cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.8.23.124 Par Nicolas Coolman (2015/08/23)
~ Démarré par Charlotte Chris (Administrator) (2015/08/23 16:20:36)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Users\Charlotte Chris\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Charlotte Chris\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\ Navigateurs Internet (1) - 0s
MSIE: Internet Explorer v11.0.9600.17691

---\\ Informations sur les produits Windows (4) - 4s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Logiciels de protection (5) - 5s
Malwarebytes Anti-Malware version 2.1.8.1057
Microsoft Security Client v4.7.0205.0
Microsoft Security Essentials v4.7.205.0
Trusteer Sécurité des points d'accès v3.5.1412.176
Windows Defender W7 (Deactivate)

---\\ Surveillance de Logiciels (2) - 6s
Adobe Flash Player 18 NPAPI
Adobe Reader X

---\\ Informations sur le système (6) - 0s
~ Operating System: AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 5745.564 MB (45% free)
~ System Restore: Activé (Enable)
~ System drive C: has 455 GB free of 699 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: CHARLOTTECHRIS
~ User Name: Charlotte Chris
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 4s
~ Drive C: has 455 GB free of 699 GB (System)
~ Drive D: has 1 GB free of 15 GB

---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (23) - 2s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.36F99BD8A0F09BDBB7850A138845A014] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2358784]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [295808]

---\\ Processus lancés (39) - 5s
[MD5.5580856001F78FECEF19202A60334E7E] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [204288] [PID.340]
[MD5.86678C2F5081FEA3517D78E92230B5FF] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\stacsv64.exe [297984] [PID.1044]
[MD5.FC7C13B5A9E9BE23B7AE72BBC7FDB278] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [30520] [PID.1376]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.1812]
[MD5.A6FB9DB8F1A86861D955FD6975977AE0] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\Program Files\IDT\WDM\AESTSr64.exe [89600] [PID.1860]
[MD5.2EA8A28BFB202221636CB149D4CD21C5] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568] [PID.1888]
[MD5.612CB66D93ED0F2F21BB109840C7D813] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128] [PID.1916]
[MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.1948]
[MD5.692F8648D7686D91E34A65AC698019D8] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [951584] [PID.1984]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1324]
[MD5.6A181452D4E240B8ECC7614B9A19BDE9] - (.Hewlett-Packard Company - HP Client Services.) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [346168] [PID.1056]
[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.2072]
[MD5.F630DD7564EBB7248A13B1CC774D9EA6] - (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [26680] [PID.2096]
[MD5.3A0FF117B4ADC5ABE4D968E26A337158] - (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168] [PID.2120]
[MD5.442A10BF6B1DB6FC6ACD7F7A4FBA0F0B] - (. - Printer Communication System.) -- C:\Windows\system32\lxdncoms.exe [1039872] [PID.2144]
[MD5.1190DCB67838B9A487AFC5F24FC75A23] - (. - Printer Communication System.) -- C:\Windows\system32\lxducoms.exe [1039360] [PID.2172]
[MD5.2BACD71123F42CEA603F4E205E1AE337] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096] [PID.2772]
[MD5.2A46FFE841EC43001D5A293A54DB34DE] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [223104] [PID.2824]
[MD5.C89A94BBE70E7AEEB5A08F4D9031D5BD] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [482304] [PID.3924]
[MD5.170233B8D743EFE35F462A5D516B93E3] - (.Hewlett-Packard Company - HP Support Assistant Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85560] [PID.1824]
[MD5.5C430B3C872BD82E728ABB8C1821689F] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe [1128448] [PID.3592]
[MD5.076B3EE149E01ADBAC2DC529554A3FD9] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [169768] [PID.2232]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.2928]
[MD5.EC47C5E298D4BF5347714ACFB9707A51] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [1132320] [PID.1272]
[MD5.5732049E0D07DBAE6DB6E4CC762A3EA1] - (.Hewlett-Packard Development Company L.P. - HPConnectionManager.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe [2913336] [PID.4068]
[MD5.D59ABED205F424BD4C52419479930BE9] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296] [PID.3412]
[MD5.B8E421C0890356CD4A793D8A346D9096] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712] [PID.3768]
[MD5.894CE4301565675306C05BC50B9523DE] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520] [PID.2044]
[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.2728]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.396]
[MD5.E61BB95A7CB49696D25A0C4EBD108156] - (.Apple Inc. - iPodService Module (64-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [643880] [PID.3096]
[MD5.EC9739A46F1F83C6E52A7A4697F44A65] - (.Hewlett-Packard Company - hpqwmiex Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [799800] [PID.4212]
[MD5.BDEFC081D02C162DCB90738BE432D66B] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504] [PID.4444]
[MD5.E040F0064D39F73BB4995D494F3DCBB8] - (.Hewlett-Packard Development Company L.P. - HP Connection Manager Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [1071160] [PID.4564]
[MD5.22309C300E4F1E33BC75EDA065C3C384] - (.Hewlett-Packard Development Company L.P. - hpCaslNotification.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe [311352] [PID.4936]
[MD5.C861851A0BBD9903E324487011AA3705] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.5016]
[MD5.D28C5A1411BB0B47E05E0D6AAF896690] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.5096]
[MD5.84867350CFF4C8551E5F5A3D355D8CB3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Charlotte Chris\Desktop\ZHPDiag3.exe [1901056] [PID.4908]
[MD5.B4BFB9F068A27062AE8C133354D3E31F] - (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [727608] [PID.5340]

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (4) - 3s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (11) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object de navigateur (BHO) (2) - 1s
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

---\\ Internet Explorer, Barre d'outil (1) - 0s
O3 - Toolbar: 0xE3EFEB7F196B494398D2FFB09D4B49CA013A050000 - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.)

---\\ Applications lancées au démarrage du système (28) - 0s
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [BitComet] C:\Program Files (x86)\BitComet\BitComet.exe (.not file.)
O4 - HKCU\..\Run: [AdobeBridge] (Orphean)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [HPConnectionManager] . (.Hewlett-Packard Development Company L.P. - HPCMDelayStart Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3364599486-3294419484-1532009494-1001\..\Run: [BitComet] C:\Program Files (x86)\BitComet\BitComet.exe (.not file.)
O4 - HKUS\S-1-5-21-3364599486-3294419484-1532009494-1001\..\Run: [AdobeBridge] (Orphean)
O4 - HKUS\S-1-5-21-3364599486-3294419484-1532009494-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

---\\ Modification Domaine/Adresses DNS (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254

---\\ Protocole additionnel (21) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

---\\ Liste des services NT non Microsoft et non désactivés (19) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company - HP Client Services.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: lxdn_device (lxdn_device) . (. - Printer Communication System.) - C:\Windows\system32\lxdncoms.exe
O23 - Service: lxdu_device (lxdu_device) . (. - Printer Communication System.) - C:\Windows\system32\lxducoms.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Rapport Management Service (RapportMgmtService) . (...) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (.not file.)
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv64.exe

---\\ Tâches planifiées en automatique (13) - 3s
[MD5.368290D0A612D62DA6F3D798B1BB8FE7] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000]
[MD5.1315C5C5C54CE2AA37A155F97027DB59] [APT] [AdobeAAMUpdater-1.0-CharlotteChris-Charlotte Chris] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392]
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForCharlotte Chris] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704]
[MD5.87E7AABE4F6A0DFD6105224E4D88C4D7] [APT] [HPCustParticipation HP Photosmart Plus B210 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [3794792]
[MD5.00000000000000000000000000000000] [APT] [{18181EC7-C6E7-4D84-B460-73019C8D0259}] (...) -- c:\users\charlotte chris\appdata\local\google\chrome\application\chrome.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] =>.Adobe Systems Incorporated
O39 - APT: HPCeeScheduleForCharlotte Chris - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForCharlotte Chris.job [372] =>.Hewlett-Packard
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3940] =>.Adobe Systems Incorporated
O39 - APT: AdobeAAMUpdater-1.0-CharlotteChris-Charlotte Chris - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-CharlotteChris-Charlotte Chris [3534] =>.Adobe Systems Incorporated
O39 - APT: HPCeeScheduleForCharlotte Chris - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForCharlotte Chris [3246] =>.Hewlett-Packard
O39 - APT: HPCustParticipation HP Photosmart Plus B210 series - (.Hewlett-Packard Co..) -- C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series [3680] =>.Hewlett-Packard Co.
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{1788CAA4-FCA7-4870-A3D8-4E89AC50D2B1} [3446]
O39 - APT: {18181EC7-C6E7-4D84-B460-73019C8D0259} - (...) -- C:\Windows\System32\Tasks\{18181EC7-C6E7-4D84-B460-73019C8D0259} [3122]

---\\ Logiciels installés (144) - 12s
O42 - Logiciel: Broadcom 802.11 Wireless LAN Adapter - (.Broadcom Corporation.) [HKLM][64Bits] -- Broadcom 802.11 Wireless LAN Adapter
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Rapport - (.Trusteer.) [HKLM][64Bits] -- {1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}
O42 - Logiciel: Java(TM) 6 Update 24 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416024FF}
O42 - Logiciel: HP Client Services - (.Hewlett-Packard.) [HKLM][64Bits] -- {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
O42 - Logiciel: Broadcom 2070 Bluetooth 3.0 - (.Broadcom Corporation.) [HKLM][64Bits] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: HP Photosmart Plus B210 series - Enquête sur l'amélioration du produit - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {64E4146D-713D-4E0F-BBE4-DB52CAC8CCD2}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Adobe CSI CS4 x64 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8DAA31EB-6830-4006-A99F-4DF8AB24714F}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {93F2A022-6C37-48B8-B241-FFABD9F60C30}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {942836D4-5395-652B-F1E8-A7C5B039910C}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {996D32B6-F629-4764-894B-CB24D9C19051}
O42 - Logiciel: Adobe Drive CS4 x64 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A3454894-144A-4D80-B605-C128FE0D7329}
O42 - Logiciel: Logiciel de base du périphérique HP Photosmart Plus B210 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {B772E8B9-AC44-45D4-9A8B-BC5FEE4608F7}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {C4123106-B685-48E6-B9BD-E4F911841EB4}
O42 - Logiciel: WMV9/VC-1 Video Playback - (.ATI Technologies Inc..) [HKLM][64Bits] -- {CB1A2FE6-2BDF-DECC-C91B-4E5FFD59C5D6}
O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {D7B824DE-DA32-4772-9E5E-39C5158136A7}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F0F4DE4E-9EC6-4E63-A386-39E3421D3D83}
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM][64Bits] -- Ad-Remover
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe SVG Viewer
O42 - Logiciel: Adobe Illustrator CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_2a31ae7a5c43ff52d8577782dd34e04
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_2ac78060bc5856b0c1cf873bb919b58
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.downloadassistant.AdobeDownloadAssistant
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Trusteer Sécurité des points d'accès - (.Trusteer.) [HKLM][64Bits] -- Rapport_msi
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall =>.WildTangent
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT087361 =>.WildTangent
O42 - Logiciel: Mah Jong Medley - (.WildTangent.) [HKLM][64Bits] -- WT087393 =>.WildTangent
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT087394 =>.WildTangent
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT087396 =>.WildTangent
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WT087490 =>.WildTangent
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT087510 =>.WildTangent
O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM][64Bits] -- WT087513 =>.WildTangent
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WT087519 =>.WildTangent
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WT089328 =>.WildTangent
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089455 =>.WildTangent
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WT089458 =>.WildTangent
O42 - Logiciel: Mystery P.I. - The London Caper - (.WildTangent.) [HKLM][64Bits] -- WT089460 =>.WildTangent
O42 - Logiciel: Namco All-Stars PAC-MAN - (.WildTangent.) [HKLM][64Bits] -- WT089484 =>.WildTangent
O42 - Logiciel: Fishdom - (.WildTangent.) [HKLM][64Bits] -- WT089493 =>.WildTangent
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0046FA01-C5B9-4985-BACB-398DC480FC05}
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {04AF207D-9A77-465A-8B76-991F6AB66245}
O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {05308C4E-7285-4066-BAE3-6B50DA6ED755}
O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {054EFA56-2AC1-48F4-A883-0AB89874B972}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}
O42 - Logiciel: kuler - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {098727E1-775A-4450-B573-3F441F1CA243}
O42 - Logiciel: Adobe Color NA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {098A2A49-7CF3-4F08-A38D-FB879117152A}
O42 - Logiciel: Adobe Color JA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D6013AB-A0C7-41DC-973C-E93129C9A29F}
O42 - Logiciel: Adobe Color EU Recommended Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {0F69006A-CD2F-4C12-A786-C659C8F98423}
O42 - Logiciel: Adobe CSI CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0F723FC1-7606-4867-866C-CE80AD292DAF}
O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1618734A-3957-4ADD-8199-F973763109A8}
O42 - Logiciel: Adobe Drive CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {16E16F01-2E2D-4248-A42F-76261C147B6C}
O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {210A03F5-B2ED-4947-B27E-516F50CBB292}
O42 - Logiciel: Java(TM) 6 Update 27 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183}
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent
O42 - Logiciel: PDF Settings CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM][64Bits] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
O42 - Logiciel: Adobe Illustrator CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4869414E-7AEA-4C8E-BE1C-8D40977FD517}
O42 - Logiciel: Adobe Service Manager Extension - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Adobe Color EU Extra Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {51846830-E7B2-4218-8968-B77F0FF475B8}
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {54793AA1-5001-42F4-ABB6-C364617C6078}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6384C914-A4BC-40B6-8059-29AD4E65F4B6}
O42 - Logiciel: Adobe Illustrator 10 Evaluation - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {662498D7-B5E8-4FED-87B8-764CD2C640A2}
O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {67F0E67A-8E93-4C2C-B29D-47C48262738A}
O42 - Logiciel: AdobeColorCommonSetCMYK - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {68243FF8-83CA-466B-B2B8-9F99DA5479C4}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.1.0 - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp =>.WildTangent
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: HP Connection Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {795AADBF-58C2-42D0-B779-E730702A247E}
O42 - Logiciel: HP Photosmart Plus B210 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {802771A9-A856-4A41-ACF7-1450E523C923}
O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {83877DB1-8B77-45BC-AB43-2BAC22E093E0}
O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {842B4B72-9E8F-4962-B3C1-1C422A5C4434}
O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {84C176F9-1DAE-803C-5993-CF8703AE5841}
O42 - Logiciel: Adobe Illustrator CS Tryout - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {85CC6638-C827-40E8-94C7-110A77E7812B}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-0409-0000-0000000FF1CE}
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM][64Bits] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {94D398EB-D2FD-4FD1-B8C4-592635E8A191}
O42 - Logiciel: Visionneuse Microsoft PowerPoint - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Adobe Color NA Recommended Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {95655ED4-7CA5-46DF-907F-7144877A32E5}
O42 - Logiciel: HP On Screen Display - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}
O42 - Logiciel: Adobe Reader X (10.1.3) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 - Logiciel: HP Setup Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {AE856388-AFAD-4753-81DF-D96B19D0A17C}
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
O42 - Logiciel: Connect - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B29AD377-CC12-490A-A480-1452337C618D}
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: HP Power Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {B97E3520-C726-475E-BC0C-7561952633AB}
O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BB4E33EC-8181-4685-96F7-8554293DEC6A}
O42 - Logiciel: Energy Star Digital Logo - (.Hewlett-Packard.) [HKLM][64Bits] -- {BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {C1C43BC8-2460-4E01-9628-332E04523BDC}
O42 - Logiciel: AMD System Monitor - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C52E3EC1-048C-45E1-8D53-10B0C6509683}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}
O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CC75AB5C-2110-4A7F-AF52-708680D22FE8}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D1BB4446-AE9C-4256-9A7F-4D46604D2462}
O42 - Logiciel: Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {DBCD5E64-7379-4648-9444-8A6558DCB614}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {EB58480C-0721-483C-B354-9D35A147999F}
O42 - Logiciel: Adobe Search for Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F0E64E2E-3A60-40D8-A55D-92F6831875DA}
O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F93C84A6-0DC6-42AF-89FA-776F7C377353}
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}

---\\ HKCU & HKLM Software Keys (102) - 12s
HKLM\SOFTWARE\Wow6432Node\7-Zip
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Bunndle
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\DVDVideoSoft
HKLM\SOFTWARE\Wow6432Node\EasyBits
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\IDT
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Kodak
HKLM\SOFTWARE\Wow6432Node\Lexmark
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\PDFCreator
HKLM\SOFTWARE\Wow6432Node\Preview Systems
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Research In Motion
HKLM\SOFTWARE\Wow6432Node\RocketLife
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\Trusteer
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Visan
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WildTangent
HKLM\SOFTWARE\Wow6432Node\Win32 Services
HKLM\SOFTWARE\Wow6432Node\Windows
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Ad-Remover
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\BitComet
HKCU\SOFTWARE\BlueFive
HKCU\SOFTWARE\BrowserTemp
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\DropboxUpdate
HKCU\SOFTWARE\DVDVideoSoft
HKCU\SOFTWARE\Evernote
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\GameHouse
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\IrekZielinskiSoft
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\LexmarkInkjet
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\mhk2
HKCU\SOFTWARE\MK2
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Neuxpower
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\Norton
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PDFCreator
HKCU\SOFTWARE\Pense-bete
HKCU\SOFTWARE\Research In Motion
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Smartbar =>PUP.Optional.SmartBar
HKCU\SOFTWARE\Snoopsearch
HKCU\SOFTWARE\Symantec
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\Trusteer
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\Widcomm
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\Zylom
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe

---\\ Contenu des dossiers Programmes (352) - 25s
O43 - CFD: 2015/08/21 08:59:35 - [] D -- C:\Program Files (x86)\7-Zip
O43 - CFD: 2015/08/23 08:03:03 - [] D -- C:\Program Files (x86)\Ad-Remover
O43 - CFD: 2013/12/31 16:08:13 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2011/09/12 21:30:11 - [] D -- C:\Program Files (x86)\Adobe Download Assistant
O43 - CFD: 2011/07/19 02:36:08 - [] D -- C:\Program Files (x86)\AMD
O43 - CFD: 2011/07/19 02:18:47 - [] D -- C:\Program Files (x86)\AMD APP
O43 - CFD: 2012/06/12 12:10:41 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2011/07/19 02:18:30 - [] D -- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 2014/04/27 18:26:10 - [] D -- C:\Program Files (x86)\BitSpirit
O43 - CFD: 2012/06/12 19:49:44 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/05/10 03:59:43 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/04/27 18:32:25 - [] D -- C:\Program Files (x86)\DivX
O43 - CFD: 2011/10/28 08:46:43 - [0] D -- C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 2011/09/19 00:03:23 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 2015/08/23 01:39:17 - [] D -- C:\Program Files (x86)\HP
O43 - CFD: 2015/08/23 01:40:46 - [] D -- C:\Program Files (x86)\HP Games
O43 - CFD: 2012/05/11 18:55:54 - [] D -- C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 2015/08/23 01:38:40 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/08/23 15:45:30 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/06/09 21:37:26 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 2011/10/07 15:26:37 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2015/08/22 10:24:50 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2014/04/27 19:09:59 - [0] D -- C:\Program Files (x86)\Microsoft
O43 - CFD: 2012/03/04 18:30:53 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2012/05/23 18:43:19 - [] D -- C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 2011/11/09 16:01:44 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/05/10 02:58:39 - [] D -- C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 2015/05/10 02:55:37 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2011/05/08 12:00:39 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2011/11/09 16:01:36 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2011/11/09 15:57:44 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2011/11/09 20:18:24 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2011/11/09 16:01:04 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2011/11/09 16:01:50 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2011/11/09 16:36:03 - [] D -- C:\Program Files (x86)\MSECache
O43 - CFD: 2011/09/09 13:40:08 - [] RD -- C:\Program Files (x86)\Online Services
O43 - CFD: 2011/07/19 02:26:50 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2012/06/12 12:11:52 - [] D -- C:\Program Files (x86)\Safari
O43 - CFD: 2015/05/10 04:53:31 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2009/07/14 06:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2011/09/20 21:14:19 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2011/05/08 11:48:26 - [] D -- C:\Program Files (x86)\WildTangent Games
O43 - CFD: 2015/05/11 00:48:43 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2012/07/18 22:13:46 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 2011/09/22 02:27:13 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2011/09/22 02:27:13 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2011/09/22 02:27:13 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/21 05:31:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2015/06/22 01:27:51 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2011/09/20 21:16:59 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/08/21 08:59:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2011/07/19 02:30:24 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2009/07/14 06:57:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2011/07/19 02:36:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
O43 - CFD: 2011/07/19 02:18:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 2011/07/19 02:37:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
O43 - CFD: 2015/08/23 01:40:46 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2012/05/11 18:55:54 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2011/09/19 00:03:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 2015/06/09 21:39:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2009/07/14 06:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/22 10:24:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2011/11/09 16:04:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2011/09/09 14:38:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)
O43 - CFD: 2015/05/10 02:57:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2011/09/09 13:40:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music and Media
O43 - CFD: 2011/09/09 13:40:08 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
O43 - CFD: 2013/01/28 22:12:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/08/21 09:03:06 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2011/05/08 11:55:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theft Protection
O43 - CFD: 2012/01/21 14:54:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeAdjuster
O43 - CFD: 2015/08/23 01:14:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Sécurité des points d'accès
O43 - CFD: 2011/09/20 21:15:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2012/07/18 22:16:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 2011/09/20 21:17:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/01/26 03:01:25 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 2013/02/28 11:23:44 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2012/05/30 00:38:12 - [0] D -- C:\ProgramData\ALM
O43 - CFD: 2011/07/19 02:17:46 - [] D -- C:\ProgramData\AMD
O43 - CFD: 2014/03/11 23:54:06 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2012/06/12 19:53:28 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2011/07/19 02:52:50 - [] D -- C:\ProgramData\ATI
O43 - CFD: 2011/09/09 13:38:20 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2011/09/09 13:55:02 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2014/04/27 18:32:36 - [] D -- C:\ProgramData\DivX
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/06/22 00:15:59 - [] D -- C:\ProgramData\Dropbox
O43 - CFD: 2015/06/09 21:39:37 - [] D -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 2013/12/29 16:21:07 - [] D -- C:\ProgramData\Easybits Magic Desktop for HP
O43 - CFD: 2011/09/09 13:38:20 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2011/10/14 16:08:49 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2012/08/13 19:14:44 - [] D -- C:\ProgramData\Gogii
O43 - CFD: 2011/09/18 23:56:11 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2012/05/11 18:54:41 - [] D -- C:\ProgramData\HP
O43 - CFD: 2012/05/11 19:04:33 - [] D -- C:\ProgramData\HP Photo Creations
O43 - CFD: 2015/08/22 12:20:59 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma
O43 - CFD: 2011/12/09 01:43:33 - [] D -- C:\ProgramData\lx_Cats
O43 - CFD: 2015/08/22 10:24:24 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2011/09/09 13:38:20 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2014/04/27 19:09:59 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/05/10 06:27:59 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2011/09/09 13:38:20 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2015/06/22 01:44:28 - [] D -- C:\ProgramData\Norton
O43 - CFD: 2011/11/08 22:21:36 - [] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 2011/11/08 22:21:36 - [0] D -- C:\ProgramData\PCSettings
O43 - CFD: 2012/08/17 15:05:02 - [] D -- C:\ProgramData\PlayFirst
O43 - CFD: 2012/05/30 00:40:15 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/08/23 15:28:24 - [] D -- C:\ProgramData\RogueKiller
O43 - CFD: 2012/08/11 16:05:31 - [] D -- C:\ProgramData\Sandlot Games
O43 - CFD: 2015/05/10 04:53:38 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2011/05/08 12:06:50 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2011/07/19 02:42:41 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2012/05/19 13:41:16 - [] D -- C:\ProgramData\Trusteer
O43 - CFD: 2011/09/10 13:51:56 - [] D -- C:\ProgramData\VirtualizedApplications
O43 - CFD: 2015/08/23 01:40:46 - [] D -- C:\ProgramData\WildTangent
O43 - CFD: 2015/08/21 09:03:06 - [0] D -- C:\ProgramData\WinZip
O43 - CFD: 2012/06/12 19:54:33 - [] D -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 2011/09/19 00:00:21 - [] D -- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
O43 - CFD: 2011/05/08 12:07:38 - [] D -- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
O43 - CFD: 2012/05/30 00:37:40 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2012/05/30 00:34:40 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2015/02/13 01:17:25 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2011/07/19 02:18:42 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 2015/05/10 03:59:43 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/08/21 01:02:51 - [0] D -- C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 2013/12/31 16:07:20 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2011/10/07 15:27:18 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2011/10/14 13:02:42 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 2012/07/18 22:12:24 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2013/04/06 18:08:30 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/06/22 01:41:13 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 2015/05/10 02:35:19 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2011/07/19 02:42:08 - [] D -- C:\Program Files (x86)\Common Files\Telespree
O43 - CFD: 2011/09/12 21:13:43 - [] D -- C:\Program Files (x86)\Common Files\Vbox
O43 - CFD: 2011/05/08 11:57:46 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 2015/08/20 22:17:30 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\AdbDriverInstaller
O43 - CFD: 2013/12/31 16:12:09 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Adobe
O43 - CFD: 2013/06/09 19:41:00 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Apple Computer
O43 - CFD: 2011/09/09 13:47:26 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\ATI
O43 - CFD: 2012/08/12 17:37:55 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\BeachPartyCraze
O43 - CFD: 2014/04/27 18:23:17 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\BitComet
O43 - CFD: 2011/09/09 14:47:39 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\BitSpirit
O43 - CFD: 2011/09/12 21:30:17 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
O43 - CFD: 2011/09/09 13:54:45 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\CyberLink
O43 - CFD: 2015/08/23 01:13:17 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Dropbox
O43 - CFD: 2012/05/27 23:25:20 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\dvdcss
O43 - CFD: 2012/08/17 15:08:54 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Fuzzy Games
O43 - CFD: 2011/09/25 14:45:42 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Hewlett-Packard
O43 - CFD: 2012/05/10 16:00:43 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\hpqlog
O43 - CFD: 2012/05/11 18:55:38 - [0] D -- C:\Users\Charlotte Chris\AppData\Roaming\HpUpdate
O43 - CFD: 2012/08/17 15:21:31 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Identities
O43 - CFD: 2011/09/09 13:52:41 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Macromedia
O43 - CFD: 2012/08/12 17:29:26 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\MagicIndie
O43 - CFD: 2011/07/19 12:08:15 - [0] D -- C:\Users\Charlotte Chris\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/08/21 00:58:27 - [] SD -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft
O43 - CFD: 2015/06/22 01:24:51 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Mozilla
O43 - CFD: 2012/05/30 09:46:07 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\PDAppFlex
O43 - CFD: 2012/08/17 15:05:02 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\PlayFirst
O43 - CFD: 2012/08/11 17:24:24 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Playrix Entertainment
O43 - CFD: 2015/08/23 12:36:09 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Skype
O43 - CFD: 2015/08/23 15:38:22 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\SoftGrid Client
O43 - CFD: 2012/05/30 09:48:53 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 2011/09/09 13:46:26 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Synaptics
O43 - CFD: 2011/09/09 14:38:46 - [0] D -- C:\Users\Charlotte Chris\AppData\Roaming\TP
O43 - CFD: 2014/04/27 18:37:02 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\TuneUpMedia
O43 - CFD: 2014/04/27 18:17:22 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\uTorrent
O43 - CFD: 2012/10/04 11:54:22 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\vlc
O43 - CFD: 2011/09/10 15:47:26 - [0] D -- C:\Users\Charlotte Chris\AppData\Roaming\Windows Live Writer
O43 - CFD: 2011/09/20 21:17:15 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\WinRAR
O43 - CFD: 2015/08/23 16:21:00 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\ZHP
O43 - CFD: 2012/08/17 15:21:31 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Zylom
O43 - CFD: 2012/08/13 17:14:45 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Zylom JanesZOO
O43 - CFD: 2015/08/23 02:00:11 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Adobe
O43 - CFD: 2011/09/09 13:47:35 - [] D -- C:\Users\Charlotte Chris\AppData\Local\AMD
O43 - CFD: 2012/06/12 12:10:46 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Apple
O43 - CFD: 2012/06/12 19:55:02 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Apple Computer
O43 - CFD: 2011/09/09 13:38:27 - [0] SHD -- C:\Users\Charlotte Chris\AppData\Local\Application Data
O43 - CFD: 2011/09/09 13:53:12 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Apps
O43 - CFD: 2011/09/09 13:47:26 - [] D -- C:\Users\Charlotte Chris\AppData\Local\ATI
O43 - CFD: 2011/09/09 13:46:42 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Broadcom
O43 - CFD: 2015/08/21 00:44:27 - [] D -- C:\Users\Charlotte Chris\AppData\Local\CrashDumps
O43 - CFD: 2011/09/09 13:54:44 - [] D -- C:\Users\Charlotte Chris\AppData\Local\CyberLink
O43 - CFD: 2011/09/09 13:53:39 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\Deployment
O43 - CFD: 2015/03/30 02:01:34 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Diagnostics
O43 - CFD: 2015/08/23 01:18:16 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Dropbox
O43 - CFD: 2012/01/09 18:27:24 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/07/26 13:00:03 - [] SHD -- C:\Users\Charlotte Chris\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/07/26 13:00:03 - [] SHD -- C:\Users\Charlotte Chris\AppData\Local\EmieSiteList
O43 - CFD: 2015/07/26 13:00:03 - [] SHD -- C:\Users\Charlotte Chris\AppData\Local\EmieUserList
O43 - CFD: 2014/04/27 18:56:39 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Evernote
O43 - CFD: 2014/04/27 18:53:35 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Facebook
O43 - CFD: 2015/08/23 01:19:32 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Google
O43 - CFD: 2011/09/19 00:29:12 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Hewlett-Packard
O43 - CFD: 2011/09/09 13:46:24 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Hewlett-Packard_Company
O43 - CFD: 2012/01/12 01:21:09 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Hewlett-Packard_Developme
O43 - CFD: 2011/09/09 13:38:27 - [0] SHD -- C:\Users\Charlotte Chris\AppData\Local\Historique
O43 - CFD: 2013/12/17 13:57:25 - [] D -- C:\Users\Charlotte Chris\AppData\Local\HP
O43 - CFD: 2015/06/22 01:26:58 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Macromedia
O43 - CFD: 2015/05/11 01:10:24 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Microsoft
O43 - CFD: 2012/03/04 18:39:25 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Microsoft Help
O43 - CFD: 2015/06/22 01:24:52 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Mozilla
O43 - CFD: 2012/05/20 02:42:24 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Pense-bete
O43 - CFD: 2013/11/15 23:54:40 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Programs
O43 - CFD: 2011/09/09 13:45:19 - [] D -- C:\Users\Charlotte Chris\AppData\Local\RemEngine
O43 - CFD: 2014/04/27 18:30:55 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\Research In Motion
O43 - CFD: 2011/09/09 14:38:20 - [] D -- C:\Users\Charlotte Chris\AppData\Local\SoftGrid Client
O43 - CFD: 2015/08/23 16:18:56 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Temp
O43 - CFD: 2011/09/09 13:38:27 - [0] SHD -- C:\Users\Charlotte Chris\AppData\Local\Temporary Internet Files
O43 - CFD: 2012/05/19 13:50:35 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Trusteer
O43 - CFD: 2014/01/01 10:21:44 - [] D -- C:\Users\Charlotte Chris\AppData\Local\VirtualStore
O43 - CFD: 2012/07/15 18:39:20 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Windows Live
O43 - CFD: 2013/03/25 00:22:07 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Windows Live Writer
O43 - CFD: 2014/04/27 18:53:43 - [] D -- C:\Users\Charlotte Chris\AppData\Local\Zylom Games
O43 - CFD: 2012/07/15 18:44:58 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{03AF56B5-A08E-46C9-8B2A-74E8499B8FA8}
O43 - CFD: 2011/10/25 02:44:16 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{04EE6AD0-4C66-400B-B6C9-C50081A8850B}
O43 - CFD: 2012/07/15 18:46:39 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{05C6FFCD-09AD-47B9-B420-FC832F19A93A}
O43 - CFD: 2012/10/14 17:10:51 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{0B495EEE-DCC2-4ED5-BCCB-DDB3CE66F747}
O43 - CFD: 2012/07/15 18:41:03 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{0F5F9CC3-0455-47A0-A219-8C2B9D9120E1}
O43 - CFD: 2012/07/18 10:59:17 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{1007A252-9EB4-44F3-A77F-E1E6A43A0143}
O43 - CFD: 2015/06/10 22:37:53 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{1372F76D-0189-49FD-8EED-264AB691B29E}
O43 - CFD: 2011/10/14 22:49:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{13813343-7250-4553-8BD0-9504F75D25DD}
O43 - CFD: 2011/09/17 12:52:41 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{1395E0DA-8C86-4F5C-B76D-D7336043760D}
O43 - CFD: 2012/05/24 00:09:32 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{149F28E9-D678-4D73-90D9-029BED8E0A33}
O43 - CFD: 2012/07/15 18:42:55 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{15BC13BA-3B3E-4419-B38F-C046C17A47FD}
O43 - CFD: 2015/04/20 00:07:27 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{16472476-2991-40D9-B8D5-9465C4A58291}
O43 - CFD: 2012/09/11 20:31:12 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{180823AA-2A64-4278-A06D-5A07C15AC933}
O43 - CFD: 2012/07/15 18:44:12 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{18403337-A54F-4E2B-9F8D-623A6AAB9544}
O43 - CFD: 2012/07/18 02:48:43 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{195D475D-1E30-4184-B024-DFC36781591E}
O43 - CFD: 2013/03/25 00:19:10 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{1A56F790-7386-4B1A-9C6B-C4CEE8616C40}
O43 - CFD: 2012/07/18 02:48:54 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{1D1B1BCA-EFE6-4209-BB75-C4AAE8A11E8A}
O43 - CFD: 2011/09/09 15:51:57 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{1E0938D2-E20D-404B-8226-DCD2F39122A7}
O43 - CFD: 2011/10/14 22:49:35 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{220A98A2-7937-43A0-AB50-3D2CDBF870E6}
O43 - CFD: 2012/01/18 11:43:33 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{22A71102-BBF6-4205-9980-FAD32994B759}
O43 - CFD: 2012/07/15 18:41:13 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{23C3B133-4070-4CD9-9E7C-70C0AD682C55}
O43 - CFD: 2012/10/20 16:02:26 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{25765214-7D48-41F0-BECF-F5C79390792E}
O43 - CFD: 2012/07/15 18:44:01 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{2628E194-BF8C-4D43-9F11-BF3133CAF1A1}
O43 - CFD: 2011/10/26 12:27:48 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{27AE8F30-EF09-40E7-A247-E936E381310A}
O43 - CFD: 2011/09/25 15:05:35 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{2984484B-D739-424E-9CAE-6A081B7DE543}
O43 - CFD: 2012/07/15 18:42:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{298FDAAC-EF90-484A-BB27-291740FF9B02}
O43 - CFD: 2011/09/15 17:25:47 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{2B3D04A4-B90D-4E2B-B0DD-853EEFF047B4}
O43 - CFD: 2015/08/07 21:26:16 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{2E7A8AF9-8C3C-4F77-A782-E4A7EF3938E0}
O43 - CFD: 2012/07/15 18:39:55 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{31CE03F9-7075-4BA4-817E-6870AFF291B5}
O43 - CFD: 2011/10/26 12:27:36 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{339C77F6-434C-4F61-AB44-80812EE34F1D}
O43 - CFD: 2012/07/13 19:26:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{35B6DF46-B06E-4CD1-94E5-170D85127101}
O43 - CFD: 2012/11/18 14:47:25 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{378F8122-AB07-46DE-88D6-D179B49FC1A3}
O43 - CFD: 2012/10/09 01:03:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{3BB62253-BD58-4A3B-BFE6-2DE6D60E127A}
O43 - CFD: 2012/07/14 17:49:37 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{3D084E6F-0430-44FA-AB3D-29319422E1C4}
O43 - CFD: 2011/09/10 17:07:39 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{40087242-2918-4B17-8E03-D673B2B2890A}
O43 - CFD: 2012/07/15 18:40:28 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{43F33108-8321-41C3-8410-1A7541FC4FFA}
O43 - CFD: 2013/05/23 12:09:26 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{470D167A-CDC8-4451-A844-A293219355E0}
O43 - CFD: 2012/07/18 01:31:17 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{4D7DBFE0-FC97-40FD-91FE-E9ADE682E940}
O43 - CFD: 2015/04/19 01:11:47 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{4EB3533B-68C7-4DF5-AFB3-653B0A4F4860}
O43 - CFD: 2012/07/14 17:54:07 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{4FA9C704-FFD3-4605-B10D-0EDECE5A9294}
O43 - CFD: 2011/09/12 21:33:01 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{500F1298-BABD-469B-9AB3-2BF5F0B5CD1C}
O43 - CFD: 2011/10/07 12:04:31 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{52CB11FC-F60F-4F98-BC3D-CB915A7EDA33}
O43 - CFD: 2012/07/16 12:59:30 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{53BEBDCD-A72C-4DE4-862F-B4F955AE9829}
O43 - CFD: 2012/07/15 18:42:33 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{54AA48C4-84EB-45E9-A4DF-45F468BCA8C9}
O43 - CFD: 2012/07/15 18:45:09 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{555FBCC9-F1BC-444D-9B9F-7A6FAC1B85D6}
O43 - CFD: 2012/07/15 18:47:00 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{56522A30-643A-4F65-823C-2E351E50A534}
O43 - CFD: 2011/09/10 15:47:59 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{5981D9F4-0DC9-4C95-B6F3-B2A550BB9B75}
O43 - CFD: 2012/07/18 01:30:55 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{5F843111-E5A5-41BF-91D0-1605824DEDC3}
O43 - CFD: 2012/07/13 17:09:45 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{5FA5BB41-245D-42FD-BD5B-B998495BDC5C}
O43 - CFD: 2012/07/14 17:55:29 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{61B0970A-7C01-452C-8A6B-A7C2A430D9FC}
O43 - CFD: 2012/07/15 18:47:34 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{624C3CF9-4B7F-4C6B-90BF-33A0BFCBD01E}
O43 - CFD: 2011/10/07 13:52:37 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{6490F7C5-A523-4FB3-B9BA-CC6E800D00CF}
O43 - CFD: 2012/01/18 11:43:45 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{65B6C5B4-23BF-4567-95D5-2147C71D25E4}
O43 - CFD: 2011/10/27 13:58:07 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{69C474B4-B5EF-4598-8551-9479F6635F2E}
O43 - CFD: 2012/02/27 12:52:26 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{6C067E36-AAE4-42CE-ADE3-D864D08ABCAF}
O43 - CFD: 2013/10/20 12:25:01 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{6D2FBA6F-0A02-4D6C-834B-DD98A9A45ED3}
O43 - CFD: 2012/07/15 18:45:30 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{70514E39-3EF4-46F9-9C34-6FEB91D17430}
O43 - CFD: 2012/07/15 18:41:46 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{78CCD81D-B6E9-4F2A-95BB-C332AB14B751}
O43 - CFD: 2012/09/05 22:59:18 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{7AEE2E2C-A5A0-41B2-978E-85EFFB48CA05}
O43 - CFD: 2012/07/18 10:59:30 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{7BB9BC86-B336-4752-8D89-5FFB19CE9C3F}
O43 - CFD: 2012/07/15 18:43:50 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{7BECAA94-81DF-4C60-9BC5-FCF189863D5A}
O43 - CFD: 2012/07/15 15:20:03 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{7BFB1DEB-9B90-4B57-8060-B1000178260F}
O43 - CFD: 2013/12/16 18:50:48 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{7C63CADF-0E86-48FD-9697-CBA05DF788E8}
O43 - CFD: 2013/03/25 00:21:35 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{81AA511D-C4FE-4C8F-8002-18C97A279694}
O43 - CFD: 2012/07/18 10:59:55 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{822A7886-F39C-4D5E-B765-F3DB10FBC84C}
O43 - CFD: 2012/09/13 13:45:01 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{85F77962-6B3B-4CDE-B95E-B10ABF6064E2}
O43 - CFD: 2012/07/18 02:47:49 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{860F00AD-F122-4CA7-A1FB-A890888E2B52}
O43 - CFD: 2012/07/15 15:19:52 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{87938FDE-D276-40E0-8ADD-A6FC5DA8403F}
O43 - CFD: 2012/07/18 10:59:41 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{8A87BEAB-6569-4B4B-8ECB-ACDBB27D2E54}
O43 - CFD: 2011/10/07 13:58:38 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{8A8EE2C7-9902-4B90-8D8A-F8E1079F2792}
O43 - CFD: 2012/07/15 18:46:28 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{8ABC9F91-E301-4AF2-9D84-28E976C00F63}
O43 - CFD: 2012/07/15 18:40:06 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{8C446D60-4B24-4063-90F6-64A32DB1368E}
O43 - CFD: 2012/04/01 17:22:32 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{928B1EA9-7903-4E1E-94D5-5FED60A5BC9B}
O43 - CFD: 2012/01/08 03:40:47 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{9A9E0071-8883-4226-B1BA-C24CB6ADFDD1}
O43 - CFD: 2012/07/18 02:47:38 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{9CA93AC8-F0AF-4DDA-AF17-76C7876B4DFB}
O43 - CFD: 2012/07/15 18:52:27 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{9E099C40-0DE5-41D1-A24F-AAAF17DF0ACA}
O43 - CFD: 2011/10/27 13:58:18 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{9E753230-926F-4F38-82F0-A05D42670DC1}
O43 - CFD: 2013/02/09 13:34:53 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{9EACE0AD-1665-4449-A322-AABF2E44CF0C}
O43 - CFD: 2012/07/15 18:46:07 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{A06C6380-89D5-4076-9F3B-D35997BCFFB2}
O43 - CFD: 2012/07/18 02:48:21 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{A2B9AD0B-1B81-4EEF-9D50-BE1418863816}
O43 - CFD: 2012/07/15 18:45:19 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{A6F9E789-5A63-48B4-964F-23535DD02191}
O43 - CFD: 2011/09/15 14:03:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{ABCDC0DA-4ED5-4F66-8A0F-E83EA619164E}
O43 - CFD: 2011/09/12 21:32:49 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{AC12D262-754D-418C-B8F9-3B7F891F8F0D}
O43 - CFD: 2012/07/14 17:54:18 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{AD6E64ED-101A-40CF-8256-76D1BD9E0AF7}
O43 - CFD: 2012/07/15 18:41:35 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{ADAECC7B-5A2D-4BDB-BCB8-B02D0005716A}
O43 - CFD: 2012/07/18 01:30:44 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{B2219F6A-C277-41FD-84BB-48DD352FF122}
O43 - CFD: 2011/09/25 15:07:05 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{B3319141-3D8C-42A4-A87D-C496102D73DD}
O43 - CFD: 2011/09/25 15:07:17 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{B588DE2D-629C-4AF3-B146-E3D7EE2FE43F}
O43 - CFD: 2011/09/19 13:26:28 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{B7FB8F55-7C87-4F87-BF94-D1E11F89D50B}
O43 - CFD: 2012/07/18 02:48:54 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{BB987719-D799-40B7-86D2-4C8B45A9A0CD}
O43 - CFD: 2012/07/18 02:48:11 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{BC6F5A68-D804-452D-9E82-BED7AAFED1A5}
O43 - CFD: 2012/07/15 18:52:10 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{C353AB9E-135A-4A48-B4BD-E4523C4F8831}
O43 - CFD: 2011/10/07 13:53:18 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{C4C6AA66-9C14-4DC6-8268-FDF55250B353}
O43 - CFD: 2011/10/07 13:52:48 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{C5BE284E-7561-40BD-8409-E6D50A397806}
O43 - CFD: 2012/07/16 12:59:41 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{C5DCA192-4653-442B-B3DB-D157667561C3}
O43 - CFD: 2011/09/19 15:09:29 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{C71C0870-BE0B-4C71-B470-643E7B045D88}
O43 - CFD: 2015/04/21 00:28:41 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{C765DB6D-7405-4F03-BA84-B5D047D4555D}
O43 - CFD: 2011/10/25 02:44:04 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{C8C2BC8B-BE9C-4DC6-A147-0CD9DCFC4DF0}
O43 - CFD: 2011/09/10 16:25:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{CEBE6AF0-5DAE-4993-ADCE-D1682A0A87D4}
O43 - CFD: 2011/10/07 12:04:42 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{D0FA1D55-BCD6-4BD6-8D4E-6648D476937C}
O43 - CFD: 2012/07/15 18:47:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{D9878871-17F2-402A-BAFA-2D2D0D182EC7}
O43 - CFD: 2012/07/15 18:41:24 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{DBD5A528-4C2B-478D-92CA-D4BFED74D707}
O43 - CFD: 2011/09/19 15:10:15 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{DC07A556-F0CD-472B-8CC4-6ACF1FBF7818}
O43 - CFD: 2012/01/08 03:40:36 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{DDC2741E-E4B8-4183-A9C7-85BEE10CE48D}
O43 - CFD: 2012/07/18 02:48:00 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{DDEF5F4F-17F8-497A-9C96-CBE096F465D8}
O43 - CFD: 2012/07/15 18:42:44 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{DECEED3A-2025-47DE-9D23-15230B63A7FD}
O43 - CFD: 2015/06/15 19:42:36 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{DEEA7499-4F71-4FC6-98FF-A151A5789ABD}
O43 - CFD: 2012/10/30 17:36:41 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{DF9C2996-1589-4983-88A2-3916FCFEC037}
O43 - CFD: 2012/02/27 12:52:25 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{E308572B-A6EB-4A6C-95E4-6B370849F7CF}
O43 - CFD: 2012/04/01 17:23:30 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{E3723720-BBE0-43EE-91A0-81D37954D274}
O43 - CFD: 2011/09/19 13:26:17 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{E55A0B0E-6DBB-4ABA-B426-021676F39F3E}
O43 - CFD: 2012/07/15 18:35:10 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{E57163E3-E327-4811-B347-1791A2A41526}
O43 - CFD: 2012/07/15 18:44:47 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{E9D2F6F9-9B87-43FB-A3BE-67B30966F166}
O43 - CFD: 2012/07/15 18:43:18 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{ECA0CF96-F73E-4298-A8BE-CA0524784E48}
O43 - CFD: 2012/07/18 01:31:06 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{EE40A82D-F1AD-435B-843F-798929845CC2}
O43 - CFD: 2012/07/15 18:46:17 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{F31DB9D0-C592-4FDC-A02B-65FDC32EC3F6}
O43 - CFD: 2012/07/15 18:43:40 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{F452B7AE-05FA-422B-8D0B-58AC2344130B}
O43 - CFD: 2011/09/10 16:25:34 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{F8BCE13E-71B3-450B-A730-14DEDC1382C8}
O43 - CFD: 2011/10/07 13:58:50 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{FC1F6D3C-A8BB-49FB-979B-51FF3457EC18}
O43 - CFD: 2011/09/25 15:05:23 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{FD4851FC-CAC5-48E0-A2BC-13F8E342C0BF}
O43 - CFD: 2012/07/15 18:40:17 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{FDAEA1F7-4305-42A2-ADDB-BBBF5079A37B}
O43 - CFD: 2012/07/14 17:49:37 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{FDC08C47-93EB-49CA-8C3C-0F21FFE75E0C}
O43 - CFD: 2012/05/14 01:04:31 - [0] D -- C:\Users\Charlotte Chris\AppData\Local\{FF144393-D7A7-4A58-BE04-6DF318F4E2A0}
O43 - CFD: 2009/07/14 06:54:32 - [] RD -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/05/11 01:11:41 - [] RD -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2012/08/17 15:21:29 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2009/07/14 06:49:38 - [] RD -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2011/11/08 22:27:16 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
O43 - CFD: 2015/08/23 01:13:02 - [] RD -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2011/09/20 21:16:59 - [] D -- C:\Users\Charlotte Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Derniers fichiers créés dans Windows Prefetcher (2) - 8s
O45 - LFCP:[MD5.4FDC59B2AF761AF266E26E9971A7A902] 2012/07/31 20:00:20 A -- C:\Windows\Prefetch\PDFFORGETOOLBAR.EXE-78521224.pf =>PUP.Optional.Dealio
O45 - LFCP:[MD5.1AD714AFCC8DCE9C93F01251B15EB52A] 2013/11/15 22:54:01 A -- C:\Windows\Prefetch\SEARCHSETTINGS.EXE-EA872291.pf =>PUP.Optional.SearchSettings

---\\ Liste des pilotes du système (75) - 43s
O58 - SDL:2011/05/13 19:57:58 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [43320]
O58 - SDL:2008/06/27 07:51:10 A . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\Windows\System32\drivers\adfs.sys [88632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2010/02/18 09:18:24 A . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\System32\drivers\amdiox64.sys [46136]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008]
O58 - SDL:2011/03/05 00:46:20 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amd_sata.sys [78976]
O58 - SDL:2011/03/05 00:46:20 A . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\System32\drivers\amd_xata.sys [38528]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2010/11/17 18:04:32 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW76.sys [115216]
O58 - SDL:2011/04/02 11:42:30 A . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [9256960]
O58 - SDL:2011/04/02 08:16:22 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [300544]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2011/07/19 02:27:14 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL664.SYS [3065408]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2010/07/14 16:25:38 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys [344616]
O58 - SDL:2010/07/20 23:26:42 A . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\drivers\btwaudio.sys [102952]
O58 - SDL:2010/07/20 23:26:38 A . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\drivers\btwavdt.sys [135720]
O58 - SDL:2010/03/03 00:37:40 A . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\drivers\btwl2cap.sys [39464]
O58 - SDL:2010/07/20 23:26:34 A . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\drivers\btwrchid.sys [21544]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [33240]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2011/05/13 19:58:16 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [30008]
O58 - SDL:2010/11/21 05:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2011/03/11 08:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/08/23 11:21:00 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2015/06/18 08:41:56 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704]
O58 - SDL:2013/08/06 16:13:30 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\drivers\netaapl64.sys [23040]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2009/06/10 22:35:35 A . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\drivers\nvm62x64.sys [408960]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2015/06/02 18:41:06 A . (.IBM Corp. - RapportHades64.) -- C:\Windows\System32\drivers\RapportHades64.sys [121432]
O58 - SDL:2015/06/02 18:41:06 A . (.IBM Corp. - RapportKE.) -- C:\Windows\System32\drivers\RapportKE64.sys [376184]
O58 - SDL:2011/07/20 15:58:22 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\System32\drivers\RimSerial_AMD64.sys [44032]
O58 - SDL:2011/06/10 07:34:52 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [539240]
O58 - SDL:2011/03/25 02:20:36 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsPStor.sys [337512]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2011/03/11 12:23:16 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt64.sys [521728]
O58 - SDL:2015/08/23 13:32:44 A . (...) -- C:\Windows\System32\drivers\TrueSight.sys [35064]
O58 - SDL:2014/08/16 00:35:00 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784]
O58 - SDL:2010/12/16 09:06:46 A . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\drivers\usbfilter.sys [47232]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
O58 - SDL:2009/06/10 23:01:11 A . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\drivers\VSTAZL6.SYS [292864]
O58 - SDL:2009/06/10 23:01:11 A . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\drivers\VSTCNXT6.SYS [740864]
O58 - SDL:2009/06/10 23:01:11 A . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\drivers\VSTDPV6.SYS [1485312]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (8) - 48s
O61 - LFC: 2015/08/21 08:58:59 A . (..) -- C:\Users\Charlotte Chris\Downloads\7z920.exe [1138397]
O61 - LFC: 2015/08/21 01:43:29 A . (.AdbDriver.com.) -- C:\Users\Charlotte Chris\Downloads\AdbDriverInstaller.exe [9433088]
O61 - LFC: 2015/08/21 08:37:02 A . (..) -- C:\Users\Charlotte Chris\Downloads\npp.6.8.1.Installer.exe [5621420]
O61 - LFC: 2015/08/23 13:15:20 N . (..) -- C:\Users\Charlotte Chris\Desktop\RogueKiller.exe [18758216]
O61 - LFC: 2015/08/20 22:15:45 A . (.AdbDriver.com.) -- C:\Users\Charlotte Chris\Desktop\Nexus 5\AdbDriverInstaller.exe [9433088]
O61 - LFC: 2015/08/21 23:32:27 A . (.AdbDriver.com.) -- C:\Users\Charlotte Chris\AppData\Roaming\AdbDriverInstaller\usb_driver\AdbDriverInstallerX64.exe [228352]
O61 - LFC: 2015/08/21 08:23:10 A . (..) -- C:\Users\Charlotte Chris\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [330752]
O61 - LFC: 2015/08/23 16:19:56 A . (..) -- C:\Users\Charlotte Chris\AppData\Local\ATI\ACE\Manifest.Bin [27473]

---\\ Associations Shell Spawning (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (4) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe

---\\ Recherche d'infection sur les navigateurs (2) - 8s
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCR] [DefaultScope] - (Web Search) - http://search.certified-toolbar.com?si=38268&bs=true&tid=77&q={searchTerms} =>PUP.Optional.CertifiedToolbar

---\\ Enumère les services démarrés par Svchost (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [681984]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2477536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]

---\\ Liste des exceptions du parefeu Windows (18) - 4s
O87 - FAEL: "{1205BEB9-95A1-4488-A49B-E646E4034150}" [In-None-P6-TRUE] .(.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\system32\ezSharedSvcHost.exe (.not file.)
O87 - FAEL: "{68241ED9-41E2-4543-A38C-3817987D39B4}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe (.not file.)
O87 - FAEL: "{04179C15-C9B2-41E3-9693-FAD305CD9333}" [In-None-P6-TRUE] .(...) -- C:\Windows\System32\lxducoms.exe
O87 - FAEL: "{9B2653E5-FC95-48CC-BE7B-17E58DC29C94}" [In-None-P17-TRUE] .(...) -- C:\Windows\System32\lxducoms.exe
O87 - FAEL: "{E206934B-C00C-4EA0-A94B-D6588187815D}" [In-None-P6-TRUE] .(...) -- C:\Windows\System32\lxdncoms.exe
O87 - FAEL: "{5420E67D-8199-42D2-BA77-5AE0F221E79C}" [In-None-P17-TRUE] .(...) -- C:\Windows\System32\lxdncoms.exe
O87 - FAEL: "{C2B1DACB-667B-45E0-902C-48D4D30A06E9}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (.not file.)
O87 - FAEL: "{2E27F341-37D6-411B-952A-FE6018063D66}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe (.not file.)
O87 - FAEL: "{F8C92423-E58F-4162-B4ED-F1C655B31674}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\BitComet\BitComet.exe (.not file.)
O87 - FAEL: "{EE7BB5C0-08FA-403F-B804-6953CD014889}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\BitComet\BitComet.exe (.not file.)
O87 - FAEL: "{66FAEBFC-3B5A-4A1B-9BE0-E698DA11C22F}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\BitSpirit\BitSpirit.exe (.not file.)
O87 - FAEL: "{1C1C9BDC-D0C8-4909-8D8C-9C55E04FB951}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\BitSpirit\BitSpirit.exe (.not file.)
O87 - FAEL: "TCP Query User{C4CE84CE-EAD2-411C-94CA-D71AA85D5594}C:\program files (x86)\bitcomet\bitcomet.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\bitcomet\bitcomet.exe (.not file.)
O87 - FAEL: "UDP Query User{34035DEF-5E48-4F41-9887-E860AD099C96}C:\program files (x86)\bitcomet\bitcomet.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\bitcomet\bitcomet.exe (.not file.)
O87 - FAEL: "TCP Query User{EBA1313F-8A49-4A66-B171-C2B8A634F3EE}C:\users\charlotte chris\appdata\roaming\dropbox\bin\dropbox.exe" [In-None-P6-TRUE] .(...) -- C:\users\charlotte chris\appdata\roaming\dropbox\bin\dropbox.exe (.not file.)
O87 - FAEL: "UDP Query User{4BC3E62F-6286-40E5-B934-0E69091F71AF}C:\users\charlotte chris\appdata\roaming\dropbox\bin\dropbox.exe" [In-None-P17-TRUE] .(...) -- C:\users\charlotte chris\appdata\roaming\dropbox\bin\dropbox.exe (.not file.)
O87 - FAEL: "{2CB10DD5-8D25-47B1-997D-F496C0077F40}" [In-None-P6-TRUE] .(...) -- C:\Users\Charlotte Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)
O87 - FAEL: "{EFD48776-763C-4F3D-9D27-76D510B850E5}" [In-None-P17-TRUE] .(...) -- C:\Users\Charlotte Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (8) - 65s
SR - Auto [2011/04/01 23:06:22] [ 365568] AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - Auto [2010/07/29 19:39:24] [ 951584] Bluetooth Service (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - Demand [2012/05/23 19:36:59] [ 655624] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - Demand [2011/02/15 15:48:52] [ 1071160] HP Connection Manager 4.0 Service (hpCMSrv) . (.Hewlett-Packard Development Company L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
SR - Auto [2011/03/08 02:43:30] [ 2375168] IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - Auto [2007/11/28 15:51:42] [ 1039872] lxdn_device (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe
SR - Auto [2009/10/16 16:06:40] [ 1039360] lxdu_device (lxdu_device) . (...) - C:\Windows\system32\lxducoms.exe
SR - Auto [2011/03/11 12:23:16] [ 297984] @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\stacsv64.exe

---\\ Recherche de clés de registre Tracing (6) - 6s
HKLM\SOFTWARE\Microsoft\Tracing\Linkury_RASAPI32 =>PUP.Optional.Linkury
HKLM\SOFTWARE\Microsoft\Tracing\Linkury_RASMANCS =>PUP.Optional.Linkury
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Linkury_RASAPI32 =>PUP.Optional.Linkury
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Linkury_RASMANCS =>PUP.Optional.Linkury
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASAPI32 =>PUP.Optional.MySearchDial
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASMANCS =>PUP.Optional.MySearchDial

---\\ Scan Additionnel (10) - 0s
HKCU\SOFTWARE\Smartbar =>PUP.Optional.SmartBar
C:\ProgramData\InstallMate =>PUP.Optional.Tarma
C:\Windows\Prefetch\PDFFORGETOOLBAR.EXE-78521224.pf =>PUP.Optional.Dealio
C:\Windows\Prefetch\SEARCHSETTINGS.EXE-EA872291.pf =>PUP.Optional.SearchSettings
HKLM64\SOFTWARE\Microsoft\Tracing\Linkury_RASAPI32 =>PUP.Optional.Linkury
HKLM64\SOFTWARE\Microsoft\Tracing\Linkury_RASMANCS =>PUP.Optional.Linkury
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Linkury_RASAPI32 =>PUP.Optional.Linkury
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Linkury_RASMANCS =>PUP.Optional.Linkury
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASAPI32 =>PUP.Optional.MySearchDial
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASMANCS =>PUP.Optional.MySearchDial

---\\ Récapitulatif des éléments trouvées sur votre station (7) - 0s
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma
http://www.nicolascoolman.fr/pup-dealio/ =>PUP.Optional.Dealio
http://www.nicolascoolman.fr/adware-searchsettings/ =>PUP.Optional.SearchSettings
http://www.nicolascoolman.fr/pup-certifiedtoolbar/ =>PUP.Optional.CertifiedToolbar
http://www.nicolascoolman.fr/blog =>PUP.Optional.Linkury
http://www.nicolascoolman.fr/blog =>PUP.Optional.MySearchDial

~ End of the scan, 54176 items in 541 seconds (1026)(0)()

Publicité


Signaler le contenu de ce document

Publicité