cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.3.29.33 - Nicolas Coolman (29/03/2015)
~ Lancé par The Barbets (01/04/2015 11:32:49)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17691
OBIE: Wacom WebTabletPlugin for Internet Explorer and Netscape v2.1.0.7
OPIE: Opera Stable v28.0.1750.48 (Defaut)
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Antivirus Pro v15.0.8.656
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v5.03

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 16 PPAPI
Adobe Reader XI

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1791 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 50 GB (34%) free of 144 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-THEBARBET
~ User Name: The Barbets
~ All Users Names: UpdatusUser, The Barbets, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\The Barbets\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\The Barbets\AppData\Roaming\
~ %Desktop% : C:\Users\The Barbets\Desktop\
~ %Favorites% : C:\Users\The Barbets\Favorites\
~ %LocalAppData% : C:\Users\The Barbets\AppData\Local\
~ %StartMenu% : C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 50 Go of 144 Go)
D: Hard drive, Flash drive, Thumb drive (Free 138 Go of 144 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowControlPanel: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 50 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.EA6EA6912F27F05C61D8D747517EB47E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/02/2015 - 02:01:25.) -- C:\Windows\System32\wininet.dll [1888256]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/353
~ Mes musiques (My Musics) : 1/301
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/59
~ Mes Documents (My Documents) : 0/0
~ Mon Bureau (My Desktop) : 2/19032
~ Menu demarrer (Programs) : 2/51
~ Hidden Files: Scanned in 00mn 11s



---\\ Processus lancés
[MD5.E0D6538B62C79FCBF0B27F95FAF3208B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [246504] [PID.3020]
[MD5.928E1003C666754F8A59F2C7FAB16C02] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464] [PID.3040]
[MD5.1B56046E963CE0FE681F107F7AA44652] - (.NVIDIA Corporation - NVIDIA RAID Service French language.) -- C:\Windows\System32\nvraidservice.exe [187936] [PID.3052]
[MD5.69B388D8F3085411D00F875FF5CBCAF6] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512] [PID.3076]
[MD5.C6352C29C56077749CEEDD08680D347D] - (.Pas de propriétaire - BambooDock back-end application.) -- C:\Program Files\Bamboo Dock\BambooCore.exe [646744] [PID.3084]
[MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.3704]
[MD5.6AE576ECB7A8B6F3CBEDB9E298DFB0B4] - (.Wacom Technology, Corp. - Tablet user module for consumer driver.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe [1591064] [PID.4160]
[MD5.85B43F9591291BF2648DD6FEDAA21E09] - (.Wacom Technology, Corp. - Touch User Mode Driver.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe [4261656] [PID.4424]
[MD5.072678E0D68E9C3A7960328671134C7B] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [54240] [PID.1860]
[MD5.F1CB88B90F5CE1A6D2BCDE90E2100ECC] - (.Apache Software Foundation - OpenOffice Writer.) -- C:\Program Files\OpenOffice 4\program\swriter.exe [103936] [PID.5940]
[MD5.55F18BE55D04A5CC961B0A013B2B8FD7] - (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files\OpenOffice 4\program\soffice.exe [9837056] [PID.2932]
[MD5.0AC5756636A90E33559439295B25FA94] - (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files\OpenOffice 4\program\soffice.bin [9828864] [PID.5580]
[MD5.06CC578BC150D9AAAE20672130A36CB9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8190976] [PID.4028]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\r8zgm2xp.default\prefs.js
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_150665\prefs.js
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_687164\prefs.js
M2 - MFEP: prefs.js [The Barbets - r8zgm2xp.default\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack] [] jid0GjwrPchS3Ugt7xydvqVK4DQk8Lsjetpack v1004.19.623 (..)
M2 - MFEP: prefs.js [The Barbets - r8zgm2xp.default\MGKN37049485@ACPSC11936960.com] [] I - Cinema v1004.19.623 (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [The Barbets - r8zgm2xp.default\plugin@startsearcher.com] [] InternetSearch v1.3 (..) =>PUP.StartSearch
M2 - MFEP: prefs.js [The Barbets - r8zgm2xp.default\plugin@videofiledownload.com] [] VideoFileDownload - Download YouTube Videos v1.5 (..)
M2 - MFEP: prefs.js [The Barbets - r8zgm2xp.default\UNGEDRJW444405@LS70886362.com] [] Plus-HD-1.3c v1.5 (..) =>Adware.PlusHD
M2 - MFEP: prefs.js [The Barbets - r8zgm2xp.default\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}] [] Plugin Orange Installeur v1.2.4.5 (..)
M2 - MFEP: prefs.js [The Barbets - r8zgm2xp.default\{671cc5f3-626f-4de7-8da1-4b76ce3c26ee}] [] Zoom It v1.2.4.5 (..) =>PUP.ZoomIt
M2 - MFEP: Extension [The Barbets - r8zgm2xp.default] {20a82645-c095-46ed-80e3-08825760534b}.xpi
M2 - MFEP: prefs.js [The Barbets - Solo_150665\plugin@startsearcher.com] [] InternetSearch v1.3 (..) =>PUP.StartSearch
M2 - MFEP: prefs.js [The Barbets - Solo_150665\plugin@videofiledownload.com] [] VideoFileDownload - Download YouTube Videos v1.5 (..)
M2 - MFEP: prefs.js [The Barbets - Solo_150665\{249d74a3-bd19-4657-b6ce-e62f480a20de}] [] IncrediMail MediaBar Francais 2 Community Toolbar v3.21.0.1 (..)
M2 - MFEP: prefs.js [The Barbets - Solo_150665\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}] [] Plugin Orange Installeur v1.2.4.5 (..)
M2 - MFEP: Extension [The Barbets - Solo_150665] {20a82645-c095-46ed-80e3-08825760534b}.xpi
M2 - MFEP: Extension [The Barbets - Solo_687164] {20a82645-c095-46ed-80e3-08825760534b}.xpi
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll (.not file.)
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_33] - (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npdeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_33 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@wacom.com/wtPlugin,version=2.0.0.1] - (.Wacom - Plugin for Wacom tablets..) -- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
P2 - FPN: [HKLM] [@wacom.com/wtPlugin,version=2.1.0.7] - (.Wacom - Plugin for Wacom tablets..) -- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.02.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [wacom.com/WacomTabletPlugin] - (.Wacom - Plugin for Wacom tablets..) -- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
P2 - FPN: [HKCU] [wacom.com/WacomTabletPlugin] - (.Wacom - Plugin for Wacom tablets..) -- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
~ Firefox Browser: 31 Scanned in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R3 - URLSearchHook: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} . (.Wacom - Plugin for Wacom tablets..) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Wacom - Plugin for Wacom tablets..) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 20 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15319)
~ Hosts File: Scanned in 00mn 15s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{B80F591E-FE9A-46CF-A13E-180377240586} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [The Barbets]: GoodGameEmpire.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>Adware.GoodgameEmpire
~ Global Startup: 1 Scanned in 00mn 04s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NVRaidService] . (.NVIDIA Corporation - NVIDIA RAID Service French language.) -- C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe (.not file.)
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [BambooCore] . (.Pas de propriétaire - BambooDock back-end application.) -- C:\Program Files\Bamboo Dock\BambooCore.exe
O4 - HKCU\..\Run: [EPSON SX410 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehTray.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1134528129-2928457772-458164746-1000\..\Run: [EPSON SX410 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1134528129-2928457772-458164746-1000\..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (.not file.)
O4 - HKUS\S-1-5-21-1134528129-2928457772-458164746-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehTray.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1134528129-2928457772-458164746-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 8 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9BDE3993-4090-42CB-906F-966763590573}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9BDE3993-4090-42CB-906F-966763590573}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9BDE3993-4090-42CB-906F-966763590573}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Protection e-mail (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) . (...) - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe (.not file.)
O23 - Service: ColorMedia (ColorMedia) . (.CartCrunch Israel Ltd. - Pas de description.) - C:\ProgramData\PicColor Utility\ColorMedia.exe =>PUP.PicColor
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.exe =>.Epson Seiko Corporation
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.exe =>.Epson Seiko Corporation
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service (PDF Architect Helper Service) . (.pdfforge GmbH - PDF Architect Helper Service.) - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service (PDF Architect Service) . (.pdfforge GmbH - PDF Architect Conversion Service.) - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage® - Reimage Real Time Protection.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Wacom Consumer Service (WTabletServiceCon) . (.Wacom Technology, Corp. - Tablet Service.) - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
~ Services: 16 Scanned in 00mn 16s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [ASO-AutoCheckUpdate7Days] (...) -- C:\Program Files\Advanced System Optimizer 3\CheckUpdate.exe (.not file.) [0] =>PUP.AdvancedSystemOptimizer
[MD5.00000000000000000000000000000000] [APT] [ASO-OneClickCare] (...) -- C:\Program Files\Advanced System Optimizer 3\ASO3.exe (.not file.) [0] =>PUP.AdvancedSystemOptimizer
[MD5.2B24F194FC5B657397ECB2923A68350E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5503768]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [Lancer Registry Reviver] (...) -- C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe (.not file.) [0] =>PUP.RegistryReviver
[MD5.A1F8D2A9B421C036771CA46C56536CEE] [APT] [Opera scheduled Autoupdate 1422789557] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [889976]
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3 Startup Task] (...) -- C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe (.not file.) [0] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [Pricora 1.4-chromeinstaller] (...) -- C:\Program Files\Pricora 1.4\Pricora 1.4-chromeinstaller.exe (.not file.) [0] =>Adware.Pricora
[MD5.00000000000000000000000000000000] [APT] [Pricora 1.4-codedownloader] (...) -- C:\Program Files\Pricora 1.4\Pricora 1.4-codedownloader.exe (.not file.) [0] =>Adware.Pricora
[MD5.00000000000000000000000000000000] [APT] [Pricora 1.4-firefoxinstaller] (...) -- C:\Program Files\Pricora 1.4\Pricora 1.4-firefoxinstaller.exe (.not file.) [0] =>Adware.Pricora
[MD5.00000000000000000000000000000000] [APT] [RegCure Pro] (...) -- C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe (.not file.) [0] =>Rogue.RegCurePro
[MD5.04F11302AB2AF61EFA696D8EDF6EE757] [APT] [ReimageUpdater] (.Reimage®.) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6079848] =>Rogue.ReimageRepair
[MD5.00000000000000000000000000000000] [APT] [sondhschedule] (...) -- C:\Users\The Barbets\AppData\Roaming\Booster-Web\Booster-Web-Installer.exe (.not file.) [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{013EF5DD-4F72-4E38-A316-D01892C44DBF}] (.Nicolas Coolman.) -- C:\Program Files\ZebHelpProcess\ZHPHep.exe [1917440]
[MD5.00000000000000000000000000000000] [APT] [{040B5186-267A-4BF2-8FE8-92E62B98FC7F}] (...) -- C:\Users\The Barbets\Desktop\DirectX\dpvsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{056DF7B8-E436-48CC-850B-FB9A46A3E3CE}] (...) -- E:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0FCE14A0-E8F1-47C3-AAF1-54B0F4D7CFC4}] (...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{10E64007-A5B2-416F-9180-D91111CAA43C}] (...) -- C:\Programmes Files\Corel Paint Shop Pro Photo X2 - Installation Files\installer.exe (.not file.) [0]
[MD5.97D8A2F0ABF1E3FC8BB4F6A36C6371B6] [APT] [{164ED9AA-8368-4501-B0BC-95D7F2DC1FC4}] (.Adobe Systems Incorporated.) -- C:\Program Files\Downloads\install_flash_player.exe [1924200]
[MD5.00000000000000000000000000000000] [APT] [{1A64E343-D8D2-4841-B025-22CA783AEDE2}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{20D6FCAA-811B-42DA-B02F-0BE61C823073}] (...) -- C:\Program Files\OrangeHSS\Installation\Core\InstallDevice.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2303B14F-1C92-4CE9-B99B-07EB2BBD3CCB}] (...) -- F:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2362D70E-4949-4BB6-A62E-5E8BD26639BF}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.BEC3B4F8A0AC98201373CC34986A006A] [APT] [{294E4802-6F4D-415D-839F-264924D2DD4E}] (.Macrovision Corporation.) -- C:\Windows\system32\ISUSPM.cpl [73728]
[MD5.00000000000000000000000000000000] [APT] [{2984170B-39AE-4648-A269-D2716D16B06B}] (...) -- E:\CK_Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2A900137-1F83-4BF2-8E9D-9C73C85EC984}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2B74B6A9-1C42-4909-B5BC-F66848541E89}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.8CEF05C47F798BB773C04D19DBDABBF8] [APT] [{315D2D2A-2A37-4DB2-AA65-D608F2692E53}] (.InstallShield Software Corporation.) -- C:\Program Files\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe [761856]
[MD5.00000000000000000000000000000000] [APT] [{38273E00-A18D-4FE2-9C84-046A2264A1E7}] (...) -- C:\PGForever\kaiser\exe\PANZER.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3A621DA2-95B8-4CAD-BBF4-405539888151}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3D0FF22A-6DD4-4EBE-89A4-2AE97BA4D3EF}] (...) -- C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{445FE3E0-1B84-4720-AB89-64AEA5EDF255}] (...) -- C:\Users\The Barbets\Desktop\Call2\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{44D687E0-D0AD-4386-A520-6242258EFC1D}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4C786DC0-971D-48EE-A33C-B8EA078678D0}] (...) -- C:\Users\The Barbets\Desktop\JEUX\Call2\instmsia.exe (.not file.) [0]
[MD5.B00BEBEDC347F6DBEE252A49EF03AD62] [APT] [{5419E536-3402-4BC5-926B-E0FA2D4C6099}] (...) -- C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe [225792]
[MD5.00000000000000000000000000000000] [APT] [{5EB7D01B-BFFB-4146-AA2C-0BC82A5D040B}] (...) -- C:\Users\The Barbets\Desktop\tele\terraexplorer_terraexplorer_5.0.2.10_basic_francais_40985.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{623614B5-A923-4B84-B7D4-E79C869879F6}] (...) -- C:\Users\The Barbets\Downloads\Age2upA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6D379A77-7200-4833-ABC1-11D45B0739B7}] (...) -- C:\Users\The Barbets\Desktop\msicuu-7.2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6D448BD8-6B09-4C75-856F-5393D7A926C9}] (...) -- C:\Programmes Files\Corel Paint Shop Pro Photo X2 - Installation Files\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7E36EAD0-390D-463F-ADDF-1F3F7FCA82F7}] (...) -- C:\Users\The Barbets\Desktop\OUTILS\OOo_3.3.0_Win_x86_install-wJRE_fr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{824341F8-1D41-46E7-91BD-1C80307A0E41}] (...) -- C:\Users\The Barbets\Desktop\OOo_3.3.0_Win_x86_install-wJRE_fr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{82DF2F2F-943E-4DE1-8CB7-AFEE0128E76E}] (...) -- C:\Program Files\Midway Home Entertainment\AREA-51\A51.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{92099A86-FBFD-434F-B1D5-A6F7680152DE}] (...) -- C:\Users\The Barbets\Desktop\msicuu-7.2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A199AAD0-4366-4A65-BDE8-1DE0A511F03D}] (...) -- C:\Program Files\Mindscape\L'entraŒneur c‚r‚bral 3 Int\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A9DCBB30-449E-43CB-8F77-699A3F417EB4}] (...) -- C:\Users\The Barbets\Desktop\epson31879eu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{ADBFD664-7E29-4EDA-BCA2-97F53924BFFA}] (...) -- F:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B002E207-31F3-4A9F-8259-53E723AE7105}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B5C8786B-F714-4266-A87F-04FC2C3A3ACB}] (...) -- C:\Program Files\OrangeHSS\Launcher\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B868D85D-487A-40CE-A645-C50186FA5B7D}] (...) -- C:\Users\The Barbets\Desktop\PDF_Architect_Installer_2.0.27.16264.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B88F6AAF-7D19-43C2-B741-C23AC584CBE8}] (...) -- F:\autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BC76342D-5A6C-4CE1-9DB1-10FE398BDE15}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C0A1E60B-7EAB-4609-8BDE-17C180F7763E}] (...) -- C:\Program Files\Orange\OrangeInstaller\Installer.exe (.not file.) [0]
[MD5.24DD98C0776F3AF26D430332ECF87A24] [APT] [{C23A1134-D40F-48AF-AC1F-1595F1297B76}] (.Matsushita Electric Industrial Co., Ltd..) -- C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\phoebe5.exe [1867776]
[MD5.00000000000000000000000000000000] [APT] [{C939122A-94A9-4C1E-9622-DDF3F30B8AC9}] (...) -- D:\Program Files\Windows_Movie_Maker_2.0.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D2B1F6AE-D872-4117-B7A0-5373656F46C4}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D5D45780-88F8-4A52-89A6-71ACFEF13471}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D734C5A0-1B8E-46E7-ADFF-21A55A925B82}] (...) -- C:\Users\The Barbets\Desktop\CSmodCoD1.3.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D8A750EA-E97F-4FA2-90D2-617E08B5F889}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E14D4A41-27A5-4AB3-BBA1-C3B3251DF6D7}] (...) -- C:\Users\The Barbets\Desktop\COD2\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E29C1461-FD7A-43C9-BEE1-2352C9651532}] (...) -- D:\Program Files\boinc_6.10.58_windows_intelx86.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E3EEDC6B-F66E-48B7-A3AD-65D89A4EF55F}] (...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EDC4305C-1D8B-447F-9272-E9A1F58595B0}] (...) -- C:\Program Files\Mozilla Firefox\firefox.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F313BD9B-E6C5-49B0-82E3-192DC635D4E1}] (...) -- C:\Program Files\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FB5C522B-F03D-43BE-B4E1-677E22FF3C0C}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FC6F04F3-B509-4595-8072-9D9358020D73}] (...) -- C:\Program Files\OrangeHSS\LiveboxUtilities\LiveboxUtilities.exe (.not file.) [0]
[MD5.B00BEBEDC347F6DBEE252A49EF03AD62] [APT] [{FCE7E03A-9F37-4A43-897F-6F29F3C48C51}] (...) -- C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe [225792]
O39 - APT: ASO-AutoCheckUpdate7Days - (...) -- C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job [448]
O39 - APT: ASO-AutoCheckUpdate7Days - (...) -- C:\Windows\System32\Tasks\ASO-AutoCheckUpdate7Days [448]
O39 - APT: ASO-OneClickCare - (...) -- C:\Windows\Tasks\ASO-OneClickCare.job [418]
O39 - APT: ASO-OneClickCare - (...) -- C:\Windows\System32\Tasks\ASO-OneClickCare [418]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1062]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1062]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1066]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1066]
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job [482] =>PUP.Paretologic
O39 - APT: ParetoLogic Update Version3 Startup Task - (...) -- C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task [482] =>PUP.Paretologic
O39 - APT: Pricora 1.4-chromeinstaller - (...) -- C:\Windows\Tasks\Pricora 1.4-chromeinstaller.job [1890] =>PUP.CrossRider
O39 - APT: Pricora 1.4-chromeinstaller - (...) -- C:\Windows\System32\Tasks\Pricora 1.4-chromeinstaller [1890] =>PUP.CrossRider
O39 - APT: Pricora 1.4-codedownloader - (...) -- C:\Windows\Tasks\Pricora 1.4-codedownloader.job [1196] =>PUP.CrossRider
O39 - APT: Pricora 1.4-codedownloader - (...) -- C:\Windows\System32\Tasks\Pricora 1.4-codedownloader [1196] =>PUP.CrossRider
O39 - APT: Pricora 1.4-firefoxinstaller - (...) -- C:\Windows\Tasks\Pricora 1.4-firefoxinstaller.job [1816] =>PUP.CrossRider
O39 - APT: Pricora 1.4-firefoxinstaller - (...) -- C:\Windows\System32\Tasks\Pricora 1.4-firefoxinstaller [1816] =>PUP.CrossRider
O39 - APT: RegCure Pro - (...) -- C:\Windows\Tasks\RegCure Pro.job [398] =>Rogue.RegCurePro
O39 - APT: RegCure Pro - (...) -- C:\Windows\System32\Tasks\RegCure Pro [398] =>Rogue.RegCurePro
~ Scheduled Task: 82 Scanned in 00mn 14s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (...) -- C:\Program Files\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
~ Active Setup: 12 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (cmwd) . (...) - C:\Windows\system32\Drivers\cmwd.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (gzdyubhr) . (. - .) - C:\Windows\system32\drivers\gzdyubhr.sys (.not file.)
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (qhcmohhf) . (. - .) - C:\Windows\system32\drivers\qhcmohhf.sys (.not file.)
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 84 Scanned in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: 3DVIA player 5.0.0.20 - (.3DVIA.) [HKLM] -- {F06365EC-061E-48C3-B761-E1816658D618}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {34927EBC-98D4-4D53-98BE-510DF5999F50}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- {A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}
O42 - Logiciel: Adobe Flash Player 16 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI
O42 - Logiciel: Adobe Reader XI (11.0.02) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Antivirus Pro - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Athentech Perfectly Clear - (.Corel Corporation.) [HKLM] -- _{B109CAE0-1D2E-4BF6-8205-C18012E490A9}
O42 - Logiciel: Athentech Perfectly Clear - (.Nom de votre société.) [HKLM] -- {B109CAE0-1D2E-4BF6-8205-C18012E490A9}
O42 - Logiciel: Avira v1.1.30.21727 - (.Avira Operations & Co. KG.) [HKLM] -- {462A1E00-58EA-4D63-96F4-3EFAEC9A5BCA}
O42 - Logiciel: Avira v1.1.30.21727 - (.Avira Operations & Co. KG.) [HKLM] -- {bd538030-07d4-4999-a525-7fafa2483f56}
O42 - Logiciel: Bamboo Dock - (.Wacom Co., Ltd..) [HKLM] -- Bamboo Dock
O42 - Logiciel: Bamboo Dock - (.Wacom Europe GmbH.) [HKLM] -- wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
O42 - Logiciel: Bamboo Dock - (.Wacom Europe GmbH.) [HKLM] -- {90DFD61B-8224-00C6-3D69-A983B60A394E}
O42 - Logiciel: Battle for Wesnoth 1.8.5 - (...) [HKLM] -- Battle for Wesnoth 1.8.5
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Call of Duty - (...) [HKLM] -- Call of Duty
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contents - (.Corel Corporation.) [HKLM] -- {DFD99A66-493F-468B-BCE1-6F88612B89D5}
O42 - Logiciel: Copy Utility - (...) [HKLM] -- Copy Utility
O42 - Logiciel: Corel KPT Collection - (.Corel Corporation.) [HKLM] -- _{C59A783C-FF5C-40BE-843A-5458513D655B}
O42 - Logiciel: Corel KPT Collection - (.Nom de votre société.) [HKLM] -- {C59A783C-FF5C-40BE-843A-5458513D655B}
O42 - Logiciel: Corel PaintShop Pro Picture Frame Content - (.Corel Corporation.) [HKLM] -- _{12229E88-1510-474C-88B9-E635830F9C82}
O42 - Logiciel: Corel PaintShop Pro Picture Frame Content - (.Nom de votre société.) [HKLM] -- {12229E88-1510-474C-88B9-E635830F9C82}
O42 - Logiciel: Corel PaintShop Pro X5 - (.Corel Corporation.) [HKLM] -- _{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}
O42 - Logiciel: Corel PaintShop Pro X5 - (.Corel Corporation.) [HKLM] -- {15180A90-1FC0-47E4-A150-3AECEF07B3B6}
O42 - Logiciel: Corel PaintShop Pro X6 - (.Corel Corporation.) [HKLM] -- _{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}
O42 - Logiciel: Corel PaintShop Pro X6 - (.Corel Corporation.) [HKLM] -- {161AB62E-65D6-46E5-B3D8-2AC15D3B920B}
O42 - Logiciel: Corel PaintShop Pro X7 - (.Corel Corporation.) [HKLM] -- _{176F50D6-6857-49CE-B731-65F757EE3F0D}
O42 - Logiciel: Corel PaintShop Pro X7 - (.Corel Corporation.) [HKLM] -- {17196252-8555-4E35-9C06-F743143D76D4}
O42 - Logiciel: DeviceIO - (.Corel Corporation.) [HKLM] -- {DFBCC13A-E4F2-45EE-846F-D143CEDDDBCB}
O42 - Logiciel: EPSON SX410 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX410 Series
O42 - Logiciel: EPSON Scan - (...) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON TWAIN 5 - (.SEIKO EPSON Corp..) [HKLM] -- {254BEB3E-1085-4D66-9CDC-0152C0DC2E93}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {87C2248A-C7DD-49ED-9BCD-B312A9D0819E}
O42 - Logiciel: Epson Stylus SX210_SX410_TX210_TX410 Manuel - (...) [HKLM] -- Epson Stylus SX210_SX410_TX210_TX410 Guide d'utilisation
O42 - Logiciel: FaceFilter v3.02 Standard - (.Reallusion Inc..) [HKLM] -- {6020758E-57A9-41E3-AF20-8EE311EA6156}
O42 - Logiciel: Garmin Express - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {7D3A7C2E-DC30-4726-AF81-9DFCCF88DC1E} =>.Garmin Corporation
O42 - Logiciel: Garmin Express - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {9471d6bd-67a9-40f6-a420-2ae4f08ef003} =>.Garmin Corporation
O42 - Logiciel: Garmin Express Tray - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {712C9875-89BA-44E4-966A-106DF3141740} =>.Garmin Corporation
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM] -- {1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM] -- {166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM] -- {176F50D6-6857-49CE-B731-65F757EE3F0D}
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM] -- {DEAEB5DB-04FA-489D-94EF-8600898B93EE}
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM] -- {DFAEB5DB-04FA-489D-94EF-8600898B93EE}
O42 - Logiciel: IPM_PSP_CL - (.Your Company Name.) [HKLM] -- {DE99075E-7D25-4B96-B32E-BFE6FBFAA644}
O42 - Logiciel: IPM_PSP_COM - (.Corel Corporation.) [HKLM] -- {154B0B16-ABCD-4A06-B0B7-8146B7A89B25}
O42 - Logiciel: IPM_PSP_COM - (.Corel Corporation.) [HKLM] -- {164D34E1-0271-4960-8A26-E8990A302DB1}
O42 - Logiciel: IPM_PSP_COM - (.Corel Corporation.) [HKLM] -- {174F9DF8-AC60-486A-8FF4-A22831D48E0D}
O42 - Logiciel: IPM_PSP_COM - (.Your Company Name.) [HKLM] -- {DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}
O42 - Logiciel: IPM_PSP_PRJ - (.Your Company Name.) [HKLM] -- {DF99075E-7D25-4B96-B32E-BFE6FBFAA644}
O42 - Logiciel: ISO to USB version 1.0 - (.isotousb.com.) [HKLM] -- {D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1
O42 - Logiciel: Image Composite Editor - (.Microsoft Corporation.) [HKLM] -- {B29E2C62-496A-4F4F-9ED0-239FA15E1CB8}
O42 - Logiciel: Java(TM) 6 Update 16 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016F0}
O42 - Logiciel: Java(TM) 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: MLE - (.Corel Corporation.) [HKLM] -- {7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}
O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Mises à jour NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mobile Mouse Server - (.RPA Tech, Inc.) [HKLM] -- {5AB36A6C-27A8-4CB1-89A1-9D05F3F16625}
O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {1598034D-7147-432C-8CA8-888E0632D124}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Pilote audio HD : 1.1.9.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote graphique 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (...) [HKLM] -- OpenSource Flash Video Splitter
O42 - Logiciel: Opera Stable 28.0.1750.48 - (.Opera Software ASA.) [HKLM] -- Opera 28.0.1750.48
O42 - Logiciel: Outil de téléchargement USB/DVD Windows 7 - (.Microsoft Corporation.) [HKLM] -- {5F8683B5-5056-411C-B808-B289E29E9BBB}
O42 - Logiciel: PDF Architect - (.pdfforge GmbH.) [HKLM] -- {064A929A-4DE8-40CF-A901-BD40C14E4D25}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PHOTOfunSTUDIO -viewer- - (.Panasonic.) [HKLM] -- {9A9DBEBC-C800-4776-A970-D76D6AA405B1}
O42 - Logiciel: PSPH10Pro - (.Corel Corporation.) [HKLM] -- {DF4A2F61-1E26-4D51-94BB-36D77678BDAD}
O42 - Logiciel: PSPPContent - (.Corel Corporation.) [HKLM] -- {1522E36C-3739-41E4-8CD3-A4AFEA70086A}
O42 - Logiciel: PSPPContent - (.Corel Corporation.) [HKLM] -- {162BD2D6-6C63-41A7-8151-93188450D36A}
O42 - Logiciel: PSPPContent - (.Corel Corporation.) [HKLM] -- {17289BF4-5826-447B-A20A-738044D0B3E5}
O42 - Logiciel: PSPPHelp - (.Corel Corporation.) [HKLM] -- {153DD765-C8C6-4893-8CEF-D965351D82EC}
O42 - Logiciel: PSPPHelp - (.Corel Corporation.) [HKLM] -- {16346B2A-87BC-407C-9D6B-72A4D21ABF03}
O42 - Logiciel: PSPPHelp - (.Corel Corporation.) [HKLM] -- {1735F0DE-B173-4116-BABC-653A12FB9238}
O42 - Logiciel: PSPPRO_DCRAW - (.Corel Corporation.) [HKLM] -- {DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Pinnacle Instant DVD Recorder - (...) [HKLM] -- {EF781A5C-58F5-4BFD-87F9-E4F14D382F25}
O42 - Logiciel: PureHD - (.Corel Corporation.) [HKLM] -- {DF75FFEE-2FCE-4774-902A-749198C00A68}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Reimage Protector - (.Reimage.) [HKLM] -- Reimage Protector =>Rogue.ReimageRepair
O42 - Logiciel: Rename-It! - (.Beroux.) [HKLM] -- Rename-It!
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: SFR - Mediacenter Evolution - (.SFR.) [HKLM] -- SFR_Mediacenter Evolution
O42 - Logiciel: SILKYPIX Developer Studio 2.0 SE - (.Nom de votre société.) [HKLM] -- InstallShield_{5B25274F-088A-4A24-AE12-4AEE9278025A}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Setup - (.Nom de votre société.) [HKLM] -- {15002A1B-C1E7-4E91-A3EC-5502BF924A32}
O42 - Logiciel: Setup - (.Nom de votre société.) [HKLM] -- {17088A4E-3CF3-4F12-926D-2A9E8085B8EC}
O42 - Logiciel: Share - (.Corel Corporation.) [HKLM] -- {DF4ABC2B-5CA9-48B2-9266-15AB78384D3C}
O42 - Logiciel: SimpleOCR 3.1 - (...) [HKLM] -- SimpleOCR 3.1
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {BB285C9F-C821-4770-8970-56C4AB52C87E}
O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: SmartDeblur - (...) [HKLM] -- SmartDeblur_is1
O42 - Logiciel: Studio 11 - (.Pinnacle Systems.) [HKLM] -- {110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}
O42 - Logiciel: Ultimate Creative Collection (X5) - (.Corel Corporation.) [HKLM] -- _{AE4364BD-ED09-4D94-8DA2-315C10A57CD1}
O42 - Logiciel: Ultimate Creative Collection (X5) - (.Nom de votre société.) [HKLM] -- {AE4364BD-ED09-4D94-8DA2-315C10A57CD1}
O42 - Logiciel: Ultimate Creative Collection (X6) - (.Corel Corporation.) [HKLM] -- _{FE752025-AED8-4AED-BC44-B03C9048A3D4}
O42 - Logiciel: Ultimate Creative Collection (X6) - (.Nom de votre société.) [HKLM] -- {FE752025-AED8-4AED-BC44-B03C9048A3D4}
O42 - Logiciel: VC 9.0 Runtime - (.Check Point Software Technologies Ltd.) [HKLM] -- {02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VIO - (.Corel Corporation.) [HKLM] -- {DFC4FA35-7C6B-4C9E-863B-58C4D7472F41}
O42 - Logiciel: Wacom - (.Wacom Technology Corp..) [HKLM] -- Pen Tablet Driver
O42 - Logiciel: WebTablet FB Plugin 32 bit - (.Wacom Technology Corp..) [HKLM] -- Wacom WebTabletPlugin for Internet Explorer and Netscape
O42 - Logiciel: WinRAR 5.00 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Media Encoder 9 Series - (...) [HKLM] -- Windows Media Encoder 9
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
O42 - Logiciel: Yahoo Community Smartbar - (.Linkury Inc..) [HKLM] -- {6818F6FB-6270-4DE8-9827-40E852111F2A}
O42 - Logiciel: Yahoo! Desktop Login - (.Pinnacle Systems.) [HKLM] -- {F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}
O42 - Logiciel: ZebHelpProcess 2015 - (.Nicolas Coolman.) [HKLM] -- ZebHelpProcess_is1
O42 - Logiciel: e-Carte Bleue Caisse d'Epargne - (...) [HKLM] -- {18EF615A-5AAD-4944-B24E-6CD7863FC735}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {B0261E53-B6F1-474A-864B-E7C3CBF468E0}
O42 - Logiciel: monAlbumPhoto - (.monAlbumPhoto.) [HKLM] -- monAlbumPhoto_is1
O42 - Logiciel: secury-surf Toolbar - (.DM73.) [HKCU] -- SecurySurfToolbar =>PUP.SecurySurf
~ Logic: 48 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\2015]
[HKCU\Software\ACE Compression Software]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ANI]
[HKCU\Software\AVS4YOU]
[HKCU\Software\AXMA]
[HKCU\Software\AcerUtil]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Google]
[HKCU\Software\AppDataLow\Software\CinemaHd For Pro 2.4cV20.01]
[HKCU\Software\AppDataLow\Software\GenericAddon] =>PUP.GenericAddon
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\Softonic-Eng7] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software\videos MediaPlay-Air] =>PUP.CrossRider
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ApplianTechnologies] =>PUP.ApplianTechnologies
[HKCU\Software\ArcSoft]
[HKCU\Software\Avira]
[HKCU\Software\Axmapresse]
[HKCU\Software\BITSoft]
[HKCU\Software\BVRP Software]
[HKCU\Software\Binary Noise]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Bitstream]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Borland]
[HKCU\Software\Bugsplat]
[HKCU\Software\CDDB]
[HKCU\Software\CTdeveloping]
[HKCU\Software\CeWe Color]
[HKCU\Software\Chaoslauncher]
[HKCU\Software\Chromium]
[HKCU\Software\CinemaHd For Pro 2.4cV20.01-nv]
[HKCU\Software\Classes]
[HKCU\Software\CleanerProConfig]
[HKCU\Software\CleanerProLanguage]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\Corel]
[HKCU\Software\Corez]
[HKCU\Software\Cyberlink]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\DT Soft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\EPSON]
[HKCU\Software\ESTsoft]
[HKCU\Software\EdrawSoft]
[HKCU\Software\Edraw]
[HKCU\Software\GNU]
[HKCU\Software\Garmin]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\ImageSkill]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallShield]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\LAV]
[HKCU\Software\LGV_Tools]
[HKCU\Software\Lake]
[HKCU\Software\LeaderTech]
[HKCU\Software\Licenses]
[HKCU\Software\Ligos]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\MAP-DN]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\NetworkTools]
[HKCU\Software\Neuf]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Nik Software]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice]
[HKCU\Software\Opendisc]
[HKCU\Software\Opera Software]
[HKCU\Software\PBKXR]
[HKCU\Software\PDF Architect 2]
[HKCU\Software\PDF Architect]
[HKCU\Software\PDFCreator]
[HKCU\Software\Paint.NET]
[HKCU\Software\PanoramaStudio]
[HKCU\Software\Pinnacle Systems]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QSetup_Dyn_Data]
[HKCU\Software\QtProject]
[HKCU\Software\Reallusion]
[HKCU\Software\Realtek]
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\Rename-It!]
[HKCU\Software\Rudankort]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\ScanSoft]
[HKCU\Software\SecurySurf] =>PUP.SecurySurf
[HKCU\Software\Sega]
[HKCU\Software\Shatters.net]
[HKCU\Software\Skyline]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SmartDeblur]
[HKCU\Software\SmartDraw.com]
[HKCU\Software\Software Bisque]
[HKCU\Software\SystemQQX]
[HKCU\Software\TPGames]
[HKCU\Software\Tech-Science]
[HKCU\Software\TeleCharger]
[HKCU\Software\TheCreativeAssembly]
[HKCU\Software\TomTom]
[HKCU\Software\Trolltech]
[HKCU\Software\US Army]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Ulead]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VOB]
[HKCU\Software\Virtools]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WXLYAZMW]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\acer]
[HKCU\Software\battle.net]
[HKCU\Software\monAlbumPhoto]
[HKCU\Software\test]
[HKCU\Software\wxMaxima]
[HKLM\Software\ANI]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Acer]
[HKLM\Software\Activision]
[HKLM\Software\AdobeFlashPlayerUpdate]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ambient Design]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\BVRP Software]
[HKLM\Software\Battle for Wesnoth]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\Borland]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CinemaHd For Pro 2.4cV20.01-nv]
[HKLM\Software\CinemaHd For Pro 2.4cV20.01]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Corel]
[HKLM\Software\CyberLink]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\D-Link]
[HKLM\Software\DT Soft]
[HKLM\Software\DTS]
[HKLM\Software\DVC150]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Dolby]
[HKLM\Software\Driver-Soft] =>PUP.DriverSoft
[HKLM\Software\EPSON]
[HKLM\Software\ESTsoft]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Exent]
[HKLM\Software\FAST Multimedia]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Filseclab]
[HKLM\Software\FullCircle]
[HKLM\Software\GEAR Software]
[HKLM\Software\Garmin]
[HKLM\Software\Google]
[HKLM\Software\HPS]
[HKLM\Software\ISL]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Kodak]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Livre-photo.com]
[HKLM\Software\LogiShrd]
[HKLM\Software\MAP-DN]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MaxPower]
[HKLM\Software\McAfee.com]
[HKLM\Software\Mindscape]
[HKLM\Software\Mircrosoft]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\NOS]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Neuf]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\Nik Software]
[HKLM\Software\Nokia]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice]
[HKLM\Software\Opera Software]
[HKLM\Software\Orange]
[HKLM\Software\PDF Architect 2]
[HKLM\Software\PDF Architect]
[HKLM\Software\PDFCreator]
[HKLM\Software\Panasonic]
[HKLM\Software\Panzer General II Warzone Edition]
[HKLM\Software\Pegasus Imaging]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Pinnacle Systems]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Protexis]
[HKLM\Software\Reallusion]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\SECURITOO]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SecurySurf] =>PUP.SecurySurf
[HKLM\Software\SiteSee]
[HKLM\Software\Skype]
[HKLM\Software\SmartPCFixer]
[HKLM\Software\Softonic-Eng7] =>Toolbar.Conduit
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\SymDebug]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\TECH-SCIENCE]
[HKLM\Software\Tablet Button Driver]
[HKLM\Software\TomTom]
[HKLM\Software\Trusteer]
[HKLM\Software\USB2800]
[HKLM\Software\Ulead Systems]
[HKLM\Software\Virtools]
[HKLM\Software\Volatile]
[HKLM\Software\Wacom]
[HKLM\Software\WebSupergoo]
[HKLM\Software\Westwood]
[HKLM\Software\WholeSecurity]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Yahoo]
[HKLM\Software\Zone Labs]
[HKLM\Software\dotNetInstaller]
[HKLM\Software\e-Carte Bleue Caisse d'Epargne]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\tpfmon]
[HKLM\Software\videos MediaPlay-Air] =>PUP.CrossRider
[HKLM\Software\webtogo]
~ Key Software: 463 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/05/2010 - 12:13:36 - [] ----D C:\Program Files\Acer Arcade Live
O43 - CFD: 20/01/2015 - 16:24:00 - [] ----D C:\Program Files\Adobe
O43 - CFD: 15/01/2013 - 14:15:50 - [] ----D C:\Program Files\Air Mouse
O43 - CFD: 31/01/2015 - 19:14:34 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 17/03/2015 - 15:53:54 - [] ----D C:\Program Files\Avira
O43 - CFD: 26/03/2015 - 18:38:34 - [] ----D C:\Program Files\Bamboo Dock
O43 - CFD: 01/02/2014 - 16:11:48 - [] ----D C:\Program Files\Battle for Wesnoth 1.8.5
O43 - CFD: 31/01/2015 - 20:30:39 - [0] ----D C:\Program Files\Blender Foundation
O43 - CFD: 08/08/2013 - 17:14:52 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 17/03/2015 - 17:52:23 - [] ----D C:\Program Files\Browse Pax =>PUP.BrowsePax
O43 - CFD: 23/12/2014 - 16:54:23 - [] ----D C:\Program Files\Call of Duty
O43 - CFD: 13/03/2015 - 10:40:19 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 01/04/2015 - 11:19:33 - [] ----D C:\Program Files\Common Files
O43 - CFD: 04/03/2015 - 11:32:22 - [] ----D C:\Program Files\Corel
O43 - CFD: 19/05/2010 - 12:15:45 - [] ----D C:\Program Files\CyberLink
O43 - CFD: 19/01/2011 - 19:03:52 - [] ----D C:\Program Files\DIFX
O43 - CFD: 26/01/2011 - 20:07:01 - [] ----D C:\Program Files\DNA
O43 - CFD: 19/05/2010 - 12:15:45 - [] ----D C:\Program Files\DOSBox-0.73
O43 - CFD: 04/01/2013 - 11:59:19 - [] R---D C:\Program Files\Downloads
O43 - CFD: 03/04/2012 - 14:57:48 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 19/02/2012 - 11:03:01 - [] ----D C:\Program Files\e-Carte Bleue Caisse d'Epargne
O43 - CFD: 19/05/2010 - 12:15:47 - [] ----D C:\Program Files\EPSON
O43 - CFD: 19/05/2010 - 12:15:52 - [] ----D C:\Program Files\Epson Software
O43 - CFD: 19/05/2010 - 13:12:46 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 07/01/2013 - 18:41:58 - [0] ----D C:\Program Files\Fotocompil
O43 - CFD: 25/10/2013 - 09:38:02 - [] ----D C:\Program Files\Garmin
O43 - CFD: 19/05/2010 - 12:16:06 - [] ----D C:\Program Files\GlarySoft
O43 - CFD: 21/01/2015 - 10:36:32 - [] ----D C:\Program Files\Google
O43 - CFD: 17/03/2015 - 16:02:58 - [0] ----D C:\Program Files\greatsale
O43 - CFD: 19/05/2010 - 12:16:06 - [] ----D C:\Program Files\Icone
O43 - CFD: 19/05/2010 - 12:16:06 - [] ----D C:\Program Files\Identities
O43 - CFD: 21/11/2013 - 18:19:36 - [] ----D C:\Program Files\Image Converter
O43 - CFD: 19/05/2010 - 12:16:06 - [] ----D C:\Program Files\InstallShield
O43 - CFD: 03/02/2015 - 14:18:18 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/03/2015 - 12:44:18 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 05/01/2011 - 16:51:35 - [] ----D C:\Program Files\ISL
O43 - CFD: 27/03/2015 - 17:51:19 - [] ----D C:\Program Files\ISO to USB
O43 - CFD: 19/05/2010 - 12:16:13 - [] ----D C:\Program Files\Java
O43 - CFD: 29/12/2013 - 19:29:21 - [] ----D C:\Program Files\jpa
O43 - CFD: 16/07/2010 - 16:04:50 - [] ----D C:\Program Files\Kodak
O43 - CFD: 17/03/2015 - 16:02:58 - [0] ----D C:\Program Files\LibrarySystem
O43 - CFD: 20/07/2012 - 17:31:32 - [] ----D C:\Program Files\Livre-photo.com
O43 - CFD: 19/05/2010 - 12:16:19 - [] ----D C:\Program Files\Macromedia
O43 - CFD: 13/12/2012 - 17:01:13 - [] ----D C:\Program Files\MarkAny
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Program Files\Media Center Programs
O43 - CFD: 21/11/2012 - 16:41:16 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 19/05/2010 - 12:16:20 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 04/08/2014 - 13:42:03 - [] ----D C:\Program Files\Microsoft Research
O43 - CFD: 15/03/2013 - 09:47:20 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 07/01/2011 - 10:19:35 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 19/05/2010 - 12:16:20 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 09/07/2012 - 16:10:19 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 09/03/2015 - 12:46:34 - [0] ----D C:\Program Files\Mon LIVRE PHOTO CEWE
O43 - CFD: 04/03/2015 - 12:28:42 - [] ----D C:\Program Files\monAlbumPhoto
O43 - CFD: 05/01/2011 - 18:41:44 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 05/01/2011 - 15:25:54 - [] ----D C:\Program Files\Movie Maker 2.6
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 20/07/2013 - 08:15:57 - [] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 14/10/2013 - 14:15:49 - [] ----D C:\Program Files\OpenOffice 4
O43 - CFD: 08/08/2013 - 17:33:40 - [] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 24/10/2013 - 13:54:10 - [] ----D C:\Program Files\OpenSource Flash Video Splitter
O43 - CFD: 22/03/2015 - 10:20:29 - [] ----D C:\Program Files\Opera
O43 - CFD: 11/05/2012 - 14:25:17 - [] ----D C:\Program Files\Orange
O43 - CFD: 08/07/2012 - 09:57:36 - [0] ----D C:\Program Files\Paint.NET
O43 - CFD: 05/01/2011 - 16:57:52 - [] ----D C:\Program Files\Panasonic
O43 - CFD: 23/07/2013 - 08:41:32 - [] ----D C:\Program Files\PC Connectivity Solution
O43 - CFD: 08/08/2014 - 13:57:43 - [] ----D C:\Program Files\PDF Architect
O43 - CFD: 08/08/2013 - 17:18:27 - [] ----D C:\Program Files\PDF to DOC
O43 - CFD: 01/02/2015 - 13:30:46 - [] ----D C:\Program Files\PDFCreator
O43 - CFD: 14/01/2011 - 15:07:51 - [] ----D C:\Program Files\Pinnacle
O43 - CFD: 17/01/2012 - 16:06:03 - [] ----D C:\Program Files\Pixum
O43 - CFD: 03/12/2012 - 15:30:22 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 03/02/2015 - 14:18:18 - [] ----D C:\Program Files\Reallusion
O43 - CFD: 18/08/2014 - 11:54:50 - [] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 01/04/2015 - 09:35:09 - [] ----D C:\Program Files\Reimage =>Rogue.ReimageRepair
O43 - CFD: 21/11/2013 - 18:47:38 - [] ----D C:\Program Files\Rename-It!
O43 - CFD: 31/01/2015 - 19:16:14 - [] ----D C:\Program Files\Safari
O43 - CFD: 19/12/2012 - 09:31:05 - [] ----D C:\Program Files\Samsung
O43 - CFD: 16/02/2015 - 12:33:09 - [] ----D C:\Program Files\secury-surf =>PUP.SecurySurf
O43 - CFD: 20/01/2015 - 10:24:12 - [0] ----D C:\Program Files\Setup Support for SearchProtect =>PUP.SearchProtect
O43 - CFD: 09/05/2012 - 10:30:49 - [] ----D C:\Program Files\SFR
O43 - CFD: 01/03/2015 - 09:58:14 - [] ----D C:\Program Files\Shut Up
O43 - CFD: 01/12/2010 - 13:24:55 - [] ----D C:\Program Files\SimpleOCR
O43 - CFD: 20/04/2014 - 12:06:10 - [] R---D C:\Program Files\Skype
O43 - CFD: 19/05/2010 - 12:17:35 - [] ----D C:\Program Files\SKYPLOT
O43 - CFD: 04/08/2014 - 17:25:08 - [] ----D C:\Program Files\SmartDeblur
O43 - CFD: 20/01/2015 - 10:29:59 - [] ----D C:\Program Files\Software
O43 - CFD: 11/07/2012 - 14:01:28 - [] ----D C:\Program Files\SSearch
O43 - CFD: 19/05/2010 - 12:17:37 - [] ----D C:\Program Files\Symantec
O43 - CFD: 26/03/2015 - 18:33:53 - [] ----D C:\Program Files\Tablet
O43 - CFD: 26/03/2015 - 18:34:39 - [] ----D C:\Program Files\TabletPlugins
O43 - CFD: 19/05/2010 - 12:17:37 - [] ----D C:\Program Files\Talkback
O43 - CFD: 18/07/2013 - 14:53:14 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 11/07/2012 - 14:03:11 - [0] ----D C:\Program Files\TorrentSearch
O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 11/07/2012 - 14:09:01 - [0] ----D C:\Program Files\Video Codec
O43 - CFD: 05/01/2011 - 15:35:59 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 14/05/2012 - 10:11:49 - [] ----D C:\Program Files\Virtools
O43 - CFD: 19/05/2010 - 12:20:38 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 19/05/2010 - 12:20:38 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 18/07/2013 - 17:56:37 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 29/08/2012 - 09:51:43 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 03/04/2012 - 14:57:48 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/07/2011 - 19:24:59 - [] ----D C:\Program Files\Windows Media Components
O43 - CFD: 11/03/2015 - 12:44:07 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 19/05/2010 - 13:12:46 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 19/05/2010 - 12:20:38 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 03/04/2012 - 14:57:48 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 03/04/2012 - 14:57:48 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 03/04/2012 - 14:57:48 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 28/03/2015 - 16:17:23 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 08/08/2013 - 17:17:29 - [] ----D C:\Program Files\Yahoo!
O43 - CFD: 13/02/2015 - 17:10:19 - [] ----D C:\Program Files\YouTube Auto Wide
O43 - CFD: 01/04/2015 - 11:23:48 - [] ----D C:\Program Files\ZebHelpProcess
O43 - CFD: 01/04/2015 - 11:29:50 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 19/05/2010 - 12:20:39 - [] ----D C:\Program Files\Zone Labs
O43 - CFD: 31/03/2013 - 15:55:41 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 27/03/2015 - 12:52:01 - [] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 25/02/2013 - 18:51:48 - [] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 31/12/2013 - 10:15:09 - [] ----D C:\Program Files\Common Files\ArcSoft
O43 - CFD: 07/01/2011 - 09:52:39 - [] ----D C:\Program Files\Common Files\AVSMedia
O43 - CFD: 01/04/2015 - 11:19:33 - [] ----D C:\Program Files\Common Files\Borland Shared
O43 - CFD: 19/07/2011 - 09:58:29 - [] ----D C:\Program Files\Common Files\Corel
O43 - CFD: 25/10/2013 - 09:51:45 - [] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 19/05/2010 - 12:15:40 - [] ----D C:\Program Files\Common Files\France Telecom
O43 - CFD: 19/05/2010 - 12:15:40 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 19/05/2010 - 12:15:40 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 19/05/2010 - 12:15:41 - [] ----D C:\Program Files\Common Files\LightScribe
O43 - CFD: 20/07/2013 - 08:15:57 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 19/05/2010 - 12:15:43 - [] ----D C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD: 18/07/2011 - 19:27:24 - [] ----D C:\Program Files\Common Files\Protexis
O43 - CFD: 31/12/2013 - 15:17:37 - [] ----D C:\Program Files\Common Files\Reallusion
O43 - CFD: 13/12/2012 - 17:01:22 - [] ----D C:\Program Files\Common Files\Samsung
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 16/07/2012 - 10:20:13 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 19/05/2010 - 12:15:43 - [] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 03/04/2012 - 14:57:48 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 18/07/2011 - 19:24:54 - [] ----D C:\Program Files\Common Files\Ulead Systems
O43 - CFD: 07/01/2011 - 10:01:45 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 19/05/2010 - 12:15:44 - [] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 14/01/2013 - 19:21:00 - [] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 20/01/2015 - 10:29:25 - [] ----D C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0
O43 - CFD: 14/05/2012 - 10:11:53 - [] ----D C:\ProgramData\3DVIA
O43 - CFD: 01/04/2013 - 11:33:18 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 04/03/2015 - 12:28:33 - [] ----D C:\ProgramData\albumphoto
O43 - CFD: 15/06/2012 - 09:28:08 - [] ----D C:\ProgramData\Apple
O43 - CFD: 15/06/2012 - 09:28:31 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 31/12/2013 - 10:12:13 - [] ----D C:\ProgramData\ArcSoft
O43 - CFD: 17/03/2015 - 15:53:54 - [] ----D C:\ProgramData\Avira
O43 - CFD: 19/05/2010 - 13:12:46 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 19/05/2010 - 12:20:40 - [] ----D C:\ProgramData\CheckPoint
O43 - CFD: 04/03/2015 - 12:04:20 - [] ----D C:\ProgramData\Corel
O43 - CFD: 19/05/2010 - 12:20:40 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 25/04/2011 - 17:04:23 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 25/10/2013 - 09:51:48 - [] ----D C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 26/03/2015 - 18:08:42 - [] ----D C:\ProgramData\DriverGenius =>PUP.DriverGenius
O43 - CFD: 19/05/2010 - 12:20:40 - [] ----D C:\ProgramData\EPSON
O43 - CFD: 19/05/2010 - 13:12:46 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 25/09/2013 - 17:49:57 - [] ----D C:\ProgramData\Garmin
O43 - CFD: 31/01/2015 - 18:17:03 - [0] ----D C:\ProgramData\GlarySoft
O43 - CFD: 04/05/2013 - 16:33:05 - [] ----D C:\ProgramData\Google
O43 - CFD: 09/03/2015 - 12:25:50 - [] ----D C:\ProgramData\hps
O43 - CFD: 08/03/2012 - 10:14:12 - [] ----D C:\ProgramData\IM
O43 - CFD: 08/03/2012 - 10:12:56 - [] ----D C:\ProgramData\IncrediMail
O43 - CFD: 28/11/2012 - 16:18:50 - [] ----D C:\ProgramData\Installations
O43 - CFD: 19/05/2010 - 12:20:40 - [] ----D C:\ProgramData\InstallShield
O43 - CFD: 29/08/2010 - 20:20:54 - [] ----D C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 19/05/2010 - 12:20:40 - [] ----D C:\ProgramData\LightScribe
O43 - CFD: 11/08/2011 - 10:53:50 - [] ----D C:\ProgramData\LogiShrd
O43 - CFD: 02/02/2015 - 18:36:22 - [] ----D C:\ProgramData\LogMeIn
O43 - CFD: 15/01/2013 - 16:22:05 - [] ----D C:\ProgramData\Macromedia
O43 - CFD: 13/07/2012 - 08:40:23 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 22/11/2012 - 09:50:08 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 19/05/2010 - 13:12:46 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 09/03/2015 - 10:31:59 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 19/05/2010 - 12:20:48 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 19/05/2010 - 13:12:46 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 07/05/2012 - 12:27:49 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 19/05/2010 - 12:20:48 - [] ----D C:\ProgramData\NOS
O43 - CFD: 03/11/2008 - 15:14:38 - [0] ----D C:\ProgramData\NtiDvdCopy
O43 - CFD: 22/07/2013 - 10:34:52 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 18/12/2010 - 15:18:39 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 04/03/2015 - 11:31:46 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 19/01/2011 - 19:06:22 - [] ----D C:\ProgramData\PC Suite
O43 - CFD: 31/10/2014 - 10:16:46 - [] ----D C:\ProgramData\PDF Architect 2
O43 - CFD: 08/03/2012 - 10:14:09 - [] ----D C:\ProgramData\Photo Notifier and Animation Creator
O43 - CFD: 20/01/2015 - 16:27:50 - [] ----D C:\ProgramData\PicColor Utility =>PUP.PicColor
O43 - CFD: 14/01/2011 - 14:32:32 - [] ----D C:\ProgramData\Pinnacle
O43 - CFD: 14/01/2011 - 14:32:46 - [] ----D C:\ProgramData\Pinnacle Studio
O43 - CFD: 31/12/2013 - 15:17:35 - [] ----D C:\ProgramData\Reallusion
O43 - CFD: 15/01/2013 - 13:57:52 - [] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 13/12/2012 - 17:20:12 - [] ----D C:\ProgramData\Samsung
O43 - CFD: 04/01/2013 - 12:23:52 - [0] ----D C:\ProgramData\Skyline
O43 - CFD: 30/10/2012 - 20:47:03 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 19/05/2010 - 12:20:49 - [] ----D C:\ProgramData\Sun
O43 - CFD: 19/05/2010 - 12:20:49 - [] ----D C:\ProgramData\Tages
O43 - CFD: 24/10/2013 - 13:59:04 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 09/03/2015 - 12:45:07 - [] ----D C:\ProgramData\tmp
O43 - CFD: 04/04/2012 - 19:44:09 - [] ----D C:\ProgramData\TomTom
O43 - CFD: 19/05/2010 - 12:20:49 - [] ----D C:\ProgramData\tpfmon
O43 - CFD: 30/07/2012 - 08:20:19 - [] ----D C:\ProgramData\Trusteer
O43 - CFD: 19/05/2010 - 12:20:50 - [] ----D C:\ProgramData\UDL
O43 - CFD: 19/04/2014 - 10:43:00 - [] ----D C:\ProgramData\Ulead Systems
O43 - CFD: 26/03/2015 - 18:38:40 - [] ----D C:\ProgramData\Wacom
O43 - CFD: 19/05/2010 - 12:20:50 - [] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 19/05/2010 - 12:20:50 - [] ----D C:\ProgramData\WLInstaller
O43 - CFD: 15/06/2012 - 09:29:30 - [] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 28/10/2014 - 17:37:58 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 06:46:36 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 18/06/2011 - 15:43:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Mouse
O43 - CFD: 17/03/2015 - 15:56:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
O43 - CFD: 26/03/2015 - 18:38:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
O43 - CFD: 21/01/2015 - 11:59:47 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle for Wesnoth 1.10.7
O43 - CFD: 01/02/2014 - 16:09:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle for Wesnoth 1.8.5
O43 - CFD: 19/04/2014 - 11:44:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty
O43 - CFD: 01/02/2015 - 13:26:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 03/02/2015 - 14:18:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X5
O43 - CFD: 04/03/2015 - 11:37:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X7
O43 - CFD: 19/02/2012 - 11:03:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue Caisse d'Epargne
O43 - CFD: 19/05/2010 - 12:20:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 19/05/2010 - 12:20:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
O43 - CFD: 17/03/2015 - 18:49:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 25/09/2013 - 17:49:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
O43 - CFD: 21/01/2015 - 11:59:47 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 26/07/2013 - 09:41:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth =>.Google Inc
O43 - CFD: 27/03/2015 - 17:58:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB
O43 - CFD: 27/08/2014 - 09:56:39 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 14/07/2009 - 06:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/03/2013 - 18:56:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 19/05/2010 - 12:20:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
O43 - CFD: 04/03/2015 - 12:28:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\monAlbumPhoto
O43 - CFD: 19/05/2010 - 12:20:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 14/10/2013 - 14:15:49 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
O43 - CFD: 05/01/2011 - 16:57:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
O43 - CFD: 03/02/2015 - 12:10:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
O43 - CFD: 27/08/2014 - 09:56:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
O43 - CFD: 24/01/2011 - 15:30:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 14/01/2011 - 14:30:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Hollywood FX 6.0 for Studio 11
O43 - CFD: 03/12/2012 - 15:29:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 31/12/2013 - 15:17:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion
O43 - CFD: 21/11/2013 - 18:47:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rename-It!
O43 - CFD: 21/01/2015 - 12:26:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
O43 - CFD: 01/12/2010 - 13:24:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimpleOCR
O43 - CFD: 16/07/2012 - 10:20:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 04/08/2014 - 17:25:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDeblur
O43 - CFD: 19/01/2015 - 18:04:38 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 14/01/2011 - 14:31:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 11
O43 - CFD: 26/03/2015 - 18:34:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
O43 - CFD: 29/08/2012 - 09:54:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 18/07/2011 - 19:28:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
O43 - CFD: 28/03/2015 - 16:17:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 01/04/2015 - 11:29:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 26/03/2015 - 18:37:39 - [] ----D C:\Users\The Barbets\AppData\Roaming\Adobe
O43 - CFD: 03/02/2015 - 11:54:30 - [] ----D C:\Users\The Barbets\AppData\Roaming\Apple Computer
O43 - CFD: 22/12/2013 - 13:05:27 - [] ----D C:\Users\The Barbets\AppData\Roaming\ArcSoft
O43 - CFD: 31/12/2013 - 19:02:51 - [] ----D C:\Users\The Barbets\AppData\Roaming\Athentech
O43 - CFD: 17/03/2015 - 15:57:43 - [] ----D C:\Users\The Barbets\AppData\Roaming\Avira
O43 - CFD: 25/10/2013 - 09:41:31 - [] ----D C:\Users\The Barbets\AppData\Roaming\Corel
O43 - CFD: 08/08/2013 - 15:57:26 - [] ----D C:\Users\The Barbets\AppData\Roaming\CTdeveloping
O43 - CFD: 15/07/2012 - 12:00:37 - [] ----D C:\Users\The Barbets\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 26/01/2015 - 09:43:52 - [] ----D C:\Users\The Barbets\AppData\Roaming\DiskDefrag
O43 - CFD: 07/02/2012 - 17:27:43 - [] ----D C:\Users\The Barbets\AppData\Roaming\Edraw Mind Map
O43 - CFD: 19/05/2010 - 12:26:11 - [] ----D C:\Users\The Barbets\AppData\Roaming\EPSON
O43 - CFD: 08/08/2011 - 19:01:47 - [] ----D C:\Users\The Barbets\AppData\Roaming\ESTsoft
O43 - CFD: 16/12/2011 - 09:35:16 - [] ----D C:\Users\The Barbets\AppData\Roaming\eTeks
O43 - CFD: 31/01/2012 - 17:27:28 - [] ----D C:\Users\The Barbets\AppData\Roaming\FastStone
O43 - CFD: 28/08/2012 - 11:10:46 - [] ----D C:\Users\The Barbets\AppData\Roaming\FreeVideoConverter
O43 - CFD: 25/09/2013 - 18:14:33 - [] ----D C:\Users\The Barbets\AppData\Roaming\Garmin
O43 - CFD: 31/01/2015 - 18:17:03 - [] ----D C:\Users\The Barbets\AppData\Roaming\GlarySoft
O43 - CFD: 31/01/2015 - 19:51:44 - [] ----D C:\Users\The Barbets\AppData\Roaming\GoodGameEmpire =>Adware.GoodgameEmpire
O43 - CFD: 31/01/2012 - 12:52:18 - [] ----D C:\Users\The Barbets\AppData\Roaming\gtk-2.0
O43 - CFD: 23/04/2012 - 10:01:00 - [] ----D C:\Users\The Barbets\AppData\Roaming\Icones
O43 - CFD: 16/02/2011 - 15:43:46 - [] ----D C:\Users\The Barbets\AppData\Roaming\Identities
O43 - CFD: 19/05/2010 - 12:26:11 - [] ----D C:\Users\The Barbets\AppData\Roaming\Inkscape
O43 - CFD: 19/05/2010 - 12:26:11 - [] ----D C:\Users\The Barbets\AppData\Roaming\InstallShield
O43 - CFD: 02/02/2015 - 18:36:10 - [0] ----D C:\Users\The Barbets\AppData\Roaming\join.me
O43 - CFD: 24/10/2013 - 13:54:24 - [] ----D C:\Users\The Barbets\AppData\Roaming\LavFilters
O43 - CFD: 11/08/2011 - 10:52:52 - [] ----D C:\Users\The Barbets\AppData\Roaming\Leadertech
O43 - CFD: 31/10/2010 - 12:48:59 - [] ----D C:\Users\The Barbets\AppData\Roaming\LiveCAD3
O43 - CFD: 19/05/2010 - 12:26:11 - [] ----D C:\Users\The Barbets\AppData\Roaming\Macromedia
O43 - CFD: 13/07/2012 - 08:40:37 - [] ----D C:\Users\The Barbets\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 11:00:22 - [0] ----D C:\Users\The Barbets\AppData\Roaming\Media Center Programs
O43 - CFD: 19/04/2014 - 10:42:27 - [] -S--D C:\Users\The Barbets\AppData\Roaming\Microsoft
O43 - CFD: 19/05/2010 - 12:26:18 - [] ----D C:\Users\The Barbets\AppData\Roaming\Mozilla
O43 - CFD: 24/02/2013 - 16:57:20 - [] ----D C:\Users\The Barbets\AppData\Roaming\No Company Name
O43 - CFD: 03/02/2014 - 10:14:56 - [] ----D C:\Users\The Barbets\AppData\Roaming\NVIDIA
O43 - CFD: 20/09/2014 - 16:48:50 - [] ----D C:\Users\The Barbets\AppData\Roaming\OpenArena
O43 - CFD: 08/08/2013 - 17:37:10 - [] ----D C:\Users\The Barbets\AppData\Roaming\OpenOffice
O43 - CFD: 19/05/2010 - 12:26:18 - [] ----D C:\Users\The Barbets\AppData\Roaming\OpenOffice.org
O43 - CFD: 01/02/2015 - 13:19:34 - [] ----D C:\Users\The Barbets\AppData\Roaming\Opera Software
O43 - CFD: 11/05/2012 - 14:24:25 - [0] ----D C:\Users\The Barbets\AppData\Roaming\Orange
O43 - CFD: 05/01/2011 - 16:52:30 - [] ----D C:\Users\The Barbets\AppData\Roaming\Panasonic
O43 - CFD: 22/09/2012 - 08:55:43 - [] ----D C:\Users\The Barbets\AppData\Roaming\PanoramaStudio
O43 - CFD: 19/01/2011 - 19:06:31 - [] ----D C:\Users\The Barbets\AppData\Roaming\PC Suite
O43 - CFD: 14/10/2013 - 16:47:59 - [] ----D C:\Users\The Barbets\AppData\Roaming\PDF Architect
O43 - CFD: 20/11/2011 - 11:10:40 - [] ----D C:\Users\The Barbets\AppData\Roaming\PhotoFiltre
O43 - CFD: 07/07/2011 - 10:08:33 - [] ----D C:\Users\The Barbets\AppData\Roaming\PhotoScape
O43 - CFD: 24/02/2013 - 13:06:07 - [] ----D C:\Users\The Barbets\AppData\Roaming\Reallusion
O43 - CFD: 23/01/2011 - 18:43:51 - [] ----D C:\Users\The Barbets\AppData\Roaming\Reviversoft
O43 - CFD: 09/07/2012 - 15:21:19 - [] ----D C:\Users\The Barbets\AppData\Roaming\SFR
O43 - CFD: 08/06/2014 - 00:59:14 - [] ----D C:\Users\The Barbets\AppData\Roaming\Skype
O43 - CFD: 11/02/2010 - 16:49:22 - [0] ----D C:\Users\The Barbets\AppData\Roaming\SmartDraw
O43 - CFD: 19/05/2010 - 12:26:20 - [] ----D C:\Users\The Barbets\AppData\Roaming\Template
O43 - CFD: 11/05/2011 - 10:17:52 - [] ----D C:\Users\The Barbets\AppData\Roaming\TomTom
O43 - CFD: 24/02/2013 - 12:22:07 - [] ----D C:\Users\The Barbets\AppData\Roaming\Ulead Systems
O43 - CFD: 26/03/2015 - 18:38:43 - [] ----D C:\Users\The Barbets\AppData\Roaming\Wacom
O43 - CFD: 29/03/2015 - 18:31:35 - [] ----D C:\Users\The Barbets\AppData\Roaming\wacomid-desktop-launcher
O43 - CFD: 26/03/2015 - 18:41:47 - [] ----D C:\Users\The Barbets\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
O43 - CFD: 01/09/2010 - 09:08:08 - [] ----D C:\Users\The Barbets\AppData\Roaming\WarZone
O43 - CFD: 16/02/2011 - 15:44:02 - [0] ----D C:\Users\The Barbets\AppData\Roaming\Windows Live Writer
O43 - CFD: 28/03/2015 - 16:17:55 - [] ----D C:\Users\The Barbets\AppData\Roaming\WinRAR
O43 - CFD: 26/03/2015 - 18:34:57 - [] ----D C:\Users\The Barbets\AppData\Roaming\WTablet
O43 - CFD: 01/04/2015 - 11:34:12 - [] ----D C:\Users\The Barbets\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 14/05/2012 - 10:12:25 - [] ----D C:\Users\The Barbets\AppData\Local\3DVIA
O43 - CFD: 31/01/2015 - 19:52:36 - [] ----D C:\Users\The Barbets\AppData\Local\5999736
O43 - CFD: 19/05/2010 - 12:24:51 - [] ----D C:\Users\The Barbets\AppData\Local\Acer Arcade Live
O43 - CFD: 19/05/2010 - 12:24:51 - [] ----D C:\Users\The Barbets\AppData\Local\Acer DV Magician
O43 - CFD: 19/05/2010 - 12:24:51 - [] ----D C:\Users\The Barbets\AppData\Local\Acer DVDivine
O43 - CFD: 19/05/2010 - 12:24:51 - [] ----D C:\Users\The Barbets\AppData\Local\Acer HomeMedia
O43 - CFD: 19/05/2010 - 12:24:52 - [] ----D C:\Users\The Barbets\AppData\Local\Acer HomeMedia Connect
O43 - CFD: 19/05/2010 - 12:24:52 - [] ----D C:\Users\The Barbets\AppData\Local\Acer SlideShow DVD
O43 - CFD: 19/05/2010 - 12:24:52 - [] ----D C:\Users\The Barbets\AppData\Local\Acer VideoMagician
O43 - CFD: 17/02/2015 - 16:55:29 - [] ----D C:\Users\The Barbets\AppData\Local\Adobe
O43 - CFD: 18/06/2011 - 11:06:25 - [] ----D C:\Users\The Barbets\AppData\Local\AirMouse
O43 - CFD: 19/05/2010 - 12:24:52 - [] ----D C:\Users\The Barbets\AppData\Local\Apple
O43 - CFD: 03/02/2015 - 10:40:15 - [] ----D C:\Users\The Barbets\AppData\Local\Apple Computer
O43 - CFD: 19/05/2010 - 12:11:36 - [] -SH-D C:\Users\The Barbets\AppData\Local\Application Data
O43 - CFD: 17/07/2012 - 09:28:57 - [] ----D C:\Users\The Barbets\AppData\Local\Apps
O43 - CFD: 06/08/2013 - 17:52:02 - [] ----D C:\Users\The Barbets\AppData\Local\ArcSoft
O43 - CFD: 18/09/2013 - 16:58:50 - [] ----D C:\Users\The Barbets\AppData\Local\avgchrome
O43 - CFD: 19/05/2010 - 12:24:55 - [] ----D C:\Users\The Barbets\AppData\Local\Battle for Wesnoth 1.6.4
O43 - CFD: 05/07/2012 - 08:52:39 - [] ----D C:\Users\The Barbets\AppData\Local\Battle for Wesnoth 1.8.5
O43 - CFD: 07/08/2014 - 14:53:30 - [] ----D C:\Users\The Barbets\AppData\Local\com
O43 - CFD: 29/10/2014 - 14:53:10 - [] ----D C:\Users\The Barbets\AppData\Local\com.gamehouse.acid
O43 - CFD: 04/03/2015 - 11:40:52 - [] ----D C:\Users\The Barbets\AppData\Local\Corel PaintShop Pro
O43 - CFD: 01/04/2015 - 11:17:28 - [] ----D C:\Users\The Barbets\AppData\Local\CrashDumps
O43 - CFD: 19/05/2010 - 12:25:40 - [] ----D C:\Users\The Barbets\AppData\Local\CyberLink
O43 - CFD: 05/07/2012 - 08:51:03 - [0] ----D C:\Users\The Barbets\AppData\Local\DFH
O43 - CFD: 15/03/2015 - 20:09:00 - [] ----D C:\Users\The Barbets\AppData\Local\Diagnostics
O43 - CFD: 19/05/2010 - 12:25:41 - [] ----D C:\Users\The Barbets\AppData\Local\DOSBox
O43 - CFD: 08/08/2013 - 16:06:30 - [] ----D C:\Users\The Barbets\AppData\Local\Downloaded Installations
O43 - CFD: 18/03/2015 - 10:59:03 - [] ----D C:\Users\The Barbets\AppData\Local\ElevatedDiagnostics
O43 - CFD: 21/01/2015 - 12:01:08 - [] -SH-D C:\Users\The Barbets\AppData\Local\EmieBrowserModeList
O43 - CFD: 21/01/2015 - 12:01:08 - [] -SH-D C:\Users\The Barbets\AppData\Local\EmieSiteList
O43 - CFD: 21/01/2015 - 12:01:08 - [] -SH-D C:\Users\The Barbets\AppData\Local\EmieUserList
O43 - CFD: 08/08/2013 - 17:52:29 - [] ----D C:\Users\The Barbets\AppData\Local\FreeOCR
O43 - CFD: 25/09/2013 - 18:08:07 - [] ----D C:\Users\The Barbets\AppData\Local\Garmin
O43 - CFD: 31/01/2015 - 19:51:41 - [0] ----D C:\Users\The Barbets\AppData\Local\GGEmpire
O43 - CFD: 04/01/2013 - 13:02:49 - [] ----D C:\Users\The Barbets\AppData\Local\Google
O43 - CFD: 19/05/2010 - 12:11:36 - [] -SH-D C:\Users\The Barbets\AppData\Local\Historique
O43 - CFD: 08/03/2012 - 10:23:26 - [] ----D C:\Users\The Barbets\AppData\Local\IM
O43 - CFD: 31/03/2015 - 12:27:42 - [] ----D C:\Users\The Barbets\AppData\Local\Image Composite Editor
O43 - CFD: 09/03/2012 - 12:51:21 - [] ----D C:\Users\The Barbets\AppData\Local\IncrediMail_MediaBar_Francais_2 =>PUP.IncrediMediaBar
O43 - CFD: 07/01/2011 - 09:15:25 - [] ----D C:\Users\The Barbets\AppData\Local\ISL
O43 - CFD: 05/03/2008 - 11:48:23 - [0] ----D C:\Users\The Barbets\AppData\Local\KodakGallery
O43 - CFD: 01/11/2011 - 10:28:02 - [0] ----D C:\Users\The Barbets\AppData\Local\LogiShrd
O43 - CFD: 26/03/2008 - 19:50:08 - [0] ----D C:\Users\The Barbets\AppData\Local\Logitech-LS
O43 - CFD: 02/02/2015 - 18:36:22 - [] ----D C:\Users\The Barbets\AppData\Local\LogMeIn
O43 - CFD: 15/06/2012 - 12:52:18 - [] ----D C:\Users\The Barbets\AppData\Local\Macromedia
O43 - CFD: 31/03/2015 - 12:27:24 - [] ----D C:\Users\The Barbets\AppData\Local\Microsoft
O43 - CFD: 19/05/2010 - 12:25:57 - [] ----D C:\Users\The Barbets\AppData\Local\Microsoft Games
O43 - CFD: 19/05/2010 - 12:25:57 - [] ----D C:\Users\The Barbets\AppData\Local\Microsoft Help
O43 - CFD: 13/03/2015 - 10:48:02 - [0] ----D C:\Users\The Barbets\AppData\Local\MigWiz
O43 - CFD: 23/01/2014 - 09:45:30 - [] ----D C:\Users\The Barbets\AppData\Local\monAlbumPhoto
O43 - CFD: 22/12/2014 - 12:04:39 - [] ----D C:\Users\The Barbets\AppData\Local\Mozilla
O43 - CFD: 01/02/2015 - 13:19:36 - [] ----D C:\Users\The Barbets\AppData\Local\Opera Software
O43 - CFD: 19/05/2010 - 12:25:58 - [] ----D C:\Users\The Barbets\AppData\Local\Orange
O43 - CFD: 18/02/2012 - 16:49:59 - [] ----D C:\Users\The Barbets\AppData\Local\Paint.NET
O43 - CFD: 19/05/2010 - 12:25:58 - [] ----D C:\Users\The Barbets\AppData\Local\Pinnacle
O43 - CFD: 19/05/2010 - 12:25:58 - [] ----D C:\Users\The Barbets\AppData\Local\PlayMovie
O43 - CFD: 03/07/2013 - 16:46:36 - [] ----D C:\Users\The Barbets\AppData\Local\Programs
O43 - CFD: 19/08/2010 - 16:12:03 - [] ----D C:\Users\The Barbets\AppData\Local\PunkBuster
O43 - CFD: 21/11/2012 - 18:05:20 - [] ----D C:\Users\The Barbets\AppData\Local\Samsung
O43 - CFD: 20/01/2015 - 10:28:27 - [] ----D C:\Users\The Barbets\AppData\Local\Software
O43 - CFD: 01/04/2015 - 11:31:58 - [] ----D C:\Users\The Barbets\AppData\Local\Temp
O43 - CFD: 19/05/2010 - 12:11:36 - [] -SH-D C:\Users\The Barbets\AppData\Local\Temporary Internet Files
O43 - CFD: 19/05/2010 - 12:25:58 - [] ----D C:\Users\The Barbets\AppData\Local\TomTom
O43 - CFD: 30/07/2012 - 08:23:57 - [] ----D C:\Users\The Barbets\AppData\Local\Trusteer
O43 - CFD: 08/08/2013 - 17:16:03 - [0] ----D C:\Users\The Barbets\AppData\Local\Unity
O43 - CFD: 19/05/2010 - 12:25:58 - [] ----D C:\Users\The Barbets\AppData\Local\Virtools
O43 - CFD: 23/01/2011 - 19:54:24 - [] ----D C:\Users\The Barbets\AppData\Local\VirtualStore
O43 - CFD: 29/08/2012 - 09:45:47 - [] ----D C:\Users\The Barbets\AppData\Local\Windows Live
O43 - CFD: 16/02/2011 - 15:44:17 - [] ----D C:\Users\The Barbets\AppData\Local\Windows Live Writer
O43 - CFD: 05/01/2011 - 15:26:35 - [0] ----D C:\Users\The Barbets\AppData\Local\WMTools Downloaded Files
O43 - CFD: 05/01/2011 - 16:51:13 - [] ----D C:\Users\The Barbets\AppData\Local\{726688F4-05C5-424B-8570-082779572F8E}
O43 - CFD: 19/05/2010 - 12:26:16 - [] R---D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/03/2015 - 12:55:15 - [] R---D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 05/04/2014 - 11:48:10 - [] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
O43 - CFD: 27/08/2014 - 09:56:45 - [0] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freecorder
O43 - CFD: 19/04/2014 - 10:43:02 - [] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 31/03/2015 - 12:11:42 - [] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin
O43 - CFD: 31/03/2015 - 12:27:13 - [] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
O43 - CFD: 19/05/2010 - 12:26:17 - [] R---D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 17/07/2012 - 09:28:58 - [] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outil de téléchargement USB DVD Windows 7
O43 - CFD: 01/12/2010 - 13:24:53 - [0] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleOCR
O43 - CFD: 11/03/2015 - 12:55:15 - [] R---D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 28/03/2015 - 16:17:23 - [] ----D C:\Users\The Barbets\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ 6 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 411 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.5AA1546980DC7BEA46995006D2B76B1D] - 01/04/2015 - 08:21:31 ---A- . (...) -- C:\Windows\Reimage.ini [156] =>Rogue.ReimageRepair
O44 - LFC:[MD5.60B8338480DA3EFC199237B3A5A922D9] - 01/04/2015 - 08:56:55 ---A- . (...) -- C:\Windows\PFRO.log [183916]
O44 - LFC:[MD5.41CD9CB3959C60BC19D0A62B12A82EA3] - 01/04/2015 - 08:57:09 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.56BFD21AF8650DD5F8196C22C0E85718] - 01/04/2015 - 08:57:18 ---A- . (...) -- C:\Windows\setupact.log [368222]
O44 - LFC:[MD5.7AE893C8AF90C00426B78602D01EF7C0] - 01/04/2015 - 09:03:36 ---A- . (...) -- C:\Windows\WindowsUpdate.log [485125]
O44 - LFC:[MD5.CC57ED920777753C7B59567D4A14D7E9] - 01/04/2015 - 09:03:53 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1676556]
O44 - LFC:[MD5.7886235D3075946514AE12A23D44429D] - 01/04/2015 - 09:03:53 ---A- . (...) -- C:\Windows\System32\perfc009.dat [125692]
O44 - LFC:[MD5.35F58F674ECF00397473AFE7913F7C23] - 01/04/2015 - 09:03:53 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [149842]
O44 - LFC:[MD5.F6119A73DE7F537F862B525EE0B6BF17] - 01/04/2015 - 09:03:53 ---A- . (...) -- C:\Windows\System32\perfh009.dat [658012]
O44 - LFC:[MD5.E84AA152D9CCB97F68B905C6FF1375CE] - 01/04/2015 - 09:03:53 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747318]
O44 - LFC:[MD5.4BC02BD73338C3A26265F5C64DBEC770] - 01/04/2015 - 10:19:34 ---A- . (...) -- C:\Windows\System32\BDEADMIN.CPL [183808]
O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 01/04/2015 - 10:19:34 ---A- . (...) -- C:\Windows\System32\DBCLIENT.DLL [210032]
O44 - LFC:[MD5.41586C10A932902C59D0A70D5890C818] - 01/04/2015 - 10:30:28 ---A- . (...) -- C:\PDOXUSRS.NET [13030]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/03/2015 - 14:39:53 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.A5674637BCA212D9FE136ADFA04C9857] - 17/03/2015 - 14:54:02 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [136216]
O44 - LFC:[MD5.AF5DA81B19AFA730F1E5246AD81D140A] - 17/03/2015 - 14:54:02 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [105864]
O44 - LFC:[MD5.D8C712305F73CD34D1B344810E522728] - 17/03/2015 - 14:54:03 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [37352]
O44 - LFC:[MD5.3303FB85532093FC6723632B5947E8C4] - 17/03/2015 - 14:54:04 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys [37896]
O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 17/03/2015 - 14:54:14 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 17/03/2015 - 17:54:42 ---A- . (...) -- C:\Windows\epplauncher.mif [1912]
O44 - LFC:[MD5.B0B58AC2849E589802C2ADE41B4372C4] - 20/03/2015 - 12:00:44 ---A- . (...) -- C:\PhysicalMBR.bin [512]
O44 - LFC:[MD5.8200EE5B1CA83B1F8C06912BC84B9164] - 26/03/2015 - 17:31:55 ---A- . (.Wacom Technology, Corp. - Control Panel interface for touch driver.) -- C:\Windows\System32\Pen_Touch_Tablet.dll [1607448]
O44 - LFC:[MD5.F610A2A73E2794D4492BBCC44EF2F081] - 26/03/2015 - 17:31:55 ---A- . (.Wacom Technology, Corp. - Wacom Mutli-Touch API.) -- C:\Windows\System32\WacomMT.dll [1610008]
O44 - LFC:[MD5.1ED27ED2FF3BDD94AB36BB3DBAA1CC27] - 26/03/2015 - 17:31:55 ---A- . (.Wacom Technology, Corp. - Wintab Coordinator.) -- C:\Windows\System32\Wintab32.dll [1493784]
O44 - LFC:[MD5.C4FFA98E1D669D15468D90E53D6C1276] - 26/03/2015 - 17:31:55 ---A- . (.Wacom Technology, Corp. - Wintab interface for consumer driver.) -- C:\Windows\System32\Pen_Tablet.dll [1614104]
O44 - LFC:[MD5.A9970042BE512C7981B36E689C5F3F9F] - 26/03/2015 - 17:32:09 ---A- . (.Microsoft Corporation - WDF Coinstaller.) -- C:\Windows\System32\Drivers\wdfcoinstaller01009.dll [1461992]
O44 - LFC:[MD5.0DC36E066294B88F3EC1F9F97AD0F9D4] - 26/03/2015 - 17:32:09 ---A- . (.Wacom Technology - Wacom HID Router.) -- C:\Windows\System32\Drivers\wachidrouter.sys [85304]
O44 - LFC:[MD5.17EA65E6496FD6BB627175FB838A82A4] - 26/03/2015 - 17:32:09 ---A- . (.Windows (R) Win 7 DDK provider - Filter Driver for HID-KMDF Interface.) -- C:\Windows\System32\Drivers\hidkmdf.sys [12088]
O44 - LFC:[MD5.B54A60581FB7BFEEE9368951C34472E7] - 26/03/2015 - 17:33:53 ---A- . (.Wacom Technology - Wacom Router Filter Driver.) -- C:\Windows\System32\Drivers\wacomrouterfilter.sys [13112]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/03/2015 - 17:34:24 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf [0]
~ Files: 30 Scanned in 01mn 59s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.A88AF46ADA953AB1C2AB4808AF84629B] - 01/04/2015 - 08:21:01 ---A- - C:\Windows\Prefetch\REIMAGE.EXE-4681D307.pf =>Rogue.ReimageRepair
O45 - LFCP:[MD5.453DBAB82A5FC4CE30D1B14141DC6862] - 01/04/2015 - 08:19:16 ---A- - C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-3FFEE298.pf =>Rogue.ReimageRepair
O45 - LFCP:[MD5.1C5F5B22559D868C35D74B813776C81F] - 01/04/2015 - 08:35:06 ---A- - C:\Windows\Prefetch\REIMAGEREMINDER.EXE-302A39F5.pf =>Rogue.ReimageRepair
O45 - LFCP:[MD5.863A534526FE1A2A0450E9D0419993ED] - 01/04/2015 - 08:17:45 ---A- - C:\Windows\Prefetch\REIMAGEREPAIR.EXE-D3499A1A.pf =>Rogue.ReimageRepair
~ Prefetcher: 4 Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" [Enabled] .(...) -- C:\Acer\Empowering Technology\eDataSecurity\decryption.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" [Enabled] .(...) -- C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" [Enabled] .(...) -- C:\Acer\Empowering Technology\eDataSecurity\encryption.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(...) -- C:\Program Files\BitTorrent\bittorrent.exe (.not file.) =>P2P.BitTorrent
O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe" [Enabled] .(...) -- C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe (.not file.)
~ Keys Export: 5 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\cmwd.sys . (...) -- C:\Windows\System32\Drivers\cmwd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\cmwd.sys . (...) -- C:\Windows\System32\Drivers\cmwd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{115298d0-984f-11e2-aed9-806e6f6e6963}\AutoRun\command. (...) -- E:\setup.exe (.not file.)
O51 - MPSK:{1a8f9b0b-23e6-11e0-8863-001d9248d5a8}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
O51 - MPSK:{ff0d02c0-5dc8-11e0-ae01-806e6f6e6963}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.IV41"="IR41_32.AX" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\IR41_32.AX
O52 - TDSD: \Drivers32\"VIDC.MJPG"="Pvmjpg30.dll" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\Windows\System32\Pvmjpg30.dll
O52 - TDSD: \drivers.desc\"pvmjpg30.dll"="PICVideo 3 M-JPEG VfW Codec" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\Windows\System32\pvmjpg30.dll
O52 - TDSD: \drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\EPSON SX410 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.exe =>.Epson Seiko Corporation
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (...) -- C:\Users\The Barbets\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\GarminExpressTrayApp [Key] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
O53 - SMSR:HKLM\...\startupreg\Glary Memory Optimizer [Key] . (...) -- C:\Program Files\Glary Utilities 5\memdefrag.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\KiesPDLR [Key] . (...) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MobileDocuments [Key] . (...) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\Standby [Key] . (.Corel - Standby service.) -- c:\Program Files\Common Files\Corel\Standby\Standby.exe
~ SMSR Keys: 27 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=221
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:22/02/2005 - 22:58:56 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\System32\Drivers\afc.sys [11776]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:29/01/2010 - 12:09:22 ---A- . (...) -- C:\Windows\System32\Drivers\atksgt.sys [281760]
O58 - SDL:24/02/2015 - 17:58:32 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [105864] =>.Avira Operations GmbH
O58 - SDL:24/02/2015 - 17:58:33 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [136216] =>.Avira Operations GmbH
O58 - SDL:24/02/2015 - 17:58:34 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [37352] =>.Avira Operations GmbH
O58 - SDL:24/02/2015 - 17:58:37 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys [37896] =>.Avira Operations GmbH
O58 - SDL:13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\cmwd.sys [20480]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:16/01/2008 - 09:18:02 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\Dr71WU.sys [489984]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:21/08/2012 - 12:01:22 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840]
O58 - SDL:18/04/2012 - 14:05:30 ---A- . (.GARMIN Corp. - Generic WDM Support Driver.) -- C:\Windows\System32\Drivers\grmngen.sys [25448]
O58 - SDL:18/04/2012 - 14:05:32 ---A- . (.GARMIN Corp. - grmnusb.sys.) -- C:\Windows\System32\Drivers\grmnusb.sys [15720]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:06/08/2014 - 11:15:48 ---A- . (.Windows (R) Win 7 DDK provider - Filter Driver for HID-KMDF Interface.) -- C:\Windows\System32\Drivers\hidkmdf.sys [12088]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:11/03/2011 - 06:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:03/07/2007 - 03:05:20 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\System32\Drivers\INT15.SYS [15392]
O58 - SDL:29/07/2010 - 00:25:02 ---A- . (.Initio Corporation - Initio Default Vendor Specific Device Driver.) -- C:\Windows\System32\Drivers\ivusb.sys [25112]
O58 - SDL:29/01/2010 - 12:09:21 ---A- . (...) -- C:\Windows\System32\Drivers\lirsgt.sys [25888]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:27/05/2005 - 09:32:52 ---A- . (...) -- C:\Windows\System32\Drivers\lvcm.sys [1317152]
O58 - SDL:27/05/2005 - 09:23:38 ---A- . (.Logitech Inc. - SmoothVision filter.) -- C:\Windows\System32\Drivers\lvsvf2.sys [2180096]
O58 - SDL:04/01/2007 - 08:07:00 ---A- . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\Windows\System32\Drivers\MarvinBus.sys [171520]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:13/07/2009 - 23:02:53 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\netr73.sys [545792]
O58 - SDL:14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:03/12/2007 - 09:45:56 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\Drivers\NTIDrvr.sys [6144]
O58 - SDL:07/09/2010 - 21:08:56 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda32v.sys [123496]
O58 - SDL:19/02/2013 - 20:32:54 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 307.83.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [10919200]
O58 - SDL:13/07/2009 - 23:02:52 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvm62x32.sys [347264]
O58 - SDL:04/03/2010 - 06:26:56 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvmf6232.sys [296936]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120]
O58 - SDL:09/04/2010 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvrd32.sys [139368]
O58 - SDL:22/03/2010 - 17:29:08 ---A- . (.NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\System32\Drivers\nvsmu.sys [18944]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744]
O58 - SDL:09/04/2010 - 01:32:56 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor32.sys [215656]
O58 - SDL:28/11/2006 - 21:46:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\System32\Drivers\PCAMp50.sys [28224]
O58 - SDL:28/11/2006 - 21:46:20 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\System32\Drivers\PCASp50.sys [27072]
O58 - SDL:11/06/2012 - 10:33:46 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\Drivers\pccsmcfd.sys [19072]
O58 - SDL:09/02/2005 - 10:59:00 ---A- . (.Pinnacle Systems GmbH - PCLEPCI.) -- C:\Windows\System32\Drivers\Pclepci.sys [14165]
O58 - SDL:01/12/2011 - 18:02:43 ---A- . (...) -- C:\Windows\System32\Drivers\PnkBstrK.sys [138376]
O58 - SDL:25/04/2007 - 16:34:38 ---A- . (.HiTRUST - PSD Filter Driver.) -- C:\Windows\System32\Drivers\psdfilter.sys [20776]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:13/03/2014 - 09:02:52 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [3032664]
O58 - SDL:13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [431672]
O58 - SDL:24/02/2015 - 17:59:21 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:30/10/2007 - 21:57:18 ---A- . (.Lenovo - ThinkPad Tablet Keyboard and Buttons HID Driver.) -- C:\Windows\System32\Drivers\tkbtnpn.sys [7463]
O58 - SDL:25/04/2012 - 11:11:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [43520]
O58 - SDL:14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:18/02/2009 - 23:11:44 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\Windows\System32\Drivers\vsdatant.sys [293528]
O58 - SDL:14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:06/08/2014 - 11:15:48 ---A- . (.Wacom Technology - Wacom HID Router.) -- C:\Windows\System32\Drivers\wachidrouter.sys [85304]
O58 - SDL:06/08/2014 - 11:15:50 ---A- . (.Wacom Technology - Wacom Router Filter Driver.) -- C:\Windows\System32\Drivers\wacomrouterfilter.sys [13112]
O58 - SDL:19/09/2006 - 15:47:04 ---A- . (.Wasay - Wasay virtual disk driver.) -- C:\Windows\System32\Drivers\WSVD.sys [80744]
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:22/12/2009 - 03:31:26 ---A- . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36640]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:07/03/2005 - 19:44:16 ---A- . (.Matsushita Electric Industrial Co., Ltd. - Phoebe Photo Distribution Manager.) -- C:\Windows\System32\PhDi2.sys [45056]
~ Drivers: 101 Scanned in 00mn 55s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/04/2015 - 11:37:32 ---A- . (.Nicolas Coolman.) -- C:\Users\The Barbets\AppData\Local\Temp\63i3onux.tmp\ZHP 2015.exe [17836429] =>.Nicolas Coolman
O61 - LFC: 01/04/2015 - 11:37:32 ---A- . (.Reimage®.) -- C:\Users\The Barbets\AppData\Local\Temp\4zek3q3s.tmp\ReimageRepair.exe [768512] =>Rogue.ReimageRepair
O61 - LFC: 01/04/2015 - 11:37:34 ---A- . (.Reimage®.) -- C:\Users\The Barbets\AppData\Local\Temp\ReiSysUpdate.exe [295912] =>Rogue.ReimageRepair
O61 - LFC: 01/04/2015 - 11:37:34 ---A- . (.Reimage®.) -- C:\Users\The Barbets\AppData\Local\Temp\ReimagePackage.exe [12001600] =>Rogue.ReimageRepair
O61 - LFC: 01/04/2015 - 11:38:10 ---A- . (.Nicolas Coolman.) -- C:\Users\The Barbets\Desktop\ZHPDiag2.exe [6876639] =>.Nicolas Coolman
O61 - LFC: 26/03/2015 - 11:37:32 ---A- . (.Avanquest Software.) -- C:\Users\The Barbets\AppData\Local\Temp\1stlnav9.tmp\Telecharger_Drivers.exe [2548512]
O61 - LFC: 26/03/2015 - 11:37:32 ---A- . (.Avanquest Software.) -- C:\Users\The Barbets\AppData\Local\Temp\b32rgp97.tmp\Telecharger_Drivers.exe [2548512]
O61 - LFC: 26/03/2015 - 11:37:33 ---A- . (.Driver-Soft Inc..) -- C:\Users\The Barbets\AppData\Local\Temp\o9gdzo54.tmp\Driver_Genius_Professional_FR.exe [8028864] =>PUP.DriverGenius
O61 - LFC: 26/03/2015 - 11:37:33 ---A- . (.PC Drivers HeadQuarters LP.) -- C:\Users\The Barbets\AppData\Local\Temp\DriverMender.exe [5051456] =>PUP.DriverMender
O61 - LFC: 26/03/2015 - 11:37:33 ---A- . (.PC Drivers HeadQuarters LP.) -- C:\Users\The Barbets\AppData\Local\Temp\iben327l.tmp\DriverMender.exe [375568] =>PUP.DriverMender
O61 - LFC: 26/03/2015 - 11:37:35 ---A- . (.ReviverSoft LLC.) -- C:\Users\The Barbets\AppData\Local\Temp\z93nvr7b.tmp\DriverReviverSetup_ppc.exe [4099968] =>PUP.DriverReviver
O61 - LFC: 26/03/2015 - 11:37:56 ---A- . (...) -- C:\Users\The Barbets\Desktop\CLEANAVI\bamboo_setup_web0407final.exe [7434944]
O61 - LFC: 27/03/2015 - 11:37:46 ---A- . (.Adobe Systems Inc..) -- C:\Users\The Barbets\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [54432]
O61 - LFC: 28/03/2015 - 11:37:32 ---A- . (...) -- C:\Users\The Barbets\AppData\Local\Temp\258d4ll5.tmp\wrar500.exe [1766784]
O61 - LFC: 29/03/2015 - 11:37:22 ---A- . (...) -- C:\Users\The Barbets\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [207200]
O61 - LFC: 31/03/2015 - 11:37:34 ---A- . (.Internet.) -- C:\Users\The Barbets\AppData\Local\Temp\uiwe8z8k.tmp\microsoft-ice_2-0-2_fr_273834_32.exe [717976]
O61 - LFC: 31/03/2015 - 11:37:46 R--A- . (...) -- C:\Users\The Barbets\AppData\Roaming\Microsoft\Installer\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}\_853F67D554F05449430E7E.exe [32579]
O61 - LFC: 31/03/2015 - 11:37:46 R--A- . (...) -- C:\Users\The Barbets\AppData\Roaming\Microsoft\Installer\{B29E2C62-496A-4F4F-9ED0-239FA15E1CB8}\_112D608FD02CD87FDC7735.exe [160487]
O61 - LFC: 31/03/2015 - 11:37:46 R--A- . (...) -- C:\Users\The Barbets\AppData\Roaming\Microsoft\Installer\{B29E2C62-496A-4F4F-9ED0-239FA15E1CB8}\_4DB4B9FCAF77229AA0D311.exe [160487]
O61 - LFC: 31/03/2015 - 11:37:46 R--A- . (...) -- C:\Users\The Barbets\AppData\Roaming\Microsoft\Installer\{B29E2C62-496A-4F4F-9ED0-239FA15E1CB8}\_853F67D554F05449430E7E.exe [102194]
~ 1360 Fichiers temporaires (Temporary files)
~ 12 Fichiers cookies (Cookies files)
~ Files: 20 Scanned in 00mn 49s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 29/01/2010 - C:\Windows\System32\DRIVERS\atksgt.sys (atksgt) .(...) - LEGACY_ATKSGT
O64 - Services: CurCS - 24/02/2015 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 24/02/2015 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 24/02/2015 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - LEGACY_AVKMGR
O64 - Services: CurCS - 24/02/2015 - C:\Windows\System32\DRIVERS\avnetflt.sys (avnetflt) .(.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) - LEGACY_AVNETFLT
O64 - Services: CurCS - 09/11/1745 - C:\Windows\system32\Drivers\cmwd.sys (cmwd) .(...) - LEGACY_CMWD
O64 - Services: CurCS - 22/12/2009 - C:\Windows\system32\FsUsbExDisk.sys (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - 29/01/2010 - C:\Windows\System32\DRIVERS\lirsgt.sys (lirsgt) .(...) - LEGACY_LIRSGT
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\nvraid.sys (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\nvstor.sys (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 09/11/1745 - C:\Windows\system32\Drivers\sptd.sys (sptd) .(...) - LEGACY_SPTD
O64 - Services: CurCS - 24/02/2015 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
~ Legacy: 152 Scanned in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.1000082.state", "{\"state\":\"stopped\",\"text\":\"Virgin Ra...\",\"description\":\"Virgin Radio Classic Rock[...]
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.appOptions", "{\"price-gong\":{\"disabled\":false,\"render\":true},\"1000515\":{\"render\":true}}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Fwww.comment-supprimer.[...]
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"]\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2405280\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://STEng7.O[...]
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"ST-Eng7 \"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [The Barbets - r8zgm2xp.default] user_pref("CT2405280_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1408353414290,\"isWithState\"[...]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1973728]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
~ Services: 32 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0641A46F1E58529A42EAD4573A3A0861] [SPRF][30/09/2010] (...) -- C:\ProgramData\62C712C762.sys [8]
[MD5.0641A46F1E58529A42EAD4573A3A0861] [SPRF][18/07/2011] (...) -- C:\ProgramData\6615EA4866.sys [8]
[MD5.7C55D58DECA99E55221B89D2ED210B36] [SPRF][17/05/2013] (...) -- C:\ProgramData\KGyGaAvL.sys [6164]
[MD5.D059303DE167532F6261EE97E8937D15] [SPRF][25/09/2013] (.Garmin Ltd or its subsidiaries - Garmin Express.) -- C:\Users\The Barbets\Desktop\GarminExpress.exe [12142192]
[MD5.ADA710B9D4A08FA20469BC16007D58E9] [SPRF][01/04/2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\The Barbets\Desktop\ZHPDiag2.exe [6876639]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][16/05/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][16/05/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.FE9176A1C2B4A81AFDE6EDD74A6A1DEE] [SPRF][27/10/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1956816]
[MD5.F2FC019F0BA267EBE7EC9DE1D0B92975] [SPRF][29/06/2008] (.Virtools SA - Updater.) -- C:\Windows\Downloaded Program Files\installer.exe [197960]
[MD5.1245E33C050E61191059EAA33D9CE6C9] [SPRF][16/05/2006] (.Macrovision Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272]
~ Files: 10 Scanned in 00mn 01s



---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 20/01/2015 - 10:29:25 - [] ----D C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SRI] (...) -- C:\ProgramData\3a8e94626c7e455eab9ee6b45c18d0d0\3a8e94626c7e455eab9ee6b45c18d0d0.exe [496128]
~ Files: Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{9C8C1C94-85AC-4FC7-94BF-AFA21410307E}" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe =>P2P.BitTorrent
O87 - FAEL: "{222065A5-DB13-4950-85F8-205B3B1F48AC}" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 06s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.5FF2B0F7835519063800D9F2DB535131] [WIS][22/08/2013] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\1bf81.msi [417792] =>PUP.FrameFox
[MD5.19E660F8A2BBFF9803C081786FF0CCDD] [WIS][21/07/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\27e654.msi [2162688] =>Adware.IncrediBar
~ WIS: 2 Scanned in 00mn 13s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\DriverMender_RASAPI32 =>PUP.DriverMender
HKLM\SOFTWARE\Microsoft\Tracing\DriverMender_RASMANCS =>PUP.DriverMender
~ BTK: 15 Scanned in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{024BA55C-DA05-4FA5-AD24-5EA6D3C7C153}] (DuuquUpdate Update3Web) =>PUP.Duuqu
[HKCR\CLSID\{163ED548-052B-465D-ABF6-FEB0CE76564F}] (secury-surf Toolbar) =>PUP.SecurySurf
[HKCR\CLSID\{B6E89C52-A6C8-4839-A5D1-28A7A5EA46D9}] (Duuqu Update Core Class) =>PUP.Duuqu
[HKCR\CLSID\{D7BEC320-B746-4A47-B289-509214980E2B}] (Duuqu Update Legacy On Demand) =>PUP.Duuqu
~ BCK: 6549 Scanned in 00mn 27s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 22/07/1658 0 | (Avira.OE.ServiceHost) . (...) - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
SS - | Demand 20/06/2008 65536 | (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
SS - | Demand 19/09/2013 250200 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SS - | Disabled 04/01/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 04/01/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 07/07/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Demand 17/01/2007 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - | Disabled 03/09/2010 66872 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SS - | Disabled 01/12/2011 202448 | (PnkBstrB) . (...) - C:\Windows\system32\PnkBstrB.exe
SS - | Disabled 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SS - | Auto 03/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/04/2015 806192 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
SR - | Auto 01/04/2015 432888 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 01/04/2015 432888 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 01/04/2015 992560 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
SR - | Auto 22/07/1658 1398304 | (ColorMedia) . (...) - C:\ProgramData\PicColor Utility\ColorMedia.exe =>PUP.PicColor
SR - | Auto 17/12/2007 143872 | (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.exe
SR - | Auto 11/01/2007 113664 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.exe
SR - | Auto 22/12/2009 217088 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SR - | Auto 31/01/2013 634656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect\HelperService.exe
SR - | Auto 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect\ConversionService.exe
SR - | Auto 14/01/2015 6079848 | (ReimageRealTimeProtector) . (.Reimage®.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/08/2014 567064 | (WTabletServiceCon) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 32s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by The Barbets at 01/04/2015 11:42:59
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [431672]
~ Emulateurs: Scanned in 00mn 05s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (29/03/2015)
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 17
Fichiers trouvés (Files found) : 29

[HKLM\SYSTEM\CurrentControlSet\Services\ColorMedia] =>PUP.PicColor^
[HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector] =>Rogue.ReimageRepair^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector] =>Rogue.ReimageRepair^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SecurySurfToolbar] =>PUP.SecurySurf^
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}] =>Adware.GamePlayLabs
[HKCU\Software\Microsoft\aoprndtws] =>Trojan.Vundo
[HKCU\Software\Microsoft\removerp] =>Trojan.Vundo
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311121157}] =>PUP.CrossRider
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\r8zgm2xp.default\extensions\MGKN37049485@ACPSC11936960.com =>PUP.CrossRider^
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\r8zgm2xp.default\extensions\plugin@startsearcher.com =>PUP.StartSearch^
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\r8zgm2xp.default\extensions\UNGEDRJW444405@LS70886362.com =>Adware.PlusHD^
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\r8zgm2xp.default\extensions\{671cc5f3-626f-4de7-8da1-4b76ce3c26ee} =>PUP.ZoomIt^
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_150665\extensions\plugin@startsearcher.com =>PUP.StartSearch^
C:\Program Files\Browse Pax =>PUP.BrowsePax^
C:\Program Files\Reimage =>Rogue.ReimageRepair^
C:\Program Files\secury-surf =>PUP.SecurySurf^
C:\Program Files\Setup Support for SearchProtect =>PUP.SearchProtect^
C:\ProgramData\DriverGenius =>PUP.DriverGenius^
C:\ProgramData\PicColor Utility =>PUP.PicColor^
C:\Users\The Barbets\AppData\Roaming\GoodGameEmpire =>Adware.GoodgameEmpire^
C:\Users\The Barbets\AppData\Local\IncrediMail_MediaBar_Francais_2 =>PUP.IncrediMediaBar^
C:\Program Files\Software =>Adware.Boxore
C:\Users\The Barbets\AppData\Local\Software =>Adware.Boxore
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\r8zgm2xp.default\Conduit =>Toolbar.Conduit
C:\Users\The Barbets\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_150665\Conduit =>Toolbar.Conduit
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair^
C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job =>PUP.Paretologic^
C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task =>PUP.Paretologic^
C:\Windows\Tasks\Pricora 1.4-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Pricora 1.4-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Pricora 1.4-codedownloader.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Pricora 1.4-codedownloader =>PUP.CrossRider^
C:\Windows\Tasks\Pricora 1.4-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Pricora 1.4-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\RegCure Pro.job =>Rogue.RegCurePro^
C:\Windows\System32\Tasks\RegCure Pro =>Rogue.RegCurePro^
[HKCU\Software\AppDataLow\Software\GenericAddon] =>PUP.GenericAddon^
[HKCU\Software\AppDataLow\Software\Softonic-Eng7] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\videos MediaPlay-Air] =>PUP.CrossRider^
[HKCU\Software\ApplianTechnologies] =>PUP.ApplianTechnologies^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\SecurySurf] =>PUP.SecurySurf^
[HKLM\Software\Driver-Soft] =>PUP.DriverSoft^
[HKLM\Software\SecurySurf] =>PUP.SecurySurf^
[HKLM\Software\Softonic-Eng7] =>Toolbar.Conduit^
[HKLM\Software\videos MediaPlay-Air] =>PUP.CrossRider^
C:\Windows\Installer\1bf81.msi =>PUP.FrameFox^
C:\Windows\Installer\27e654.msi =>Adware.IncrediBar^
[HKCR\CLSID\{024BA55C-DA05-4FA5-AD24-5EA6D3C7C153}] (DuuquUpdate Update3Web) =>PUP.Duuqu^
[HKCR\CLSID\{163ED548-052B-465D-ABF6-FEB0CE76564F}] (secury-surf Toolbar) =>PUP.SecurySurf^
[HKCR\CLSID\{B6E89C52-A6C8-4839-A5D1-28A7A5EA46D9}] (Duuqu Update Core Class) =>PUP.Duuqu^
[HKCR\CLSID\{D7BEC320-B746-4A47-B289-509214980E2B}] (Duuqu Update Legacy On Demand) =>PUP.Duuqu^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 423805 Items scanned in 01mn 48s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Hijacker.Application
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://nicolascoolman.fr/adware-plushd =>Adware.PlusHD
http://www.nicolascoolman.fr/blog/ =>PUP.ZoomIt
http://www.nicolascoolman.fr/blog/ =>Adware.GoodgameEmpire
http://www.nicolascoolman.fr/blog/ =>PUP.PicColor
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.fr/29357530-pup-advancedsystemoptimizer =>PUP.AdvancedSystemOptimizer
http://www.nicolascoolman.fr/blog/ =>PUP.RegistryReviver
http://nicolascoolman.fr/30068076-pup-paretologic =>PUP.Paretologic
http://nicolascoolman.fr/adware-pricora =>Adware.Pricora
http://www.nicolascoolman.fr/blog/ =>Rogue.RegCurePro
http://nicolascoolman.fr/pup-securysurf =>PUP.SecurySurf
http://www.nicolascoolman.fr/blog/ =>PUP.GenericAddon
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.ApplianTechnologies
http://www.nicolascoolman.fr/blog/ =>PUP.DriverSoft
http://www.nicolascoolman.fr/blog/ =>PUP.BrowsePax
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://www.nicolascoolman.fr/blog/ =>PUP.DriverGenius
http://www.nicolascoolman.fr/blog/ =>PUP.IncrediMediaBar
http://www.nicolascoolman.fr/blog/ =>PUP.DriverMender
http://www.nicolascoolman.fr/blog/ =>PUP.DriverReviver
http://nicolascoolman.fr/pup-framefox =>PUP.FrameFox
http://nicolascoolman.fr/adware-incredibar =>Adware.IncrediBar
http://nicolascoolman.fr/pup-duuqu =>PUP.Duuqu
http://nicolascoolman.fr/pup-specialsavings =>Adware.GamePlayLabs
http://www.nicolascoolman.fr/blog/ =>Trojan.Vundo
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
~ MSI: 30 link(s) detected in 00mn 00s



End of the scan (1962 lines in 12mn 09s)(0.2)

Publicité


Signaler le contenu de ce document

Publicité