45B2-A68B-DEEC96E88625}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\A1\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "TCP Query User{6A160B22-1A0B-414C-913E-DCBDFB38C941}C:\users\a1\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\a1\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "UDP Query User{943B773F-5B31-490C-AB4B-D1C0127A3840}C:\users\a1\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\a1\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "{92BC8BEA-B1D5-43C6-9425-9CAAC86ECADE}" | In - Private - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O87 - FAEL: "{43D34131-408D-4E6C-81B9-3E81587F94D4}" | In - Private - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
~ Scan Firewall in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : 9187 - (06/09/2012)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\Software\Wow6432Node\KC Softwares\OpenCandy] =>Adware.OpenCandy
~ Scan Additionnel in 00mn 06s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 23/08/2012 250568 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 30/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Demand 0 | (aspnet_state) . (...) - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
SS - | Auto 10/08/2009 248688 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
SS - | Auto 14/07/2009 42368 | (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
SS - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
SS - | Auto 27/04/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 27/04/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 13/04/2012 1081984 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 03/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 31/08/2012 2754984 | (TeamViewer7) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
SS - | Auto 26/10/2010 124368 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
SS - | Demand 17/08/2009 51512 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
SS - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SS - | Demand 05/08/2009 488800 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SS - | Demand 27/08/2009 251760 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe
SS - | Demand 03/08/2009 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
SS - | Demand 04/08/2009 826224 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
SS - | Disabled 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 09s



End of the scan (1141 lines in 01mn 15s)(0)

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.