¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ QuickDiag | g3n-h@ckm@n | 2_24.05.2016.2 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ¤¤¤¤¤ - Start 27/05/2016 23:55:37

Updated 24/05/2016 | 04.55 by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

[Antoine (Administrator)] - [SAM]
SID = S-1-5-21-1409082233-789336058-725345543-1004

System : Microsoft Windows XP (32 bits)  Service Pack 3
PC :  -  - 
Processor : X64 - 2110 Mhz - AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Bios :  -  - V.
CoreTemp : 40° C - Max : 75° C
Boot: Normal boot

----------> Quick


Memory RAM = Total (MB) : 2096 | Free (MB) : 1214
Pagefile = Total (MB) : 4033 | Free (MB) : 3177
Virtual = Total (MB) : 2097 | Free (MB) : 2019

¤¤¤¤¤¤¤¤¤¤ | Drives

G:\ -> [Fixed] | [Marie & Antoine Films] | Total : 931.51 Go | Free : 348.12 Go -> NTFS [USB]
F:\ -> [CDROM] | [Audio CD]
E:\ -> [Fixed] | [] | Total : 202.87 Go | Free : 197.95 Go -> NTFS [ATA]
D:\ -> [Fixed] | [Marie & Antoine Musique] | Total : 465.76 Go | Free : 89.97 Go -> NTFS [USB]
C:\ -> [Fixed] | [] | Total : 30.01 Go | Free : 16.47 Go -> NTFS [ATA]

¤¤¤¤¤¤¤¤¤¤ | Windows updates

Last detection : 2016-05-24 16:06:11
Downloaded last ones : 2016-05-25 06:10:15
Installed last ones : 2016-05-25 06:47:49
Next search : 2016-05-28 02:47:46

Microsoft : +


¤¤¤¤¤¤¤¤¤¤ | Browsers

IE : 8.0.6001.18702     (© Microsoft Corporation.)
FF : 46.0.1.5966     (©Firefox and Mozilla Developers; available under the MPL 2 license.)

Default : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"

¤¤¤¤¤¤¤¤¤¤ | FlashPlayer

FlashPlayer Plugin : 21.0.0.242

¤¤¤¤¤¤¤¤¤¤ | Security

AV : avast! Antivirus Enabled
AS : 
AM : Malwarebytes' Anti-Malware   ( 2.3.173.0)     [Update : 25/05/2016 12:47:42]
FW : WINDOWS Firewall
WMI : OK
SC: Security Center Service [Auto(2)] = Running
WU: Windows Update Service [Auto(2)] = Running
WMI: Windows Management Instrumentation [Auto(2)] = Running

¤¤¤¤¤¤¤¤¤¤ | Running processes

608 | [Owner : SYSTEM | Parent : 4(System) | 0.43 Mo] - (.Microsoft Corporation - Gestionnaire de session Windows NT.) - (5.1.2600.5512) = C:\WINDOWS\system32\smss.exe
708 | [Owner : SYSTEM | Parent : 608(smss.exe) | 3.86 Mo] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) - (5.1.2600.5512) = C:\WINDOWS\system32\winlogon.exe
752 | [Owner : SYSTEM | Parent : 708(winlogon.exe) | 3.59 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (5.1.2600.5755) = C:\WINDOWS\system32\services.exe
764 | [Owner : SYSTEM | Parent : 708(winlogon.exe) | 6.58 Mo] - (.Microsoft Corporation - LSA Shell (Export Version).) - (5.1.2600.5512) = C:\WINDOWS\system32\lsass.exe
960 | [Owner : SYSTEM | Parent : 752(services.exe) | 3.33 Mo] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - (6.14.10.4231) = C:\WINDOWS\system32\ati2evxx.exe
980 | [Owner : SYSTEM | Parent : 752(services.exe) | 5.02 Mo] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1132 | [Owner : SYSTEM | Parent : 752(services.exe) | 24.37 Mo] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
1360 | [Owner : SYSTEM | Parent : 752(services.exe) | 49.29 Mo] - (.AVAST Software - avast! Service.) - (11.2.2738.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1412 | [Owner : SYSTEM | Parent : 708(winlogon.exe) | 4.59 Mo] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - (6.14.10.4231) = C:\WINDOWS\system32\ati2evxx.exe
1552 | [Owner : SYSTEM | Parent : 752(services.exe) | 6.68 Mo] - (.Microsoft Corporation - Spooler SubSystem App.) - (5.1.2600.6024) = C:\WINDOWS\system32\spoolsv.exe
260 | [Owner : Antoine | Parent : 232() | 20.41 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.0.2900.5512) = C:\WINDOWS\explorer.exe
648 | [Owner : SYSTEM | Parent : 752(services.exe) | 4.21 Mo] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) - (5.1.2600.5512) = C:\WINDOWS\system32\svchost.exe
660 | [Owner : Antoine | Parent : 260(explorer.exe) | 4.34 Mo] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) - (5.1.2600.5512) = C:\WINDOWS\system32\rundll32.exe
680 | [Owner : Antoine | Parent : 260(explorer.exe) | 8.25 Mo] - (.AVAST Software - avast! Antivirus.) - (11.2.2738.8) = C:\Program Files\AVAST Software\Avast\avastui.exe
1104 | [Owner : Antoine | Parent : 260(explorer.exe) | 2.36 Mo] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files\HP\HP Software Update\hpwuschd2.exe
1176 | [Owner : Antoine | Parent : 260(explorer.exe) | 3.26 Mo] - (.Microsoft Corporation - CTF Loader.) - (5.1.2600.5512) = C:\WINDOWS\system32\ctfmon.exe
1224 | [Owner : Antoine | Parent : 260(explorer.exe) | 8 Mo] - (.Piriform Ltd - CCleaner.) - (5.18.0.5607) = C:\Program Files\CCleaner\CCleaner.exe
1376 | [Owner : Antoine | Parent : 260(explorer.exe) | 9.04 Mo] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) - (5.1.2600.5512) = C:\WINDOWS\system32\rundll32.exe
1464 | [Owner : Antoine | Parent : 668() | 3.66 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (2.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1808 | [Owner : Antoine | Parent : 1464(MOM.exe) | 4.36 Mo] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) - (2.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
316 | [Owner : SYSTEM | Parent : 1132(svchost.exe) | 14.2 Mo] - (.Microsoft Corporation - Windows Update.) - (7.6.7600.256) = C:\WINDOWS\system32\wuauclt.exe
3240 | [Owner : Antoine | Parent : 980(svchost.exe) | 4.29 Mo] - (.Microsoft Corporation - WMI.) - (5.1.2600.0) = C:\WINDOWS\system32\wbem\unsecapp.exe
3780 | [Owner : Antoine | Parent : 260(explorer.exe) | 427.18 Mo] - (.Mozilla Corporation - Firefox.) - (46.0.1.5966) = C:\Program Files\Mozilla Firefox\firefox.exe
2084 | [Owner : Antoine | Parent : 260(explorer.exe) | 14.39 Mo] - (.SosVirus - QuickDiag.) - (24.5.2016.2) = C:\Documents and Settings\Antoine\Bureau\QuickDiag.exe

¤¤¤¤¤¤¤¤¤¤ | MD5

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [1013.5 Ko] - (6.0.2900.5512) : C:\WINDOWS\Explorer.exe
[MD5.85D5DCF81AE47B68D5DC91255B9AD16F] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [392 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\cmd.exe
[MD5.E0E8A531CFCE1C2E5D79F683282C10C3] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [6 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\csrss.exe
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - COM Surrogate.) - [5 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\dllhost.exe
[MD5.EDBF5EB324975B090F0CFCC8D7D844AE] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1033.5 Ko] - (5.1.2600.6532) : C:\WINDOWS\System32\Kernel32.dll
[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - LSA Shell (Export Version).) - [13 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\lsass.exe
[MD5.0203B1AAD358F206CB0A3C1F93CCE17A] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Distributed COM Services.) - [392 Ko] - (5.1.2600.5755) : C:\WINDOWS\System32\rpcss.dll
[MD5.93AD0B78C7357A05F50E594EC7C22300] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Exécuter une DLL en tant qu'application.) - [33 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\rundll32.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [108.5 Ko] - (5.1.2600.5755) : C:\WINDOWS\System32\services.exe
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Generic Host Process for Win32 Services.) - [14 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\svchost.exe
[MD5.E853F84D3CE2FAA2A802E33CF89AC023] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l'API Utilisateur de Windows XP.) - [566 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\user32.dll
[MD5.E74DDB12188C2FF57A78624DBF7332FC] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Application d'ouverture de session Userinit.) - [26 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\userinit.exe
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Application d'ouverture de session Windows NT.) - [500 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Winlogon.exe
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [135.25 Ko] - (5.1.2600.6142) : C:\WINDOWS\System32\Drivers\afd.sys
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - IDE/ATAPI Port Driver.) - [94.25 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\atapi.sys
[MD5.C885B02847F5D2FD45A24E219ED93B32] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [62.25 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\cdfs.sys
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [61.5 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\cdrom.sys
[MD5.573C7D0A32852B48F3058CFD8026F511] - [23/05/2016 21:38:11] - (.© Microsoft Corporation. - High Definition Audio Bus Driver v1.0a.) - [141 Ko] - (5.10.1.5013) : C:\WINDOWS\System32\Drivers\hdaudbus.sys
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - [23/05/2016 21:23:49] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de filtre audio Livre rouge.) - [57.38 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\redbook.sys
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [52.88 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\i8042prt.sys
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - IP Network Address Translator.) - [149.25 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\ipnat.sys
[MD5.23C74D75E36E7158768DD63D92789A91] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - IPSec Driver.) - [73.5 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\ipsec.sys
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [445.63 Ko] - (5.1.2600.6133) : C:\WINDOWS\System32\Drivers\mrxsmb.sys
[MD5.1DF7F42665C94B825322FAE71721130D] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - NDIS 5.1 wrapper driver.) - [178.38 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\ndis.sys
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - MBT Transport driver.) - [159 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\netbt.sys
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - NT File System Driver.) - [561.5 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\ntfs.sys
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - [19/08/2004 17:51:44] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [78.5 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\parport.sys
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [50.13 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\rasl2tp.sys
[MD5.15CABD0F7C00C47C70124907916AF3F1] - [23/05/2016 19:35:15] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [191.63 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\rdpdr.sys
[MD5.9AEFA14BD6B182D61E3119FA5F436D3D] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - TCP/IP Protocol Driver.) - [353.13 Ko] - (5.1.2600.5625) : C:\WINDOWS\System32\Drivers\tcpip.sys
[MD5.46DE1126684369BACE4849E4FC8C43CA] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [52.13 Ko] - (5.1.2600.5512) : C:\WINDOWS\System32\Drivers\volsnap.sys

¤¤¤¤¤¤¤¤¤¤ | Locked Applications

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}] - () - (%HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK*)

¤¤¤¤¤¤¤¤¤¤ | Explorer.exe component call (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- CRT4.dll
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- CVW.dll
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- CM32.dll
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- CTF.dll
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- CP60.dll
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 
(..-..) - (0.0.0.0) -- 

¤¤¤¤¤¤¤¤¤¤ | Svchost.exe component call (Microsoft Files Whitelisted)


¤¤¤¤¤¤¤¤¤¤ | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : C:\WINDOWS\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shdocvw.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : C:\WINDOWS\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : C:\WINDOWS\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\SHELL32.dll

¤¤¤¤¤¤¤¤¤¤ | Startings up

[HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE   [02/03/2006 14:00:00]

[HKU\S-1-5-18\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe   [02/03/2006 14:00:00]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe" /MONITOR   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   

[HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE   [02/03/2006 14:00:00]

[HKU\S-1-5-20\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   

[HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE   [02/03/2006 14:00:00]

[HKU\S-1-5-19\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"=RunDll32 c6501.cpl,CMICtrlWnd   
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun   
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui   
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe   [30/05/2013 14:50:10]
""=   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run]
""=   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""=   

[HKLM\Software\Microsoft\Command Processor]
"AutoRun"=   
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   


¤¤¤¤¤¤¤¤¤¤ | Startings up registry ¦ Folder


¤¤¤¤¤¤¤¤¤¤ | Other keys


[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"fAllowToGetHelp"=1   
"FirstCountMsgQPeeksSleepBadApp"=15   
"Modems With Bad DSR"=MultiTech MultiModem MT2834
MultiTech MultiModem MT2834ZDX
MultiTech MT2834
MultiTech MT2834ZDX
MultiTech 2834
MultiTech 2834ZDX   
"MsgQBadAppSleepTimeInMillisec"=1   
"NthCountMsgQPeeksSleepBadApp"=5   
"fWritableTSCCPermTab"=0   
"DeleteTempDirsOnExit"=0   
"PerSessionTempDir"=0   
"fDenyTSConnections"=1   
"ProductVersion"=5.1   
"TSAdvertise"=0   
"IdleWinStationPoolCount"=0   
"TSAppCompat"=0   
"TSEnabled"=1   
"TSUserEnabled"=0   
"fEnableSalem"=1   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"BootExecute"=autocheck autochk *   
"CriticalSectionTimeout"=2592000   
"EnableMCA"=1   
"EnableMCE"=0   
"ExcludeFromKnownDlls"=   
"GlobalFlag"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"ObjectDirectories"=\Windows
\RPC Control   
"ProtectionMode"=1   
"ResourceTimeoutCount"=648000   
"ProcessorControl"=2   
"RegisteredProcessors"=1   
"LicensedProcessors"=1   

[HKLM\System\CurrentControlSet\Control]
"CurrentUser"=USERNAME   
"WaitToKillServiceTimeout"=20000   
"SystemStartOptions"=NOEXECUTE=OPTIN  FASTDETECT  USEPMTIMER   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   

[HKLM\System\CurrentControlSet\Control\lsa]
"Authentication Packages"=msv1_0   
"Bounds"=0x0030000000200000   
"Security Packages"=kerberos
msv1_0
schannel
wdigest   
"ImpersonatePrivilegeUpgradeToolHasRun"=1   
"LsaPid"=764   
"SecureBoot"=1   
"auditbaseobjects"=0   
"crashonauditfail"=0   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"fipsalgorithmpolicy"=0   
"forceguest"=1   
"fullprivilegeauditing"=0x00   
"limitblankpassworduse"=1   
"lmcompatibilitylevel"=0   
"nodefaultadminowner"=1   
"nolmhash"=0   
"restrictanonymous"=0   
"restrictanonymoussam"=1   
"Notification Packages"=scecli   


¤¤¤¤¤¤¤¤¤¤ | .LNK

C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Assistance à distance.lnk        (-LaunchRA) 
C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Lecteur Windows Media.lnk        (/prefetch:1) 
C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk        (/start) 
C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk        (/prefetch:1) 
C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Accessoires\Outils système\Internet Explorer (sans module complémentaire).lnk        ( -extoff) 
C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Démarrage\Alertes de surveillance de l'encre - HP ENVY 5530 series.lnk        ("C:\Program Files\HP\HP ENVY 5530 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN4BH460GZ067B;CONNECTION=USB;MONITOR=1;) 

¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs


¤¤¤¤¤¤¤¤¤¤ | Dnsapi.dll

C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts

¤¤¤¤¤¤¤¤¤¤ | Policies | Registry

[HKU\S-1-5-18\Control Panel\Desktop]
"ActiveWndTrkTimeout"=0   
"AutoEndTasks"=0   
"CaretWidth"=1   
"CoolSwitch"=1   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DragFullWindows"=2   
"DragHeight"=4   
"DragWidth"=4   
"FontSmoothing"=2   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=1   
"ForegroundFlashCount"=3   
"ForegroundLockTimeout"=200000   
"GridGranularity"=0   
"HungAppTimeout"=5000   
"LowPowerActive"=0   
"LowPowerTimeOut"=0   
"MenuShowDelay"=400   
"PaintDesktopVersion"=0   
"Pattern"=(Aucun)   
"PowerOffActive"=0   
"PowerOffTimeOut"=0   
"ScreenSaverIsSecure"=0   
"ScreenSaveTimeOut"=600   
"ScreenSaveActive"=1   
"SCRNSAVE.EXE"=logon.scr   
"TileWallpaper"=0   
"UserPreferencesMask"=0x9E3E0380   
"WaitToKillAppTimeout"=20000   
"Wallpaper"=(Aucun)   
"WallpaperStyle"=2   
"OriginalWallpaper"=   
"WheelScrollLines"=3   

[HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=145   

[HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer]
"WebFindBandHook"={68F2D3FC-8366-4a46-8224-58EFA2749425}   
"FileFindBandHook"={FFAC7A18-EDF9-40de-BA3F-49FC2269855E}   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Control Panel\Desktop]
"ActiveWndTrkTimeout"=0   
"AutoEndTasks"=0   
"CaretWidth"=1   
"CoolSwitch"=1   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FontSmoothing"=2   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=1   
"ForegroundFlashCount"=3   
"ForegroundLockTimeout"=0   
"GridGranularity"=0   
"HungAppTimeout"=5000   
"LowPowerActive"=0   
"LowPowerTimeOut"=0   
"MenuShowDelay"=400   
"PaintDesktopVersion"=0   
"PowerOffActive"=0   
"PowerOffTimeOut"=0   
"ScreenSaverIsSecure"=0   
"ScreenSaveTimeOut"=600   
"ScreenSaveActive"=1   
"SCRNSAVE.EXE"=C:\WINDOWS\System32\logon.scr   [02/03/2006 14:00:00]
"TileWallpaper"=0   
"UserPreferencesMask"=0x9E3E0780   
"WaitToKillAppTimeout"=20000   
"Wallpaper"=C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp   [23/05/2016 19:37:48]
"WallpaperStyle"=2   
"OriginalWallpaper"=   
"WheelScrollLines"=3   
"Pattern Upgrade"=TRUE   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=145   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer]
"WebFindBandHook"={68F2D3FC-8366-4a46-8224-58EFA2749425}   
"FileFindBandHook"={FFAC7A18-EDF9-40de-BA3F-49FC2269855E}   
"Logon User Name"=Antoine   
"ShellState"=0x2400000030280000000000000000000000000000010000000D0000000000000002000000   
"CleanShutdown"=0   
"FaultCount"=0   
"FaultTime"=0   
"Browse For Folder Width"=318   
"Browse For Folder Height"=340   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ServerAdminUI"=0   
"Hidden"=2   
"ShowCompColor"=1   
"HideFileExt"=1   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"SuperHidden"=0   
"SeparateProcess"=0   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"ListviewWatermark"=1   
"TaskbarAnimations"=1   
"StartMenuInit"=2   
"StartButtonBalloonTip"=2   
"LoosenRudeAppCheck"=1   

[HKU\S-1-5-20\Control Panel\Desktop]
"ActiveWndTrkTimeout"=0   
"AutoEndTasks"=0   
"CaretWidth"=1   
"CoolSwitch"=1   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DragFullWindows"=2   
"DragHeight"=4   
"DragWidth"=4   
"FontSmoothing"=2   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=1   
"ForegroundFlashCount"=3   
"ForegroundLockTimeout"=200000   
"GridGranularity"=0   
"HungAppTimeout"=5000   
"LowPowerActive"=0   
"LowPowerTimeOut"=0   
"MenuShowDelay"=400   
"PaintDesktopVersion"=0   
"Pattern"=(Aucun)   
"PowerOffActive"=0   
"PowerOffTimeOut"=0   
"ScreenSaverIsSecure"=0   
"ScreenSaveTimeOut"=600   
"ScreenSaveActive"=1   
"SCRNSAVE.EXE"=%SystemRoot%\System32\logon.scr   
"TileWallpaper"=0   
"UserPreferencesMask"=0x9E3E0180   
"WaitToKillAppTimeout"=20000   
"Wallpaper"=(Aucun)   
"WallpaperStyle"=2   
"OriginalWallpaper"=   
"WheelScrollLines"=3   

[HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=145   

[HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer]
"WebFindBandHook"={68F2D3FC-8366-4a46-8224-58EFA2749425}   
"FileFindBandHook"={FFAC7A18-EDF9-40de-BA3F-49FC2269855E}   

[HKU\S-1-5-19\Control Panel\Desktop]
"ActiveWndTrkTimeout"=0   
"AutoEndTasks"=0   
"CaretWidth"=1   
"CoolSwitch"=1   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DragFullWindows"=2   
"DragHeight"=4   
"DragWidth"=4   
"FontSmoothing"=2   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=1   
"ForegroundFlashCount"=3   
"ForegroundLockTimeout"=200000   
"GridGranularity"=0   
"HungAppTimeout"=5000   
"LowPowerActive"=0   
"LowPowerTimeOut"=0   
"MenuShowDelay"=400   
"PaintDesktopVersion"=0   
"Pattern"=(Aucun)   
"PowerOffActive"=0   
"PowerOffTimeOut"=0   
"ScreenSaverIsSecure"=0   
"ScreenSaveTimeOut"=600   
"ScreenSaveActive"=1   
"SCRNSAVE.EXE"=%SystemRoot%\System32\logon.scr   
"TileWallpaper"=0   
"UserPreferencesMask"=0x9E3E0180   
"WaitToKillAppTimeout"=20000   
"Wallpaper"=(Aucun)   
"WallpaperStyle"=2   
"OriginalWallpaper"=   
"WheelScrollLines"=3   

[HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=145   

[HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer]
"WebFindBandHook"={68F2D3FC-8366-4a46-8224-58EFA2749425}   
"FileFindBandHook"={FFAC7A18-EDF9-40de-BA3F-49FC2269855E}   

[HKLM\Software\Policies\Microsoft\Windows\System]
"Allow-LogonScript-NetbiosDisabled"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   
"SoftwareSASGeneration"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{450D8FBA-AD25-11D0-98A8-0800361B1103}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"CheckedValue"=1   
"ValueName"=Hidden   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"HelpID"=shell.hlp#51105   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"XMLLookup"=http://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s   
"Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s   
"intl"=http://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s   


¤¤¤¤¤¤¤¤¤¤ | Winlogon 

[HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ParseAutoexec"=1   
"ExcludeProfileDirs"=Local Settings;Temporary Internet Files;Historique;Temp   
"BuildNumber"=2600   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ParseAutoexec"=1   
"ExcludeProfileDirs"=Local Settings;Temporary Internet Files;Historique;Temp   
"BuildNumber"=2600   

[HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ParseAutoexec"=1   
"ExcludeProfileDirs"=Local Settings;Temporary Internet Files;Historique;Temp   
"BuildNumber"=2600   

[HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ParseAutoexec"=1   
"ExcludeProfileDirs"=Local Settings;Temporary Internet Files;Historique;Temp   
"BuildNumber"=2600   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=1   
"DefaultDomainName"=SAM   
"DefaultUserName"=Antoine   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PowerdownAfterShutdown"=0   
"ReportBootOk"=1   
"Shell"=Explorer.exe   
"ShutdownWithoutLogon"=0   
"System"=   
"Userinit"=C:\WINDOWS\system32\userinit.exe,   
"VmApplet"=rundll32 shell32,Control_RunDLL "sysdm.cpl"   
"SfcQuota"=4294967295   
"allocatecdroms"=0   
"allocatedasd"=0   
"allocatefloppies"=0   
"cachedlogonscount"=10   
"forceunlocklogon"=0   
"passwordexpirywarning"=14   
"scremoveoption"=0   
"AllowMultipleTSSessions"=1   
"UIHost"=logonui.exe   
"LogonType"=1   
"Background"=0 0 0   
"DebugServerCommand"=no   
"SFCDisable"=0   
"WinStationsDisabled"=0   
"HibernationPreviouslyEnabled"=1   
"ShowLogonOptions"=0   
"AltDefaultUserName"=Antoine   
"AltDefaultDomainName"=SAM   
"ChangePasswordUseKerberos"=1   


¤¤¤¤¤¤¤¤¤¤ | Associations

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\System32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\InternetShortcut]
""=Raccourci Internet   
"EditFlags"=2   
"IsShortcut"=   
"NeverShowExt"=   
"FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll.mui,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\Classes\Application.Manifest]
"BrowserFlags"=4096   
"EditFlags"=65536   
""=Application Manifest   

[HKLM\Software\Classes\Application.Reference]
"NeverShowExt"=   
"IsShortcut"=   
"EditFlags"=131072   
""=Application Reference   

[HKLM\Software\Classes\Folder]
""=Dossier   
"EditFlags"=0xD2030000   
"TileInfo"=prop:Size   

[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""=firefox.exe   
[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [23/05/2016 19:36:38]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\WINDOWS\system32\ie4uinit.exe" -reinstall


¤¤¤¤¤¤¤¤¤¤ | AppcompatFlags


¤¤¤¤¤¤¤¤¤¤ | IFEO

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\Your Image File Name Here without a path] : ntsd -d

¤¤¤¤¤¤¤¤¤¤ | Mountpoints2


¤¤¤¤¤¤¤¤¤¤ | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"AppInit_DLLs"=SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"Beep"=#USR:Control Panel\Sound   
"BorderWidth"=#USR:Control Panel\Desktop\WindowMetrics   
"CoolSwitch"=USR:Control Panel\Desktop   
"CursorBlinkRate"=#USR:Control Panel\Desktop   
"DefaultSeparateVDM"=\Registry\Machine\System\CurrentControlSet\Control\WOW   
"DeviceNotSelectedTimeout"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"KeyboardDelay"=#USR:Control Panel\Keyboard   
"KeyboardSpeed"=#USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"swapdisk"=SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TransmissionRetryTimeout"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

¤¤¤¤¤¤¤¤¤¤ | Security center

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\SOFTWARE\Microsoft\Security Center]
"FirstRun"=1

[HKLM\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0


¤¤¤¤¤¤¤¤¤¤ | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

¤¤¤¤¤¤¤¤¤¤ | Winsock (Whitelist)


¤¤¤¤¤¤¤¤¤¤ | Hosts

# pour Windows.
# De plus, des commentaires (tels que celui-ci) peuvent être insérés sur des

127.0.0.1       localhost

¤¤¤¤¤¤¤¤¤¤ | @

[HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=1
"NoJITSetup"=1
"Disable Script Debugger"=yes

[HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"User Agent"=Mozilla/4.0 (compatible; MSIE 6.0; Win32)
"IE5_UA_Backup_Flag"=5.0
"NoNetAutodial"=0
"MigrateProxy"=0
"EnableNegotiate"=1
"ProxyEnable"=0
"SecureProtocols"=160

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=1
"NoJITSetup"=1
"Disable Script Debugger"=yes
"Show_ChannelBand"=No
"Anchor Underline"=yes
"Cache_Update_Frequency"=Once_Per_Session
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=C:\WINDOWS\system32\blank.htm
"Save_Session_History_On_Exit"=no
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Start Page"=www.google.com
"Use_DlgBox_Colors"=yes
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"FullScreen"=no
"NotifyDownloadComplete"=yes
"Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF160000001D0000003603000075020000
"XMLHTTP"=1
"UseClearType"=yes
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"IE5_UA_Backup_Flag"=5.0
"NoNetAutodial"=0
"MigrateProxy"=1
"EmailName"=IEUser@
"AutoConfigProxy"=wininet.dll
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges 
"WarnOnPost"=0x01000000
"UseSchannelDirectly"=0x01000000
"EnableHttp1_1"=1
"PrivacyAdvanced"=0
"EnableNegotiate"=1
"ProxyEnable"=0
"PrivDiscUiShown"=1
"GlobalUserOffline"=0
"UrlEncoding"=0
"SecureProtocols"=160
"ZonesSecurityUpgrade"=0xE4E0EE2272B6D101
"DisableCachingOfSSLPages"=0
"WarnonZoneCrossing"=0

[HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=1
"NoJITSetup"=1
"Disable Script Debugger"=yes

[HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"User Agent"=Mozilla/4.0 (compatible; MSIE 6.0; Win32)
"IE5_UA_Backup_Flag"=5.0
"NoNetAutodial"=0
"MigrateProxy"=0

[HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=1
"NoJITSetup"=1
"Disable Script Debugger"=yes

[HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"User Agent"=Mozilla/4.0 (compatible; MSIE 6.0; Win32)
"IE5_UA_Backup_Flag"=5.0
"NoNetAutodial"=0
"MigrateProxy"=0
"EnableNegotiate"=1

[HKLM\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Enable_Disk_Cache"=yes
"Cache_Percent_of_Disk"=0x0A000000
"Delete_Temp_Files_On_Exit"=yes
"Local Page"=C:\WINDOWS\system32\blank.htm
"Anchor_Visitation_Horizon"=0x01000000
"Use_Async_DNS"=yes
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Start Page"=www.google.com
"Search Bar"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
"CompanyName"=Microsoft Corporation
"Custom_Key"=MICROSO
"Wizard_Version"=6.0.2600.0000
"FullScreen"=no
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Security Risk Page"=about:SecurityRisk
"Check_Associations"=yes

[HKLM\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"OfflineInformation"=res://ieframe.dll/offcancl.htm
"Home"=270
"blank"=res://mshtml.dll/blank.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"Tabs"=res://ieframe.dll/tabswelcome.htm
"InPrivate"=res://ieframe.dll/inprivate.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"gopher"=gopher://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"MinorVersion"=0
"CodeBaseSearchPath"=CODEBASE
"UrlEncoding"=0x00000000
"ActiveXCache"=C:\WINDOWS\Downloaded Program Files
"EnablePunycode"=1
"WarnOnIntranet"=1


¤¤¤¤¤¤¤¤¤¤ | reparsepoint


¤¤¤¤¤¤¤¤¤¤ | Detection of offsets


¤¤¤¤¤¤¤¤¤¤ | Notify 

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] : Ati2evxx.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] : crypt32.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] : cryptnet.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] : cscdll.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] : %SystemRoot%\System32\dimsntfy.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] : wlnotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] : wlnotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] : sclgntfy.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] : WlNotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] : wlnotify.dll
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] : wlnotify.dll

¤¤¤¤¤¤¤¤¤¤ | SSODL | SEH | URLSH | STS

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"=Pré-chargeur Browseui   
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"=Démon de cache des catégories de composant   


¤¤¤¤¤¤¤¤¤¤ | Toolbar

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"LinksFolderName"=Liens   
"Locked"=1   
"SaveLinksOrder"=0x01000000   

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{01E04581-4EEE-11D0-BFE9-00AA005B4383}"=0x8145E001EE4ED011BFE900AA005B4383100000000000000001E032F401000000   
"{0E5CBF21-D15F-11D0-8301-00AA005B4383}"=0x21BF5C0E5FD1D011830100AA005B438322001C000800000006000000010000000000000000000000000000004C0000000114020000000000C000000000000046810000001000000050741AA91CB5D101140D10B022B5D101AECB60AD1CB5D1010000000000000000010000000000000000000000000000004D0114001F50E04FD020EA3A6910A2D808002B30309D19002F433A5C000000000000000000000000000000000000005C00310000000000B748428F1000444F43554D457E310000440003000400EFBEB748A69AB748428F1400000044006F00630075006D0065006E0074007300200061006E0064002000530065007400740069006E0067007300000018003C00310000000000B748438F1000416E746F696E6500260003000400EFBEB748428FB748438F1400000041006E0074006F0069006E006500000016005000310000000000B748488F11004661766F726973003A0003000400EFBEB748438FB748488F140024004600610076006F007200690073000000407368656C6C33322E646C6C2C2D31323639330016003600310000000000B748488F10004C69656E7300220003000400EFBEB748448FB748488F140000004C00690065006E00730000001400000060000000030000A0580000000000000073616D000000000000000000000000007609ECC788A22C43A15EC04ABC6AAA38965156371521E6119D0E001D608FEDCA7609ECC788A22C43A15EC04ABC6AAA38965156371521E6119D0E001D608FEDCA00000000   
"ITBarLayout"=0x110000004C00000000000000340000001F000000560000000100000020070000A00F00000500000062050000260000000200000021070000A00F00000400000021010000A00F0000030000002003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


¤¤¤¤¤¤¤¤¤¤ | Extensions

[HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping] : () -       []
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping] : () -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583}] : (@xpsp3res.dll,-20001) -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}] : (Windows Messenger) -       []

¤¤¤¤¤¤¤¤¤¤ | SearchScopes

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (@ieframe.dll,-12512) - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} : 

¤¤¤¤¤¤¤¤¤¤ | Browser Helper Objects


¤¤¤¤¤¤¤¤¤¤ | Chrome



¤¤¤¤¤¤¤¤¤¤ | Opera


¤¤¤¤¤¤¤¤¤¤ | Firefox


[HKLM\Software\mozilla\Firefox\Extensions]
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 21.0.0.242 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5] - (Windows Presentation Foundation plug-in for Mozilla browsers) : C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.3] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll

[Antoine | 5ts9cdxm.default] : user_pref("browser.startup.homepage_override.buildID", "20160502172042");
[Antoine | 5ts9cdxm.default] : user_pref("browser.startup.homepage_override.mstone", "46.0.1");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.adblockplus.currentVersion", "2.7.3");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.adblockplus.notificationdata", "{\"lastCheck\":1464386087547,\"softExpiration\":1464461961651,\"hardExpiration\":1464558888685,\"data\":{\"notifications\":[],\"version\":\"201605272154\"},\"lastError\":0,\"downloadStatus\":\"synchronize_ok\",\"downloadCount\":1}");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.blocklist.pingCountVersion", 0);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.bootstrappedAddons", "{\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"loop@mozilla.org\":{\"version\":\"1.2.6\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.7.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Documents and Settings\\\\Antoine\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5ts9cdxm.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false}}");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.databaseSchema", 17);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.e10sBlockedByAddons", true);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.getAddons.databaseSchema", 5);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.lastAppVersion", "46.0.1");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.lastPlatformVersion", "46.0.1");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.pendingOperations", false);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.ui.dictionary.hidden", true);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.ui.experiment.hidden", true);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.ui.lastCategory", "addons://search/addblock");
[Antoine | 5ts9cdxm.default] : user_pref("extensions.ui.locale.hidden", true);
[Antoine | 5ts9cdxm.default] : user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1464030203796},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1464030203796},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.2.6\",\"st\":1464030203656}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"46.0.1\",\"st\":1464030203796}},\"winreg-app-global\":{\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":false,\"v\":\"10.3.3.44\",\"st\":1464029468000,\"mt\":1464029460687},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"d\":\"C:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"e\":false,\"v\":\"1.0\",\"st\":1464156417125,\"mt\":1213270470000}},\"app-profile\":{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Documents and Settings\\\\Antoine\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5ts9cdxm.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.7.3\",\"st\":1464386027385}}}");

¤¤¤¤¤¤¤¤¤¤ | Active Connections


¤¤¤¤¤¤¤¤¤¤ | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=192.168.0.254
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{6E79DF25-E65E-4C7B-B485-A2F05D7951DD}]
"DhcpNameServer"=192.168.0.254
[HKLM\SYSTEM\ControlSet003\services\Tcpip\Parameters\Interfaces\{6E79DF25-E65E-4C7B-B485-A2F05D7951DD}]
"DhcpNameServer"=192.168.0.254
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{6E79DF25-E65E-4C7B-B485-A2F05D7951DD}]
"DhcpNameServer"=192.168.0.254

¤¤¤¤¤¤¤¤¤¤ | Applications

[HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\scalc.exe] : "C:\Program Files\OpenOffice 4\program\scalc.exe" -o "%1"
[HKLM\SOFTWARE\Classes\Applications\shimgvw.dll] : rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : C:\Program Files\Windows Media Player\wmplayer.exe /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessoires\WORDPAD.EXE" "%1"

¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs (Whitelisted)


¤¤¤¤¤¤¤¤¤¤ | Software

[HKU\S-1-5-18\Software\ATI Technologies Inc.]
[HKU\S-1-5-18\Software\Hewlett-Packard]
[HKU\S-1-5-18\Software\Intel]
[HKU\S-1-5-18\Software\Microsoft]
[HKU\S-1-5-18\Software\Netscape]
[HKU\S-1-5-18\Software\Piriform]
[HKU\S-1-5-18\Software\Policies]
[HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam]
[HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion]

[HKU\S-1-5-21-1409082233-789336058-725345543-1004_Classes\Software\Microsoft]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004_Classes\Software\Piriform]

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\ASUS]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\ATI]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\ATI Technologies Inc.]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\AVAST Software]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Clients]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\eMuleTorrent]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\eMuleTorrentVersion]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Hewlett-Packard]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\HP]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Intel]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Macromedia]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Netscape]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\OpenOffice]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Piriform]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Policies]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\QtProject]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Sensaura]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\sysinternals]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Trolltech]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Visan]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows\ShellNoRoam]
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\Software\Microsoft\Windows NT\CurrentVersion]

[HKU\S-1-5-20_Classes\Software\Piriform]

[HKU\S-1-5-20\Software\Intel]
[HKU\S-1-5-20\Software\Microsoft]
[HKU\S-1-5-20\Software\Netscape]
[HKU\S-1-5-20\Software\Piriform]
[HKU\S-1-5-20\Software\Policies]
[HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-20\Software\Microsoft\Windows\ShellNoRoam]
[HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion]

[HKU\S-1-5-19_Classes\Software\Piriform]

[HKU\S-1-5-19\Software\Intel]
[HKU\S-1-5-19\Software\Microsoft]
[HKU\S-1-5-19\Software\Netscape]
[HKU\S-1-5-19\Software\Piriform]
[HKU\S-1-5-19\Software\Policies]
[HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-19\Software\Microsoft\Windows\ShellNoRoam]
[HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion]

[HKLM\Software\AMD]
[HKLM\Software\ASUS]
[HKLM\Software\ATI]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Clients]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\HP]
[HKLM\Software\InstallShield]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\mozilla.org]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RocketLife]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\sysinternals]
[HKLM\Software\VideoLAN]
[HKLM\Software\Visan]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\Shell]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DComLaunch]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\dot3svc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\eapsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\HTTPFilter]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PCHealth]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]


¤¤¤¤¤¤¤¤¤¤ | Drives


G:

[09/01/2014 19:25:19] - |AH| - (.-.) - [4096] - (0.0.0.0) - G:\._Private-Public.exe
[09/01/2014 19:25:19] - |A| - (.- Private-Public.) - [1638344] - (1.0.0.0) - G:\Private-Public.exe
[09/01/2014 19:18:58] - |RAH| - (.-.) - [4096] - (0.0.0.0) - G:\._autorun.inf
[09/01/2014 19:18:58] - |RAH| - (.-.) - [31] - (0.0.0.0) - G:\autorun.inf

F:


E:


D:


¤¤¤¤¤¤¤¤¤¤ | C:

[24/05/2016 20:30:57] - |D| - [954393] - C:\AdwCleaner
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 19:38:33] - (.-.) - [0] - (0.0.0.0) - C:\AUTOEXEC.BAT
[MD5.D0B18585418D6CE9DF67DE6E256EBDA7] - [23/05/2016 21:20:00] - (.-.) - [228] - (0.0.0.0) - C:\boot.ini
[MD5.C37C1B3F6505BD3A7F5AAE8B71973902] - [02/03/2006 14:00:00] - (.-.) - [4952] - (0.0.0.0) - C:\Bootfont.bin
[25/05/2016 08:03:38] - |SHD| - [0] - C:\Config.Msi
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 19:38:33] - (.-.) - [0] - (0.0.0.0) - C:\CONFIG.SYS
[23/05/2016 21:21:10] - |D| - [8429588068] - C:\Documents and Settings
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 19:38:33] - (.-.) - [0] - (0.0.0.0) - C:\IO.SYS
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 19:38:33] - (.-.) - [0] - (0.0.0.0) - C:\MSDOS.SYS
[MD5.B2DE3452DE03674C6CEC68B8C8CE7C78] - [02/03/2006 14:00:00] - (.-.) - [47564] - (0.0.0.0) - C:\NTDETECT.COM
[MD5.7794C3221F670DE270586A2CF6E68383] - [02/03/2006 14:00:00] - (.-.) - [252240] - (0.0.0.0) - C:\ntldr
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 21:15:20] - (.-.) - [2145386496] - (0.0.0.0) - C:\pagefile.sys
[23/05/2016 21:22:03] - |RD| - [1676677430] - C:\Program Files
[24/05/2016 07:13:12] - |D| - [263649] - C:\QuickDiag
[MD5.4EFCE653252EF89DBCE5BB42E0A19356] - [27/05/2016 23:55:37] - (.-.) - [70015] - (0.0.0.0) - C:\QuickDiag.txt
[MD5.D9B099BDD17D478445D0891A8C58B466] - [24/05/2016 07:14:52] - (.-.) - [155675] - (0.0.0.0) - C:\QuickDiag_24_05_2016_07_14_52.txt
[MD5.C2474F94B145A29E094DF60F30B61560] - [26/05/2016 19:05:47] - (.-.) - [162694] - (0.0.0.0) - C:\QuickDiag_26_05_2016_19_05_47.txt
[MD5.B04B04AF9E06118EC7CE351E26ABAD5D] - [26/05/2016 20:13:46] - (.-.) - [615] - (0.0.0.0) - C:\QuickScript.txt
[23/05/2016 20:46:58] - |SHD| - [85] - C:\RECYCLER
[23/05/2016 21:21:10] - |SHD| - [0] - C:\System Volume Information
[25/05/2016 13:18:35] - |D| - [265150] - C:\TEMP
[23/05/2016 21:15:20] - |D| - [4686268632] - C:\WINDOWS

¤¤¤¤¤¤¤¤¤¤ | C:\WINDOWS

[23/05/2016 19:38:48] - |HD| - [300382917] - C:\WINDOWS\$hf_mig$
[23/05/2016 21:36:32] - |HDC| - [384652072] - C:\WINDOWS\$NtServicePackUninstall$
[25/05/2016 08:40:36] - |HDC| - [795396] - C:\WINDOWS\$NtUninstallKB2115168$
[25/05/2016 08:35:09] - |HDC| - [1396255] - C:\WINDOWS\$NtUninstallKB2229593$
[25/05/2016 08:40:51] - |HDC| - [1270220] - C:\WINDOWS\$NtUninstallKB2296011$
[25/05/2016 08:33:20] - |HDC| - [708361] - C:\WINDOWS\$NtUninstallKB2347290$
[25/05/2016 08:35:40] - |HDC| - [5502678] - C:\WINDOWS\$NtUninstallKB2378111_WM9$
[25/05/2016 08:41:45] - |HDC| - [2506172] - C:\WINDOWS\$NtUninstallKB2387149$
[25/05/2016 08:28:28] - |HDC| - [5554347] - C:\WINDOWS\$NtUninstallKB2393802$
[25/05/2016 08:30:53] - |HDC| - [1899530] - C:\WINDOWS\$NtUninstallKB2419632$
[24/05/2016 22:47:39] - |HDC| - [692455] - C:\WINDOWS\$NtUninstallKB2423089$
[25/05/2016 08:35:22] - |HDC| - [737886] - C:\WINDOWS\$NtUninstallKB2443105$
[25/05/2016 08:46:59] - |HDC| - [652159] - C:\WINDOWS\$NtUninstallKB2467659$
[25/05/2016 08:28:34] - |HDC| - [1383879] - C:\WINDOWS\$NtUninstallKB2478960$
[25/05/2016 08:41:16] - |HDC| - [954458] - C:\WINDOWS\$NtUninstallKB2478971$
[25/05/2016 08:41:31] - |HDC| - [923996] - C:\WINDOWS\$NtUninstallKB2479943$
[25/05/2016 08:34:57] - |HDC| - [1329959] - C:\WINDOWS\$NtUninstallKB2481109$
[25/05/2016 08:33:05] - |HDC| - [18128726] - C:\WINDOWS\$NtUninstallKB2483185$
[25/05/2016 08:34:41] - |HDC| - [932826] - C:\WINDOWS\$NtUninstallKB2485663$
[25/05/2016 08:30:19] - |HDC| - [2658665] - C:\WINDOWS\$NtUninstallKB2506212$
[25/05/2016 08:33:54] - |HDC| - [944914] - C:\WINDOWS\$NtUninstallKB2507938$
[25/05/2016 08:30:49] - |HDC| - [987342] - C:\WINDOWS\$NtUninstallKB2508429$
[25/05/2016 08:28:56] - |HDC| - [1816582] - C:\WINDOWS\$NtUninstallKB2509553$
[25/05/2016 08:33:41] - |HDC| - [1597399] - C:\WINDOWS\$NtUninstallKB2510581$
[25/05/2016 08:32:04] - |HDC| - [754956] - C:\WINDOWS\$NtUninstallKB2535512$
[25/05/2016 08:41:04] - |HDC| - [1109656] - C:\WINDOWS\$NtUninstallKB2536276-v2$
[25/05/2016 08:41:12] - |HDC| - [1344604] - C:\WINDOWS\$NtUninstallKB2544893-v2$
[25/05/2016 08:41:23] - |HDC| - [1113370] - C:\WINDOWS\$NtUninstallKB2564958$
[24/05/2016 22:48:03] - |HDC| - [656839] - C:\WINDOWS\$NtUninstallKB2566454$
[25/05/2016 08:31:34] - |HDC| - [681320] - C:\WINDOWS\$NtUninstallKB2570947$
[24/05/2016 22:47:53] - |HDC| - [706392] - C:\WINDOWS\$NtUninstallKB2584146$
[25/05/2016 08:40:59] - |HDC| - [1361459] - C:\WINDOWS\$NtUninstallKB2585542$
[25/05/2016 08:32:22] - |HDC| - [788397] - C:\WINDOWS\$NtUninstallKB2592799$
[25/05/2016 08:34:36] - |HDC| - [855625] - C:\WINDOWS\$NtUninstallKB2598479$
[25/05/2016 08:31:17] - |HDC| - [656612] - C:\WINDOWS\$NtUninstallKB2603381$
[25/05/2016 08:29:53] - |HDC| - [834854] - C:\WINDOWS\$NtUninstallKB2619339$
[24/05/2016 22:48:06] - |HDC| - [678970] - C:\WINDOWS\$NtUninstallKB2620712$
[25/05/2016 08:40:54] - |HDC| - [1039722] - C:\WINDOWS\$NtUninstallKB2631813$
[25/05/2016 08:30:45] - |HDC| - [793169] - C:\WINDOWS\$NtUninstallKB2653956$
[25/05/2016 08:35:18] - |HDC| - [799361] - C:\WINDOWS\$NtUninstallKB2655992$
[25/05/2016 08:41:28] - |HDC| - [652516] - C:\WINDOWS\$NtUninstallKB2659262$
[24/05/2016 22:47:59] - |HDC| - [646504] - C:\WINDOWS\$NtUninstallKB2661637$
[25/05/2016 08:28:48] - |HDC| - [15131348] - C:\WINDOWS\$NtUninstallKB2676562$
[25/05/2016 08:34:29] - |HDC| - [650597] - C:\WINDOWS\$NtUninstallKB2686509$
[25/05/2016 08:40:44] - |HDC| - [17690815] - C:\WINDOWS\$NtUninstallKB2691442$
[25/05/2016 08:29:57] - |HDC| - [1186530] - C:\WINDOWS\$NtUninstallKB2698365$
[25/05/2016 08:29:49] - |HDC| - [1063736] - C:\WINDOWS\$NtUninstallKB2705219-v2$
[25/05/2016 08:41:40] - |HDC| - [999288] - C:\WINDOWS\$NtUninstallKB2712808$
[25/05/2016 08:32:39] - |HDC| - [1755057] - C:\WINDOWS\$NtUninstallKB2719985$
[25/05/2016 08:29:18] - |HDC| - [787267] - C:\WINDOWS\$NtUninstallKB2723135-v2$
[25/05/2016 08:29:37] - |HDC| - [705619] - C:\WINDOWS\$NtUninstallKB2727528$
[25/05/2016 08:30:37] - |HDC| - [825103] - C:\WINDOWS\$NtUninstallKB2749655$
[25/05/2016 08:31:04] - |HDC| - [1955504] - C:\WINDOWS\$NtUninstallKB2757638$
[25/05/2016 08:32:08] - |HDC| - [1024909] - C:\WINDOWS\$NtUninstallKB2770660$
[25/05/2016 08:33:50] - |HDC| - [2098483] - C:\WINDOWS\$NtUninstallKB2780091$
[25/05/2016 08:35:14] - |HDC| - [1203732] - C:\WINDOWS\$NtUninstallKB2802968$
[25/05/2016 08:30:15] - |HDC| - [1434552] - C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
[25/05/2016 08:31:38] - |HDC| - [675784] - C:\WINDOWS\$NtUninstallKB2807986$
[25/05/2016 08:29:01] - |HDC| - [2709444] - C:\WINDOWS\$NtUninstallKB2813345$
[25/05/2016 08:41:08] - |HDC| - [652231] - C:\WINDOWS\$NtUninstallKB2834886$
[25/05/2016 08:35:45] - |HDC| - [937446] - C:\WINDOWS\$NtUninstallKB2847311$
[25/05/2016 08:31:56] - |HDC| - [1055094] - C:\WINDOWS\$NtUninstallKB2850869$
[25/05/2016 08:31:42] - |HDC| - [13283221] - C:\WINDOWS\$NtUninstallKB2859537$
[25/05/2016 08:32:26] - |HDC| - [1192293] - C:\WINDOWS\$NtUninstallKB2862152$
[25/05/2016 08:29:07] - |HDC| - [859837] - C:\WINDOWS\$NtUninstallKB2862330$
[25/05/2016 08:34:16] - |HDC| - [692104] - C:\WINDOWS\$NtUninstallKB2862335$
[25/05/2016 08:32:51] - |HDC| - [1040968] - C:\WINDOWS\$NtUninstallKB2864063$
[25/05/2016 08:31:27] - |HDC| - [831928] - C:\WINDOWS\$NtUninstallKB2868038$
[25/05/2016 08:47:46] - |HDC| - [1304653] - C:\WINDOWS\$NtUninstallKB2868626$
[25/05/2016 08:33:16] - |HDC| - [3225621] - C:\WINDOWS\$NtUninstallKB2876217$
[25/05/2016 08:31:48] - |HDC| - [934157] - C:\WINDOWS\$NtUninstallKB2876331$
[25/05/2016 08:30:30] - |HDC| - [10499608] - C:\WINDOWS\$NtUninstallKB2879017$
[25/05/2016 08:30:02] - |HDC| - [819742] - C:\WINDOWS\$NtUninstallKB2892075$
[25/05/2016 08:31:08] - |HDC| - [797083] - C:\WINDOWS\$NtUninstallKB2893294$
[25/05/2016 08:34:51] - |HDC| - [1278670] - C:\WINDOWS\$NtUninstallKB2898715$
[25/05/2016 08:40:40] - |HDC| - [757905] - C:\WINDOWS\$NtUninstallKB2900986$
[25/05/2016 08:33:24] - |HDC| - [780921] - C:\WINDOWS\$NtUninstallKB2904266$
[25/05/2016 08:34:01] - |HDC| - [1084877] - C:\WINDOWS\$NtUninstallKB2909212$
[24/05/2016 22:47:56] - |HDC| - [686806] - C:\WINDOWS\$NtUninstallKB2914368$
[25/05/2016 08:41:20] - |HDC| - [2997541] - C:\WINDOWS\$NtUninstallKB2916036$
[25/05/2016 08:47:41] - |HDC| - [1707937] - C:\WINDOWS\$NtUninstallKB2922229$
[25/05/2016 08:34:32] - |HDC| - [1214131] - C:\WINDOWS\$NtUninstallKB2929961$
[25/05/2016 08:32:55] - |HDC| - [2512478] - C:\WINDOWS\$NtUninstallKB2930275$
[25/05/2016 08:29:21] - |HDC| - [647257] - C:\WINDOWS\$NtUninstallKB2934207$
[24/05/2016 21:14:01] - |HDC| - [614567] - C:\WINDOWS\$NtUninstallKB898461$
[25/05/2016 08:28:21] - |HDC| - [2350999] - C:\WINDOWS\$NtUninstallKB923561$
[25/05/2016 08:41:50] - |HDC| - [735884] - C:\WINDOWS\$NtUninstallKB946648$
[25/05/2016 08:31:52] - |HDC| - [852084] - C:\WINDOWS\$NtUninstallKB950762$
[25/05/2016 08:35:04] - |HDC| - [897854] - C:\WINDOWS\$NtUninstallKB950974$
[25/05/2016 08:47:37] - |HDC| - [927192] - C:\WINDOWS\$NtUninstallKB951376-v2$
[25/05/2016 08:35:31] - |HDC| - [1354770] - C:\WINDOWS\$NtUninstallKB951978$
[25/05/2016 08:32:34] - |HDC| - [2456607] - C:\WINDOWS\$NtUninstallKB952004$
[25/05/2016 08:30:11] - |HDC| - [3892021] - C:\WINDOWS\$NtUninstallKB952069_WM9$
[25/05/2016 08:31:30] - |HDC| - [981032] - C:\WINDOWS\$NtUninstallKB952287$
[25/05/2016 08:47:32] - |HDC| - [727063] - C:\WINDOWS\$NtUninstallKB952954$
[25/05/2016 08:33:57] - |HDC| - [1112552] - C:\WINDOWS\$NtUninstallKB954155_WM9$
[25/05/2016 08:40:28] - |HDC| - [3511868] - C:\WINDOWS\$NtUninstallKB955759$
[25/05/2016 08:33:30] - |HDC| - [3295890] - C:\WINDOWS\$NtUninstallKB956572$
[25/05/2016 08:33:12] - |HDC| - [803709] - C:\WINDOWS\$NtUninstallKB956844$
[25/05/2016 08:47:27] - |HDC| - [1708215] - C:\WINDOWS\$NtUninstallKB959426$
[25/05/2016 08:29:14] - |HDC| - [1001731] - C:\WINDOWS\$NtUninstallKB960803$
[25/05/2016 08:41:36] - |HDC| - [731554] - C:\WINDOWS\$NtUninstallKB960859$
[24/05/2016 22:47:44] - |HDC| - [2158713] - C:\WINDOWS\$NtUninstallKB968389$
[25/05/2016 08:35:26] - |HDC| - [2092654] - C:\WINDOWS\$NtUninstallKB969059$
[25/05/2016 08:30:24] - |HDC| - [9303248] - C:\WINDOWS\$NtUninstallKB971029$
[25/05/2016 08:34:10] - |HDC| - [783197] - C:\WINDOWS\$NtUninstallKB971657$
[25/05/2016 08:33:45] - |HDC| - [849902] - C:\WINDOWS\$NtUninstallKB972270$
[25/05/2016 08:32:12] - |HDC| - [708509] - C:\WINDOWS\$NtUninstallKB973507$
[25/05/2016 08:30:58] - |HDC| - [5733301] - C:\WINDOWS\$NtUninstallKB973540_WM9$
[25/05/2016 08:29:10] - |HDC| - [852518] - C:\WINDOWS\$NtUninstallKB973815$
[25/05/2016 08:32:48] - |HDC| - [778860] - C:\WINDOWS\$NtUninstallKB973869$
[25/05/2016 08:31:13] - |HDC| - [2243061] - C:\WINDOWS\$NtUninstallKB973904$
[25/05/2016 08:33:37] - |HDC| - [897526] - C:\WINDOWS\$NtUninstallKB974112$
[25/05/2016 08:35:37] - |HDC| - [883403] - C:\WINDOWS\$NtUninstallKB974318$
[25/05/2016 08:30:41] - |HDC| - [919863] - C:\WINDOWS\$NtUninstallKB974392$
[25/05/2016 08:32:29] - |HDC| - [707221] - C:\WINDOWS\$NtUninstallKB974571$
[25/05/2016 08:32:44] - |HDC| - [944633] - C:\WINDOWS\$NtUninstallKB975025$
[24/05/2016 22:47:49] - |HDC| - [918888] - C:\WINDOWS\$NtUninstallKB975467$
[25/05/2016 08:40:32] - |HDC| - [1275641] - C:\WINDOWS\$NtUninstallKB975558_WM8$
[25/05/2016 08:32:17] - |HDC| - [1961789] - C:\WINDOWS\$NtUninstallKB975560$
[25/05/2016 08:34:46] - |HDC| - [1126092] - C:\WINDOWS\$NtUninstallKB975713$
[25/05/2016 08:32:00] - |HDC| - [1023810] - C:\WINDOWS\$NtUninstallKB977816$
[25/05/2016 08:30:08] - |HDC| - [829084] - C:\WINDOWS\$NtUninstallKB977914$
[25/05/2016 08:34:06] - |HDC| - [978212] - C:\WINDOWS\$NtUninstallKB978338$
[25/05/2016 08:29:45] - |HDC| - [2655100] - C:\WINDOWS\$NtUninstallKB978542$
[25/05/2016 08:31:20] - |HDC| - [2800247] - C:\WINDOWS\$NtUninstallKB978695_WM9$
[25/05/2016 08:29:30] - |HDC| - [995284] - C:\WINDOWS\$NtUninstallKB978706$
[25/05/2016 08:29:41] - |HDC| - [733303] - C:\WINDOWS\$NtUninstallKB979309$
[25/05/2016 08:29:34] - |HDC| - [712724] - C:\WINDOWS\$NtUninstallKB979482$
[25/05/2016 08:33:00] - |HDC| - [2377107] - C:\WINDOWS\$NtUninstallKB979687$
[25/05/2016 08:29:25] - |HDC| - [4206558] - C:\WINDOWS\$NtUninstallKB981997$
[25/05/2016 08:34:20] - |HDC| - [771076] - C:\WINDOWS\$NtUninstallKB982132$
[25/05/2016 08:28:38] - |HDC| - [727105] - C:\WINDOWS\$NtUninstallKB982665$
[23/05/2016 20:51:32] - |HDC| - [665156] - C:\WINDOWS\$NtUninstallWdf01009$
[23/05/2016 22:24:58] - |HDC| - [588811] - C:\WINDOWS\$NtUninstallXPSEPSCLP$
[MD5.82ABB018E03D2D64FE72101B1B936ACF] - [23/05/2016 21:53:13] - (.-.) - [155] - (0.0.0.0) - C:\WINDOWS\$PREFFILE
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/05/2016 23:51:12] - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\0.log
[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - [23/05/2016 21:37:23] - (.-.) - [19569] - (0.0.0.0) - C:\WINDOWS\002587_.tmp
[23/05/2016 21:15:20] - |D| - [0] - C:\WINDOWS\addins
[23/05/2016 21:15:20] - |D| - [5311994] - C:\WINDOWS\AppPatch
[MD5.63E2D7D1746435DBE72708FB3345F84A] - [23/05/2016 20:00:29] - (.-.) - [12992] - (0.0.0.0) - C:\WINDOWS\Ascd_tmp.ini
[23/05/2016 20:09:30] - |RSD| - [518615092] - C:\WINDOWS\assembly
[MD5.FF0D7CCA5564EECF46E2EF4D4A16C4B1] - [23/05/2016 20:22:06] - (.-.) - [19462] - (0.0.0.0) - C:\WINDOWS\atiogl.xml
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 20:22:08] - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin
[MD5.8D26DAE92B9995B082AE5B6BC2FB70DB] - [23/05/2016 20:51:03] - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [52184] - (11.2.2738.0) - C:\WINDOWS\avastSS.scr
[MD5.6A2CB42966136854F4464516FBB4AE72] - [23/05/2016 19:40:07] - (.-.) - [2048] - (0.0.0.0) - C:\WINDOWS\bootstat.dat
[MD5.39F43DBCE366B2561DF073B4C0839299] - [23/05/2016 19:35:43] - (.-.) - [65978] - (0.0.0.0) - C:\WINDOWS\Bulles de savon.bmp
[MD5.E0A7E927054A7159597DFE39FE16362F] - [23/05/2016 20:01:39] - (.-.) - [326] - (0.0.0.0) - C:\WINDOWS\c6501.ini
[MD5.B41DC783875F5584693729B1B664C55C] - [23/05/2016 20:01:52] - (.-.) - [4571] - (0.0.0.0) - C:\WINDOWS\C6501.ini.cfg
[MD5.50810D8F448C0B01FE7D5A5A537F0EFF] - [23/05/2016 20:02:22] - (.-.) - [162] - (0.0.0.0) - C:\WINDOWS\C6501.ini.cfl
[MD5.BB516947768FBB05B41A2487F200716E] - [02/03/2006 14:00:00] - (.-.) - [82944] - (0.0.0.0) - C:\WINDOWS\clock.avi
[MD5.3F45D53E6BCB433948455C46700C060F] - [23/05/2016 20:01:51] - (.Copyright (C) C-Media Corp. 2006 - CmiUSBUninstall Application.) - [266240] - (1.0.1.11) - C:\WINDOWS\Cmi6501Uninstall.exe
[23/05/2016 21:15:20] - |D| - [0] - C:\WINDOWS\Config
[23/05/2016 21:15:20] - |D| - [0] - C:\WINDOWS\Connection Wizard
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 19:38:33] - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\control.ini
[23/05/2016 21:15:20] - |D| - [307984] - C:\WINDOWS\Cursors
[23/05/2016 21:15:20] - |D| - [17196] - C:\WINDOWS\Debug
[MD5.81051BCC2CF1BEDF378224B0A93E2877] - [23/05/2016 19:37:09] - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\desktop.ini
[23/05/2016 19:37:46] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files
[23/05/2016 21:15:20] - |D| - [114918687] - C:\WINDOWS\Driver Cache
[23/05/2016 21:36:28] - |D| - [112] - C:\WINDOWS\EHome
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [1037824] - (6.0.2900.5512) - C:\WINDOWS\explorer.exe
[MD5.A3975A7D2C98B30A2AE010754FFB9392] - [02/03/2006 14:00:00] - (.-.) - [80] - (0.0.0.0) - C:\WINDOWS\explorer.scf
[23/05/2016 21:15:20] - |RSD| - [28103527] - C:\WINDOWS\Fonts
[MD5.1AC5E83598D4F2143B59A2D893C3279A] - [23/05/2016 19:35:44] - (.-.) - [26582] - (0.0.0.0) - C:\WINDOWS\Granit vert.bmp
[23/05/2016 21:15:20] - |D| - [46057411] - C:\WINDOWS\Help
[MD5.143E3B993DDE4F5D8A6E00BEBB662767] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Microsoft® HTML Help Executable.) - [10752] - (5.2.3790.2453) - C:\WINDOWS\hh.exe
[25/05/2016 08:46:17] - |HDC| - [24514879] - C:\WINDOWS\ie8
[25/05/2016 08:46:45] - |D| - [88227767] - C:\WINDOWS\ie8updates
[23/05/2016 21:15:20] - |D| - [685568] - C:\WINDOWS\ime
[23/05/2016 21:15:20] - |HD| - [67785974] - C:\WINDOWS\inf
[23/05/2016 21:22:06] - |SHD| - [102476699] - C:\WINDOWS\Installer
[23/05/2016 21:15:20] - |D| - [0] - C:\WINDOWS\java
[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - [23/05/2016 19:35:43] - (.-.) - [17336] - (0.0.0.0) - C:\WINDOWS\Jour de pêche.bmp
[23/05/2016 21:42:01] - |D| - [46127] - C:\WINDOWS\l2schemas
[23/05/2016 21:15:20] - |D| - [2516373] - C:\WINDOWS\Media
[23/05/2016 20:09:18] - |D| - [144114997] - C:\WINDOWS\Microsoft.NET
[23/05/2016 21:15:20] - |D| - [3339319] - C:\WINDOWS\msagent
[23/05/2016 21:15:20] - |D| - [0] - C:\WINDOWS\msapps
[MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [02/03/2006 14:00:00] - (.-.) - [1405] - (0.0.0.0) - C:\WINDOWS\msdfmap.ini
[23/05/2016 21:15:20] - |D| - [0] - C:\WINDOWS\mui
[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - [23/05/2016 19:35:44] - (.-.) - [65832] - (0.0.0.0) - C:\WINDOWS\Mur de Santa Fe.bmp
[23/05/2016 21:38:14] - |D| - [593564] - C:\WINDOWS\network diagnostic
[MD5.2DCC5C800F51D487178814CA9EADA181] - [23/05/2016 21:21:50] - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [70656] - (5.1.2600.5512) - C:\WINDOWS\notepad.exe
[23/05/2016 20:01:06] - |D| - [101632] - C:\WINDOWS\NV15281576.TMP
[MD5.2B9C717D21A1331BA3731886E3EE87BB] - [23/05/2016 21:22:05] - (.-.) - [4205] - (0.0.0.0) - C:\WINDOWS\ODBCINST.INI
[23/05/2016 19:37:46] - |RD| - [65] - C:\WINDOWS\Offline Web Pages
[23/05/2016 21:15:20] - |D| - [28937610] - C:\WINDOWS\pchealth
[23/05/2016 21:15:20] - |D| - [724992] - C:\WINDOWS\PeerNet
[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - [23/05/2016 19:35:43] - (.-.) - [16730] - (0.0.0.0) - C:\WINDOWS\Plume.bmp
[23/05/2016 21:46:38] - |D| - [5330948] - C:\WINDOWS\Prefetch
[23/05/2016 21:15:20] - |D| - [74948] - C:\WINDOWS\Provisioning
[MD5.ADF88D0996A634B5B13EE8FB9595647D] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [153088] - (5.1.2600.5512) - C:\WINDOWS\regedit.exe
[23/05/2016 19:36:22] - |D| - [1116168] - C:\WINDOWS\Registration
[MD5.7DEABDF9853B6D41B975B3DACFC6E353] - [23/05/2016 19:40:56] - (.-.) - [8192] - (0.0.0.0) - C:\WINDOWS\REGLOCS.OLD
[23/05/2016 21:15:20] - |D| - [10620501] - C:\WINDOWS\repair
[23/05/2016 21:15:20] - |D| - [5281063] - C:\WINDOWS\Resources
[MD5.927A66BD587E31CB12D3AB25381658DC] - [23/05/2016 19:35:44] - (.-.) - [17362] - (0.0.0.0) - C:\WINDOWS\Rhododendron.bmp
[MD5.5B4AC407E566076BB726BA91E067D313] - [23/05/2016 19:35:44] - (.-.) - [26680] - (0.0.0.0) - C:\WINDOWS\Rivière Sumida.bmp
[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - [23/05/2016 19:35:43] - (.-.) - [1272] - (0.0.0.0) - C:\WINDOWS\Rosace bleue 16.bmp
[MD5.31FCB7A18C39F41146AFB28F044FEDAD] - [23/05/2016 19:53:36] - (.-.) - [32604] - (0.0.0.0) - C:\WINDOWS\SchedLgU.Txt
[23/05/2016 21:15:20] - |D| - [3426734] - C:\WINDOWS\security
[23/05/2016 21:39:54] - |D| - [488468379] - C:\WINDOWS\ServicePackFiles
[MD5.C47BAC4DDBB10D8CFEA03D8AA16794A3] - [23/05/2016 21:42:02] - (.All rights reserved - SLRunDll.) - [32866] - (3.80.1.1) - C:\WINDOWS\slrundll.exe
[23/05/2016 19:53:37] - |D| - [841694105] - C:\WINDOWS\SoftwareDistribution
[23/05/2016 19:36:58] - |D| - [12629548] - C:\WINDOWS\srchasst
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/05/2016 21:24:18] - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\Sti_Trace.log
[25/05/2016 08:05:11] - |D| - [0] - C:\WINDOWS\SxsCaPendDel
[23/05/2016 21:15:20] - |D| - [8767281] - C:\WINDOWS\system
[MD5.A0E02492452D4E237465D99D005D91FD] - [02/03/2006 14:00:00] - (.-.) - [231] - (0.0.0.0) - C:\WINDOWS\system.ini
[23/05/2016 21:15:20] - |D| - [1064350465] - C:\WINDOWS\system32
[MD5.DA090A1AD995DB0716293E029E6198E5] - [23/05/2016 21:21:51] - (.© Microsoft Corporation. Tous droits réservés. - Gestionnaire des tâches.) - [15872] - (5.1.2600.0) - C:\WINDOWS\TASKMAN.EXE
[23/05/2016 19:37:02] - |SD| - [3669] - C:\WINDOWS\Tasks
[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - [23/05/2016 19:35:43] - (.-.) - [17062] - (0.0.0.0) - C:\WINDOWS\Tasse à café.bmp
[23/05/2016 21:15:20] - |D| - [53590661] - C:\WINDOWS\Temp
[MD5.427ECA273722EB5719ECCA0903090149] - [02/03/2006 14:00:00] - (.- Gestionnaire de sources Twain (Interface d'acquisition d'images).) - [94864] - (1.7.0.0) - C:\WINDOWS\twain.dll
[23/05/2016 21:15:20] - |D| - [5102828] - C:\WINDOWS\twain_32
[MD5.283EBE4C81D52F2913FAD2AB8F3E467A] - [02/03/2006 14:00:00] - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [50688] - (1.7.1.1) - C:\WINDOWS\twain_32.dll
[MD5.F36A271706EDD23C94956AFB56981184] - [02/03/2006 14:00:00] - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\WINDOWS\twunk_16.exe
[MD5.5F3C040D22D8A0D031283E3C5BCC18B5] - [02/03/2006 14:00:00] - (.- Twain.dll Client's 32-Bit Thunking Server.) - [25600] - (1.7.1.0) - C:\WINDOWS\twunk_32.exe
[MD5.487403459F0B2F1A3ADEEF02496BD80E] - [23/05/2016 19:36:26] - (.-.) - [36] - (0.0.0.0) - C:\WINDOWS\vb.ini
[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - [23/05/2016 19:36:26] - (.-.) - [37] - (0.0.0.0) - C:\WINDOWS\vbaddin.ini
[MD5.280920B6773C74C3649A934257112BE1] - [23/05/2016 19:35:44] - (.-.) - [65954] - (0.0.0.0) - C:\WINDOWS\Vent de prairie.bmp
[MD5.22B1EE2EE86BC5656459454ABE0D814E] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. - Windows VMM Registry Library.) - [18944] - (5.1.2600.0) - C:\WINDOWS\vmmreg32.dll
[25/05/2016 08:46:32] - |D| - [3814] - C:\WINDOWS\WBEM
[23/05/2016 21:15:20] - |RD| - [2715465] - C:\WINDOWS\Web
[MD5.51A95886B0E4D878E668636C4CE9ACF7] - [23/05/2016 21:24:18] - (.-.) - [159] - (0.0.0.0) - C:\WINDOWS\wiadebug.log
[MD5.5947CB2DE32C1C8FEFB032F88D731F90] - [23/05/2016 21:24:18] - (.-.) - [50] - (0.0.0.0) - C:\WINDOWS\wiaservc.log
[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] - [02/03/2006 14:00:00] - (.-.) - [477] - (0.0.0.0) - C:\WINDOWS\win.ini
[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [23/05/2016 19:37:41] - (.-.) - [749] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest
[MD5.2EDDD922DB7643A1F1E01C319B11338D] - [23/05/2016 19:37:38] - (.-.) - [1734405] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log
[MD5.7C4B58AB5E03F86998B3ECCEC84CE56C] - [02/03/2006 14:00:00] - (.Copyright © Microsoft Corp. 1991-1992 - Fichier application du moteur d'aide de Windows.) - [256768] - (3.10.0.425) - C:\WINDOWS\winhelp.exe
[MD5.6DB80B8F9DD83096FABAC437B59457F6] - [02/03/2006 14:00:00] - (.© Microsoft Corporation. Tous droits réservés. - Aide Microsoft®.) - [288256] - (5.1.2600.5512) - C:\WINDOWS\winhlp32.exe
[MD5.CE45BE933AA8CF23B3469FE761C27A32] - [23/05/2016 19:37:09] - (.-.) - [49102] - (0.0.0.0) - C:\WINDOWS\winnt.bmp
[MD5.CE45BE933AA8CF23B3469FE761C27A32] - [23/05/2016 19:37:09] - (.-.) - [49102] - (0.0.0.0) - C:\WINDOWS\winnt256.bmp
[23/05/2016 21:15:20] - |D| - [59814828] - C:\WINDOWS\WinSxS
[MD5.928813DCAC5C5F62DB7C0922D8B4474B] - [02/03/2006 14:00:00] - (.-.) - [39340] - (0.0.0.0) - C:\WINDOWS\wmprfFRA.prx
[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [23/05/2016 19:38:29] - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx
[MD5.5290EA6951F4724259F423B12C8E1393] - [23/05/2016 19:35:44] - (.-.) - [9522] - (0.0.0.0) - C:\WINDOWS\Zapotec.bmp
[MD5.B317B33694BAC49D492DD3F23E374899] - [02/03/2006 14:00:00] - (.-.) - [707] - (0.0.0.0) - C:\WINDOWS\_default.pif

¤¤¤¤¤¤¤¤¤¤ | Systemroot\System

[23/05/2016 20:02:22] - |RA| - [712704] - C:\WINDOWS\System\a3d.dll     (© Copyright 1997-2001  Sensaura Ltd) - (Audio3D (OEM))
[23/05/2016 21:21:51] - |A| - [70352] - C:\WINDOWS\System\AVICAP.DLL     (Copyright © Microsoft Corp. 1992-1994) - (DLL de capture AVI)
[23/05/2016 21:21:51] - |A| - [109568] - C:\WINDOWS\System\AVIFILE.DLL     (Copyright © Microsoft Corp. 1991-2000) - (Bibliothèque d'assistance des fichiers AVI Microsoft)
[23/05/2016 20:02:22] - |RA| - [6410240] - C:\WINDOWS\System\C6501.cpl     (Copyright (C) C-Media Corp. 2001-2007) - (CmiCnfg DLL)
[23/05/2016 20:02:09] - |A| - [150] - C:\WINDOWS\System\C6501.ini     () - ()
[23/05/2016 20:02:22] - |RA| - [712704] - C:\WINDOWS\System\c6501a3d.dll     (© Copyright 1997-2001  Sensaura Ltd) - (Audio3D (OEM))
[23/05/2016 21:21:51] - |A| - [33904] - C:\WINDOWS\System\COMMDLG.DLL     (Copyright © Microsoft Corp. 1981-1996) - (Bibliothèques des boîtes de dialogue communes)
[23/05/2016 21:21:52] - |A| - [2000] - C:\WINDOWS\System\KEYBOARD.DRV     (Copyright © Microsoft Corp. 1981-1996) - (WOW Keyboard Driver Module)
[23/05/2016 21:21:52] - |A| - [9936] - C:\WINDOWS\System\LZEXPAND.DLL     (Copyright © Microsoft Corp. 1989-1992) - (Windows file expansion library)
[23/05/2016 21:21:52] - |A| - [73680] - C:\WINDOWS\System\MCIAVI.DRV     (Copyright © Microsoft Corp. 1992-1994) - (Pilote MCI pour AVI)
[23/05/2016 21:21:52] - |A| - [25280] - C:\WINDOWS\System\MCISEQ.DRV     (Copyright © Microsoft Corp. 1991) - (Pilote MCI pour séquenceur MIDI)
[23/05/2016 21:21:52] - |A| - [28160] - C:\WINDOWS\System\MCIWAVE.DRV     (Copyright © Microsoft Corp. 1991) - (Pilote MCI pour formes d'ondes audio)
[23/05/2016 21:21:50] - |A| - [70688] - C:\WINDOWS\System\MMSYSTEM.DLL     (Copyright © Microsoft Corp. 1981-1996) - (API système pour le multimédia)
[23/05/2016 21:21:52] - |A| - [1152] - C:\WINDOWS\System\MMTASK.TSK     (Copyright © Microsoft Corp. 1981-1996) - (Multimedia background task support module)
[23/05/2016 21:21:52] - |A| - [2032] - C:\WINDOWS\System\MOUSE.DRV     (Copyright © Microsoft Corp. 1981-1996) - (WOW MOUSE Driver Module)
[23/05/2016 21:21:52] - |A| - [127168] - C:\WINDOWS\System\MSVIDEO.DLL     (Copyright © Microsoft Corp. 1992-1994) - (DLL Microsoft Video for Windows)
[23/05/2016 21:21:52] - |A| - [83456] - C:\WINDOWS\System\OLECLI.DLL     (Copyright © Microsoft Corp. 1991-1993) - (Bibliothèque client de liaison et incorporation d'objets (OLE))
[23/05/2016 21:21:52] - |A| - [24064] - C:\WINDOWS\System\OLESVR.DLL     (Copyright © Microsoft Corp. 1991-1996) - (Object Linking and Embedding Server Library)
[02/03/2006 14:00:00] - |A| - [59167] - C:\WINDOWS\System\setup.inf     () - ()
[23/05/2016 21:21:52] - |A| - [5120] - C:\WINDOWS\System\SHELL.DLL     (Copyright © Microsoft Corp. 1981-1996) - (Windows Shell library)
[23/05/2016 21:21:52] - |A| - [1744] - C:\WINDOWS\System\SOUND.DRV     (Copyright © Microsoft Corp. 1981-1996) - (WOW SOUND Driver Module)
[02/03/2006 14:00:00] - |A| - [5532] - C:\WINDOWS\System\stdole.tlb     (Copyright © Microsoft Corp. 1993-1995) - (OLE 2.1 16/32 Interoperability Type Library)
[23/05/2016 21:21:52] - |A| - [3360] - C:\WINDOWS\System\SYSTEM.DRV     (Copyright © Microsoft Corp. 1981-1996) - (Windows System Driver core component)
[23/05/2016 21:21:52] - |A| - [19200] - C:\WINDOWS\System\TAPI.DLL     (© Microsoft Corporation. All rights reserved) - (Microsoft® Windows(TM) Telephony Server1)
[23/05/2016 21:21:52] - |A| - [4096] - C:\WINDOWS\System\TIMER.DRV     (Copyright © Microsoft Corp. 1981-1996) - (Pilote de minuteur pour les compatibles PC)
[23/05/2016 21:21:52] - |A| - [9104] - C:\WINDOWS\System\VER.DLL     (Copyright © Microsoft Corp. 1991) - (Bibliothèques de vérification des versions et d'installation de fichiers)
[23/05/2016 21:21:52] - |A| - [2176] - C:\WINDOWS\System\VGA.DRV     (Copyright © Microsoft Corp. 1981-1996) - (WOW Display Driver Module)
[23/05/2016 21:21:52] - |A| - [13600] - C:\WINDOWS\System\WFWNET.DRV     (Copyright © Microsoft Corp. 1981-1996) - (Windows for Workgroups network driver)
[23/05/2016 21:21:51] - |A| - [146944] - C:\WINDOWS\System\winspool.drv     (© Microsoft Corporation. Tous droits réservés.) - (Pilote de spouleur Windows)

¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer

[23/05/2016 20:11:31] - C:\WINDOWS\Installer\2fe46.msi : (Catalyst Control Center - ATI Technologies, Inc.)
[23/05/2016 20:11:34] - C:\WINDOWS\Installer\2fe4e.msi : (ATI Catalyst Install Manager Installer (32 bit) - ATI Technologies, Inc.)
[23/05/2016 20:22:20] - C:\WINDOWS\Installer\2fe55.msi : (ATI AVIVO Codecs Installation package - ATI Technologies Inc.)
[23/05/2016 20:22:44] - C:\WINDOWS\Installer\2fe5c.msi : (Branding - ATI)
[23/05/2016 20:22:45] - C:\WINDOWS\Installer\2fe63.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:45] - C:\WINDOWS\Installer\2fe6a.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:50] - C:\WINDOWS\Installer\2fe71.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:51] - C:\WINDOWS\Installer\2fe78.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:51] - C:\WINDOWS\Installer\2fe7f.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:52] - C:\WINDOWS\Installer\2fe86.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:53] - C:\WINDOWS\Installer\2fe8d.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:55] - C:\WINDOWS\Installer\2fe94.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:22:55] - C:\WINDOWS\Installer\2fe9b.msi : (Catalyst Control Center Utility Package - ATI)
[23/05/2016 20:22:57] - C:\WINDOWS\Installer\2fea3.msi : (Catalyst Control Center - ATI)
[23/05/2016 20:25:00] - C:\WINDOWS\Installer\2fea8.msi : (Blank Project Template - InstallShield Software Corporation)
[23/05/2016 22:34:31] - C:\WINDOWS\Installer\6c780.msi : (HP ENVY 5530 series Basic Device Software - Hewlett-Packard Co.)
[23/05/2016 22:34:35] - C:\WINDOWS\Installer\6c788.msi : (Product Improvement Study for HP ENVY 5530 series - Hewlett-Packard Co.)
[23/05/2016 22:34:41] - C:\WINDOWS\Installer\6c790.msi : (HP Update - Hewlett-Packard)
[23/05/2016 22:34:49] - C:\WINDOWS\Installer\6c798.msi : (HP ENVY 5530 series Get product specific help to easily troubleshoot and fix problems. - Hewlett Packard)
[24/05/2016 21:45:14] - C:\WINDOWS\Installer\a2267.msi : (OpenOffice 4.1.2 - OpenOffice)

¤¤¤¤¤¤¤¤¤¤ | %System%\*.in*

[23/05/2016 21:19:57] - [261] - C:\WINDOWS\System32\$winnt$.inf
[23/05/2016 19:37:09] - [2] - C:\WINDOWS\System32\desktop.ini
[02/03/2006 14:00:00] - [1015477] - C:\WINDOWS\System32\esentprf.ini
[02/03/2006 14:00:00] - [929] - C:\WINDOWS\System32\homepage.inf
[02/03/2006 14:00:00] - [57667] - C:\WINDOWS\System32\ieuinit.inf
[02/03/2006 14:00:00] - [1490] - C:\WINDOWS\System32\mmdriver.inf
[23/05/2016 19:35:41] - [3914] - C:\WINDOWS\System32\msdtcprf.ini
[02/03/2006 14:00:00] - [3030] - C:\WINDOWS\System32\perfci.ini
[02/03/2006 14:00:00] - [1293] - C:\WINDOWS\System32\perffilt.ini
[23/05/2016 21:22:06] - [1094606] - C:\WINDOWS\System32\PerfStringBackup.INI
[02/03/2006 14:00:00] - [2994] - C:\WINDOWS\System32\perfwci.ini
[13/04/2008 19:10:52] - [2524] - C:\WINDOWS\System32\pid.inf
[02/03/2006 14:00:00] - [367] - C:\WINDOWS\System32\prodspec.ini
[02/03/2006 14:00:00] - [14073] - C:\WINDOWS\System32\pschdprf.ini
[02/03/2006 14:00:00] - [6212] - C:\WINDOWS\System32\rasctrs.ini
[02/03/2006 14:00:00] - [15937] - C:\WINDOWS\System32\rsvp.ini
[02/03/2006 14:00:00] - [53478] - C:\WINDOWS\System32\tcpmon.ini
[23/05/2016 19:35:41] - [27768] - C:\WINDOWS\System32\tslabels.ini

¤¤¤¤¤¤¤¤¤¤ | [Antoine]

[23/05/2016 19:58:04] - |RHD| - [40955523] - C:\Documents and Settings\Antoine\Application Data
[23/05/2016 19:58:04] - |D| - [143235839] - C:\Documents and Settings\Antoine\Bureau
[23/05/2016 19:58:04] - |SHD| - [32768] - C:\Documents and Settings\Antoine\Cookies
[23/05/2016 19:58:04] - |RD| - [1478] - C:\Documents and Settings\Antoine\Favoris
[25/05/2016 12:42:26] - |SHD| - [262144] - C:\Documents and Settings\Antoine\IETldCache
[23/05/2016 19:58:04] - |HD| - [440518882] - C:\Documents and Settings\Antoine\Local Settings
[23/05/2016 19:58:04] - |RD| - [21952] - C:\Documents and Settings\Antoine\Menu Démarrer
[23/05/2016 19:58:04] - |RD| - [7760419100] - C:\Documents and Settings\Antoine\Mes documents
[23/05/2016 19:58:04] - |HD| - [37456] - C:\Documents and Settings\Antoine\Modèles
[23/05/2016 19:58:04] - |AH| - [1048576] - C:\Documents and Settings\Antoine\NTUSER.DAT
[23/05/2016 19:58:04] - |AH| - [1024] - C:\Documents and Settings\Antoine\ntuser.dat.LOG
[23/05/2016 19:58:05] - |SH| - [184] - C:\Documents and Settings\Antoine\ntuser.ini
[27/05/2016 23:49:27] - |RHD| - [150] - C:\Documents and Settings\Antoine\Recent
[23/05/2016 19:58:04] - |RHD| - [172] - C:\Documents and Settings\Antoine\SendTo
[23/05/2016 19:58:04] - |HD| - [0] - C:\Documents and Settings\Antoine\Voisinage d'impression
[23/05/2016 19:58:04] - |HD| - [0] - C:\Documents and Settings\Antoine\Voisinage réseau
[23/05/2016 21:55:57] - |D| - [0] - C:\Documents and Settings\Antoine\Local Settings\Application Data\Adobe
[23/05/2016 20:26:23] - |D| - [60929] - C:\Documents and Settings\Antoine\Local Settings\Application Data\ATI
[26/05/2016 20:55:55] - |A| - [7680] - C:\Documents and Settings\Antoine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[23/05/2016 21:53:52] - |D| - [834156] - C:\Documents and Settings\Antoine\Local Settings\Application Data\eMuleTorrent
[23/05/2016 20:26:28] - |A| - [19112] - C:\Documents and Settings\Antoine\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[23/05/2016 20:29:46] - |D| - [64343] - C:\Documents and Settings\Antoine\Local Settings\Application Data\HP
[23/05/2016 20:04:31] - |AH| - [4828260] - C:\Documents and Settings\Antoine\Local Settings\Application Data\IconCache.db
[23/05/2016 19:58:04] - |D| - [1087021] - C:\Documents and Settings\Antoine\Local Settings\Application Data\Microsoft
[23/05/2016 20:41:18] - |D| - [401000447] - C:\Documents and Settings\Antoine\Local Settings\Application Data\Mozilla
[23/05/2016 20:53:38] - |D| - [12217283] - C:\Documents and Settings\Antoine\Local Settings\Application Data\Temp
[23/05/2016 21:53:21] - |D| - [1864318] - C:\Documents and Settings\Antoine\Local Settings\Application Data\{D209E455-F6A1-88ED-9B39-AD05BF51519D}
[23/05/2016 19:58:04] - |ASH| - [62] - C:\Documents and Settings\Antoine\Menu Démarrer\desktop.ini
[23/05/2016 19:58:04] - |RD| - [21890] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes
[23/05/2016 19:58:04] - |RD| - [15929] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Accessoires
[23/05/2016 19:58:04] - |A| - [1599] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Assistance à distance.lnk
[23/05/2016 19:58:04] - |ASH| - [238] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\desktop.ini
[23/05/2016 19:58:04] - |RD| - [1791] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Démarrage
[23/05/2016 19:58:07] - |A| - [803] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Internet Explorer.lnk
[23/05/2016 19:58:04] - |A| - [792] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Lecteur Windows Media.lnk
[23/05/2016 19:58:09] - |A| - [738] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Outlook Express.lnk
[23/05/2016 22:36:35] - |A| - [1707] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Démarrage\Alertes de surveillance de l'encre - HP ENVY 5530 series.lnk
[23/05/2016 19:58:04] - |ASH| - [84] - C:\Documents and Settings\Antoine\Menu Démarrer\Programmes\Démarrage\desktop.ini

¤¤¤¤¤¤¤¤¤¤ | [LocalService]

[23/05/2016 19:53:35] - |D| - [0] - C:\Documents and Settings\LocalService\Application Data
[23/05/2016 19:53:35] - |SHD| - [16384] - C:\Documents and Settings\LocalService\Cookies
[23/05/2016 19:53:35] - |HD| - [441908] - C:\Documents and Settings\LocalService\Local Settings
[23/05/2016 19:53:35] - |AH| - [229376] - C:\Documents and Settings\LocalService\NTUSER.DAT
[23/05/2016 19:53:35] - |AH| - [1024] - C:\Documents and Settings\LocalService\ntuser.dat.LOG
[23/05/2016 19:53:35] - |SH| - [20] - C:\Documents and Settings\LocalService\ntuser.ini
[23/05/2016 19:53:35] - |D| - [276450] - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[23/05/2016 20:53:42] - |D| - [0] - C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp

¤¤¤¤¤¤¤¤¤¤ | [NetworkService]

[23/05/2016 19:40:53] - |D| - [42] - C:\Documents and Settings\NetworkService\Application Data
[23/05/2016 19:40:53] - |SHD| - [16384] - C:\Documents and Settings\NetworkService\Cookies
[26/05/2016 20:43:51] - |SHD| - [16384] - C:\Documents and Settings\NetworkService\IETldCache
[23/05/2016 19:40:53] - |HD| - [313010] - C:\Documents and Settings\NetworkService\Local Settings
[23/05/2016 19:40:53] - |AH| - [229376] - C:\Documents and Settings\NetworkService\NTUSER.DAT
[23/05/2016 19:40:53] - |AH| - [1024] - C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[23/05/2016 19:40:54] - |SH| - [20] - C:\Documents and Settings\NetworkService\ntuser.ini
[23/05/2016 19:40:54] - |D| - [263168] - C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

¤¤¤¤¤¤¤¤¤¤ | C:\Documents and Settings\All Users\Application Data

[23/05/2016 22:33:36] - |A| - [57] - C:\Documents and Settings\All Users\Application Data\Ament.ini
[23/05/2016 20:26:23] - |D| - [188] - C:\Documents and Settings\All Users\Application Data\ATI
[23/05/2016 20:49:16] - |D| - [13110136] - C:\Documents and Settings\All Users\Application Data\AVAST Software
[23/05/2016 21:21:43] - |ASH| - [62] - C:\Documents and Settings\All Users\Application Data\desktop.ini
[23/05/2016 22:30:45] - |D| - [10708931] - C:\Documents and Settings\All Users\Application Data\HP
[23/05/2016 22:34:52] - |D| - [2888316] - C:\Documents and Settings\All Users\Application Data\HP Photo Creations
[25/05/2016 12:47:41] - |D| - [10398868] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[23/05/2016 21:21:28] - |SD| - [1635151] - C:\Documents and Settings\All Users\Application Data\Microsoft
[23/05/2016 22:34:52] - |D| - [95268] - C:\Documents and Settings\All Users\Application Data\Visan

¤¤¤¤¤¤¤¤¤¤ | C:\Documents and Settings\All Users\Menu Démarrer

[23/05/2016 19:38:38] - |A| - [398] - C:\Documents and Settings\All Users\Menu Démarrer\Catalogue Windows.lnk
[23/05/2016 19:38:38] - |A| - [1563] - C:\Documents and Settings\All Users\Menu Démarrer\Configurer les programmes par défaut.lnk
[23/05/2016 21:21:43] - |ASH| - [284] - C:\Documents and Settings\All Users\Menu Démarrer\desktop.ini
[23/05/2016 21:21:43] - |RD| - [103987] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes
[23/05/2016 19:38:38] - |A| - [1507] - C:\Documents and Settings\All Users\Menu Démarrer\Windows Update.lnk

¤¤¤¤¤¤¤¤¤¤ | C:\Documents and Settings\All Users\Menu Démarrer\Programmes

[23/05/2016 19:29:34] - |RD| - [32404] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
[23/05/2016 20:51:42] - |D| - [1701] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVAST Software
[23/05/2016 20:22:58] - |D| - [8913] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Catalyst Control Center
[26/05/2016 10:47:04] - |D| - [776] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[23/05/2016 21:21:43] - |ASH| - [150] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\desktop.ini
[23/05/2016 21:21:43] - |RD| - [84] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
[27/05/2016 20:47:53] - |D| - [1119] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\eMuleTorrent
[23/05/2016 22:34:29] - |D| - [17757] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HP
[23/05/2016 19:36:00] - |RD| - [13838] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
[25/05/2016 12:47:45] - |D| - [2642] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
[23/05/2016 20:41:15] - |A| - [730] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[23/05/2016 19:36:00] - |A| - [2070] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MSN.lnk
[24/05/2016 21:45:12] - |SD| - [5667] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\OpenOffice 4.1.2
[23/05/2016 19:36:22] - |RD| - [10081] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
[23/05/2016 22:28:59] - |D| - [4632] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
[23/05/2016 19:36:00] - |A| - [637] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk
[23/05/2016 19:37:37] - |A| - [786] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk

¤¤¤¤¤¤¤¤¤¤ | C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

[23/05/2016 21:21:43] - |ASH| - [84] - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files

[23/05/2016 20:11:32] - |D| - [17051880] - C:\Program Files\ATI
[23/05/2016 20:10:59] - |D| - [57977231] - C:\Program Files\ATI Technologies
[23/05/2016 20:50:22] - |D| - [699610128] - C:\Program Files\AVAST Software
[23/05/2016 20:01:34] - |D| - [20363652] - C:\Program Files\C-Media 6501 Sound
[26/05/2016 10:47:04] - |D| - [10048584] - C:\Program Files\CCleaner
[23/05/2016 19:36:28] - |D| - [0] - C:\Program Files\ComPlus Applications
[23/05/2016 20:03:07] - |D| - [2921110] - C:\Program Files\DIFX
[23/05/2016 21:22:03] - |D| - [26708739] - C:\Program Files\Fichiers communs
[23/05/2016 22:33:42] - |D| - [136093002] - C:\Program Files\HP
[23/05/2016 22:34:52] - |D| - [451059] - C:\Program Files\HP Photo Creations
[23/05/2016 20:25:03] - |D| - [288886] - C:\Program Files\InstallShield Installation Information
[23/05/2016 19:36:38] - |D| - [4681832] - C:\Program Files\Internet Explorer
[25/05/2016 12:47:41] - |D| - [59351724] - C:\Program Files\Malwarebytes Anti-Malware
[23/05/2016 19:35:56] - |D| - [2152579] - C:\Program Files\Messenger
[23/05/2016 19:38:52] - |D| - [0] - C:\Program Files\microsoft frontpage
[23/05/2016 19:36:53] - |D| - [10374874] - C:\Program Files\Movie Maker
[23/05/2016 20:41:13] - |D| - [96868920] - C:\Program Files\Mozilla Firefox
[23/05/2016 22:23:47] - |D| - [25757] - C:\Program Files\MSBuild
[23/05/2016 19:35:31] - |D| - [19278399] - C:\Program Files\MSN
[23/05/2016 19:35:53] - |D| - [8745735] - C:\Program Files\MSN Gaming Zone
[23/05/2016 20:25:00] - |D| - [0] - C:\Program Files\My Company Name
[23/05/2016 19:36:45] - |D| - [3285523] - C:\Program Files\NetMeeting
[23/05/2016 19:36:00] - |D| - [1804] - C:\Program Files\Online Services
[24/05/2016 21:44:31] - |D| - [325006373] - C:\Program Files\OpenOffice 4
[23/05/2016 19:36:43] - |D| - [4379321] - C:\Program Files\Outlook Express
[23/05/2016 22:23:40] - |D| - [37338369] - C:\Program Files\Reference Assemblies
[23/05/2016 19:37:35] - |D| - [1025] - C:\Program Files\Services en ligne
[23/05/2016 19:58:07] - |HD| - [0] - C:\Program Files\Uninstall Information
[23/05/2016 22:28:26] - |D| - [126194080] - C:\Program Files\VideoLAN
[23/05/2016 19:36:00] - |D| - [3534189] - C:\Program Files\Windows Media Player
[23/05/2016 19:35:29] - |D| - [3942655] - C:\Program Files\Windows NT
[23/05/2016 19:37:38] - |HD| - [0] - C:\Program Files\WindowsUpdate
[23/05/2016 19:38:52] - |D| - [0] - C:\Program Files\xerox

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Fichiers communs

[23/05/2016 20:22:20] - |D| - [2326528] - C:\Program Files\Fichiers communs\ATI Technologies
[23/05/2016 20:00:40] - |D| - [5218496] - C:\Program Files\Fichiers communs\InstallShield
[23/05/2016 21:22:03] - |D| - [8272903] - C:\Program Files\Fichiers communs\Microsoft Shared
[23/05/2016 19:37:01] - |D| - [284160] - C:\Program Files\Fichiers communs\MSSoap
[23/05/2016 21:22:05] - |D| - [0] - C:\Program Files\Fichiers communs\ODBC
[23/05/2016 19:37:03] - |D| - [8106] - C:\Program Files\Fichiers communs\Services
[23/05/2016 21:22:03] - |D| - [3787229] - C:\Program Files\Fichiers communs\SpeechEngines
[23/05/2016 19:36:38] - |D| - [6811317] - C:\Program Files\Fichiers communs\System

¤¤¤¤¤¤¤¤¤¤ | Tasks

[MD5.20DC08CCF8E038569E7B11B2A2DBF450] - [23/05/2016 21:56:16] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[MD5.F1535CFA152B55B3E69A053A38867891] - [23/05/2016 22:34:36] - |A| - [446] - C:\WINDOWS\Tasks\At2.job
[MD5.FDA1AD5F988299FA27E7C515A525B389] - [23/05/2016 22:34:36] - |A| - [446] - C:\WINDOWS\Tasks\At3.job
[MD5.6C5DB39566954DA914D4B82D79A5547D] - [23/05/2016 22:34:36] - |A| - [446] - C:\WINDOWS\Tasks\At4.job
[MD5.99A2B60FE9FCA204B911B670E16354DA] - [23/05/2016 22:34:36] - |A| - [446] - C:\WINDOWS\Tasks\At5.job
[MD5.F3C97AB47EA545BE4AA785D5F43EB418] - [23/05/2016 20:51:16] - |AH| - [366] - C:\WINDOWS\Tasks\avast! Emergency Update.job
[MD5.6A82073D6E1CAEA8E63CF491BAADFA2B] - [23/05/2016 19:37:02] - |RAH| - [65] - C:\WINDOWS\Tasks\desktop.ini
[MD5.12A3E275B441369BA116929D72382642] - [25/05/2016 12:42:27] - |A| - [226] - C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
[MD5.6C681CF023716FA882990D3430D9C7EB] - [25/05/2016 12:42:27] - |A| - [220] - C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [23/05/2016 19:53:36] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT

¤¤¤¤¤¤¤¤¤¤ | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Documents and Settings\Antoine\Bureau\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Documents and Settings\Antoine\Bureau\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User|
"UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Documents and Settings\Antoine\Bureau\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Documents and Settings\Antoine\Bureau\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User|

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"=%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files\Mozilla Firefox\firefox.exe"=C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox)
"%windir%\Network Diagnostic\xpnetdiag.exe"=%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
"E:\emule\eMuleTorrent\eMuleTorrent.exe"=E:\emule\eMuleTorrent\eMuleTorrent.exe:*:Enabled:eMuleTorrent
"C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe"=C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:Configuration du périphérique HP (HP ENVY 5530 series)
"C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe"=C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:Communicateur réseau COM HP (HP ENVY 5530 series)
"C:\Documents and Settings\Antoine\Bureau\QuickDiag.exe"=C:\Documents and Settings\Antoine\Bureau\QuickDiag.exe:*:Enabled:QuickDiag

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"=%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"%windir%\Network Diagnostic\xpnetdiag.exe"=%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000



¤¤¤¤¤¤¤¤¤¤ | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1A3E09BE-1E45-494B-9174-D7385B45BBF5}] : (NVIDIA Network Bus Enumerator) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}] : (Net) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{66F250D6-7801-4A64-B139-EEA80A450B24}] : (1394Debug) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{AB4964A5-4361-4899-BA0A-180305F2BF92}] : (aswTdi) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (Avc) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C459DF55-DB08-11D1-B009-00A0C9081FF6}] : (Enum1394) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D45B1C18-C8FA-11D1-9F77-0000F805F530}] : (NtApm) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) []  -> 

¤¤¤¤¤¤¤¤¤¤ | Loaded modules (Microsoft Files whitelisted)

[// ::] - (0.0.0.0) - ( -) - ACPI.sys
[// ::] - (0.0.0.0) - ( -) - pci.sys
[// ::] - (0.0.0.0) - ( -) - isapnp.sys
[// ::] - (0.0.0.0) - ( -) - ohci1394.sys
[// ::] - (0.0.0.0) - ( -) - pciide.sys
[// ::] - (0.0.0.0) - ( -) - MountMgr.sys
[// ::] - (0.0.0.0) - ( -) - ftdisk.sys
[// ::] - (0.0.0.0) - ( -) - PartMgr.sys
[// ::] - (0.0.0.0) - ( -) - VolSnap.sys
[// ::] - (0.0.0.0) - ( -) - atapi.sys
[// ::] - (0.0.0.0) - ( -) - nvata.sys
[// ::] - (0.0.0.0) - ( -) - disk.sys
[// ::] - (0.0.0.0) - ( -) - fltmgr.sys
[// ::] - (0.0.0.0) - ( -) - sr.sys
[// ::] - (0.0.0.0) - ( -) - KSecDD.sys
[// ::] - (0.0.0.0) - ( -) - Ntfs.sys
[// ::] - (0.0.0.0) - ( -) - NDIS.sys
[// ::] - (0.0.0.0) - ( -) - aswRvrt.sys
[// ::] - (0.0.0.0) - ( -) - aswVmm.sys
[// ::] - (0.0.0.0) - ( -) - Mup.sys
[23/05/2016 20:03:04] - (1.3.2.0) - (Advanced Micro Devices - AMD Processor Driver) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
[23/05/2016 20:01:05] - (1.0.0.5011) - (NVIDIA Corporation - NVIDIA Networking Bus Driver.) - C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
[23/05/2016 20:01:05] - (1.0.0.5011) - (NVIDIA Corporation - NVIDIA Network Resource Manager.) - C:\WINDOWS\system32\DRIVERS\NVNRM.SYS
[23/05/2016 20:01:05] - (1.0.0.5011) - (NVIDIA Corporation - NVIDIA Networking Soft-NPU Driver.) - C:\WINDOWS\system32\DRIVERS\NVSNPU.SYS
[23/05/2016 20:11:54] - (6.14.10.7039) - (ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver) - C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
[23/05/2016 21:38:11] - (5.10.1.5013) - (Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a) - C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
[23/05/2016 20:00:30] - (1043.2.15.37) - ( - ATK0110 ACPI Utility) - C:\WINDOWS\system32\DRIVERS\ASACPI.sys
[02/03/2006 14:00:00] - (1.1.0.0) - (Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
[23/05/2016 20:01:08] - (1.0.0.5011) - (NVIDIA Corporation - NVIDIA Networking Function Driver.) - C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
[23/05/2016 20:51:13] - (11.2.2738.0) - (AVAST Software - avast! self protection module) - C:\WINDOWS\system32\drivers\aswSP.sys
[23/05/2016 20:52:52] - (11.2.2738.0) - (AVAST Software - avast! Keyboard Filter Driver) - C:\WINDOWS\system32\drivers\aswKbd.sys
[23/05/2016 20:51:13] - (11.2.2738.0) - (AVAST Software - avast! TDI Redirect Driver) - C:\WINDOWS\system32\drivers\aswRdr.sys
[23/05/2016 20:51:13] - (11.2.2738.0) - (AVAST Software - avast! Virtualization Driver) - C:\WINDOWS\system32\drivers\aswSnx.sys
[23/05/2016 20:01:55] - (5.12.8.1803) - (C-Media Inc - C-Media Audio WDM Driver) - C:\WINDOWS\system32\drivers\c6501.sys
[23/05/2016 20:11:56] - (6.14.10.7039) - (ATI Technologies Inc. - ATI Radeon WindowsNT Display Driver) - C:\WINDOWS\System32\ati2dvag.dll
[23/05/2016 20:11:57] - (6.14.10.458) - (ATI Technologies Inc. - Central Memory Manager / Queue Server Module) - C:\WINDOWS\System32\ati2cqag.dll
[23/05/2016 20:11:54] - (6.14.10.118) - (ATI Technologies Inc. - Virtual Command And Memory Manager) - C:\WINDOWS\System32\atikvmag.dll
[23/05/2016 20:11:55] - (6.14.10.9311) - (ATI Technologies Inc. - Ring 0 x2 component) - C:\WINDOWS\System32\atiok3x2.dll
[23/05/2016 20:11:55] - (6.14.10.722) - (ATI Technologies Inc.  - ati3duag.dll) - C:\WINDOWS\System32\ati3duag.dll
[23/05/2016 20:11:56] - (6.14.10.244) - (Advanced Micro Devices, Inc.  - Radeon Video Acceleration Universal Driver) - C:\WINDOWS\System32\ativvaxx.dll
[02/03/2006 14:00:00] - (5.1.2.236) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\WINDOWS\System32\ATMFD.DLL
[23/05/2016 20:51:13] - (11.2.2738.0) - (AVAST Software - avast! File System Minifilter for Windows 2003/Vista) - C:\WINDOWS\system32\drivers\aswMonFlt.sys
[23/05/2016 20:51:13] - (11.2.2738.0) - (AVAST Software - avast! HWID) - C:\WINDOWS\system32\drivers\aswHwid.sys
[23/05/2016 20:51:13] - (11.2.2738.0) - (AVAST Software - avast! Stream Filter) - C:\WINDOWS\system32\drivers\aswStmXP.sys

¤¤¤¤¤¤¤¤¤¤ | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

R0 - ACPI (Pilote ACPI Microsoft) -> system32\DRIVERS\ACPI.sys
R0 - aswRvrt (avast! Revert) -> (?)
R0 - aswVmm (avast! VM Monitor) -> (?)
R0 - atapi (Contrôleur de disque dur IDE/ESDI standard) -> system32\DRIVERS\atapi.sys
R0 - Disk (Pilote de disque) -> system32\DRIVERS\disk.sys
R0 - FltMgr (FltMgr) -> system32\drivers\fltmgr.sys
R0 - Ftdisk (Pilote du Gestionnaire de volume) -> system32\DRIVERS\ftdisk.sys
R0 - isapnp (Pilote de bus Plug-and-Play ISA/EISA) -> system32\DRIVERS\isapnp.sys
R0 - KSecDD () -> (?)
R0 - MountMgr (Gestionnaire de point de montage) -> (?)
R0 - Mup (Mup) -> (?)
R0 - NDIS (Pilote système NDIS) -> (?)
R0 - nvata () -> system32\DRIVERS\nvata.sys
R0 - ohci1394 (Contrôleur hôte compatible IEE 1394 VIA OHCI) -> system32\DRIVERS\ohci1394.sys
R0 - PartMgr (Gestionnaire de partition) -> (?)
R0 - PCI (Pilote de bus PCI) -> system32\DRIVERS\pci.sys
R0 - PCIIde () -> system32\DRIVERS\pciide.sys
R0 - sr (Pilote de filtre de restauration système) -> system32\DRIVERS\sr.sys
R0 - VolSnap () -> (?)
R1 - AFD (AFD) -> \SystemRoot\System32\drivers\afd.sys
R1 - AmdK8 (Pilote de processeur AMD) -> system32\DRIVERS\AmdK8.sys
R1 - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys
R1 - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr.sys
R1 - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys
R1 - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys
R1 - Beep () -> (?)
S1 - Cdaudio () -> (?)
R1 - Cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys
S1 - Changer () -> (?)
S1 - Fdc () -> (?)
R1 - Fips () -> (?)
S1 - Flpydisk () -> (?)
S1 - Fs_Rec () -> (?)
S1 - i2omgmt () -> (?)
R1 - i8042prt (Pilote pour clavier i8042 et souris sur port PS/2) -> system32\DRIVERS\i8042prt.sys
R1 - Imapi (Pilote de filtre de gravure CD) -> system32\DRIVERS\imapi.sys
R1 - IPSec (Pilote IPSEC) -> system32\DRIVERS\ipsec.sys
R1 - Kbdclass (Pilote de la classe Clavier) -> system32\DRIVERS\kbdclass.sys
S1 - lbrtfdc () -> (?)
R1 - mnmdd () -> (?)
R1 - Mouclass (Pilote de la classe Souris) -> system32\DRIVERS\mouclass.sys
R1 - MRxSmb (MRXSMB) -> system32\DRIVERS\mrxsmb.sys
R1 - Msfs () -> (?)
R1 - NetBIOS (Interface NetBIOS) -> system32\DRIVERS\netbios.sys
R1 - NetBT (NetBIOS sur TCP/IP) -> system32\DRIVERS\netbt.sys
R1 - Npfs () -> (?)
R1 - Null () -> (?)
S1 - PCIDump () -> (?)
S1 - Processor (Pilote processeur) -> system32\DRIVERS\processr.sys
R1 - RasAcd (Pilote de connexion automatique d'accès distant) -> system32\DRIVERS\rasacd.sys
R1 - Rdbss (Rdbss) -> system32\DRIVERS\rdbss.sys
R1 - RDPCDD () -> System32\DRIVERS\RDPCDD.sys
R1 - redbook (Pilote de filtre de lecture digitale de CD audio) -> system32\DRIVERS\redbook.sys
R1 - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys
S1 - Sfloppy () -> (?)
R1 - Tcpip (Pilote du protocole TCP/IP) -> system32\DRIVERS\tcpip.sys
R1 - TermDD (Pilote de périphérique terminal) -> system32\DRIVERS\termdd.sys
R1 - VgaSave (Carte vidéo VGA.) -> \SystemRoot\System32\drivers\vga.sys
S1 - WS2IFSL () -> (?)
R2 - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys
R2 - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys
R2 - Ati HotKey Poller () -> %SystemRoot%\system32\Ati2evxx.exe
R2 - AudioSrv (Audio Windows) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
R2 - BITS (Service de transfert intelligent en arrière-plan) -> %SystemRoot%\system32\svchost.exe -k netsvcs
S2 - Browser (Explorateur d'ordinateur) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - CryptSvc (Services de cryptographie) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - DcomLaunch (Lanceur de processus serveur DCOM) -> %SystemRoot%\system32\svchost -k DcomLaunch
R2 - Dhcp (Client DHCP) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - Dnscache (Client DNS) -> %SystemRoot%\system32\svchost.exe -k NetworkService
R2 - ERSvc (Service de rapport d'erreurs) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - Eventlog (Journal des événements) -> %SystemRoot%\system32\services.exe
R2 - helpsvc (Aide et support) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - lanmanserver (Serveur) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - lanmanworkstation (Station de travail) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - LmHosts (Assistance TCP/IP NetBIOS) -> %SystemRoot%\system32\svchost.exe -k LocalService
R2 - ParVdm () -> (?)
R2 - PlugPlay (Plug-and-Play) -> %SystemRoot%\system32\services.exe
R2 - PolicyAgent (Services IPSEC) -> %SystemRoot%\system32\lsass.exe
R2 - ProtectedStorage (Emplacement protégé) -> %SystemRoot%\system32\lsass.exe
R2 - RpcSs (Appel de procédure distante (RPC)) -> %SystemRoot%\system32\svchost -k rpcss
R2 - SamSs (Gestionnaire de comptes de sécurité) -> %SystemRoot%\system32\lsass.exe
R2 - Schedule (Planificateur de tâches) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - seclogon (Connexion secondaire) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - SENS (Notification d'événement système) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - SharedAccess (Pare-feu Windows / Partage de connexion Internet) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - ShellHWDetection (Détection matériel noyau) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - Spooler (Spouleur d'impression) -> %SystemRoot%\system32\spoolsv.exe
R2 - srservice (Service de restauration système) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - stisvc (Acquisition d'image Windows (WIA)) -> %SystemRoot%\system32\svchost.exe -k imgsvc
R2 - Themes (Thèmes) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - TrkWks (Client de suivi de lien distribué) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - W32Time (Horloge Windows) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - WebClient (WebClient) -> %SystemRoot%\system32\svchost.exe -k LocalService
R2 - winmgmt (Infrastructure de gestion Windows) -> %systemroot%\system32\svchost.exe -k netsvcs
R2 - wscsvc (Centre de sécurité) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - wuauserv (Mises à jour automatiques) -> %systemRoot%\System32\svchost.exe -k netsvcs
R2 - WZCSVC (Configuration automatique sans fil) -> %SystemRoot%\System32\svchost.exe -k netsvcs

¤¤¤¤¤¤¤¤¤¤ | System files (Microsoft Files whitelisted)

[MD5.31FFDE1BE912D7CBD3F189FEB61F86B6] - [23/05/2016 20:03:04] - (.Copyright © AMD, Inc.2002-2006 - AMD Processor Driver.) - [42.5 Ko] - (1.3.2.0) - C:\WINDOWS\System32\Drivers\AmdK8.sys
[MD5.D48659BB24C48345D926ECB45C1EBDF5] - [23/05/2016 20:00:30] - (.- ATK0110 ACPI Utility.) - [5.67 Ko] - (1043.2.15.37) - C:\WINDOWS\System32\Drivers\ASACPI.sys
[MD5.C2A6683C9FF46AA70E2C2092B008EDC7] - [23/05/2016 20:00:13] - (.-.) - [10.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\ASUSHWIO.SYS
[MD5.6E41047DF3644FE7B472D80CD2494F53] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [32.02 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswHwid.sys
[MD5.A0370985E35E86F7C88CFB1AC896832E] - [23/05/2016 20:52:52] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [34.27 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswKbd.sys
[MD5.938A11801954BBB35D2CFD72E2219122] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [89.03 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswMonFlt.sys
[MD5.24B40A4F7BBF4297AD26330C699E73D2] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! TDI Redirect Driver.) - [62.77 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswRdr.sys
[MD5.E72A61A4A75FBCABFFD7A9EA76544D89] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [57.4 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswRvrt.sys
[MD5.3DFA2C8D9F798A193CD922B7155572AB] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [796.67 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswSnx.sys
[MD5.837795B850F100A32C62FC38FC0BE301] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [439.1 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswSP.sys
[MD5.5844E073C53F9723F3E48A131B422C6B] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! Stream Filter.) - [182.82 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswStmXP.sys
[MD5.996615D42F4468FD6E218F8BFFD71E87] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! TDI Filter Driver.) - [65.64 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswTdi.sys
[MD5.388600AA4676D3AED8976F546A12238D] - [23/05/2016 20:51:13] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [216.18 Ko] - (11.2.2738.0) - C:\WINDOWS\System32\Drivers\aswVmm.sys
[MD5.D649C57DA6FA762C64013747E5D7D2D6] - [23/05/2016 21:38:14] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) - [55.3 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1btxx.sys
[MD5.60B6AA2DC1521DA343F781B70EB7895A] - [23/05/2016 21:38:14] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) - [11.34 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1mdxx.sys
[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - [23/05/2016 21:38:14] - (.Copyright (C) ATI Technologies Inc. 1999 - ATI Specialized PCD VBI Codec.) - [11.76 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1pdxx.sys
[MD5.9D318099BF3876A4AF4BC75966D27603] - [23/05/2016 21:38:14] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) - [29.95 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1raxx.sys
[MD5.BCAF267B10620F8C93F6E87AB726E145] - [23/05/2016 21:38:13] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) - [62.17 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1rvxx.sys
[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - [23/05/2016 21:38:13] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) - [25.75 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1snxx.sys
[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - [23/05/2016 21:38:13] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI WDM Teletext Decoder.) - [20.84 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1ttxx.sys
[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - [23/05/2016 21:38:13] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) - [35.61 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1tuxx.sys
[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - [23/05/2016 21:38:13] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) - [28.76 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1xbxx.sys
[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - [23/05/2016 21:38:13] - (.Copyright (C) 2002 ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) - [33.92 Ko] - (6.13.10.6131) - C:\WINDOWS\System32\Drivers\ati1xsxx.sys
[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - [23/05/2016 21:38:13] - (.Copyright (C) 1998-2001 ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) - [319.5 Ko] - (6.13.10.5019) - C:\WINDOWS\System32\Drivers\ati2mtaa.sys
[MD5.876F538FFB9FBC769DFD7DF9D62E6065] - [23/05/2016 20:11:54] - (.Copyright (C) 1998-2004 ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) - [4418.5 Ko] - (6.14.10.7039) - C:\WINDOWS\System32\Drivers\ati2mtag.sys
[MD5.993E7BD6438FE989E328C6B4BCA246A9] - [23/05/2016 21:38:13] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) - [56.5 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinbtxx.sys
[MD5.ED4C2BF8403F4437987C0BA09CF48716] - [23/05/2016 21:38:13] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) - [13.5 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinmdxx.sys
[MD5.E90AC2B14E98F1A4372E5891B4278784] - [23/05/2016 21:38:13] - (.Copyright (C) ATI Technologies Inc. 1999 - ATI Specialized PCD VBI Codec RT2.) - [14 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinpdxx.sys
[MD5.DA36687D701C833430605A298731410B] - [23/05/2016 21:38:13] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) - [51 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinraxx.sys
[MD5.A7A01B907DB63898D40B0A14248FF9A2] - [23/05/2016 21:38:13] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) - [102.5 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinrvxx.sys
[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - [23/05/2016 21:38:13] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) - [28 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinsnxx.sys
[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - [23/05/2016 21:38:13] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI WDM Teletext Decoder.) - [13.5 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinttxx.sys
[MD5.EDD66332608D27F4FD5069BCD0BC5164] - [23/05/2016 21:38:12] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) - [71.5 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atintuxx.sys
[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - [23/05/2016 21:38:12] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) - [31 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinxbxx.sys
[MD5.77B575D7AAB35D5908AE6CE681608D62] - [23/05/2016 21:38:12] - (.Copyright (C) 2004 ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) - [62 Ko] - (6.14.10.6238) - C:\WINDOWS\System32\Drivers\atinxsxx.sys
[MD5.A4087DA0990727DCA1FF4EDE4940D382] - [23/05/2016 20:01:55] - (.Copyright (C) C-Media Inc. 1998-2006 - C-Media Audio WDM Driver.) - [1280 Ko] - (5.12.8.1803) - C:\WINDOWS\System32\Drivers\c6501.sys
[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - [23/08/2001 19:04:06] - (.Copyright 1999 RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) - [256.38 Ko] - (5.0.0.93) - C:\WINDOWS\System32\Drivers\cinemst2.sys
[MD5.9624293E55AD405415862B504CA95B73] - [17/08/2001 23:24:38] - (.Copyright ⓒ 2000 - Compaq PA-1 Player Driver.) - [11.5 Ko] - (1.0.0.4) - C:\WINDOWS\System32\Drivers\cpqdap01.sys
[MD5.970178E8E003EB1481293830069624B9] - [23/05/2016 21:38:11] - (.Copyright© Conexant Systems, Inc. 2004 - HSF_HWB2 WDM driver.) - [214.88 Ko] - (7.12.9.0) - C:\WINDOWS\System32\Drivers\hsfbs2s2.sys
[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - [23/05/2016 21:38:11] - (.Copyright© Conexant Systems, Inc. 2004 - HSF_CNXT driver.) - [669 Ko] - (7.12.9.0) - C:\WINDOWS\System32\Drivers\hsfcxts2.sys
[MD5.EBB354438A4C5A3327FB97306260714A] - [23/05/2016 21:38:11] - (.Copyright© Conexant Systems, Inc. 2004 - HSF_DP driver.) - [1017.13 Ko] - (7.12.9.0) - C:\WINDOWS\System32\Drivers\hsfdpsp2.sys
[MD5.A1D52DB330E18B5A7A718D31D950CA87] - [25/05/2016 12:47:41] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [23.88 Ko] - (0.1.16.0) - C:\WINDOWS\System32\Drivers\mbam.sys
[MD5.24A4B357D906D3CB52F370338FA3B62C] - [25/05/2016 12:47:41] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [120.38 Ko] - (1.1.22.0) - C:\WINDOWS\System32\Drivers\mbamchameleon.sys
[MD5.5023F594D5448E16F920157174C61358] - [25/05/2016 12:48:01] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [166.21 Ko] - (0.3.0.4) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys
[MD5.195741AEE20369980796B557358CD774] - [23/05/2016 21:38:10] - (.Copyright© Conexant Systems, Inc. 2004 - Diagnostic Interface DRIVER.) - [11.59 Ko] - (1.0.2.6) - C:\WINDOWS\System32\Drivers\mdmxsdk.sys
[MD5.C53775780148884AC87C455489A0C070] - [23/05/2016 21:38:10] - (.All rights reserved - .) - [123.72 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\mtlmnt5.sys
[MD5.54886A652BF5685192141DF304E923FD] - [23/05/2016 21:38:10] - (.All rights reserved - .) - [1278.5 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\mtlstrm.sys
[MD5.6DDA78A0BE692B61B668FAB860F276CF] - [23/05/2016 21:38:10] - (.Copyright © Matrox Graphics Inc. 1995-2003 - Matrox Parhelia Miniport Driver.) - [442.13 Ko] - (6.13.1.1296) - C:\WINDOWS\System32\Drivers\mtxparhm.sys
[MD5.BE984D604D91C217355CDD3737AAD25D] - [17/08/2001 23:24:44] - (.Coyright (C) S3/Diamond Multimedia Systems 2000 - NikeDrv Usb Driver.) - [11.75 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\nikedrv.sys
[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - [23/05/2016 21:38:10] - (.All rights reserved - .) - [176.13 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\ntmtlfax.sys
[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - [23/05/2016 21:38:09] - (.(C) NVIDIA Corporation. - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) - [1852.94 Ko] - (6.14.10.5673) - C:\WINDOWS\System32\Drivers\nv4_mini.sys
[MD5.0344AA9113DC16EEC379F4652020849D] - [23/05/2016 20:04:16] - (.Copyright(C) 2001-2005 NVIDIA Corporation - NVIDIA® nForce(TM) IDE Performance Driver.) - [91.38 Ko] - (5.10.2600.552) - C:\WINDOWS\System32\Drivers\nvata.sys
[MD5.A545DF28F75BCB109A3AADBB07552B12] - [23/05/2016 20:01:08] - (.Copyright © 2001-2007 NVIDIA Corporation - NVIDIA Networking Function Driver..) - [33.25 Ko] - (1.0.0.5011) - C:\WINDOWS\System32\Drivers\NVENETFD.sys
[MD5.EA41F641420F3D8271804D287C1EF461] - [23/05/2016 20:01:05] - (.Copyright © 2001-2007 NVIDIA Corporation - NVIDIA Networking Bus Driver..) - [12.75 Ko] - (1.0.0.5011) - C:\WINDOWS\System32\Drivers\nvnetbus.sys
[MD5.EDE21093ADE3151F9B8CEECEF0FD9B73] - [23/05/2016 20:01:05] - (.Copyright © 2001-2007 NVIDIA Corporation - NVIDIA Network Resource Manager..) - [294.25 Ko] - (1.0.0.5011) - C:\WINDOWS\System32\Drivers\nvnrm.sys
[MD5.0E02AADA1BF15A1FA7B8D204FA8A909B] - [23/05/2016 20:01:05] - (.Copyright © 2001-2007 NVIDIA Corporation - NVIDIA Networking Soft-NPU Driver..) - [217.25 Ko] - (1.0.0.5011) - C:\WINDOWS\System32\Drivers\nvsnpu.sys
[MD5.B5C82D4ACBAA133C4500181FB529AC4C] - [23/05/2016 20:01:06] - (.Copyright © 2001-2007 NVIDIA Corporation - NVIDIA Networking Protocol Driver..) - [99.25 Ko] - (1.0.0.5013) - C:\WINDOWS\System32\Drivers\nvtcp.sys
[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - [02/03/2006 14:00:00] - (.Copyright (C) Parallel Technologies 1995-1997 - Parallel Technologies DirectParallel IO Library.) - [17.38 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\ptilink.sys
[MD5.E9AAA0092D74A9D371659C4C38882E12] - [23/05/2016 21:38:09] - (.All rights reserved - .) - [13.45 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\recagent.sys
[MD5.A56FE08EC7473E8580A390BB1081CDD7] - [17/08/2001 23:24:46] - (.Coyright (C) S3/Diamond Multimedia Systems 2000 - Rio8Drv.sys Usb Driver.) - [11.75 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\rio8drv.sys
[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - [17/08/2001 23:24:46] - (.Coyright (C) S3/Diamond Multimedia Systems 1999 - RioDrv Usb Driver.) - [11.75 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\riodrv.sys
[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - [23/05/2016 21:38:09] - (.Copyright (c) 2003 by S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) - [163 Ko] - (6.14.10.12) - C:\WINDOWS\System32\Drivers\s3gnbm.sys
[MD5.90A3935D05B494A5A39D37E71F09A677] - [02/03/2006 14:00:00] - (.© 2006 Macrovision Corporation  - Macrovision SECURITY Driver.) - [20 Ko] - (4.3.86.0) - C:\WINDOWS\System32\Drivers\secdrv.sys
[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - [23/05/2016 21:38:09] - (.Copyright (C) Silion Integrated Systems Corp. 1999-2000 - SiS NT AGP Filter.) - [40 Ko] - (5.12.1.2010) - C:\WINDOWS\System32\Drivers\sisagp.sys
[MD5.D9673011648A71ED1E1F77B831BC85E6] - [23/05/2016 21:38:09] - (.All rights reserved - .) - [126.5 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\slnt7554.sys
[MD5.2C1779C0FEB1F4A6033600305EBA623A] - [23/05/2016 21:38:09] - (.All rights reserved - .) - [395.5 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\slntamr.sys
[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - [23/05/2016 21:38:08] - (.All rights reserved - .) - [93.19 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\slnthal.sys
[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - [23/05/2016 21:38:08] - (.All rights reserved - .) - [12.93 Ko] - (3.80.1.0) - C:\WINDOWS\System32\Drivers\slwdmsup.sys
[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - [18/08/2001 00:06:22] - (.Copyright (C) Toshiba Corp. 1998 - WDM Toshiba Tecra Video Capture Driver.) - [20.88 Ko] - (5.1.2600.0) - C:\WINDOWS\System32\Drivers\tsbvcap.sys
[MD5.290913DC4F1125E5A82DE52579A44C43] - [04/08/2004 01:08:58] - (.Copyright (C) 2000 Intel Corporation - Universal Serial Bus Camera Driver.) - [15.5 Ko] - (5.1.2600.5512) - C:\WINDOWS\System32\Drivers\usbintel.sys
[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - [18/08/2001 00:02:14] - (.Copyright 1999 RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) - [56.75 Ko] - (5.0.0.74) - C:\WINDOWS\System32\Drivers\vdmindvd.sys
[MD5.0308AEF61941E4AF478FA1A0F83812F5] - [23/05/2016 21:38:07] - (.Copyright (c) 1998-2001 Intel(R) Corporation. - Digital Display Minidriver for Intel(R) Graphics Driver.) - [11.53 Ko] - (6.13.1.3198) - C:\WINDOWS\System32\Drivers\wadv07nt.sys
[MD5.714038A8AA5DE08E12062202CD7EAEB5] - [23/05/2016 21:38:07] - (.Copyright (c) 1998-2001 Intel(R) Corporation. - Digital Display Minidriver for Intel(R) Graphics Driver.) - [11.03 Ko] - (6.13.1.3198) - C:\WINDOWS\System32\Drivers\wadv08nt.sys
[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - [23/05/2016 21:38:07] - (.Copyright (c) 1998-2001 Intel(R) Corporation. - Digital Display Minidriver for Intel(R) Graphics Driver.) - [11.59 Ko] - (6.13.1.3198) - C:\WINDOWS\System32\Drivers\wadv09nt.sys
[MD5.36E6C405B6143D09687F4056FD9A0D10] - [23/05/2016 21:38:07] - (.Copyright (c) 1998-2001 Intel(R) Corporation. - Digital Display Minidriver for Intel(R) Graphics Driver.) - [11.66 Ko] - (6.13.1.3198) - C:\WINDOWS\System32\Drivers\wadv11nt.sys
[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - [23/05/2016 21:38:07] - (.Copyright (c) 1998-2001 Intel(R) Corporation. - Digital Display Minidriver for Intel(R) Graphics Driver.) - [21.75 Ko] - (6.13.1.3198) - C:\WINDOWS\System32\Drivers\watv06nt.sys
[MD5.791CC45DE6E50445BE72E8AD6401FF45] - [23/05/2016 21:38:07] - (.Copyright (c) 1998-2001 Intel(R) Corporation. - Digital Display Minidriver for Intel(R) Graphics Driver.) - [24.87 Ko] - (6.13.1.3198) - C:\WINDOWS\System32\Drivers\watv10nt.sys

¤¤¤¤¤¤¤¤¤¤ | Uninstall

[HKU\S-1-5-21-1409082233-789336058-725345543-1004\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BFReport] : (.-.) -> 
[HKU\S-1-5-21-1409082233-789336058-725345543-1004\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\c62ed0dc6ef832790c549bed63020a4a] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\3BEF1AFDE8303306594E2ADA27520E6E700820AE] : (Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0).-.Advanced Micro Devices) -> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_1F9DE4E49C97F59EE9F75C34E0E91E568FC9EEB2\amdk8.inf
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 21 NPAPI.-.Adobe Systems Incorporated) -> C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_242_Plugin.exe -maintain plugin
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ATI Display Driver] : (ATI Display Driver.-.) -> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Branding] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe"
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectAnimation] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\eMuleTorrent] : (eMuleTorrent.-.eMule.com) -> "E:\emule\eMuleTorrent\Uninstall.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Generic 6501 Sound] : (C-Media 6501 Sound.-.) -> C:\WINDOWS\Cmi6501Uninstall.exe C:\Program Files\C-Media 6501 Sound#C-Media 6501 Sound#C-Media 6501 Sound#
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HP Photo Creations] : (HP Photo Creations.-.HP) -> C:\Program Files\HP Photo Creations\uninst.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ICW] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IDNMitigationAPIs] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ie7] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{660787DD-68B3-4E67-9073-4A66DD7AD193}] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files\Malwarebytes Anti-Malware\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 46.0.1 (x86 fr)] : (Mozilla Firefox 46.0.1 (x86 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\NetMeeting] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\NLSDownlevelMapping] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\NVIDIA Drivers] : (NVIDIA Drivers.-.) -> C:\WINDOWS\system32\nvuide.exe UninstallGUI
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\OutlookExpress] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PCHealth] : (.-.) -> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files\VideoLAN\VLC\uninstall.exe
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wdf01000] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wdf01001] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wdf01005] : (.-.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wdf01007] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Windows XP Service Pack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\YahooProvidedSearch] : (Search Provided by Yahoo.-.) -> "C:\Documents and Settings\Antoine\Local Settings\Application Data\{D209E455-F6A1-88ED-9B39-AD05BF51519D}\uninstall.exe" /Uninstall /s /noun /DelSelfDir
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{044A302D-E89E-4645-8A1C-C9550E5C4695}] : (Catalyst Control Center Graphics Light.-.ATI) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{08D2BBA3-3E66-E48A-3EB8-9D61BCA412E1}] : (Catalyst Control Center Graphics Full Existing.-.ATI) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{11FE4069-3D6B-DD7F-F06C-6F8EA7F0958B}] : (Catalyst Control Center Graphics Full New.-.ATI) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{506BF8AA-2EE5-1C18-142D-E1CFAAB2E2AD}] : (CCC Help French.-.ATI) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{639EBE73-A322-4B25-A490-01B4F58A10F5}] : (Étude pour l'amélioration du produit HP ENVY 5530 series.-.Hewlett-Packard Co.) -> MsiExec.exe /I{639EBE73-A322-4B25-A490-01B4F58A10F5}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{660787DD-68B3-4E67-9073-4A66DD7AD193}] : (ASUS VGA Driver.-.Nom de votre société) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{943F6766-53F4-FE6C-4C11-44C9942EC6C8}] : (ATI Catalyst Install Manager.-.ATI Technologies, Inc.) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9E31D61B-F2F0-D19B-26AA-D0DCDE714978}] : (ATI AVIVO Codecs.-.ATI Technologies Inc.) -> MsiExec.exe /I{9E31D61B-F2F0-D19B-26AA-D0DCDE714978}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A3F99B4B-34C0-EF98-AF11-EF7E9AD60CA0}] : (Catalyst Control Center Core Implementation.-.ATI) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A961C6FD-C583-45F6-A0A4-5E4376C29E41}] : (Catalyst Control Center - Branding.-.ATI) -> MsiExec.exe /I{A961C6FD-C583-45F6-A0A4-5E4376C29E41}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B303F539-C566-3C0C-2CB1-6A7B137E432A}] : (ccc-core-preinstall.-.ATI) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9E27474-BA44-2B91-1213-4364E3E50443}] : (ccc-core-static.-.Nom de votre société) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D45CF2D7-DA97-1ED5-2D6B-B005C245DA20}] : (Catalyst Control Center InstallProxy.-.ATI Technologies, Inc.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}] : (OpenOffice 4.1.2.-.Apache Software Foundation) -> MsiExec.exe /I{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E0C083EB-7C0A-4748-A45C-55A4A040446D}] : (HP ENVY 5530 series Aide.-.Hewlett Packard) -> MsiExec.exe /I{E0C083EB-7C0A-4748-A45C-55A4A040446D}
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E18FD195-D89D-0236-2703-1DD5ECDA8907}] : (Catalyst Control Center Localization All.-.ATI) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E38FFC95-2582-8A37-9EFC-3D08CFDD35B3}] : (Skins.-.ATI) -> 
[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ED98C58F-EB57-009A-F948-27FA72FB2EF3}] : (ccc-utility.-.ATI) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F684E519-E56F-40B3-BCF6-DF93688BA9E9}] : (Logiciel de base du périphérique HP ENVY 5530 series.-.Hewlett-Packard Co.) -> MsiExec.exe /I{F684E519-E56F-40B3-BCF6-DF93688BA9E9}

¤¤¤¤¤¤¤¤¤¤ | Installer

[HKCR\Installer\Products\37EBE936223A52B44A09104B5FA8015F] : Étude pour l'amélioration du produit HP ENVY 5530 series -> C:\WINDOWS\Installer\{639EBE73-A322-4B25-A490-01B4F58A10F5}\ARP_Icon
[HKCR\Installer\Products\3ABB2D8066E3A84EE38BD916CB4A211E] : Catalyst Control Center Graphics Full Existing -> C:\WINDOWS\Installer\{08D2BBA3-3E66-E48A-3EB8-9D61BCA412E1}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\47472E9C44AB19B2213134463E5E4034] : ccc-core-static -> C:\WINDOWS\Installer\{C9E27474-BA44-2B91-1213-4364E3E50443}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\591DF81ED98D63207230D15DCEAD9870] : Catalyst Control Center Localization All -> C:\WINDOWS\Installer\{E18FD195-D89D-0236-2703-1DD5ECDA8907}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\59CFF83E285273A8E9CFD380FCDD533B] : Skins -> C:\WINDOWS\Installer\{E38FFC95-2582-8A37-9EFC-3D08CFDD35B3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\6676F3494F35C6EFC411449C49E26C8C] : ATI Catalyst Install Manager -> C:\WINDOWS\Installer\{943F6766-53F4-FE6C-4C11-44C9942EC6C8}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\843B1BCDE49CD6D4C80ED7D95AFC66E3] : OpenOffice 4.1.2 -> C:\WINDOWS\Installer\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}\soffice.ico
[HKCR\Installer\Products\915E486FF65E3B04CB6FFD3986B89A9E] : Logiciel de base du périphérique HP ENVY 5530 series -> C:\WINDOWS\Installer\{F684E519-E56F-40B3-BCF6-DF93688BA9E9}\ARP_Icon
[HKCR\Installer\Products\935F303B665CC0C3C21BA6B731E734A2] : ccc-core-preinstall -> C:\WINDOWS\Installer\{B303F539-C566-3C0C-2CB1-6A7B137E432A}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\9604EF11B6D3F7DD0FC6F6E87A0F59B8] : Catalyst Control Center Graphics Full New -> C:\WINDOWS\Installer\{11FE4069-3D6B-DD7F-F06C-6F8EA7F0958B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\AA8FB6055EE281C141D21EFCAA2B2EDA] : CCC Help French -> C:\WINDOWS\Installer\{506BF8AA-2EE5-1C18-142D-E1CFAAB2E2AD}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\B16D13E90F2FB91D62AA0DCDED179487] : ATI AVIVO Codecs -> C:\WINDOWS\Installer\{9E31D61B-F2F0-D19B-26AA-D0DCDE714978}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\B4B99F3A0C4389FEFA11FEE7A96DC00A] : Catalyst Control Center Core Implementation -> C:\WINDOWS\Installer\{A3F99B4B-34C0-EF98-AF11-EF7E9AD60CA0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\BE380C0EA0C784744AC5554A0A0444D6] : HP ENVY 5530 series Aide -> C:\WINDOWS\Installer\{E0C083EB-7C0A-4748-A45C-55A4A040446D}\ARP_Icon
[HKCR\Installer\Products\c049C053C7D38EE4AB9A00CB3B5D2472] : WebFldrs XP
[HKCR\Installer\Products\D203A440E98E5464A8C19C55E0C56459] : Catalyst Control Center Graphics Light -> C:\WINDOWS\Installer\{044A302D-E89E-4645-8A1C-C9550E5C4695}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\DD7870663B8676E40937A466DDA71D39] : ASUS VGA Driver -> C:\WINDOWS\Installer\{660787DD-68B3-4E67-9073-4A66DD7AD193}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\DF6C169A385C6F540A4AE534672CE914] : Catalyst Control Center - Branding -> C:\WINDOWS\Installer\{A961C6FD-C583-45F6-A0A4-5E4376C29E41}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F85C89DE75BEA9009F8472AF27BFE23F] : ccc-utility -> C:\WINDOWS\Installer\{ED98C58F-EB57-009A-F948-27FA72FB2EF3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\FC03D219E93F13B4DAA921C3B697E42E] : HP Update -> C:\WINDOWS\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}\ARPPRODUCTICON.exe

¤¤¤¤¤¤¤¤¤¤ | ADS


¤¤¤¤¤¤¤¤¤¤ | Drives

 Disk: 0   Size=238G
 Pos MBRndx Type/Name  Size Active Hide Start Sector   Sectors
 --- ------ ---------- ---- ------ ---- ------------ ------------
  0    0    07-NTFS     31G   Yes   No            63   62,926,542
  1    1    0F-EXTEND  208G   No    No    62,926,605  425,449,395

¤¤¤¤¤¤¤¤¤¤ | MBR

Windows Version:		Windows XP Home Edition
Windows Information:		Service Pack 3 (build 2600)
Logical Drives Mask:		0x0000007c

Analysis of file "C:\QuickDiag\MBR.bin":
Windows XP MBR code detected




Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3250310AS rev.3.AAC -> Harddisk0\DR0 -> \Device\00000061 

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys 
C:\WINDOWS\system32\drivers\nvata.sys NVIDIA Corporation NVIDIA nForce(TM) IDE Driver
1 ntkrnlpa!IofCallDriver[0x804EF200] -> \Device\Harddisk0\DR0[0x89BC4AB8]
3 CLASSPNP[0xF74E7FD7] -> ntkrnlpa!IofCallDriver[0x804EF200] -> \Device\00000062[0x89B60AC0]
5 ACPI[0xF735D620] -> ntkrnlpa!IofCallDriver[0x804EF200] -> \Device\00000061[0x89AED030]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a;  }
user & kernel MBR OK 

¤¤¤¤¤¤¤¤¤¤( EOF)¤¤¤¤¤¤¤¤¤¤ - 2346 | 23:58:27