cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.4.17.39 - Nicolas Coolman (17/04/2015)
~ Lancé par Pierre (17/04/2015 13:17:10)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17126
MFIE: Mozilla Firefox 27.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : BWX77
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\ Logiciels de protection du système
avast! Internet Security v9.0.2021
Spybot - Search & Destroy v2.1.21
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v3.20

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4060 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 134 GB (71%) free of 186 GB

---\\ Mode de connexion au système
~ Computer Name: PIERRE-TOSH
~ User Name: Pierre
~ All Users Names: Pierre, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Pierre\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Pierre\AppData\Roaming\
~ %Desktop% : C:\Users\Pierre\Desktop\
~ %Favorites% : C:\Users\Pierre\Favorites\
~ %LocalAppData% : C:\Users\Pierre\AppData\Local\
~ %StartMenu% : C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 134 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 17 Go of 186 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Free 0 Go of 0 Go)
G: Floppy drive, Flash card reader, USB Key (Free 2 Go of 2 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 40 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.30/05/2014 - 08:56:56.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/50
~ Mes Favoris (My Favorites) : 1/53
~ Mes Documents (My Documents) : 2/3358
~ Mon Bureau (My Desktop) : 1/20
~ Menu demarrer (Programs) : 1/38
~ Hidden Files: Scanned in 00mn 07s



---\\ Processus lancés
[MD5.BB4CEE22CFE1C259F5C4279349EB879C] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [149824] [PID.2412]
[MD5.CDD5D9A59E3AD12E649E67CE69E620C5] - (.Orange - Executable Orange Inside.) -- C:\Users\Pierre\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1553560] [PID.2440]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.2184]
[MD5.9EDFB86FAA07BFED3C3D00211FAB6D82] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\ST2.exe [13446464] [PID.2404]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.3432]
[MD5.9D77E8A2EE92E9DAFAC88DEFCF6D777D] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496] [PID.3496]
[MD5.CCCDC7B64CFF96C977B0FADC24434628] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Pierre\AppData\Roaming\Dropbox\bin\Dropbox.exe [33322312] [PID.3232]
[MD5.C5B2679B0AE204FDD0415199B7AFEF20] - (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088] [PID.4164]
[MD5.EF69F757A87520CC78EE110D5BD9B8C0] - (.TomTom - TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME\TomTomHOME.exe [3576488] [PID.4316]
[MD5.2218928CF528D7BC295B1B4C69E9846C] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastui.exe [3890208] [PID.4384]
[MD5.AF49D1C79EA49A7833017F290EE63B82] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784] [PID.4408]
[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848] [PID.5968]
[MD5.62A3B7A12578B3B595253342B982BDA7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8198144] [PID.6124]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.6824]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1356]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1744]
[MD5.9D519AAA21E622DF7DF27041E0917499] - (.Pas de propriétaire - DedicarzService.) -- C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960] [PID.1956]
[MD5.42FBB9CEF329C8822004B14A7FC2A0C6] - (.Orange SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [699912] [PID.1388]
[MD5.95AA9E165C7DE1B64A11E8B18E91E499] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560] [PID.972]
[MD5.D31398D4BB4907B517B6E784C2100C4A] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688] [PID.4000]
[MD5.6AE8E702D1027A9627DDE2B77BB9992B] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928] [PID.3532]
[MD5.D252C53BCDFC199BBA55EEB10CDB266E] - (.TOSHIBA CORPORATION - ConfigFree Gadget Process Service.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [42368] [PID.4416]
[MD5.CAB0EEAF5295FC96DDD3E19DCE27E131] - (.TOSHIBA CORPORATION - ConfigFree Service Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [46448] [PID.4424]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.5832]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\jafdhbipfdlldljdanpnlipdinjcjjid [Portail Orange]
G2 - EXT: C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkdglgjjpicgkbfdflchobhdiblbjgf [Menu contextuel Orange]
G2 - EXT: C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
~ Google Lines Browser: 6 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ytryzi5g.default\prefs.js
C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ytryzi5g.default\user.js
M3 - MFPP: Plugins - [Pierre] -- C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ytryzi5g.default\searchplugins\orange.xml
M0 - MFSP: prefs.js [Pierre - ytryzi5g.default] http://r.orange.fr
M0 - MFSP: user.js [Pierre - ytryzi5g.default] http://r.orange.fr
M2 - MFEP: prefs.js [Pierre - ytryzi5g.default\appbar@alot.com] [] ALOT Appbar v1.1.9500 (..)
M2 - MFEP: prefs.js [Pierre - ytryzi5g.default\menu_contextuel_orange@orange.fr] [] Menu contextuel Orange v1.3 (..)
M2 - MFEP: prefs.js [Pierre - ytryzi5g.default\SupraSavings@jetpack] [] SupraSavings v5.0 (..) =>PUP.SupraSavings
M2 - MFEP: prefs.js [Pierre - ytryzi5g.default\toolbar@Orange.fr] [] barre d'outils Orange v4.3.14.0 (..)
M2 - MFEP: prefs.js [Pierre - ytryzi5g.default\{22e03916-85c5-44b0-8dc9-1830c11238d9}] [] Elf 1 v10.30.1.502 (..)
M2 - MFEP: prefs.js [Pierre - ytryzi5g.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v3.2.3.20140326060057 (..)
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.07.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30214.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Pierre\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Pierre\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
~ Firefox Browser: 15 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17041 (winblue_gdr.140305-1710)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {b80f591e-fe9a-46cf-a13e-180377240586} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {38542454-dfb6-44f5-b052-d4e071a3d073} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 27 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15424)
~ Hosts File: Scanned in 00mn 17s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: 2rs3 [64Bits] - {10AD2C61-0898-4348-8600-14A342F22AC3} . (...) -- C:\Program Files (x86)\SupraSavings\2rs3.dll =>PUP.SupraSavings
O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.)
O2 - BHO: (no name) [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} Clé orpheline
O2 - BHO: (no name) [64Bits] - {38542454-dfb6-44f5-b052-d4e071a3d073} Clé orpheline
O2 - BHO: RoboForm BHO [64Bits] - {724d43a9-0d85-11d4-9908-00400523e39a} . (.AVAST Software - avast! EasyPass Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
O2 - BHO: (no name) [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} Clé orpheline
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 15 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar: avast! EasyPass Toolbar - [HKLM]{724d43a0-0d85-11d4-9908-00400523e39a} . (.AVAST Software - avast! EasyPass Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe =>.Toshiba Corporation
O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.)
O4 - HKLM\..\Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.)
O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.)
O4 - HKLM\..\Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe (.not file.)
O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Teco] C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe (.not file.)
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
O4 - HKCU\..\Run: [HP Photosmart 7520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Pierre\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKLM\..\Wow6432Node\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe
O4 - HKLM\..\Wow6432Node\Run: [HWSetup] . (.TOSHIBA Electronics, Inc. - HWSetup.) -- C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
O4 - HKLM\..\Wow6432Node\Run: [KeNotify] . (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.Toshiba Corporation
O4 - HKLM\..\Wow6432Node\Run: [TomTomHOME.exe] . (.TomTom - TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME\TomTomHOME.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1012539306-4198553766-4275091712-1000\..\Run: [HP Photosmart 7520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 - HKUS\S-1-5-21-1012539306-4198553766-4275091712-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-1012539306-4198553766-4275091712-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1012539306-4198553766-4275091712-1000\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKUS\S-1-5-21-1012539306-4198553766-4275091712-1000\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-1012539306-4198553766-4275091712-1000\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Pierre\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Remplir les formulaires [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.AVAST Software - avast! EasyPass Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Enregistrer les formulaires [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.AVAST Software - avast! EasyPass Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Barre avast! EasyPass [64Bits] - {724d43aa-0d85-11d4-9908-00400523e39a} . (.AVAST Software - avast! EasyPass Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 9 Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION - ConfigFree Gadget Process Service.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire - DedicarzService.) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: Orange update Core Service (Orange update Core Service) . (.Orange SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe =>.Toshiba Corporation
~ Services: 20 Scanned in 00mn 08s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.B5D8DE922237CEDDC7992297654A4BE4] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.BB4CEE22CFE1C259F5C4279349EB879C] [APT] [AssistanceLivebox] (.Orange.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [149824]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [808448]
[MD5.9D77E8A2EE92E9DAFAC88DEFCF6D777D] [APT] [ConfigFree Startup Programs] (.TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000Core] (.Google Inc..) -- C:\Users\Pierre\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000UA] (.Google Inc..) -- C:\Users\Pierre\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.B6A87D77CC1E839885EE875A77D89673] [APT] [Run RoboForm TaskBar Icon] (.Siber Systems.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [96056]
[MD5.58920E6A409046BA06548D9D139CE0F0] [APT] [{0544596A-5521-45A2-8B48-1C73970DC180}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] [APT] [{77FA7FD1-4B80-470F-8983-966C3AFB31B7}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [275568]
[MD5.00000000000000000000000000000000] [APT] [{8C056244-BD2A-4C7B-9BC3-A501667386B4}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.01F441F655D8CC4214BDF411D39D04AF] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [3881928]
[MD5.A58EAD767EAE964ED463FEDF25E750A2] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [3609552]
[MD5.03250DB0886A23B1F6C077C5D9F152B0] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [3859928]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1064]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1064]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1068]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1068]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000Core.job [1030]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000Core [1030]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000UA.job [1082]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1012539306-4198553766-4275091712-1000UA [1082]
~ Scheduled Task: 23 Scanned in 00mn 05s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswKbd) . (.AVAST Software - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {77D28FF5-242F-488A-8215-937D6A4D69E0}
O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.07) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Assistance Livebox - (.Orange.) [HKLM][64Bits] -- Assistance Livebox
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Bookworm Deluxe 1.131 - (...) [HKLM][64Bits] -- Bookworm Deluxe 1.131
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Capturino V2.20 - (...) [HKCU][64Bits] -- Capturino V2.20
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine =>Toolbar.Conduit
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Driver Genius - (.Driver-Soft Inc..) [HKLM][64Bits] -- Driver Genius_is1 =>PUP.DriverSoft
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: GeneaQuiz - (.CDIP.) [HKLM][64Bits] -- {FCE58D5E-0C8C-4740-8906-B0B5FCE20ADC}_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {75939021-3B68-419D-8DC1-E9823BFF9658}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Généatique 2010 - (.CDIP.) [HKLM][64Bits] -- {B8467D1A-2A5A-4F8B-977F-17A62E500BEC}_is1
O42 - Logiciel: Généatique 2011 - (.CDIP.) [HKLM][64Bits] -- {927E30E0-90E8-4772-8803-D42820C5951A}_is1
O42 - Logiciel: Généatique 2012 - (.CDIP.) [HKLM][64Bits] -- {B5885C50-4299-44A7-B4D7-791F301D700B}_is1
O42 - Logiciel: Généatique 2014 - (.CDIP.) [HKLM][64Bits] -- {E9AA924B-DAA1-42A6-9593-E7EF07BFB683}_is1
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Iomega Encryption - (.Iomega an EMC Company.) [HKLM][64Bits] -- {578831A8-CB47-471F-A552-907EC3E9E040}
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent toshiba Master Uninstall =>.WildTangent
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Logiciel de base du périphérique HP Photosmart 7520 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {AE376553-8285-4E9B-9AAE-47030303D808} =>.Hewlett-Packard Co
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {4073A644-D7C2-4ED6-87B1-A1BCD7F7836C}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 27.0.1 (x86 fr)
O42 - Logiciel: NIMEGUE3 - (...) [HKCU][64Bits] -- NIMEGUE3
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM][64Bits] -- MailNotifier
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: Orange Inside - (.Orange.) [HKCU][64Bits] -- Orange Inside
O42 - Logiciel: Orange Installer - (.Orange.) [HKLM][64Bits] -- Orange Installer
O42 - Logiciel: Orange update - (.Orange.) [HKLM][64Bits] -- OrangeUpdateManager
O42 - Logiciel: PDF-XChange 2012 - (.Tracker Software Products Ltd.) [HKLM][64Bits] -- {504022CD-6A58-42D5-ACC9-966F695AAD93}_is1
O42 - Logiciel: PDF-XChange 4 - (.Tracker Software Products Ltd.) [HKLM][64Bits] -- {EA08048C-3823-4DC8-B169-1D5D11FFC19F}_is1
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: Protectis - (.CDIP.) [HKLM][64Bits] -- {3A2BA5D6-AC8D-4801-B5EA-DA3990060002}_is1
O42 - Logiciel: RT 7 Lite (64-Bit) - (.Rockers Team.) [HKCU][64Bits] -- RT 7 Lite x64
O42 - Logiciel: RT 7 Lite x64 - (.Rockers Team.) [HKLM][64Bits] -- {DDEBB7D6-671C-468D-98EB-EF9F1A1BC524}
O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Realtek WLAN Driver - (.Realtek.) [HKLM][64Bits] -- {0FB630AB-7BD8-40AE-B223-60397D57C3C9}
O42 - Logiciel: RemoteComms External Disk Access - (.PLX Technology.) [HKLM][64Bits] -- {04FCD5DE-1662-4F99-BDA9-C57212113EF2}
O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: SupraSavings - (.SupraSavings.) [HKLM][64Bits] -- {E6B105B8-1F65-4428-9397-1DFD8A03B94D} =>PUP.SupraSavings
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F3529665-D75E-4D6D-98F0-745C78C68E9B}
O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (...) [HKLM][64Bits] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}
O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {620BBA5E-F848-4D56-8BDA-584E44584C5E}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {5279374D-87FE-4879-9385-F17278EBB9D3}
O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}
O42 - Logiciel: TOSHIBA PC Health Monitor - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM][64Bits] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {C2DDF845-7107-40E8-8D2A-8719F1799570}
O42 - Logiciel: TOSHIBA SD Memory Utilities - (.TOSHIBA.) [HKLM][64Bits] -- {EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}
O42 - Logiciel: TOSHIBA TEMPRO - (.Toshiba Europe GmbH.) [HKLM][64Bits] -- {F082CB11-4794-4259-99A1-D91BA762AD15} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B3FF1CD9-B2F0-4D71-BB55-5F580401C48E} =>.Toshiba Corporation
O42 - Logiciel: TRORMCLauncher - (...) [HKLM][64Bits] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}
O42 - Logiciel: TomTom HOME - (.TomTom.) [HKLM][64Bits] -- {CE325D55-FCAF-4273-BB79-069BB8747270}
O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM][64Bits] -- {A047FE02-C91C-41CB-898C-4ED21B86025A}
O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM][64Bits] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}
O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM][64Bits] -- {2290A680-4083-410A-ADCC-7092C67FC052} =>.Toshiba Corporation
O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- {0823A2E3-69DD-A37A-7CD9-1CBEB037545C}
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent
O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WildTangent Games App (Toshiba Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba =>.WildTangent
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst
O42 - Logiciel: Zuma Deluxe 1.0 - (...) [HKLM][64Bits] -- Zuma Deluxe 1.0
O42 - Logiciel: avast! EasyPass v7-7-8-128 - (.AVAST Software.) [HKLM][64Bits] -- AI RoboForm
O42 - Logiciel: avast! Internet Security v9.0.2021 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM][64Bits] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}
O42 - Logiciel: suprasavings - (.suprasavings.) [HKLM][64Bits] -- suprasavings =>PUP.SupraSavings
~ Logic: 66 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\A Note]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Elf_1.12]
[HKCU\Software\AppDataLow\Software\Elf_1.13]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Supra Savings] =>PUP.SupraSavings
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\suprasavings] =>PUP.SupraSavings
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow]
[HKCU\Software\CDIP]
[HKCU\Software\Caphyon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DAVID Gilles]
[HKCU\Software\EasyBits]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice]
[HKCU\Software\OrangeInside]
[HKCU\Software\PC SOFT]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Realtek]
[HKCU\Software\Rockers Team]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Siber Systems]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\SupraSavings] =>PUP.SupraSavings
[HKCU\Software\TOSHIBA]
[HKCU\Software\TomTom]
[HKCU\Software\Tracker Software]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WPCubed]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\kde.org]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SOFTWARE]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\TOSHIBA]
[HKLM\Software\Toshiba Tempro] =>.Toshiba Corporation
[HKLM\Software\Tracker Software]
[HKLM\Software\VideoLAN]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ALWIL Software]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\America Online]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\COMPAL]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Digital River]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\Driver-Soft] =>PUP.DriverSoft
[HKLM\Software\Wow6432Node\Elf_1.12]
[HKLM\Software\Wow6432Node\GlarySoft]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\IObit]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\McAfeeInstaller]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenOffice]
[HKLM\Software\Wow6432Node\Orange]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PopCap]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RtWLan]
[HKLM\Software\Wow6432Node\SDLL]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Siber Systems]
[HKLM\Software\Wow6432Node\SiteAdvisor]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\TOSHIBA Corporation]
[HKLM\Software\Wow6432Node\TOSHIBA]
[HKLM\Software\Wow6432Node\TomTom]
[HKLM\Software\Wow6432Node\Uniblue] =>PUP.UniblueSystem
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinPcap]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\webtogo]
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
~ Key Software: 325 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/04/2013 - 19:26:08 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 07/12/2009 - 22:48:46 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 01/08/2013 - 21:17:00 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 03/05/2014 - 11:25:09 - [] ----D C:\Program Files (x86)\Capturino V220
O43 - CFD: 15/07/2012 - 18:30:41 - [] ----D C:\Program Files (x86)\CCleaner
O43 - CFD: 18/05/2014 - 23:31:24 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 26/12/2010 - 19:16:45 - [] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 26/12/2010 - 19:16:43 - [] ----D C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit
O43 - CFD: 18/11/2013 - 15:01:30 - [] ----D C:\Program Files (x86)\Driver-Soft =>PUP.DriverSoft
O43 - CFD: 12/11/2013 - 12:49:33 - [0] ----D C:\Program Files (x86)\Drivers Manager
O43 - CFD: 15/07/2012 - 18:32:28 - [] ----D C:\Program Files (x86)\Elf_1.12
O43 - CFD: 21/06/2014 - 11:15:15 - [] ----D C:\Program Files (x86)\GeneaQuiz
O43 - CFD: 06/07/2010 - 10:52:16 - [] ----D C:\Program Files (x86)\Geneatique2010
O43 - CFD: 01/11/2011 - 19:30:52 - [] ----D C:\Program Files (x86)\Geneatique2011
O43 - CFD: 17/05/2012 - 18:48:18 - [] ----D C:\Program Files (x86)\Geneatique2012
O43 - CFD: 21/06/2014 - 11:15:22 - [] ----D C:\Program Files (x86)\Geneatique2014
O43 - CFD: 14/11/2013 - 18:48:31 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 23/03/2013 - 16:30:00 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 24/11/2013 - 17:31:53 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 04/09/2009 - 15:25:38 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 25/07/2014 - 00:09:09 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 21/04/2012 - 11:05:50 - [] ----D C:\Program Files (x86)\IObit
O43 - CFD: 09/11/2013 - 01:42:29 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 15/09/2011 - 19:17:34 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 04/09/2009 - 15:51:45 - [] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 15/03/2014 - 11:38:32 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 04/09/2009 - 15:54:01 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 28/10/2012 - 00:09:25 - [] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 26/06/2010 - 10:47:29 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 06/07/2014 - 16:48:18 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 15/01/2010 - 19:16:09 - [] ----D C:\Program Files (x86)\NIMEGUE3
O43 - CFD: 15/03/2014 - 20:11:43 - [] ----D C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 15/03/2014 - 20:11:10 - [] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 22/04/2013 - 19:34:29 - [] ----D C:\Program Files (x86)\Orange
O43 - CFD: 04/09/2009 - 15:39:21 - [] ----D C:\Program Files (x86)\Photo-Service
O43 - CFD: 31/10/2011 - 12:36:50 - [] ----D C:\Program Files (x86)\PLX Technology
O43 - CFD: 28/08/2012 - 17:00:46 - [] ----D C:\Program Files (x86)\PopCap Games
O43 - CFD: 21/06/2014 - 11:10:58 - [] ----D C:\Program Files (x86)\Protectis
O43 - CFD: 07/12/2009 - 22:59:05 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 07/12/2009 - 22:56:54 - [] ----D C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 09/05/2013 - 17:33:35 - [] ----D C:\Program Files (x86)\SDLL
O43 - CFD: 17/03/2013 - 20:48:30 - [] ----D C:\Program Files (x86)\Siber Systems
O43 - CFD: 17/01/2014 - 17:54:17 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 08/11/2013 - 11:34:31 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 08/11/2013 - 11:57:13 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 02/04/2014 - 19:10:22 - [] ----D C:\Program Files (x86)\SupraSavings =>PUP.SupraSavings
O43 - CFD: 07/12/2009 - 22:56:16 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 13/09/2010 - 23:15:31 - [] ----D C:\Program Files (x86)\TomTom HOME
O43 - CFD: 24/11/2013 - 17:31:54 - [] ----D C:\Program Files (x86)\TOSHIBA
O43 - CFD: 17/05/2011 - 18:12:55 - [] ----D C:\Program Files (x86)\TOSHIBA Games
O43 - CFD: 26/07/2011 - 23:08:31 - [] ----D C:\Program Files (x86)\Toshiba TEMPRO =>.Toshiba Corporation
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 27/06/2011 - 18:51:01 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 17/05/2011 - 18:12:24 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 24/07/2013 - 09:58:09 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 18/04/2011 - 23:26:26 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 15/09/2011 - 19:32:30 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 16/12/2013 - 19:30:45 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 15/09/2011 - 19:32:30 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 15/09/2011 - 19:32:30 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 15/09/2011 - 19:32:30 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 04/11/2010 - 11:16:54 - [] ----D C:\Program Files (x86)\WinZip
O43 - CFD: 14/11/2011 - 14:39:36 - [] ----D C:\Program Files (x86)\Yahoo!
O43 - CFD: 17/04/2015 - 09:00:26 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 11/04/2013 - 19:26:22 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 25/06/2014 - 19:11:57 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 18/05/2014 - 23:31:24 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 07/12/2009 - 22:55:48 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 09/11/2013 - 01:43:02 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 25/07/2014 - 00:09:04 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 18/08/2013 - 17:27:26 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/11/2011 - 19:53:49 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 07/12/2009 - 23:07:05 - [] ----D C:\Program Files (x86)\Common Files\Toshiba Shared
O43 - CFD: 04/09/2009 - 15:51:59 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 26/07/2011 - 23:08:43 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 09/06/2013 - 19:13:18 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 01/03/2010 - 23:41:42 - [] ----D C:\ProgramData\Alwil Software
O43 - CFD: 01/08/2013 - 21:16:59 - [] ----D C:\ProgramData\Apple
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 07/12/2009 - 22:48:55 - [] ----D C:\ProgramData\ATI
O43 - CFD: 04/11/2013 - 19:28:50 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 09/01/2010 - 17:33:40 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 30/11/2014 - 15:25:26 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 18/11/2013 - 15:02:19 - [] ----D C:\ProgramData\DriverGenius =>PUP.DriverGenius
O43 - CFD: 09/01/2010 - 17:33:40 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 21/06/2014 - 11:15:15 - [] ----D C:\ProgramData\GeneaQuiz
O43 - CFD: 06/07/2010 - 10:21:57 - [] ----D C:\ProgramData\Généatique2010
O43 - CFD: 01/11/2011 - 19:34:45 - [] ----D C:\ProgramData\Généatique2011
O43 - CFD: 11/11/2011 - 13:21:55 - [] ----D C:\ProgramData\Généatique2012
O43 - CFD: 26/07/2013 - 19:56:42 - [] ----D C:\ProgramData\Généatique2013
O43 - CFD: 21/06/2014 - 11:30:46 - [] ----D C:\ProgramData\Généatique2014
O43 - CFD: 23/03/2013 - 16:30:13 - [] ----D C:\ProgramData\HP
O43 - CFD: 21/04/2012 - 11:06:19 - [] ----D C:\ProgramData\IObit
O43 - CFD: 04/09/2009 - 15:40:52 - [] ----D C:\ProgramData\IsolatedStorage
O43 - CFD: 13/10/2013 - 19:18:21 - [] ----D C:\ProgramData\ma-config.com
O43 - CFD: 11/01/2010 - 23:18:29 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 09/01/2010 - 17:33:40 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 02/03/2014 - 00:58:35 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/06/2014 - 22:08:51 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 09/01/2010 - 17:33:40 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 03/07/2013 - 12:11:25 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 11/01/2010 - 19:05:35 - [] ----D C:\ProgramData\NIMEGUE3
O43 - CFD: 09/11/2013 - 01:44:15 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 18/08/2013 - 17:53:32 - [] ----D C:\ProgramData\Orange
O43 - CFD: 03/02/2010 - 18:56:38 - [] ----D C:\ProgramData\Partner
O43 - CFD: 06/02/2010 - 11:10:59 - [] ----D C:\ProgramData\Playrix Entertainment
O43 - CFD: 28/08/2012 - 17:00:46 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 17/03/2013 - 20:49:46 - [] ----D C:\ProgramData\RoboForm
O43 - CFD: 04/09/2009 - 15:46:01 - [] ----D C:\ProgramData\SiteAdvisor
O43 - CFD: 17/01/2014 - 17:54:22 - [] ----D C:\ProgramData\Skype
O43 - CFD: 16/06/2011 - 09:03:45 - [] ----D C:\ProgramData\Skype Extras
O43 - CFD: 05/12/2014 - 18:00:48 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 03/04/2010 - 12:09:50 - [] ----D C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 07/12/2009 - 23:06:55 - [] ----D C:\ProgramData\TOSHIBA
O43 - CFD: 27/06/2010 - 20:02:12 - [] ----D C:\ProgramData\TOSHIBA Tempro =>.Toshiba Corporation
O43 - CFD: 09/01/2010 - 17:33:51 - [] ----D C:\ProgramData\ToshibaEurope
O43 - CFD: 18/11/2011 - 12:45:56 - [] ----D C:\ProgramData\Uniblue =>PUP.UniblueSystem
O43 - CFD: 04/09/2009 - 15:27:31 - [] ----D C:\ProgramData\Vista32
O43 - CFD: 04/09/2009 - 15:27:31 - [] ----D C:\ProgramData\Vista64
O43 - CFD: 15/07/2012 - 18:13:59 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 04/09/2009 - 15:31:28 - [] ----D C:\ProgramData\win7_32
O43 - CFD: 04/09/2009 - 15:31:28 - [] ----D C:\ProgramData\win7_64
O43 - CFD: 16/09/2011 - 22:24:29 - [] ----D C:\ProgramData\Windows Genuine Advantage
O43 - CFD: 04/09/2009 - 15:27:31 - [] ----D C:\ProgramData\XP
O43 - CFD: 04/09/2009 - 15:02:40 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 06:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 04/02/2014 - 19:29:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
O43 - CFD: 17/03/2013 - 20:49:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass
O43 - CFD: 07/12/2009 - 22:48:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
O43 - CFD: 01/11/2011 - 00:03:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 18/11/2013 - 15:01:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
O43 - CFD: 28/08/2012 - 17:00:49 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 16/07/2014 - 18:08:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 06/07/2010 - 10:21:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Généatique 2010
O43 - CFD: 01/11/2011 - 19:30:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Généatique 2011
O43 - CFD: 17/05/2012 - 18:48:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Généatique 2012
O43 - CFD: 21/06/2014 - 11:15:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Généatique 2014
O43 - CFD: 23/03/2013 - 16:31:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 04/09/2009 - 15:25:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
O43 - CFD: 31/10/2011 - 12:36:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iomega
O43 - CFD: 09/11/2013 - 01:41:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 13/10/2013 - 19:18:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
O43 - CFD: 14/07/2009 - 06:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 04/09/2009 - 15:51:45 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 14/03/2014 - 20:19:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 28/10/2012 - 00:09:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
O43 - CFD: 15/03/2014 - 20:12:36 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
O43 - CFD: 07/05/2011 - 12:31:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1
O43 - CFD: 11/03/2014 - 11:21:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
O43 - CFD: 04/09/2009 - 15:39:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Service
O43 - CFD: 04/02/2010 - 10:41:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 28/08/2012 - 17:00:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
O43 - CFD: 21/06/2014 - 11:10:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protectis - Sauvegarde en ligne
O43 - CFD: 09/05/2013 - 17:33:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDLL
O43 - CFD: 18/08/2013 - 17:27:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 08/11/2013 - 11:35:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
O43 - CFD: 11/01/2010 - 23:17:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 14/07/2009 - 17:35:05 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 13/09/2010 - 23:14:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
O43 - CFD: 06/10/2011 - 18:33:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 07/12/2009 - 23:07:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA DVD PLAYER
O43 - CFD: 18/05/2014 - 17:34:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 18/04/2011 - 23:26:40 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 17/04/2015 - 09:00:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 08/11/2013 - 11:15:55 - [] ----D C:\Users\Pierre\AppData\Roaming\A Note
O43 - CFD: 23/10/2013 - 18:29:23 - [] ----D C:\Users\Pierre\AppData\Roaming\Adobe
O43 - CFD: 06/02/2010 - 11:07:46 - [] ----D C:\Users\Pierre\AppData\Roaming\Anuman Interactive
O43 - CFD: 09/01/2010 - 17:38:11 - [] ----D C:\Users\Pierre\AppData\Roaming\ATI
O43 - CFD: 07/11/2013 - 20:07:28 - [] ----D C:\Users\Pierre\AppData\Roaming\AVAST Software
O43 - CFD: 03/05/2014 - 11:59:45 - [] ----D C:\Users\Pierre\AppData\Roaming\Capturino
O43 - CFD: 16/07/2014 - 18:02:11 - [] ----D C:\Users\Pierre\AppData\Roaming\Dropbox
O43 - CFD: 16/07/2014 - 19:18:26 - [] ----D C:\Users\Pierre\AppData\Roaming\DropboxMaster
O43 - CFD: 18/05/2014 - 17:37:06 - [] ----D C:\Users\Pierre\AppData\Roaming\dvdcss
O43 - CFD: 26/12/2010 - 19:44:04 - [] ----D C:\Users\Pierre\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
O43 - CFD: 01/08/2013 - 21:17:50 - [] ----D C:\Users\Pierre\AppData\Roaming\fr.orange.assistancelivebox =>.Orange Corporation
O43 - CFD: 23/10/2013 - 18:19:51 - [] ----D C:\Users\Pierre\AppData\Roaming\FreeSoftwareUpdater =>PUP.Eorezo
O43 - CFD: 17/11/2013 - 12:07:49 - [] ----D C:\Users\Pierre\AppData\Roaming\GlarySoft
O43 - CFD: 09/01/2010 - 17:42:57 - [] ----D C:\Users\Pierre\AppData\Roaming\Google
O43 - CFD: 21/06/2014 - 11:15:35 - [] ----D C:\Users\Pierre\AppData\Roaming\Généatique
O43 - CFD: 22/10/2011 - 16:49:09 - [] ----D C:\Users\Pierre\AppData\Roaming\Généatique2010
O43 - CFD: 09/01/2010 - 17:37:32 - [] ----D C:\Users\Pierre\AppData\Roaming\Identities
O43 - CFD: 13/09/2010 - 23:12:51 - [] ----D C:\Users\Pierre\AppData\Roaming\InstallShield
O43 - CFD: 21/04/2012 - 11:06:02 - [] ----D C:\Users\Pierre\AppData\Roaming\IObit
O43 - CFD: 04/09/2009 - 15:39:21 - [] ----D C:\Users\Pierre\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 17:35:05 - [0] ----D C:\Users\Pierre\AppData\Roaming\Media Center Programs
O43 - CFD: 18/11/2013 - 15:08:41 - [] -S--D C:\Users\Pierre\AppData\Roaming\Microsoft
O43 - CFD: 18/11/2013 - 14:44:11 - [] ----D C:\Users\Pierre\AppData\Roaming\Mozilla
O43 - CFD: 15/03/2014 - 20:15:16 - [] ----D C:\Users\Pierre\AppData\Roaming\OpenOffice
O43 - CFD: 11/01/2010 - 23:45:35 - [] ----D C:\Users\Pierre\AppData\Roaming\OpenOffice.org
O43 - CFD: 14/06/2014 - 21:51:36 - [] ----D C:\Users\Pierre\AppData\Roaming\Orange
O43 - CFD: 24/07/2014 - 23:20:42 - [] ----D C:\Users\Pierre\AppData\Roaming\Skype
O43 - CFD: 18/06/2011 - 10:14:14 - [] ----D C:\Users\Pierre\AppData\Roaming\skypePM
O43 - CFD: 17/05/2012 - 19:01:41 - [0] ----D C:\Users\Pierre\AppData\Roaming\Template
O43 - CFD: 09/01/2010 - 18:59:47 - [] ----D C:\Users\Pierre\AppData\Roaming\Toshiba
O43 - CFD: 24/01/2010 - 12:02:43 - [] ----D C:\Users\Pierre\AppData\Roaming\U3
O43 - CFD: 18/05/2014 - 18:02:17 - [] ----D C:\Users\Pierre\AppData\Roaming\vlc
O43 - CFD: 25/08/2012 - 23:07:51 - [] ----D C:\Users\Pierre\AppData\Roaming\WildTangent
O43 - CFD: 07/01/2011 - 18:17:36 - [] ----D C:\Users\Pierre\AppData\Roaming\WinBatch
O43 - CFD: 24/10/2010 - 23:38:27 - [0] ----D C:\Users\Pierre\AppData\Roaming\Windows Live Writer
O43 - CFD: 15/01/2010 - 20:19:18 - [] ----D C:\Users\Pierre\AppData\Roaming\Yahoo!
O43 - CFD: 17/04/2015 - 13:18:12 - [] ----D C:\Users\Pierre\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 24/01/2014 - 19:35:05 - [] ----D C:\Users\Pierre\AppData\Local\Adobe
O43 - CFD: 09/01/2010 - 17:33:43 - [] -SH-D C:\Users\Pierre\AppData\Local\Application Data
O43 - CFD: 06/09/2014 - 22:40:37 - [] ----D C:\Users\Pierre\AppData\Local\Apps
O43 - CFD: 09/01/2010 - 17:38:11 - [] ----D C:\Users\Pierre\AppData\Local\ATI
O43 - CFD: 12/11/2014 - 18:50:04 - [] ----D C:\Users\Pierre\AppData\Local\Diagnostics
O43 - CFD: 31/10/2011 - 12:36:35 - [] ----D C:\Users\Pierre\AppData\Local\Downloaded Installations
O43 - CFD: 02/03/2014 - 00:55:23 - [0] ----D C:\Users\Pierre\AppData\Local\ElevatedDiagnostics
O43 - CFD: 14/11/2013 - 18:48:31 - [] ----D C:\Users\Pierre\AppData\Local\Google
O43 - CFD: 09/01/2010 - 17:33:43 - [] -SH-D C:\Users\Pierre\AppData\Local\Historique
O43 - CFD: 30/10/2013 - 18:57:15 - [] ----D C:\Users\Pierre\AppData\Local\HP
O43 - CFD: 17/06/2012 - 22:31:42 - [] ----D C:\Users\Pierre\AppData\Local\Macromedia
O43 - CFD: 27/11/2013 - 18:55:04 - [] ----D C:\Users\Pierre\AppData\Local\Microsoft
O43 - CFD: 10/01/2010 - 12:37:53 - [] ----D C:\Users\Pierre\AppData\Local\Microsoft Games
O43 - CFD: 13/11/2011 - 17:25:08 - [0] ----D C:\Users\Pierre\AppData\Local\MigWiz
O43 - CFD: 08/11/2013 - 11:23:42 - [] ----D C:\Users\Pierre\AppData\Local\Mozilla
O43 - CFD: 17/12/2010 - 23:51:38 - [] ----D C:\Users\Pierre\AppData\Local\Orange
O43 - CFD: 18/11/2011 - 12:42:05 - [0] ----D C:\Users\Pierre\AppData\Local\PackageAware
O43 - CFD: 08/11/2013 - 11:33:44 - [] ----D C:\Users\Pierre\AppData\Local\Programs
O43 - CFD: 17/04/2015 - 09:05:20 - [] ----D C:\Users\Pierre\AppData\Local\Temp
O43 - CFD: 09/01/2010 - 17:33:43 - [] -SH-D C:\Users\Pierre\AppData\Local\Temporary Internet Files
O43 - CFD: 09/01/2010 - 22:14:05 - [] ----D C:\Users\Pierre\AppData\Local\Toshiba
O43 - CFD: 09/01/2010 - 17:44:26 - [] ----D C:\Users\Pierre\AppData\Local\TOSHIBA_Corporation
O43 - CFD: 23/03/2013 - 18:51:15 - [] ----D C:\Users\Pierre\AppData\Local\VirtualStore
O43 - CFD: 11/01/2010 - 19:03:18 - [] ----D C:\Users\Pierre\AppData\Local\WDSetup
O43 - CFD: 18/11/2013 - 15:08:41 - [] ----D C:\Users\Pierre\AppData\Local\Windows Live
O43 - CFD: 24/10/2010 - 23:38:34 - [] ----D C:\Users\Pierre\AppData\Local\Windows Live Writer
O43 - CFD: 14/07/2009 - 06:54:32 - [] R---D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 07/06/2014 - 20:42:35 - [] R---D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 03/05/2014 - 11:25:23 - [] ----D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Capturino V2.20
O43 - CFD: 15/01/2010 - 20:19:15 - [] ----D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 07/06/2014 - 20:45:37 - [] ----D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 16/01/2013 - 00:12:40 - [] ----D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14/07/2009 - 06:49:38 - [] R---D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 13/08/2012 - 23:07:34 - [] ----D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange
O43 - CFD: 17/05/2011 - 11:48:34 - [] ----D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockers Team
O43 - CFD: 05/12/2014 - 18:00:48 - [] R---D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 18/06/2011 - 10:26:59 - [] --H-D C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
~ Program Folder: 248 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 13/04/2015 - 14:56:51 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.AC849B99E032F4017BB1CE37934DD4AF] - 17/04/2015 - 07:53:51 ---A- . (...) -- C:\Windows\setupact.log [112]
O44 - LFC:[MD5.CD78F1C440807DECBBCDA0D02CC8A653] - 17/04/2015 - 07:54:03 ---A- . (...) -- C:\Windows\System32\Ikeext.etl [65536]
O44 - LFC:[MD5.AA62C5D53AC00937186486F485BEFB7B] - 17/04/2015 - 07:56:35 ---A- . (...) -- C:\TMachInfo.log [435]
O44 - LFC:[MD5.06863CE49FF81361E4CC7B5EE9F93C47] - 17/04/2015 - 07:59:44 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669656]
O44 - LFC:[MD5.2A8FEB0681A0DC61053F2E90BB57005A] - 17/04/2015 - 07:59:44 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122352]
O44 - LFC:[MD5.39018FAB6487E3D179160FB6A30712F0] - 17/04/2015 - 07:59:44 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150402]
O44 - LFC:[MD5.4B2E19BA432870A24502417BEAC7EED9] - 17/04/2015 - 07:59:44 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654480]
O44 - LFC:[MD5.74BDC6ABFA557228A740E3A79C85D505] - 17/04/2015 - 07:59:44 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747910]
O44 - LFC:[MD5.498F6CBCFBEC8ABB18FF75BBEE4CF274] - 17/04/2015 - 11:34:18 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A7626AA76B558D8831EE6578772E41F0] - 17/04/2015 - 11:44:31 ---A- . (...) -- C:\Windows\WindowsUpdate.log [105399]
~ Files: 11 Scanned in 00mn 03s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Keys Export: 4 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{996f88be-fd3f-11de-b67f-0026b639ed10}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\PowerSuite [Key] . (...) -- C:\Program Files (x86)\Uniblue\PowerSuite\launcher.exe (.not file.) =>PUP.UniblueSystem
O53 - SMSR:HKLM\...\startupreg\RoboForm [Key] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
O53 - SMSR:HKLM\...\startupreg\Software updater [Key] . (...) -- C:\Users\Pierre\AppData\Roaming\FreeSoftwareUpdater\updater.exe =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\TosNC [Key] . (...) -- C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)
~ SMSR Keys: 4 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:16/07/2014 - 18:10:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:16/07/2014 - 18:10:36 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28184]
O58 - SDL:16/07/2014 - 18:10:53 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [79184]
O58 - SDL:01/05/2014 - 19:03:19 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswndisflt.sys.1400426628714 [447888]
O58 - SDL:28/11/2011 - 18:52:22 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\Drivers\aswRdr.sys [42328]
O58 - SDL:16/07/2014 - 18:10:52 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
O58 - SDL:16/07/2014 - 18:10:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:16/07/2014 - 18:10:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [1041168]
O58 - SDL:01/05/2014 - 19:03:40 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400426628714 [1039096]
O58 - SDL:16/07/2014 - 18:11:15 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [427360]
O58 - SDL:01/05/2014 - 19:03:40 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400426628714 [423240]
O58 - SDL:16/07/2014 - 18:10:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1405530675343 [426848]
O58 - SDL:16/07/2014 - 18:10:53 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [92008]
O58 - SDL:16/07/2014 - 18:10:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:20/06/2009 - 03:09:57 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [1394688]
O58 - SDL:30/07/2009 - 12:07:12 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [6037504]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:04/06/2009 - 17:54:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [408600]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:30/07/2009 - 20:02:36 ---A- . (.COMPAL ELECTRONIC INC. - LPCFilter.) -- C:\Windows\System32\Drivers\LPCFilter.sys [44912]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:11/02/2011 - 22:23:34 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:28/09/2009 - 09:55:42 ---A- . (...) -- C:\Windows\System32\Drivers\OXSDIDRV_x64.sys [51760]
O58 - SDL:25/05/2010 - 08:14:34 ---A- . (...) -- C:\Windows\System32\Drivers\OXUDIDRV_x64.sys [31280]
O58 - SDL:22/06/2009 - 17:06:38 ---A- . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\Drivers\PGEffect.sys [35008]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:22/05/2009 - 21:52:30 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [215040]
O58 - SDL:20/05/2009 - 18:04:56 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RtHDMIVX.sys [202016]
O58 - SDL:28/07/2009 - 21:00:14 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [1966624]
O58 - SDL:26/04/2010 - 16:23:08 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192se.sys [1103904]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:20/07/2009 - 17:48:32 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [274480]
O58 - SDL:30/07/2009 - 19:22:04 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys [27784]
O58 - SDL:24/07/2009 - 15:57:08 ---A- . (.TOSHIBA Corporation - tos_sps64.) -- C:\Windows\System32\Drivers\tos_sps64.sys [482384]
O58 - SDL:19/06/2009 - 19:15:22 ---A- . (.TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64.) -- C:\Windows\System32\Drivers\TVALZFL.sys [14472]
O58 - SDL:14/07/2009 - 15:31:18 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [26840]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
~ Drivers: 72 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/04/2015 - 13:18:33 ---A- . (...) -- C:\Users\Pierre\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptuyd3z.dll [43008]
~ 7 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 1 Scanned in 00mn 08s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 16/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 16/07/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 16/07/2014 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 16/07/2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 16/07/2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 16/07/2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 16/07/2014 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 16/07/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 126 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Pierre\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415..clientLogIsEnabled", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e+x305.from_oldbar.enc", "JH4nQTM0NjN5RTo9KnIseXp+ejEoMztNR0VJSExZUllLM15TVkMsRTM0ODNKQUxUZmBXY2Rnb2peS3[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e,x305.from_oldbar.enc", "JH4oQS8/Pjd5RTo9KnIseXt4fTEoMzxHSEAsV0xPPCU+LC4rL0M6RU5ZUFtXZ2pmQm1iRV5pVD1WRE[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e-x305.from_oldbar.enc", "JH4pNjA8NjZ5RTo9KnIseXogezEoMz1GK1VKTUtHSVlNM1NdT0MsRTM0OTRKQUxWW15sZW5wbHFkc2[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e/x305.from_oldbar.enc", "JH4rQTU2MnhEOTwpcSt4fHt3MCcyPkxDQ1NOLVhbPCU+LDAuNEM6RVFYYmleZ1pBbGFkUTpTQUVDSF[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e06cg5el;8i:k.from_oldbar.enc", "JH4tLyJqdHN1d3R1eHR0dyQvS0lHT0I1fV1cPQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e0x305.from_oldbar.enc", "JH4sQDpAd0M4OyhwKnd8dX0vJjE+QSlVR0hNUVpOWlkyXVJVQitEMjcwN0lAS1heaF5wbm5mdGJuaW[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e2x305.from_oldbar.enc", "JH4uNUIxPT05OntHPD8sdC55IH0yKTRDVlVORy5ZTlEyXk9BKkM1NzIxSD9KWWVfX2JsW3FzaXVpdX[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e31;cj7@3=i\"mbe.from_oldbar.enc", "JH5hOT8jayVweHZ5KiEsbkFPRE0yejRDTD9JVS5ZTlE+NUAjYFVQWFNWUEkyS3h7TkVQ[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e31;cj:9c5a@gc?plpd*ujm.from_oldbar.enc", "JH5hOT8jayVxdnlzKiEsbkFPRE0yejRGRU9BTUxTT0tcWFxQNmFWWUY9SCtXW[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e31;cjc<=fbj#ncf.from_oldbar.enc", "JH5hOT8jayV1dndxKiEsbkFPRE0yejRPSElSTlYvWk9SPzZBJFBMVmJHMEk7S0JNMFxd[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e31;cjig=ki\"mbe.from_oldbar.enc", "JH5hOT8jayV0cXgpICttQE5DTDF5M1RSSFZULVhNUD00PyJfYlBELUY4NklAS1hcY084[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e3x305.from_oldbar.enc", "JH4vQT87NjM/R0Y/fUk+QS52MH4iJCE1LDdHS1lXS0pIWFhOXjdiVzpTXkkySzo9PztQR1JibGJddX[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e4x305.from_oldbar.enc", "JH4wLEB2Qjc6J28pd3t0di4lMEE+T0lKUitVVTojPCsvKClBOENUUV5dVmFfVmhcQm1iZVI7VENGSU[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e5x305.from_oldbar.enc", "JH4xNkIrd0M4OyhwKnl1encvJjFDSz1JVkpQWS5ZTjFKVUApQjIuMy9HPklbXVlaal5YcHJiZ0l0aW[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e7x305.from_oldbar.enc", "JH4zPSw/Pj95RTo9KnIse3p5ejEoM0dHRURRWVdbUEtQS01eVFVTUzplWl1KM0w8Ozo5UUhTZ3VjY2[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e9x305.from_oldbar.enc", "JH41Myw/MnhEOTwpcSt7dXl5MCcySExPT0RQTEdUWFxQSDRfVFdELUY3MTU0S0JNY2tdX19zaWtKdW[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e=x305.from_oldbar.enc", "JH45MzY/QUE3OTV8SD1ALXUvIH4gIjQrNlBUWVdMVU9RWzRfVFdELUY3Njc4S0JNZ2twbmBvYWZrY2[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7e>x305.from_oldbar.enc", "JH46QTY/MjI4OHtHPD8sdC5+ICF8Myo1UE9TRkgvWk9SPyhBMjM0L0Y9SGNcXWZiakNuY2ZTPFVGR0[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7ebe3g=;d9n9=d.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTNLVw==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7ebx305.from_oldbar.enc", "JH4+OTFBMD0zRUA2Mn5KP0IvdzF7fSM1LDdWWUlITk9RUlxOTFVTW1RgWlo+aV5hTjdQOz1BVEtWdX[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b+7ecx305.from_oldbar.enc", "JH4/PTAwQzEuekY7PitzLXsgfjEoM1NRVlVRV1pPWExeM15TVkMsRTQ4NklAS2tZVmxoa0ZxZmlWP1[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b-0?3g@6:5;.from_oldbar.enc", "AA==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b-0?3gfa7ef.from_oldbar.enc", "Ky4sPQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b-3=3eccja=f>.from_oldbar.enc", "JH4zPSxFL0E1J28pKiEsOT1EMHgyMyo1REhYTDojLjM+WGBPZFZgT2hSZFhYY15gTjdrcWdhcF[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b/>01=9a6k6@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b5ba==9cjag.from_oldbar.enc", "PGs+cGtDQXZ6Q0R2eHl1S3ZMIk9S");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1vcW5vcm13c3d2eA==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b9643g3/9e.from_oldbar.enc", "ag==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b<:222h64<.from_oldbar.enc", "OT81Lz4=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b=+03eh8h8j?:.from_oldbar.enc", "REM=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9b?b0d:8aj62O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415./9ba@0<0bi6a7gn:6@l?.from_oldbar.enc", "bms=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.BrowserCompStateIsOpen_129502651137682069", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.BrowserCompStateIsOpen_129560745131733767", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.BrowserCompStateIsOpen_129568529618689765", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.BrowserCompStateIsOpen_129683315081957463", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.BrowserCompStateIsOpen_130104337782566575", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.CT2856415.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT285641[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.CTID", "CT2856415");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ConfigurationLastCheckTime", "Wed Nov 13 2013 20:08:07 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.CurrentServerDate", "13-11-2013");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.DialogsGetterLastCheckTime", "Thu Nov 07 2013 19:09:17 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"BannerCulture\":\"\",\"DownloadTim[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ExternalComponentPollDate129400801613475328", "Thu Nov 17 2011 19:18:20 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.FirstServerDate", "26-12-2010");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.FirstTime", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.FirstTimeFF3", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.FixPageNotFoundErrors", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.Initialize", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.InstalledDate", "Sun Dec 26 2010 18:06:14 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.InvalidateCache", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.IsGrouping", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.IsMulticommunity", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.IsOpenUninstallPage", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LanguagePackLastCheckTime", "Wed Nov 13 2013 20:08:07 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.12.0.7", "Fri May 04 2012 22:53:05 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.12.2.3", "Fri Jun 01 2012 23:26:11 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.13.0.6", "Sun Jul 15 2012 18:07:48 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.14.1.0", "Sat Aug 25 2012 22:38:13 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.15.1.0", "Thu Dec 20 2012 11:49:01 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.16.0.3", "Fri Mar 15 2013 21:56:53 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.18.0.7", "Wed Oct 23 2013 17:18:05 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.2.5.2", "Mon Apr 18 2011 17:30:32 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.20.0.4", "Wed Nov 13 2013 20:08:07 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.3.3.2", "Sat Aug 20 2011 23:47:18 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.6.0.10", "Tue Oct 04 2011 12:06:11 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.7.0.6", "Sun Nov 06 2011 18:43:10 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LastLogin_3.8.0.8", "Thu Nov 17 2011 19:18:22 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.LatestVersion", "3.20.0.4");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.Locale", "en");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.MAX_NUMBER_OF_ALERTS_129560745131733767", "2_1321197848496");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioIsPodcast", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioLastCheckTime", "Thu Nov 17 2011 19:18:22 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioLastUpdateIPServer", "3");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioLastUpdateServer", "129400869186670000");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioMediaID", "21753721");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioMediaType", "Media Player");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioMenuSelectedID", "EBRadioMenu_CT285641521753721");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioStationName", "California%20Rock%20-%20Rock");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RadioStationURL", "http://www.feedlive.net/california.asx");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RestartDialogFirstTime", "false");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.RestartDialogShouldDisplay", "false");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SHRINK_TOOLBAR", 1);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SavedHomepage", "http://r.orange.fr/r/Ohome_accueil?ref=O_toolbar32_hook_defaultPage");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchAPILastCheckTime", "Wed Nov 13 2013 20:08:07 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2856415&octid=EB_ORIG[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchEngineBeforeUnload", "Orange");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&q=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchInNewTabLastCheckTime", "Wed Oct 23 2013 17:17:54 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchInNewTabURLFromSearchAPI", "http://search.conduit.com/?ctid=CT2856415&octid=CT2856415&SearchSource=15&C[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchInNewTabUserEnabled", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchProtectorEnabled", false); =>PUP.SearchProtect
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SearchProtectorToolbarDisabled", false); =>PUP.SearchProtect
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ServiceMapLastCheckTime", "Wed Nov 13 2013 20:08:07 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SettingsLastCheckTime", "Wed Nov 13 2013 20:07:58 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.SettingsLastUpdate", "1384332970");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ThirdPartyComponentsLastCheck", "Sun Nov 06 2011 18:43:09 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ThirdPartyComponentsLastUpdate", "1312887586");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.UserID", "UN17712671763679533");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ValidationData_Search", 0);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.WeatherNetwork", "");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.WeatherPollDate", "Thu Nov 17 2011 19:18:23 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.WeatherUnit", "C");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415._9b_7e.:2z527.from_oldbar.enc", "JH5vcnF0NUN5RTo9KnIsdXp4fTEoMyMkK0lTVC5ZTlE+J0AqKzIwRTxHMjs8VWRgakNuY2ZTPFU/[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415._fb_dailyactivity.from_oldbar.enc", "MTMwMTMxODQ2NzM1Ng==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415._fb_lifetimesent.from_oldbar.enc", "VFJVRQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.alertChannelId", "1248439");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.approveUntrustedApps", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D474549484C5952594B335E5356432C4[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A4[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462B554A4D4B4749594D33535D4F432C4[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e.:2z527",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737577747578747477242F4B49474F42357D5D5C3D");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e0x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e2x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e31;cj7@3=i\"mbe", "247E61393F236B25707876792A212C6E414F444D327A34434C3F49552E594E513E354[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e31;cj:9c5a@gc?plpd*ujm", "247E61393F236B25717679732A212C6E414F444D327A3446454F414D4C534F[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e31;cjc<=fbj#ncf",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e3x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F2829413843545[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e5x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e6x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e9x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e=x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7e>x305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7ebx305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b+7ecx305",
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b-0?3g@6:5;", "");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F645[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b/>01=9a6k6O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b5ba==9cjag", "3C6B3E706B4341767A4344767879754B764C224F52");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F716E6F726D7773777678");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b9643g3/9e", "6A");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b<:222h64<", "393F352F3E");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b=+03eh8h8j?:", "4443");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52")[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9b?b0d:8aj62O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage._fb_dailyactivity", "31333031333138343637333536");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage._fb_lifetimesent", "54525545");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.cb_firstuse0100", "31");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.cbfirsttime", "547565204F637420303420323031312031323A30363A323320474D542B30323030");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.facebook_ctid_connect_send", "73656E646564");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.sf_just_installed", "46414C5345");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.sf_status", "454E41424C4544");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.sf_user_got_first_time_window", "54525545");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.sf_user_id", "6369645F3230353230313131323133313239313632353730");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smsp_alertcounter", "30");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smsp_lastalertshowdt", "352D342D313131");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smsp_lastalertshowts", "31333038323136353637333531");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smsp_settcounter", "33");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smspcntryinfo", "37335F3333");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smspcntryshort", "4652");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smspcntryts", "31333031323237373832373635");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.smspunuid", "736D737031333031323237373833353534");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.url_history", "687474703A2F2F7777772E676F6F676C652E636F6D2F6368726F6D652F65756C612E68746D6C3F6[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.backendstorage.url_history_time", "31333231323035343536373030");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.cb_firstuse0100.from_oldbar.enc", "MQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.cbfirsttime.from_oldbar.enc", "VHVlIE9jdCAwNCAyMDExIDEyOjA2OjIzIEdNVCswMjAw");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.countryCode", "FR");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.facebook_ctid_connect_send.from_oldbar.enc", "c2VuZGVk");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.firstTimeDialogOpened", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.fixPageNotFoundErrorByUser", "TRUE");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.fullUserID", "UN17712671763679533.UP.20550921");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.globalFirstTimeInfoLastCheckTime", "Thu Nov 17 2011 19:18:23 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.initDone", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.installType", "DirectDownload");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.isPerformedSmartBarTransition", "true");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.keyword", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?gd=&ctid=CT2856415&octi[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.lastVersion", "10.30.1.502");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.myStuffEnabled", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"chrome%3A%2F%2Fglobal%2Fcontent%2Fn[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.oldAppsList", "129355801161631541,129355801162881559,111,129400801320662939,129400801613475328,12964872940660[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.originalSearchAddressUrl", "http://r.orange.fr/r?ref=O_toolbar32_hook_syntaxError&url=http%3A//rws.search.ke.[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.performedDomainChangesMigration", "true");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.revertSettingsEnabled", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.search.searchCount", 0);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.searchFromAddressBarEnabledByUser", "true");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.searchInNewTabEnabledByUser", "false");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.searchProtectorDialogDelayInSec", 10); =>PUP.SearchProtect
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.searchProtectorEnableByLogin", true); =>PUP.SearchProtect
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.searchSuggestEnabledByUser", "false");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2856415\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://Elf1.Our[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Elf 1 \"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_Configuration_lastUpdate", "1429267517821");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_login_10.20.101.5_lastUpdate", "1384682445498");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_login_10.22.3.518_lastUpdate", "1387119303011");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396819573052");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_login_10.29.0.520_lastUpdate", "1399372246720");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_login_10.30.1.502_lastUpdate", "1429267517693");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_searchAPI_lastUpdate", "1429267517818");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_serviceMap_lastUpdate", "1429267517820");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_toolbarSettings_lastUpdate", "1429267517823");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.serviceLayer_services_translation_lastUpdate", "1429267517816");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.settingsINI", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.sf_just_installed.from_oldbar.enc", "RkFMU0U=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.sf_status.from_oldbar.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.sf_user_got_first_time_window.from_oldbar.enc", "VFJVRQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.sf_user_id.from_oldbar.enc", "Y2lkXzIwNTIwMTExMjEzMTI5MTYyNTcw");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.showToolbarPermission", "false");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smartbar.CTID", "CT2856415");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smartbar.Uninstall", "0");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smartbar.toolbarName", "Elf 1 ");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smsp_alertcounter.from_oldbar.enc", "MA==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smsp_lastalertshowdt.from_oldbar.enc", "NS00LTExMQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smsp_lastalertshowts.from_oldbar.enc", "MTMwODIxNjU2NzM1MQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smsp_settcounter.from_oldbar.enc", "Mw==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smspcntryinfo.from_oldbar.enc", "NzNfMzM=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smspcntryshort.from_oldbar.enc", "RlI=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smspcntryts.from_oldbar.enc", "MTMwMTIyNzc4Mjc2NQ==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.smspunuid.from_oldbar.enc", "c21zcDEzMDEyMjc3ODM1NTQ=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.testingCtid", "");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.toolbarAppMetaDataLastCheckTime", "Wed Nov 13 2013 20:08:07 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.toolbarBornServerTime", "26-12-2010");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.toolbarContextMenuLastCheckTime", "Sat Nov 12 2011 18:21:24 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.toolbarCurrentServerTime", "6-7-2014");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.toolbarLoginClientTime", "Thu Nov 14 2013 17:10:21 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.upgradeFromOBVersion", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.url_history.from_oldbar.enc", "aHR0cDovL3d3dy5nb29nbGUuY29tL2Nocm9tZS9ldWxhLmh0bWw/aGw9ZnI=");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.url_history_time.from_oldbar.enc", "MTMyMTIwNTQ1NjcwMA==");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415.usagesFlag", 2);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CT2856415_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1429269443227,\"isWithState\"[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2856415/CT2856415", "\"93bef1fafdd90ec4e1574caa[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1248439/1244112/FR", "\"0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/FR", "\"0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2856415", "\"1365960178\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJ[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeH[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlU[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"80161a5ed5ccc1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"dfe74040abc2ce1:0\""[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"9f8d2729abc2ce1:0\""[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"80ee9485875dcc1:0\""[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"80ee9485875dcc1:0\"")[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2856415", "\"52c3f1538cb4af4ada257fcbc6[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/toolbar/", "\"634386539058500000\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634285417620000000"); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "6343354438900[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2010 3:22:42 PM", "634293235860[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2010 4:33:06 PM", "634303635100[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=2/17/2011 12:59:49 PM", "634339976460[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "6343561183100[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2856415&octid=CT2856415", "\"1321280773\""); =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2856415/CT2856415", "\"1311601158\"");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"65063552077b658639362bf4e7[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"1f5851f12d58a6c6d5b555ddd5415b6a\[...] =>Toolbar.Conduit
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.EngineOwner", "");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.EngineOwnerGuid", "{22e03916-85c5-44b0-8dc9-1830c11238d9}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.EngineOwnerToolbarId", "elf_1");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.IsEngineShown", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Pierre\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\ytryzi5g.de[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://pgcff.pricegong.com/agreement/agree.html#pg_ext_msg_key_eecd3002", "356x332[...] =>Adware.PriceGong
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.OriginalEngineOwner", "CT2856415");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{22e03916-85c5-44b0-8dc9-1830c11238d9}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "elf_1");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://r.orange.fr/r?ref=O_toolbar32_hook_syntaxError&url=http%3A//rws[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ToolbarsList", "CT2856415");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2856415");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Apr 18 2011 17:39:14 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jul 26 2011 23:09:30 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.locale", "en");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Aug 25 2011 22:54:26 GMT+0200");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.showTrayIcon", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.alert.userId", "851514c3-30d9-48c2-a539-c28ea2ba11f9");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.globalUserId", "43bd4785-786e-47f7-b992-e970c35c7501");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2856415");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.killedEngine", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Nov 13 2011 16:16:10 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Nov 17 2011 19:18:30 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.locale", "en");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Nov 17 2011 19:18:22 GMT+0100");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.notifications.userId", "a0d71096-85d9-4186-8112-0275b7e60864");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("CommunityToolbar.undefined", "");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("browser.search.defaultthis.engineName", "Elf 1 Customized Web Search");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&SearchSource=3&q={searchTerms}");
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("extensions.enabledItems", "{E6768F2A-D4C3-457D-A1A8-3472BF16267D}:Build 315,engine@conduit.com:3.2.5.2,{22e03916-85c5-4[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&octid=CT2856415&CUI=UN17712671763679533&UM=&Sea[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("plugin.state.npconduitfirefoxplugin", 2);
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&q=,http://search.condu[...]
O69 - SBI: prefs.js [Pierre - ytryzi5g.default] user_pref("smartbar.searchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2856415&q=,http://search.conduit.com/[...]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} [DefaultScope] - (Orange) - http://r.orange.fr
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Elf 1.15 Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {EC57C441-2664-4CEB-A37C-859756A07E58} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D79DD0AB326C102AC7DF51C1C2654053] [SPRF][15/01/2010] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][15/01/2010] (...) -- C:\Users\Pierre\AppData\Roaming\wklnhst.dat [0]
[MD5.FE9176A1C2B4A81AFDE6EDD74A6A1DEE] [SPRF][27/10/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1956816]
~ Files: 3 Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "8B501B6E56F182443979D1DFA8309BD4" . (.SupraSavings.) -- c:\Windows\Installer\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}\icon64.ico =>PUP.SupraSavings
~ Update Products: 1 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9D0767859EE938C0C4FAC30693109843] [WIS][02/04/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\278a5a.msi [3162112] =>PUP.SupraSavings
~ WIS: 1 Scanned in 00mn 06s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\driverscanner_RASAPI32 =>PUP.DriverScanner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\driverscanner_RASMANCS =>PUP.DriverScanner
~ BTK: 379 Scanned in 00mn 01s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider
~ BCK: 4377 Scanned in 00mn 19s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 06/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 01/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 30/06/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 30/06/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/09/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 10/02/2011 112080 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation
SS - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 29/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 01/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 10/08/2009 248688 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
SR - | Auto 14/07/2009 42368 | (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
SR - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
SR - | Auto 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
SR - | Auto 08/09/2013 2654544 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 21/01/2014 699912 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 16/05/2013 1817560 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 16/05/2013 1033688 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 15/05/2013 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Demand 11/02/2011 54136 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation
SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 05/08/2009 488800 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Auto 27/08/2009 251760 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe =>.Toshiba Corporation
SR - | Demand 03/08/2009 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
SR - | Demand 04/08/2009 826224 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 20s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Pierre at 17/04/2015 13:20:13
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Pierre at 17/04/2015 13:20:15
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/04/2015)
Clés trouvées (Keys found) : 28
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 13
Fichiers trouvés (Files found) : 12

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}] =>PUP.SupraSavings^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1] =>PUP.DriverSoft^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}] =>PUP.SupraSavings^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings] =>PUP.SupraSavings^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PowerSuite] =>PUP.UniblueSystem^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Software updater] =>PUP.Eorezo^
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ytryzi5g.default\extensions\SupraSavings@jetpack =>PUP.SupraSavings^
C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit^
C:\Program Files (x86)\Driver-Soft =>PUP.DriverSoft^
C:\Program Files (x86)\SupraSavings =>PUP.SupraSavings^
C:\ProgramData\DriverGenius =>PUP.DriverGenius^
C:\ProgramData\Uniblue =>PUP.UniblueSystem^
C:\Users\Pierre\AppData\Roaming\FreeSoftwareUpdater =>PUP.Eorezo^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Users\Pierre\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Pierre\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit
C:\Users\Pierre\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ytryzi5g.default\Conduit =>Toolbar.Conduit
C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ytryzi5g.default\Smartbar =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar^
[HKCU\Software\AppDataLow\Software\Supra Savings] =>PUP.SupraSavings^
[HKCU\Software\AppDataLow\Software\suprasavings] =>PUP.SupraSavings^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\SupraSavings] =>PUP.SupraSavings^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Driver-Soft] =>PUP.DriverSoft^
[HKLM\Software\Wow6432Node\Uniblue] =>PUP.UniblueSystem^
C:\Windows\Installer\278a5a.msi =>PUP.SupraSavings^
[HKCR\CLSID\{320AF880-6646-11D3-ABEE-C5DBF3571F49}] (SavePass) =>PUP.CrossRider^
~ Additionnel Scan: 276472 Items scanned in 00mn 56s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 6 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-suprasavings =>PUP.SupraSavings
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.DriverSoft
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://www.nicolascoolman.fr/blog/ =>PUP.LevelQualityWatcher
http://www.nicolascoolman.fr/blog/ =>PUP.UniblueSystem
http://www.nicolascoolman.fr/blog/ =>PUP.DriverGenius
http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo
http://www.nicolascoolman.fr/blog/ =>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://www.nicolascoolman.fr/blog/ =>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>PUP.DriverScanner
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedUpMyPC
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://www.nicolascoolman.fr/blog/ =>Toolbar.Yahoo
http://www.nicolascoolman.fr/blog/ =>Toolbar.Sorcim
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
~ MSI: 21 link(s) detected in 00mn 00s



End of the scan (1829 lines in 04mn 13s)(0.11)

Publicité


Signaler le contenu de ce document

Publicité