Rapport de ZHPDiag v2013.6.28.43 par Nicolas Coolman, Update du 28/06/2013
Run by Mathias at 29/06/2013 19:05:58
WebSite: http://nicolascoolman.webs.com
State : Version à jour.
WhiteList : Disable
High Elevated Privileges : OK
UAC : 


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 21.0 (Defaut)
GCIE: Google Chrome v27.0.1453.116

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

---\\ System Protection
Avira Free Antivirus v13.0.0.3640
Malwarebytes Anti-Malware version 1.75.0.1300
SUPERAntiSpyware v5.6.1014

---\\ System Optimizer
CCleaner v3.00  =>Piriform Ltd

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3069 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 185 GB (56%) free of 328 GB

---\\ Logged in mode
~ Computer Name: PC-DE-MATHIAS
~ User Name: Mathias
~ All Users Names: Mathias, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mathias\AppData\Roaming\
~ %Desktop% : C:\Users\Mathias\Desktop\
~ %Favorites% : C:\Users\Mathias\Favorites\
~ %LocalAppData% : C:\Users\Mathias\AppData\Local\
~ %StartMenu% : C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 185 Go of 328 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 7 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.6A25377A76479A0C0BF3DB6FC42FE09A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/05/2013 - 23:28:26.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/45
~ Mes musiques (My Musics) : 1/203
~ Mes Videos (My Videos) : 1/57
~ Mes Favoris (My Favorites) : 1/148
~ Mes Documents (My Documents) : 1/1213
~ Mon Bureau (My Desktop) : 2/2712
~ Menu demarrer (Programs) : 0/2
~ Hidden Files:  Scanned in 00mn 05s



---\\ Processus lancés
[MD5.65F00E976FCF8C01D5C2B5295AEC41A6] - (.http://www.goforfiles.com/ - Go for Files Updater.) -- C:\Program Files\GoforFiles\GFFUpdater.exe   [364112] [PID.3300]  =>P2P.GoforFiles
[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe   [65536] [PID.3560]
[MD5.361CD47DC5BD83EE24407903233B0D9A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [4874240] [PID.3580]
[MD5.B93C4070F24E46B0097648C276B5039E] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe   [49152] [PID.3592]
[MD5.91C06FF090F71AF122755108D5063492] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe   [762736] [PID.2040]
[MD5.FD579C25D253A47DF82A76B7EE96ADB5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe   [345312] [PID.3576]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe   [295512] [PID.3832]
[MD5.009811BD21D0BD7BA5C7765565505764] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe   [1644088] [PID.3868]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe   [125952] [PID.2052]
[MD5.10E89F598469C60D8C87A8218089A87D] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe   [4489472] [PID.4008]
[MD5.9EEE55B742B65439A0A45BF895E5CEA1] - (.WebCake LLC - WebCake Desktop.) -- C:\Users\Mathias\AppData\Roaming\WebCake\WebCakeDesktop.exe   [47896] [PID.1012]  =>Adware.WebCake
[MD5.CF03C8F6F6B0D71F6E5BCE167FCF7CA6] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe   [214360] [PID.2756]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe   [37376] [PID.2292]
[MD5.80B8AE8E18FF57BE13FF4A5959DB0EC1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe   [184320] [PID.3960]
[MD5.E343E343581F6DAEAD48D412F5CE911A] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe   [569344] [PID.4108]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.4320]
[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\jusched.exe   [148888] [PID.4632]
[MD5.95110A1C5A1D228AC1DDF6AB67D00BEB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [920472] [PID.6304]
[MD5.6FC79A950476A5F539EEB65F9097C0A8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [17304] [PID.6520]
[MD5.60B241EFB669D286C9BF636A0334B3BA] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe   [1855880] [PID.6560]
[MD5.BCAE94105D572D937326354FA8122BEA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7596544] [PID.7656]
[MD5.00B317C5E88AA439C92A91C34F88E8DC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe   [606208] [PID.1032]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.1288]
[MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe   [86752] [PID.1788]
[MD5.01E81C84AD1D0ACC61CF3CFD06632210] - (.SUPERAntiSpyware.com - Core Service.) -- C:\Program Files\SUPERAntiSpyware\SASCORE.exe   [116608] [PID.396]
[MD5.34400005DE52842C4D6D4EE978B4D7CE] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 8.0 (component).) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe   [169312] [PID.468]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.492]
[MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe   [110816] [PID.584]
[MD5.9F5984873CDEA9BA1A0689DABF931E13] - (.EasyBits Software Corp. - EasyBits Magic Desktop Services for Windows.) -- C:\Windows\system32\ezNTSvc.exe   [33792] [PID.1020]
[MD5.D3F9205CC4CB07553F2F9472C767EA87] - (.Teruten - FsUsbDevice.) -- C:\Windows\system32\FsUsbExService.exe   [233472] [PID.1516]
[MD5.E48B80F6614D4BEFA7768B960FFEF514] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe   [61440] [PID.1892]
[MD5.11A220EB53F1D42B8AF0AD1210B8241D] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe   [354840] [PID.712]
[MD5.0000A08BED0D9DCAB5DD619602C19B98] - (.UASSOFT.COM - Keyboard And Mouse Communication Service.) -- C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe   [208896] [PID.308]
[MD5.98D884ADC0B8C0FEBCC9D7BEE6D86F90] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe   [79136] [PID.1548]
[MD5.D98350792A7CE82E7459A7C36481BEDA] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe   [139632] [PID.848]
[MD5.B2D01290C0E0465ACA54C2088E947823] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe   [39056] [PID.2176]
[MD5.7728B6AEDC83BC0DEFD0A53371D4613B] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe   [247152] [PID.2196]
[MD5.E89D463AB373CFACCCBB0645E9AE8154] - (.WebCake LLC - WebCake.Desktop.Updater.) -- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe   [23552] [PID.2336]  =>Adware.WebCake
[MD5.6B3DD4B1D5D4C239AD84A460E676C6D7] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe   [79584] [PID.3508]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe   [43904] [PID.4272]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\jdbm0zry.default\prefs.js
C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\t1w8ju6k.default-1366397431922\prefs.js
M3 - MFPP: Plugins - [Mathias] -- C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\t1w8ju6k.default-1366397431922\searchplugins\delta.xml
M3 - MFPP: Plugins - [Mathias] -- C:\Program Files\Mozilla FireFox\searchplugins\avg-secure-search.xml
M0 - MFSP: prefs.js [Mathias - jdbm0zry.default] http://www.sfr.fr
M0 - MFSP: prefs.js [Mathias - t1w8ju6k.default-1366397431922] http://www.sfr.fr
M2 - MFEP: prefs.js [Mathias - jdbm0zry.default\plugin@getwebcake.com] [] WebCake v1.00.01 (..)  =>Adware.WebCake
M2 - MFEP: prefs.js [Mathias - jdbm0zry.default\wk0yqwuert@qyorvm-.org] [] Breowsse2isavee v3.8 (..)  =>Adware.Browse2Save
M2 - MFEP: prefs.js [Mathias - jdbm0zry.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20130402 (..)
M2 - MFEP: prefs.js [Mathias - jdbm0zry.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.14 (..)
M2 - MFEP: prefs.js [Mathias - t1w8ju6k.default-1366397431922\a_tq@jhapnlkwt.com] [] Broywsee2save v3.8 (..)  =>Adware.Browse2Save
M2 - MFEP: prefs.js [Mathias - t1w8ju6k.default-1366397431922\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20130515 (..)
M2 - MFEP: prefs.js [Mathias - t1w8ju6k.default-1366397431922\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.15 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.BitTorrent, Inc. - BitTorrent Plugin 1.) -- C:\Program Files\Mozilla Firefox\Plugins\npbittorrent.dll  =>P2P.BitTorrent
P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.7.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.RealPlayer - RealPlayer Download Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16241.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 12.0.2.122.) -- C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@innoplus.de/ino3DViewer] - (.INNOVA-engineering GmbH Dresden - 3D-Viewer-innoPlus Plugin, Version: 10.0.0.119.) -- C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll
P2 - FPN: [HKLM] [@innoplus.de/inoPanoViewer] - (.INNOVA-engineering GmbH - Rundum-Betrachter-innoPlus Plugin, Version: 9.0.1.18.) -- C:\Program Files\innoPlus\Panorama-Viewer-innoPlus\npirsviewer.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.25.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.25.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.25.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8064.0206] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=16.0.2.32] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprndlchromebrowserrecordext;version=1.3.2] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=1.3.2] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprndlpepperflashvideoshim;version=1.3.2] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1739] - (.RealNetworks, Inc. - 6.0.12.1739.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=16.0.2.32] - (.RealPlayer - RealPlayer Download Plugin.) -- c:\program files\real\realplayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader - RealDownloader Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\Users\Mathias\AppData\Roaming\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.7.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll (.not file.)
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\Mathias\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Mathias\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 58 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do  =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do  =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 14 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\SYSTEM32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 03s
~ Nombre de lignes (Lines number): 8730



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll
O2 - BHO: CrossriderApp0012765 - {11111111-1111-1111-1111-110111271165} . (.Innovative Apps - Savings Wave BHO.) -- C:\Program Files\Savings Wave\Savings Wave.dll  =>PUP.CrossRider
O2 - BHO: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} . (...) -- C:\Program Files\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (.not file.)
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} . (.WebCake LLC - WebCake Runtime.) -- C:\Program Files\WebCake\WebCakeIEClient.dll  =>Adware.WebCake
O2 - BHO: Open FVD Suite Toolbar - {2B171655-A69C-5c18-B693-6CB5DC269D44} . (.www.flashvideodownloader.org/fvd-suite/ - FVD Suite Toolbar.) -- C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Download and Record Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: FVD Suite Toolbar - [HKLM]{2B171655-A69C-5c18-B693-6CB5DC269D41} . (.www.flashvideodownloader.org/fvd-suite/ - FVD Suite Toolbar.) -- C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe 
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe 
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 
O4 - HKLM\..\Run: [hpqSRMon] Clé orpheline 
O4 - HKLM\..\Run: [VX1000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe 
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe 
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\RunOnce: [Launcher] . (.soft thinks - Launcher.) -- C:\Windows\SMINST\launcher.exe 
O4 - HKCU\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe 
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Mathias\AppData\Local\Facebook\Update\FacebookUpdate.exe 
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKCU\..\Run: [WebCake Desktop] . (.WebCake LLC - WebCake Desktop.) -- C:\Users\Mathias\AppData\Roaming\WebCake\WebCakeDesktop.exe  =>Adware.WebCake
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-21-219577271-1366622661-2790460906-1000\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 
O4 - HKUS\S-1-5-21-219577271-1366622661-2790460906-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe 
O4 - HKUS\S-1-5-21-219577271-1366622661-2790460906-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKUS\S-1-5-21-219577271-1366622661-2790460906-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe 
O4 - HKUS\S-1-5-21-219577271-1366622661-2790460906-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Mathias\AppData\Local\Facebook\Update\FacebookUpdate.exe 
O4 - HKUS\S-1-5-21-219577271-1366622661-2790460906-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe 
O4 - HKUS\S-1-5-21-219577271-1366622661-2790460906-1000\..\Run: [WebCake Desktop] . (.WebCake LLC - WebCake Desktop.) -- C:\Users\Mathias\AppData\Roaming\WebCake\WebCakeDesktop.exe  =>Adware.WebCake
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch: adwcleaner - Raccourci.lnk . (...)  -- C:\Users\Mathias\Desktop\Photos tel\adwcleaner.exe
O4 - GS\QuickLaunch: CamStudio (2).lnk . (...)  -- C:\Program Files\CamStudio\Recorder.exe
O4 - GS\QuickLaunch: CCleaner (2).lnk . (.Piriform Ltd - CCleaner.)  -- C:\Program Files\CCleaner\CCleaner.exe  =>Piriform Ltd
O4 - GS\QuickLaunch: Defraggler (2).lnk . (.Piriform Ltd - Defraggler.)  -- C:\Program Files\Defraggler\Defraggler.exe 
O4 - GS\QuickLaunch: FormatFactory (2).lnk . (.Free Time - FormatFactory.)  -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe 
O4 - GS\QuickLaunch: FVD Player.lnk . (...)  -- C:\Program Files\FVD Suite\player\Player.exe
O4 - GS\QuickLaunch: FVD Suite.lnk . (...)  -- C:\Program Files\FVD Suite\fvdsuite.exe
O4 - GS\QuickLaunch: Go for Files.lnk . (.http://goforfiles.com/ - GoforFiles Application.)  -- C:\Program Files\GoforFiles\GoforFiles.exe  =>P2P.GoforFiles
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O4 - GS\QuickLaunch: Google Earth.lnk . (.Google - Google Earth.)  -- C:\Program Files\Google\Google Earth\client\googleearth.exe 
O4 - GS\QuickLaunch: Kodak EasyShare.lnk . (.Eastman Kodak Company - Kodak EasyShare Software.)  -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe 
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: Lock It Down - Free Editon.lnk . (...)  -- C:\Program Files\Lock It Down - Free Editon\UNWISE.exe
O4 - GS\QuickLaunch: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.)  -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe 
O4 - GS\QuickLaunch: Microsoft LifeCam.lnk . (.Microsoft Corporation - LifeCam.exe.)  -- C:\Program Files\Microsoft LifeCam\LifeCam.exe 
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files\Mozilla Firefox\firefox.exe 
O4 - GS\QuickLaunch: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\Windows\System32\SnippingTool.exe 
O4 - GS\QuickLaunch: SUPERAntiSpyware Free Edition.lnk . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.)  -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 
O4 - GS\QuickLaunch: VideoInspector.lnk . (.KC Softwares - Pas de description.)  -- C:\Program Files\KC Softwares\VideoInspector\VideoInspector.exe 
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe 
O4 - GS\SendTo: Format Factory.lnk . (.Free Time - FormatFactory.)  -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe 
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files\Skype\Phone\Skype.exe 
O4 - GS\Desktop: adsl TV.lnk . (.adsl TV / FM - adsl TV.)  -- C:\Program Files\adslTV\adsltv.exe 
O4 - GS\Desktop: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.)  -- C:\Program Files\Audacity\audacity.exe 
O4 - GS\Desktop: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.)  -- C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe 
O4 - GS\Desktop: GIMP 2.lnk . (...)  -- C:\Program Files\GIMP 2\bin\gimp-2.6.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop: MediaCoder.lnk . (.Stanley Huang - MediaCoder.)  -- C:\Program Files\MediaCoder\mediacoder.exe 
O4 - GS\Desktop: PhotoshopCS6Portable - Raccourci.lnk . (.PainteR - Adobe Photoshop CS6 Pre-Release Portable.)  -- C:\Program Files\photoshop cs6\AdobePhotoshopCS6Portable\PhotoshopCS6Portable.exe 
~ Global Startup:  Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2203F905-D7E0-475E-8EEF-223AC3505E40}: DhcpNameServer = 10.4.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2355B775-5B1F-4C49-9D10-571E2108DEE9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{969A0E13-C0CC-481C-BD97-8BA36ED77E40}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2203F905-D7E0-475E-8EEF-223AC3505E40}: DhcpNameServer = 10.4.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2355B775-5B1F-4C49-9D10-571E2108DEE9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{969A0E13-C0CC-481C-BD97-8BA36ED77E40}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2203F905-D7E0-475E-8EEF-223AC3505E40}: DhcpNameServer = 10.4.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2355B775-5B1F-4C49-9D10-571E2108DEE9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{969A0E13-C0CC-481C-BD97-8BA36ED77E40}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 8.0 (component).) - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service:  (AMD External Events Utility) . (...) - C:\Windows\System32\atiesrxx.exe (.not file.)
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service:  (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: EasyBits Magic Desktop Services for Wind (ezntsvc) . (.EasyBits Software Corp. - EasyBits Magic Desktop Services for Windows.) - C:\Windows\system32\ezNTSvc.exe
O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) . (.UASSOFT.COM - Keyboard And Mouse Communication Service.) - C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling  (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique (Planificateur LiveUpdate automatique) . (...) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (.not file.)
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WebCake Desktop Updater (WebCake Desktop Updater) . (.WebCake LLC - WebCake.Desktop.Updater.) - C:\Program Files\WebCake\WebCakeDesktop.Updater.exe  =>Adware.WebCake
~ Services: 17 Scanned in 00mn 13s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-219577271-1366622661-2790460906-1000Core.job   [1082]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-219577271-1366622661-2790460906-1000UA.job   [1104]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1054]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1058]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\HPCeeScheduleForMathias.job   [330]
[MD5.9915504F602D277EE47FD843A677FD15] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe   [256904]
[MD5.00000000000000000000000000000000] [APT] [AdobeAAMUpdater-1.0-PC-de-Mathias-Mathias] (...) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\Mathias\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.)   [0]  =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.)   [0]  =>PUP.DealPly
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-219577271-1366622661-2790460906-1000Core] (.Facebook Inc..) -- C:\Users\Mathias\AppData\Local\Facebook\Update\FacebookUpdate.exe   [138096]
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-219577271-1366622661-2790460906-1000UA] (.Facebook Inc..) -- C:\Users\Mathias\AppData\Local\Facebook\Update\FacebookUpdate.exe   [138096]
[MD5.65F00E976FCF8C01D5C2B5295AEC41A6] [APT] [Go for FilesUpdate] (.http://www.goforfiles.com/.) -- C:\Program Files\GoforFiles\GFFUpdater.exe   [364112]  =>P2P.GoforFiles
[MD5.65F00E976FCF8C01D5C2B5295AEC41A6] [APT] [GoforFilesUpdate] (.http://www.goforfiles.com/.) -- C:\Program Files\GoforFiles\GFFUpdater.exe   [364112]  =>P2P.GoforFiles
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [136176]
[MD5.2D141D455A3F1BDAC97A08006ACD7B4B] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe   [71176]
[MD5.5C6C1167EBAAEE0E7744E1782EE47265] [APT] [HPCeeScheduleForMathias] (.Hewlett-Packard.) -- C:\program files\hewlett-packard\sdp\ceement\HPCEE.exe   [86016]
[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] [APT] [JavaUpdateAdministrator] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe   [148888]
[MD5.A2D390F1F2408B94EF34BFE3A00C29D3] [APT] [JavaUpdateMathias] (.Sun Microsystems, Inc..) -- C:\Windows\system32\jusched.exe   [148888]
[MD5.013CBC83D1C8131EB623567EF4D3FFCC] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-219577271-1366622661-2790460906-1000] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe   [233048]
[MD5.866EE842A198288A0F41F04E97930040] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-219577271-1366622661-2790460906-1000] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe   [187984]
[MD5.866EE842A198288A0F41F04E97930040] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-219577271-1366622661-2790460906-1000] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe   [187984]
[MD5.490D5ADBC56297DB10BC57496C14C357] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-219577271-1366622661-2790460906-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.490D5ADBC56297DB10BC57496C14C357] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-219577271-1366622661-2790460906-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.490D5ADBC56297DB10BC57496C14C357] [APT] [RealUpgradeLogonTaskS-1-5-21-219577271-1366622661-2790460906-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.490D5ADBC56297DB10BC57496C14C357] [APT] [RealUpgradeScheduledTaskS-1-5-21-219577271-1366622661-2790460906-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe   [187984]
[MD5.108C6E4777A679FE0AD3DB7476FA9D04] [APT] [Updater12765.exe] (.Innovative Apps.) -- C:\Users\Mathias\AppData\Local\Updater12765\Updater12765.exe   [210312]  =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [{1BF09D49-6F99-48D7-8612-7A20A1A5B266}] (...) -- C:\Users\Mathias\Downloads\VirtualDub-1.9.11\auxsetup.exe (.not file.)   [0]
[MD5.070753E47E04181DD440EA2FEFE3115C] [APT] [{36915E01-CFDB-425B-9536-1B39131B6BDE}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe   [18678376]
[MD5.21A88094378495CA5DA0ECD50F2C70E2] [APT] [{A565D1AE-3BA6-44B2-83B2-B92D927F6378}] (...) -- C:\Windows\System32\PhysX.cpl   [489000]
~ Scheduled Task: 32 Scanned in 00mn 04s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_22\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 10.4 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir_1202122.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\system32\Macromed\Flash\Flash32_11_7_700_224.ocx
~ Active Setup: 14 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver:  (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver:  (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys
O41 - Driver:  (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver:  (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 75 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2}
O42 - Logiciel: 3D-Viewer-innoPlus - (.INNOVA-engineering GmbH.) [HKLM] -- {B96DB037-DBEA-4186-9081-9CBD537F82E8}
O42 - Logiciel: AGEIA GAME System Software - (.AGEIA Technologies.) [HKLM] -- {D54049D3-256C-4E19-AAE9-861F6B00BF29}
O42 - Logiciel: AGEIA PhysX v7.03.21 - (.AGEIA Technologies, Inc..) [HKLM] -- {85EBB283-65AF-4C53-9EBE-7C0A232762F7}
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {EAB74CB6-760C-2136-FC77-9549721FB84A}
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {A0087DDE-69D0-11E2-AD57-43CA6188709B}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 8.0 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Photoshop Elements 8.0
O42 - Logiciel: Adobe Reader X (10.1.7) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU] -- Akamai
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM] -- Akamai
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: Audacity 2.0.3 - (.Audacity Team.) [HKLM] -- Audacity_is1
O42 - Logiciel: Avira Free Antivirus v13.0.0.3640 - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: BrowseToSave - (...) [HKLM] -- {A84D02DC-8ED9-4CAF-AE44-C6FB73AE202A}  =>Adware.Browse2Save
O42 - Logiciel: Bullzip PDF Printer 9.2.0.1499 - (.Bullzip.) [HKLM] -- Bullzip PDF Printer_is1
O42 - Logiciel: CCScore - (.EASTMAN KODAK Company.) [HKLM] -- {B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner  =>Piriform Ltd
O42 - Logiciel: CDex - Open Source Digital Audio CD Extractor - (.Georgy Berdyshev.) [HKLM] -- CDex
O42 - Logiciel: CamStudio 2.0 Fr - (...) [HKLM] -- CamStudio 2.0 Fr_is1
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Conexant Polaris Unused CIR Function - (.Conexant Systems.) [HKLM] -- Uninstaller505c1d550
O42 - Logiciel: ConvertHelper 2.2 - (.DownloadHelper.) [HKLM] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1
O42 - Logiciel: CryptUp - (...) [HKLM] -- CryptUp_2
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: ESSBrwr - (.EASTMAN KODAK Company.) [HKLM] -- {643EAE81-920C-4931-9F0B-4B343B225CA6}
O42 - Logiciel: ESSCDBK - (.EASTMAN KODAK Company.) [HKLM] -- {AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
O42 - Logiciel: ESSPCD - (.EASTMAN KODAK Company.) [HKLM] -- {14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
O42 - Logiciel: ESSPDock - (.Nom de votre société.) [HKLM] -- {FCDB1C92-03C6-4C76-8625-371224256091}
O42 - Logiciel: ESSTOOLS - (.EASTMAN KODAK Company.) [HKLM] -- {8A502E38-29C9-49FA-BCFA-D727CA062589}
O42 - Logiciel: ESScore - (.Nom de votre société.) [HKLM] -- {42938595-0D83-404D-9F73-F8177FDD531A}
O42 - Logiciel: ESSgui - (.EASTMAN KODAK Company.) [HKLM] -- {91517631-A9F3-4B7C-B482-43E0068FD55A}
O42 - Logiciel: ESSini - (.Nom de votre société.) [HKLM] -- {8E92D746-CD9F-4B90-9668-42B74C14F765}
O42 - Logiciel: EasyBits Magic Desktop - (...) [HKLM] -- EasyBits Magic Desktop
O42 - Logiciel: FVD Suite 2.7.6 - (.flashvideodownloader.org.) [HKLM] -- {80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU] -- Facebook Plug-In
O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3}
O42 - Logiciel: Favorit (ukqqq) - (...) [HKLM] -- ukqqq  =>Adware.Favorit
O42 - Logiciel: FormatFactory 3.0.1 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Free Mp3 Wma Converter V 1.6.3 - (.Koyote Soft.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: GIMP 2.6.10 - (.The GIMP Team.) [HKLM] -- GIMP-2_is1
O42 - Logiciel: Garmin USB Drivers - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}
O42 - Logiciel: Garmin WebUpdater - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {00FE2935-FB56-4410-AB5F-D6E70C1771D2}
O42 - Logiciel: GoforFiles - (.http://www.goforfiles.com/.) [HKCU] -- GoforFiles  =>P2P.GoforFiles
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {468D22C0-8080-11E2-B86E-B8AC6F98CCE3}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}
O42 - Logiciel: HP Active Support Library 32 bit components - (.Hewlett-Packard.) [HKLM] -- {6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {73A43E42-3658-4DD9-8551-FACDA3632538}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {AB5E289E-76BF-4251-9F3F-9B763F681AE0}
O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC}
O42 - Logiciel: HP Customer Participation Program 8.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Driver Diagnostics - (.Nom de votre société.) [HKLM] -- {ED3F469E-D9EC-4DF1-968F-5812CE2F30F8}
O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {40F7AED3-0C7D-4582-99F6-484A515C73F2}
O42 - Logiciel: HP Imaging Device Functions 8.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP OCR Software 8.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: HP On-Screen Cap/Num/Scroll Lock Indicator - (.Hewlett-Packard.) [HKLM] -- OsdMaestro
O42 - Logiciel: HP Photosmart All-In-One Software 8.0 - (.HP.) [HKLM] -- {8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}
O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {EB21A812-671B-4D08-B974-2A347F0D8F70}
O42 - Logiciel: HP Photosmart Essential 3.0 - (.HP.) [HKLM] -- HP Photosmart Essential
O42 - Logiciel: HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B - (.HP.) [HKLM] -- {C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}
O42 - Logiciel: HP Solution Center 8.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM] -- {EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
O42 - Logiciel: Intel(R) Matrix Storage Manager - (...) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM] -- {C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}  =>PUP.SweetIM
O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: KC Softwares VideoInspector - (.KC Softwares.) [HKLM] -- KC Softwares VideoInspector_is1
O42 - Logiciel: Keyboard & Mouse Driver - (.Driver Builder.) [HKLM] -- InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}
O42 - Logiciel: LG USB Modem driver - (.LG Electronics.) [HKLM] -- {C3ABE126-2BB2-4246-BFE1-6797679B3579}
O42 - Logiciel: Lame ACM MP3 Codec - (...) [HKLM] -- LameACM
O42 - Logiciel: Lock It Down - Free Editon - (...) [HKLM] -- Lock It Down - Free Editon
O42 - Logiciel: Logiciel Kodak EasyShare - (.Eastman Kodak Company.) [HKLM] -- {D32470A1-B10C-4059-BA53-CF0486F68EBC}
O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MediaCoder 2011 - (.Broad Intelligence.) [HKLM] -- MediaCoder
O42 - Logiciel: Micro Application - PrintPratic 4 - (...) [HKLM] -- {EC79B672-686B-4C0A-9402-12EA1A04A99C}
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM] -- {5FC7AB5C-61FC-42DF-A923-5139BCF10D42}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Mozilla Firefox 21.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 21.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: OfotoXMI - (.EASTMAN KODAK Company.) [HKLM] -- {B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {E9BC886E-0D8A-4EF5-B793-30DB776C6E2C}
O42 - Logiciel: Package de pilotes Windows - Nokia Modem  (03/05/2008 3.7) - (.Nokia.) [HKLM] -- CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd  (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F
O42 - Logiciel: Panorama-Viewer-innoPlus - (.INNOVA-engineering GmbH Dresden.) [HKLM] -- {A2C60BF1-82E3-493C-911D-14AD50471F2F}
O42 - Logiciel: Pochette Express 2 - (...) [HKLM] -- Pochette Express 2
O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA}
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM] -- {24554447-718C-4EE5-A376-0000014A88D8}  =>PUP.QuickShare
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {3DC873BB-FFE3-46BF-9701-26B9AE371F9F}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 16.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Registry Reviver - (.SPAMfighter ApS.) [HKLM] -- {DBD88705-2570-4ABA-8EC8-432ACE0481A6}
O42 - Logiciel: Revo Uninstaller 1.80 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM] -- {35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {83FFCFC7-88C6-41c6-8752-958A45325C82}
O42 - Logiciel: Roxio Creator Basic v9 - (.Roxio.) [HKLM] -- {C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {0D397393-9B50-4c52-84D5-77E344289F87}
O42 - Logiciel: Roxio Creator EasyArchive - (.Roxio.) [HKLM] -- {11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {0394CDC8-FABD-4ed8-B104-03393876DFDF}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Roxio MyDVD Basic v9 - (.Roxio.) [HKLM] -- {938B1CD7-7C60-491E-AA90-1F1888168240}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (...) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SAMSUNG USB Mobile Device Software - (...) [HKLM] -- SAMSUNG USB Mobile Device
O42 - Logiciel: SFR - (.Eastman Kodak Company.) [HKLM] -- {DB02F716-6275-42E9-B8D2-83BA2BF5100B}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: SHASTA - (.EASTMAN KODAK Company.) [HKLM] -- {605A4E39-613C-4A12-B56F-DEFBE6757237}
O42 - Logiciel: SKINXSDK - (.EASTMAN KODAK Company.) [HKLM] -- {F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Samsung Mobile Modem Device Software - (...) [HKLM] -- Samsung Mobile Modem Device
O42 - Logiciel: Samsung Mobile phone USB driver Software - (...) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {AF7E85DC-317C-47F5-810E-B82EE093A612}
O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}
O42 - Logiciel: Savings Wave - (.Innovative Apps.) [HKLM] -- Savings Wave  =>PUP.CrossRider
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0}  =>PUP.SweetIM
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: VPRINTOL - (.EASTMAN KODAK Company.) [HKLM] -- {999D43F4-9709-4887-9B1A-83EBB15A8370}
O42 - Logiciel: VSO Image Resizer 2.2.0.1 - (.VSO-Software.) [HKLM] -- {3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1
O42 - Logiciel: Video Grabber - (.Conexant Systems.) [HKLM] -- Uninstaller505c1d540
O42 - Logiciel: Vista Codec Package - (.Shark007.) [HKLM] -- {F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
O42 - Logiciel: WIRELESS - (.EASTMAN KODAK Company.) [HKLM] -- {F9593CFB-D836-49BC-BFF1-0E669A411D9F}
O42 - Logiciel: WebCake 3.00 - (.WebCake LLC.) [HKLM] -- {C4ED781C-7394-4906-AAFF-D6AB64FF7C38}  =>Adware.WebCake
O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1 - (.Garmin.) [HKLM] -- 98157A226B40B173301B0F53C8E98C47805D5152
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: adsl TV - (.adsl TV / FM.) [HKLM] -- {3AFDD2C6-8663-46B5-B195-6CEB00D44768}
O42 - Logiciel: ccc-Branding - (.ATI.) [HKLM] -- {4F027497-15AE-4DE5-B3BC-8E721C6127DE}
O42 - Logiciel: essvatgt - (.EASTMAN KODAK Company.) [HKLM] -- {2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: netbrdg - (.EASTMAN KODAK Company.) [HKLM] -- {4537EA4B-F603-4181-89FB-2953FC695AB1}
O42 - Logiciel: skin0001 - (.EASTMAN KODAK Company.) [HKLM] -- {5316DFC9-CE99-4458-9AB3-E8726EDE0210}
O42 - Logiciel: staticcr - (.EASTMAN KODAK Company.) [HKLM] -- {8943CE61-53BD-475E-90E1-A580869E98A2}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 254 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload]  =>PUP.1ClickDownloader
[HKCU\Software\5853dddae069bd17]
[HKCU\Software\AC3Filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\APN PIP]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\RealNetworks]
[HKCU\Software\AppDataLow\SProtector]  =>PUP.Mocaflix
[HKCU\Software\AppDataLow\Software\AVG]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Crossrider]  =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\DivX]
[HKCU\Software\AppDataLow\Software\Exent]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\RealNetworks]
[HKCU\Software\AppDataLow\Software\Savings Wave]  =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Smartbar]  =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ApplianTechnologies]
[HKCU\Software\ArcSoft]
[HKCU\Software\Audacity]
[HKCU\Software\Avg]
[HKCU\Software\Avira]
[HKCU\Software\BabSolution]  =>Hijacker.BabSolution
[HKCU\Software\Binary Noise]
[HKCU\Software\Boonty]
[HKCU\Software\Bugsplat]
[HKCU\Software\Bullzip]
[HKCU\Software\CDDB]
[HKCU\Software\CamStudioOpenSource for Nick]
[HKCU\Software\Casino]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Codemasters]
[HKCU\Software\CoreVorbis]
[HKCU\Software\CryptUp Soft]
[HKCU\Software\CyberLink]
[HKCU\Software\DSP-worx]
[HKCU\Software\DVD Decrypter]
[HKCU\Software\DVDStyler]
[HKCU\Software\DataMngr_Toolbar]  =>PUP.Datamngr
[HKCU\Software\Digimarc]
[HKCU\Software\Digital Minds Software]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Dream Nex]
[HKCU\Software\ESTsoft]
[HKCU\Software\EasyBits]
[HKCU\Software\Emjysoft]
[HKCU\Software\Exent]
[HKCU\Software\F-Secure]
[HKCU\Software\FIXIO PC Utilities]
[HKCU\Software\FVDSuite]
[HKCU\Software\FVDToolbar]
[HKCU\Software\Facebook]
[HKCU\Software\FormatFactory]
[HKCU\Software\FreeTime]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\GameHouse]
[HKCU\Software\Garmin]
[HKCU\Software\Google]
[HKCU\Software\HP Guide]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IE]
[HKCU\Software\IGearSettings]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore]  =>Adware.InstallCore
[HKCU\Software\InstallShield]
[HKCU\Software\InstalledBrowserExtensions]  =>Adware.VidSaver
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\JoyvyGameCenter]
[HKCU\Software\KC Softwares]
[HKCU\Software\Kodak]
[HKCU\Software\LG Electronics Inc]
[HKCU\Software\Labtec]
[HKCU\Software\Lavalys]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logitech]
[HKCU\Software\MGShareware]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\MainConcept (Adobe2)]
[HKCU\Software\MainConcept (Sonic)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MarineCat]
[HKCU\Software\Micro Application]
[HKCU\Software\MicroVision]
[HKCU\Software\Mobileleader]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Multimedia Combo Set]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Neuf]
[HKCU\Software\Nokia]
[HKCU\Software\Oberon]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Opera Software]
[HKCU\Software\PIP]
[HKCU\Software\Paul Glagla]
[HKCU\Software\Photocite]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\ReviverSoft]
[HKCU\Software\Roxio]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Seifert]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SmartbarLog]  =>Hijacker.SmartBar
[HKCU\Software\Soft Lemon]
[HKCU\Software\Softthinks]
[HKCU\Software\Softwrap]
[HKCU\Software\SonicSonic MPEG-2 Video Decoder]
[HKCU\Software\Sonic]
[HKCU\Software\Speed-Downloading]
[HKCU\Software\Spin2]
[HKCU\Software\Stdin2]
[HKCU\Software\Sysinternals]
[HKCU\Software\TechSmith]
[HKCU\Software\Tonka]
[HKCU\Software\TorrentAid]
[HKCU\Software\Trolltech]
[HKCU\Software\Tutorials]  =>Spyware.AgenceExcusive
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSO]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\White Paw Products]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xi]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\ZjSoft]
[HKCU\Software\Zylom]
[HKCU\Software\Zyrax Software]
[HKCU\Software\antiufo]
[HKCU\Software\delta LTD]
[HKCU\Software\epc07]
[HKCU\Software\keyhole.com]
[HKCU\Software\mioreader]
[HKCU\Software\muvee Technologies]
[HKCU\Software\techPowerUp]
[HKCU\Software\vice versa]
[HKLM\Software\5853dddae069bd17]
[HKLM\Software\ACE Compression Software]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVG]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\AviSynth]
[HKLM\Software\Avira]
[HKLM\Software\Big Fish Games]
[HKLM\Software\BitTorrent]  =>P2P.BitTorrent
[HKLM\Software\Boonty]
[HKLM\Software\Bullzip]
[HKLM\Software\Bunndle]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\CryptUp Soft]
[HKLM\Software\CyberLink]
[HKLM\Software\Data Fellows]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\DownloadHelper]
[HKLM\Software\ESTsoft]
[HKLM\Software\EasyBits]
[HKLM\Software\EdenFlirt]
[HKLM\Software\Exent]
[HKLM\Software\Fighters]
[HKLM\Software\FreeCDRIP]
[HKLM\Software\GNU]
[HKLM\Software\Garmin]
[HKLM\Software\GoforFiles]  =>P2P.GoforFiles
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KC Softwares]
[HKLM\Software\Kaydara]
[HKLM\Software\Khronos]
[HKLM\Software\Kodak]
[HKLM\Software\LG Electronics]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Logitech]
[HKLM\Software\MCCI]
[HKLM\Software\MGShareware]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\MiKit4]
[HKLM\Software\Micro Application]
[HKLM\Software\MicroVision]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\NEOACT]
[HKLM\Software\Nero]
[HKLM\Software\Neuf]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Oracle]
[HKLM\Software\PATHPILOT]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PC-Doctor]
[HKLM\Software\PCSuite]
[HKLM\Software\PIP]
[HKLM\Software\Panda Software]
[HKLM\Software\Photocite]
[HKLM\Software\Piriform]
[HKLM\Software\PocketSoft]
[HKLM\Software\Poikosoft]
[HKLM\Software\Policies]
[HKLM\Software\Preclick]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\ReviverSoft]
[HKLM\Software\Roxio]
[HKLM\Software\S3R521]
[HKLM\Software\SEGA]
[HKLM\Software\SP Global]  =>PUP.AdvancedSystemProtector
[HKLM\Software\SProtector]  =>PUP.Mocaflix
[HKLM\Software\SPsoft]
[HKLM\Software\SRS Labs]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung]
[HKLM\Software\Services]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Speed-Downloading]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\Systweak]
[HKLM\Software\Trad-FR]
[HKLM\Software\USBDCam]
[HKLM\Software\Uniblue]
[HKLM\Software\Utherverse Digital Inc]
[HKLM\Software\VideoCap]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Win32 Services]
[HKLM\Software\Windows]
[HKLM\Software\Wise Solutions]
[HKLM\Software\Wondershare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xi]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\illiminable]
[HKLM\Software\innoPlus]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\optimidata]
[HKLM\Software\vso]
~ Key Software: 401 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/04/2013 - 16:47:57 - [948,447] ----D C:\Program Files\Adobe
O43 - CFD: 24/11/2012 - 20:11:48 - [110,747] ----D C:\Program Files\adslTV
O43 - CFD: 21/03/2009 - 17:33:23 - [69,799] ----D C:\Program Files\AGEIA Technologies
O43 - CFD: 28/04/2013 - 18:06:51 - [0] ----D C:\Program Files\Alwil Software
O43 - CFD: 12/09/2012 - 22:07:43 - [1,711] ----D C:\Program Files\AMD APP
O43 - CFD: 08/08/2007 - 22:53:04 - [20,437] ----D C:\Program Files\ATI
O43 - CFD: 24/04/2013 - 21:14:07 - [44,305] ----D C:\Program Files\Audacity
O43 - CFD: 20/11/2012 - 16:35:07 - [203,366] ----D C:\Program Files\Avira
O43 - CFD: 13/01/2008 - 19:43:44 - [0,007] ----D C:\Program Files\AviSynth 2.5
O43 - CFD: 21/04/2013 - 15:32:28 - [1,473] ----D C:\Program Files\BrowseToSave  =>Adware.Browse2Save
O43 - CFD: 24/11/2012 - 19:17:35 - [19,851] ----D C:\Program Files\Bullzip
O43 - CFD: 30/04/2009 - 18:45:05 - [7,999] ----D C:\Program Files\CamStudio
O43 - CFD: 20/11/2010 - 17:10:12 - [3,082] ----D C:\Program Files\CCleaner  =>Piriform Ltd
O43 - CFD: 19/07/2012 - 19:57:44 - [10,213] ----D C:\Program Files\CDex
O43 - CFD: 07/06/2008 - 17:36:40 - [2,976] ----D C:\Program Files\CDex_150
O43 - CFD: 19/06/2013 - 07:51:07 - [630,803] ----D C:\Program Files\Common Files
O43 - CFD: 25/02/2013 - 15:24:17 - [0,762] ----D C:\Program Files\Computer Artworks
O43 - CFD: 21/09/2012 - 09:55:02 - [8,459] ----D C:\Program Files\CONEXANT
O43 - CFD: 20/11/2009 - 22:39:06 - [29,417] ----D C:\Program Files\ConvertHelper
O43 - CFD: 21/09/2012 - 10:03:46 - [396,561] ----D C:\Program Files\CyberLink
O43 - CFD: 08/03/2013 - 18:18:35 - [5,694] ----D C:\Program Files\Defraggler
O43 - CFD: 11/05/2012 - 10:49:31 - [1,049] ----D C:\Program Files\DIFX
O43 - CFD: 23/09/2012 - 00:05:15 - [3,356] ----D C:\Program Files\DivX
O43 - CFD: 18/08/2008 - 22:22:12 - [0,403] ----D C:\Program Files\DNA
O43 - CFD: 24/11/2007 - 16:19:53 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 08/02/2008 - 16:58:34 - [14,722] ----D C:\Program Files\Free Audio Pack
O43 - CFD: 01/09/2009 - 10:33:38 - [146,198] ----D C:\Program Files\FreeTime
O43 - CFD: 28/04/2013 - 17:29:47 - [2,508] ----D C:\Program Files\FTDownloader.com  =>Adware.Downware
O43 - CFD: 02/05/2012 - 15:14:24 - [57,536] ----D C:\Program Files\FVD Suite
O43 - CFD: 22/08/2012 - 14:39:28 - [16,323] ----D C:\Program Files\Garmin
O43 - CFD: 09/09/2010 - 10:37:32 - [163,074] ----D C:\Program Files\GIMP 2
O43 - CFD: 01/06/2013 - 14:13:00 - [8,895] ----D C:\Program Files\GoforFiles  =>P2P.GoforFiles
O43 - CFD: 28/03/2013 - 09:42:32 - [565,203] ----D C:\Program Files\Google
O43 - CFD: 25/11/2009 - 17:59:51 - [145,801] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 09/12/2007 - 21:12:11 - [308,837] ----D C:\Program Files\HP
O43 - CFD: 22/10/2009 - 19:18:52 - [2,136] ----D C:\Program Files\innoPlus
O43 - CFD: 22/10/2009 - 19:13:18 - [2,381] ----D C:\Program Files\INNOVA-engineering GmbH
O43 - CFD: 24/06/2013 - 10:50:44 - [57,416] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 07/01/2009 - 18:42:27 - [8,058] ----D C:\Program Files\Intel
O43 - CFD: 12/06/2013 - 12:58:35 - [5,237] ----D C:\Program Files\Internet Explorer
O43 - CFD: 28/06/2013 - 21:34:57 - [209,105] ----D C:\Program Files\Java
O43 - CFD: 03/02/2008 - 22:55:19 - [2,920] ----D C:\Program Files\KC Softwares
O43 - CFD: 13/07/2011 - 19:55:36 - [3,389] ----D C:\Program Files\Keyboard & Mouse Driver
O43 - CFD: 18/11/2009 - 16:46:51 - [75,322] ----D C:\Program Files\Kodak
O43 - CFD: 19/12/2012 - 01:38:29 - [0] ----D C:\Program Files\La Poste
O43 - CFD: 25/09/2010 - 12:04:38 - [0,701] ----D C:\Program Files\Lock It Down - Free Editon
O43 - CFD: 24/11/2007 - 18:54:28 - [0] ----D C:\Program Files\Logitech
O43 - CFD: 19/04/2013 - 19:16:02 - [14,102] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 24/10/2009 - 23:24:00 - [0,211] ----D C:\Program Files\MarkAny
O43 - CFD: 23/09/2012 - 09:33:13 - [106,269] ----D C:\Program Files\MediaCoder
O43 - CFD: 28/04/2013 - 17:46:27 - [0,066] ----D C:\Program Files\MediaFire Express
O43 - CFD: 08/02/2008 - 17:40:11 - [22,608] ----D C:\Program Files\Micro Application
O43 - CFD: 11/10/2009 - 17:18:21 - [2,541] ----D C:\Program Files\Microsoft
O43 - CFD: 27/11/2007 - 18:55:32 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 12/09/2012 - 18:23:38 - [50,217] ----D C:\Program Files\Microsoft LifeCam
O43 - CFD: 08/08/2007 - 23:10:48 - [4,030] ----D C:\Program Files\Microsoft Office
O43 - CFD: 13/03/2013 - 12:55:27 - [40,835] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 29/10/2010 - 20:06:45 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 15/10/2009 - 03:01:23 - [143,405] ----D C:\Program Files\Microsoft Works
O43 - CFD: 25/06/2010 - 05:24:27 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 12/08/2010 - 07:24:12 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 01/06/2013 - 14:13:24 - [47,046] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 25/05/2013 - 18:38:42 - [0,214] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 14:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 10/12/2010 - 19:55:58 - [5,321] ----D C:\Program Files\MSECache
O43 - CFD: 20/02/2009 - 16:07:59 - [0] ----D C:\Program Files\MSN Games
O43 - CFD: 24/11/2007 - 16:50:48 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 10/08/2008 - 15:42:09 - [8,795] ----D C:\Program Files\muvee Technologies
O43 - CFD: 17/08/2008 - 14:10:08 - [0,002] ----D C:\Program Files\Neoact
O43 - CFD: 06/08/2008 - 05:37:28 - [17,874] ----D C:\Program Files\Neuf
O43 - CFD: 20/02/2009 - 15:01:01 - [0,004] ----D C:\Program Files\Oberon Media
O43 - CFD: 14/10/2012 - 22:53:07 - [351,622] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 25/06/2012 - 10:11:09 - [33,205] ----D C:\Program Files\Oracle
O43 - CFD: 27/05/2012 - 15:47:54 - [0] ----D C:\Program Files\Pando Networks
O43 - CFD: 06/12/2012 - 15:35:17 - [9,456] ----D C:\Program Files\PC Connectivity Solution
O43 - CFD: 08/08/2007 - 23:31:37 - [121,722] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 29/12/2011 - 22:51:41 - [375,976] ----D C:\Program Files\photoshop cs6
O43 - CFD: 24/12/2011 - 09:51:12 - [2,404] ----D C:\Program Files\Pochette Express 2
O43 - CFD: 19/06/2013 - 07:51:10 - [111,664] ----D C:\Program Files\Real
O43 - CFD: 19/06/2013 - 07:51:44 - [17,997] ----D C:\Program Files\RealNetworks
O43 - CFD: 15/05/2008 - 04:36:39 - [29,723] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [36,910] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 06/03/2010 - 14:14:31 - [3,292] ----D C:\Program Files\ReviverSoft
O43 - CFD: 08/08/2007 - 23:06:21 - [220,188] ----D C:\Program Files\Roxio
O43 - CFD: 24/10/2009 - 23:26:09 - [173,550] ----D C:\Program Files\Samsung
O43 - CFD: 28/04/2013 - 17:32:06 - [5,764] ----D C:\Program Files\Savings Wave  =>PUP.CrossRider
O43 - CFD: 10/12/2008 - 19:53:38 - [3,289] ----D C:\Program Files\Seagrand
O43 - CFD: 08/08/2007 - 23:17:18 - [35,272] ----D C:\Program Files\Services en ligne
O43 - CFD: 29/10/2008 - 19:28:04 - [0,592] ----D C:\Program Files\SFR
O43 - CFD: 08/05/2013 - 11:12:35 - [18,066] R---D C:\Program Files\Skype
O43 - CFD: 04/03/2011 - 12:39:53 - [0] ----D C:\Program Files\Software Informer
O43 - CFD: 31/05/2013 - 13:40:08 - [9,598] ----D C:\Program Files\SUPERAntiSpyware
O43 - CFD: 13/05/2009 - 14:29:58 - [0] ----D C:\Program Files\TechSmith
O43 - CFD: 16/04/2012 - 10:23:30 - [0,774] ----D C:\Program Files\Trend Micro
O43 - CFD: 25/02/2013 - 15:22:50 - [1,079] ----D C:\Program Files\UBISOFT
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 25/11/2012 - 15:50:42 - [0] ----D C:\Program Files\VideoLAN
O43 - CFD: 12/01/2008 - 23:05:20 - [31,164] ----D C:\Program Files\VistaCodecPack
O43 - CFD: 28/03/2009 - 11:27:13 - [2,390] ----D C:\Program Files\VS Revo Group
O43 - CFD: 06/06/2009 - 17:39:36 - [21,670] ----D C:\Program Files\VSO
O43 - CFD: 01/06/2013 - 14:15:09 - [0,658] ----D C:\Program Files\WebCake  =>Adware.WebCake
O43 - CFD: 23/09/2012 - 00:23:16 - [1,986] ----D C:\Program Files\WinAVI Video Capture
O43 - CFD: 26/09/2009 - 09:51:46 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 26/09/2009 - 09:51:44 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 26/09/2009 - 09:51:41 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 11/05/2012 - 14:03:32 - [6,757] ----D C:\Program Files\Windows Journal
O43 - CFD: 23/01/2013 - 14:42:04 - [140,976] ----D C:\Program Files\Windows Live
O43 - CFD: 12/04/2012 - 20:16:51 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 15/10/2010 - 09:54:58 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 24/11/2007 - 16:19:53 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 26/09/2009 - 09:51:43 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 11/11/2009 - 11:33:19 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 26/09/2009 - 09:51:45 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 10/01/2008 - 10:12:57 - [3,452] ----D C:\Program Files\WinRAR
O43 - CFD: 15/11/2008 - 14:16:42 - [3,957] ----D C:\Program Files\Xi
O43 - CFD: 29/06/2013 - 19:06:26 - [17,213] ----D C:\Program Files\ZHPDiag
O43 - CFD: 15/01/2013 - 17:12:35 - [2,108] ----D C:\Program Files\~BabylonToolbar  =>Toolbar.Babylon
O43 - CFD: 05/05/2013 - 19:11:00 - [62,714] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 28/04/2013 - 16:47:55 - [45,606] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 29/06/2013 - 10:37:25 - [30,431] ----D C:\Program Files\Common Files\Akamai
O43 - CFD: 28/04/2013 - 16:11:06 - [0,702] ----D C:\Program Files\Common Files\ArcSoft
O43 - CFD: 07/06/2008 - 15:41:16 - [0] ----D C:\Program Files\Common Files\AVSMedia
O43 - CFD: 03/09/2008 - 18:51:42 - [0] ----D C:\Program Files\Common Files\BOONTY Shared
O43 - CFD: 24/11/2012 - 19:17:41 - [0,142] ----D C:\Program Files\Common Files\Bullzip
O43 - CFD: 09/12/2007 - 21:08:41 - [0,436] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 09/12/2007 - 21:11:25 - [5,173] ----D C:\Program Files\Common Files\HP
O43 - CFD: 05/01/2008 - 16:20:59 - [17,119] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 05/05/2013 - 18:55:07 - [1,189] ----D C:\Program Files\Common Files\Java
O43 - CFD: 18/11/2009 - 16:46:13 - [3,115] ----D C:\Program Files\Common Files\Kodak
O43 - CFD: 08/08/2007 - 23:07:16 - [19,392] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 08/08/2007 - 23:07:02 - [0,066] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 08/09/2010 - 21:14:50 - [0,827] ----D C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 16/09/2011 - 20:56:14 - [231,438] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 18/11/2009 - 16:45:10 - [0,622] ----D C:\Program Files\Common Files\MSSoap
O43 - CFD: 22/08/2012 - 13:24:44 - [4,398] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 08/09/2010 - 21:12:00 - [4,642] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 08/08/2007 - 23:05:57 - [109,460] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 08/05/2013 - 11:12:35 - [1,904] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 08/08/2007 - 23:05:57 - [4,573] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 08/08/2007 - 22:59:57 - [0,697] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 25/02/2013 - 15:25:24 - [0] ----D C:\Program Files\Common Files\SWF Studio
O43 - CFD: 24/11/2007 - 17:26:09 - [2,261] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 09/11/2011 - 20:44:50 - [8,333] ----D C:\Program Files\Common Files\System
O43 - CFD: 13/02/2009 - 18:30:54 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 27/11/2007 - 18:21:05 - [3,686] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 12/07/2009 - 12:45:31 - [32,340] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 19/06/2013 - 07:51:07 - [0,336] ----D C:\Program Files\Common Files\xing shared
O43 - CFD: 12/09/2012 - 21:37:09 - [0,006] ----D C:\ProgramData\036DFF98197A756F9CB4A57D2F3B707C
O43 - CFD: 28/04/2013 - 18:27:30 - [666,332] ----D C:\ProgramData\Adobe
O43 - CFD: 01/05/2009 - 15:09:06 - [24,516] ----D C:\ProgramData\Apple
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 24/11/2010 - 10:12:59 - [1,614] ----D C:\ProgramData\ArcSoft
O43 - CFD: 16/05/2009 - 17:47:10 - [47,209] ----D C:\ProgramData\avg8
O43 - CFD: 20/11/2012 - 16:35:07 - [9,984] ----D C:\ProgramData\Avira
O43 - CFD: 07/06/2008 - 14:47:38 - [0] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 01/12/2010 - 20:37:39 - [0,000] ----D C:\ProgramData\BigFishSavedGames
O43 - CFD: 03/09/2008 - 18:51:46 - [0,012] ----D C:\ProgramData\BOONTY
O43 - CFD: 28/04/2013 - 17:28:24 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 07/04/2013 - 12:33:54 - [0,083] ----D C:\ProgramData\Breowsse2isavee  =>Adware.Browse2Save
O43 - CFD: 13/05/2013 - 12:54:11 - [0,152] ----D C:\ProgramData\Broywsee2save  =>Adware.Browse2Save
O43 - CFD: 24/11/2007 - 16:19:53 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 30/03/2012 - 18:37:18 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 21/09/2012 - 10:35:45 - [0,024] ----D C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 23/09/2012 - 00:05:15 - [2,225] ----D C:\ProgramData\DivX
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 13/04/2012 - 16:49:35 - [0,001] ----D C:\ProgramData\DriverGenius
O43 - CFD: 09/12/2007 - 11:00:53 - [0,001] ----D C:\ProgramData\egdata
O43 - CFD: 23/09/2012 - 00:12:53 - [0] ----D C:\ProgramData\Emicsoft Studio
O43 - CFD: 04/06/2008 - 21:49:32 - [0,000] ----D C:\ProgramData\Emjysoft
O43 - CFD: 25/10/2008 - 18:41:13 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 29/10/2008 - 20:22:46 - [0,775] ----D C:\ProgramData\f-secure
O43 - CFD: 24/11/2007 - 16:19:53 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 08/09/2010 - 21:19:32 - [0,025] ----D C:\ProgramData\FLEXnet
O43 - CFD: 29/10/2008 - 19:27:35 - [0,036] ----D C:\ProgramData\fssg
O43 - CFD: 06/11/2011 - 12:58:28 - [0,002] ----D C:\ProgramData\GameHouse
O43 - CFD: 12/06/2008 - 17:49:10 - [0,014] ----D C:\ProgramData\Google
O43 - CFD: 04/06/2008 - 22:10:23 - [0,004] ----D C:\ProgramData\Grisoft
O43 - CFD: 10/03/2013 - 19:18:21 - [3,305] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 07/01/2009 - 20:55:43 - [5,763] ----D C:\ProgramData\HP
O43 - CFD: 10/11/2012 - 11:48:19 - [0,009] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 09/12/2007 - 21:47:17 - [0,000] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 06/12/2012 - 15:29:47 - [158,866] ----D C:\ProgramData\Installations
O43 - CFD: 21/04/2013 - 18:35:16 - [4,364] ----D C:\ProgramData\InstallMate
O43 - CFD: 05/01/2008 - 16:27:59 - [0,001] ----D C:\ProgramData\InstallShield
O43 - CFD: 18/11/2009 - 16:49:02 - [130,090] ----D C:\ProgramData\Kodak
O43 - CFD: 20/02/2010 - 12:21:52 - [0,000] ----D C:\ProgramData\Lavasoft
O43 - CFD: 13/01/2008 - 00:15:06 - [0,004] ----D C:\ProgramData\LightScribe
O43 - CFD: 10/05/2009 - 17:47:48 - [16,182] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 29/02/2012 - 23:03:56 - [0,033] ----D C:\ProgramData\McAfee
O43 - CFD: 24/11/2007 - 16:19:53 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 07/11/2010 - 10:22:39 - [769,739] -S--D C:\ProgramData\Microsoft
O43 - CFD: 24/11/2007 - 16:19:53 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 26/04/2012 - 09:24:27 - [0,034] ----D C:\ProgramData\Mozilla
O43 - CFD: 10/08/2008 - 17:12:50 - [24,521] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 23/09/2012 - 00:55:31 - [0] ----D C:\ProgramData\NCH Software
O43 - CFD: 03/09/2009 - 08:16:25 - [0,272] ----D C:\ProgramData\NOS
O43 - CFD: 05/09/2008 - 00:43:30 - [9,704] ----D C:\ProgramData\Oberon Media
O43 - CFD: 06/12/2012 - 15:50:43 - [0,205] ----D C:\ProgramData\PC Suite
O43 - CFD: 08/08/2007 - 23:13:41 - [0,001] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 24/11/2012 - 19:17:41 - [0,001] ----D C:\ProgramData\PDF Writer
O43 - CFD: 04/04/2010 - 10:05:39 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 09/11/2008 - 17:42:04 - [0,030] ----D C:\ProgramData\Playrix Entertainment
O43 - CFD: 19/06/2013 - 07:51:04 - [2,951] ----D C:\ProgramData\Real
O43 - CFD: 19/06/2013 - 07:51:42 - [3,302] ----D C:\ProgramData\RealNetworks
O43 - CFD: 28/04/2013 - 18:27:31 - [0,002] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 06/03/2010 - 14:14:09 - [4,250] ----D C:\ProgramData\ReviverSoft
O43 - CFD: 05/06/2013 - 12:28:14 - [16,331] ----D C:\ProgramData\Roxio
O43 - CFD: 10/06/2013 - 13:35:29 - [62,350] ----D C:\ProgramData\Skype
O43 - CFD: 20/03/2013 - 08:40:40 - [0] ----D C:\ProgramData\SoftSafe
O43 - CFD: 25/11/2007 - 10:08:07 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 06/05/2010 - 16:44:30 - [0] ----D C:\ProgramData\SpinTop Games
O43 - CFD: 16/06/2008 - 16:37:37 - [0,049] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:03 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 19/03/2010 - 21:11:04 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 19/04/2013 - 18:50:38 - [109,641] ----D C:\ProgramData\SUPERAntiSpyware.com
O43 - CFD: 21/09/2012 - 09:56:53 - [0,345] ---AD C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 15:02:04 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 30/03/2012 - 18:27:16 - [0] ----D C:\ProgramData\Uniblue
O43 - CFD: 09/12/2007 - 21:16:58 - [0,000] ----D C:\ProgramData\WEBREG
O43 - CFD: 02/09/2008 - 08:13:28 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 16/07/2008 - 08:37:36 - [0,311] ----D C:\ProgramData\WLInstaller
O43 - CFD: 06/09/2012 - 14:04:24 - [523,241] ----D C:\ProgramData\xmsufwxiymddhlk
O43 - CFD: 12/05/2010 - 19:37:00 - [118,313] ----D C:\ProgramData\Zylom
O43 - CFD: 15/10/2011 - 12:29:09 - [0,010] ----D C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
O43 - CFD: 02/05/2012 - 15:47:01 - [0,010] ----D C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
O43 - CFD: 20/02/2010 - 12:22:41 - [0] ----D C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
O43 - CFD: 05/05/2013 - 19:11:01 - [18,703] ----D C:\Users\Mathias\AppData\Roaming\Adobe
O43 - CFD: 01/05/2009 - 15:11:54 - [0,134] ----D C:\Users\Mathias\AppData\Roaming\Apple Computer
O43 - CFD: 28/04/2013 - 16:11:03 - [0,282] ----D C:\Users\Mathias\AppData\Roaming\ArcSoft
O43 - CFD: 18/12/2010 - 15:21:51 - [0,058] ----D C:\Users\Mathias\AppData\Roaming\Arkadium
O43 - CFD: 24/11/2007 - 16:32:20 - [0] ----D C:\Users\Mathias\AppData\Roaming\ATI
O43 - CFD: 24/04/2013 - 21:14:38 - [0,001] ----D C:\Users\Mathias\AppData\Roaming\Audacity
O43 - CFD: 20/11/2012 - 16:39:23 - [0] ----D C:\Users\Mathias\AppData\Roaming\Avira
O43 - CFD: 07/06/2008 - 14:47:37 - [0] ----D C:\Users\Mathias\AppData\Roaming\AVS4YOU
O43 - CFD: 19/08/2008 - 05:42:17 - [0,002] ----D C:\Users\Mathias\AppData\Roaming\BitTorrent  =>P2P.BitTorrent
O43 - CFD: 23/09/2012 - 09:32:57 - [0,018] ----D C:\Users\Mathias\AppData\Roaming\Broad Intelligence
O43 - CFD: 18/12/2007 - 20:30:36 - [0,001] ----D C:\Users\Mathias\AppData\Roaming\CasaPortale.de
O43 - CFD: 05/01/2008 - 16:31:03 - [0,034] ----D C:\Users\Mathias\AppData\Roaming\Codemasters
O43 - CFD: 28/04/2013 - 16:48:08 - [0,018] ----D C:\Users\Mathias\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
O43 - CFD: 21/09/2012 - 10:10:07 - [10,796] ----D C:\Users\Mathias\AppData\Roaming\CyberLink
O43 - CFD: 06/10/2008 - 20:46:51 - [0] ----D C:\Users\Mathias\AppData\Roaming\DeskSoft
O43 - CFD: 14/12/2012 - 21:35:24 - [0,000] ----D C:\Users\Mathias\AppData\Roaming\Desktop Apps
O43 - CFD: 19/07/2010 - 17:24:10 - [0,255] ----D C:\Users\Mathias\AppData\Roaming\DivX
O43 - CFD: 22/08/2012 - 14:07:50 - [33,681] ----D C:\Users\Mathias\AppData\Roaming\Dropbox
O43 - CFD: 04/09/2008 - 10:25:12 - [0,001] ----D C:\Users\Mathias\AppData\Roaming\EA
O43 - CFD: 30/10/2008 - 20:01:44 - [0,055] ----D C:\Users\Mathias\AppData\Roaming\ESTsoft
O43 - CFD: 29/10/2008 - 19:57:08 - [0,000] ----D C:\Users\Mathias\AppData\Roaming\F-Secure
O43 - CFD: 29/04/2010 - 17:52:08 - [6,255] ----D C:\Users\Mathias\AppData\Roaming\Facebook
O43 - CFD: 27/09/2008 - 11:10:43 - [0,000] ----D C:\Users\Mathias\AppData\Roaming\FMZilla
O43 - CFD: 05/12/2008 - 20:08:03 - [2,650] ----D C:\Users\Mathias\AppData\Roaming\FrostWire
O43 - CFD: 16/10/2012 - 01:12:24 - [4,502] ----D C:\Users\Mathias\AppData\Roaming\GameCenter
O43 - CFD: 22/08/2012 - 14:38:43 - [0,052] ----D C:\Users\Mathias\AppData\Roaming\GARMIN
O43 - CFD: 12/10/2012 - 12:46:07 - [0,070] ----D C:\Users\Mathias\AppData\Roaming\GoforFiles  =>P2P.GoforFiles
O43 - CFD: 04/08/2008 - 17:53:00 - [0,032] ----D C:\Users\Mathias\AppData\Roaming\Google
O43 - CFD: 02/09/2012 - 10:51:14 - [0,000] ----D C:\Users\Mathias\AppData\Roaming\gtk-2.0
O43 - CFD: 25/11/2007 - 16:05:27 - [1,698] ----D C:\Users\Mathias\AppData\Roaming\Hewlett-Packard
O43 - CFD: 09/12/2007 - 21:30:56 - [0,219] ----D C:\Users\Mathias\AppData\Roaming\HP
O43 - CFD: 23/03/2013 - 09:19:50 - [0,011] ----D C:\Users\Mathias\AppData\Roaming\HpUpdate
O43 - CFD: 10/05/2009 - 10:25:21 - [0,003] ----D C:\Users\Mathias\AppData\Roaming\Identities
O43 - CFD: 10/06/2013 - 12:50:38 - [27,346] ----D C:\Users\Mathias\AppData\Roaming\Image Zone Express
O43 - CFD: 20/03/2013 - 19:18:18 - [0,000] ----D C:\Users\Mathias\AppData\Roaming\InstallShield
O43 - CFD: 18/11/2009 - 16:51:12 - [0,001] ----D C:\Users\Mathias\AppData\Roaming\KodakCredentialStore
O43 - CFD: 14/12/2008 - 20:03:06 - [0] ----D C:\Users\Mathias\AppData\Roaming\Leadertech
O43 - CFD: 14/09/2011 - 21:02:47 - [0,049] ----D C:\Users\Mathias\AppData\Roaming\LG Electronics
O43 - CFD: 31/03/2009 - 16:24:53 - [60,180] ----D C:\Users\Mathias\AppData\Roaming\LimeWire
O43 - CFD: 24/11/2007 - 16:27:06 - [1,919] ----D C:\Users\Mathias\AppData\Roaming\Macromedia
O43 - CFD: 10/05/2009 - 17:47:54 - [14,927] ----D C:\Users\Mathias\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\Mathias\AppData\Roaming\Media Center Programs
O43 - CFD: 28/04/2013 - 17:29:02 - [12,532] -S--D C:\Users\Mathias\AppData\Roaming\Microsoft
O43 - CFD: 22/06/2008 - 21:47:43 - [127,572] ----D C:\Users\Mathias\AppData\Roaming\Mozilla
O43 - CFD: 25/08/2009 - 20:23:49 - [0,003] ----D C:\Users\Mathias\AppData\Roaming\MP-Manager
O43 - CFD: 25/08/2009 - 19:30:28 - [0] ----D C:\Users\Mathias\AppData\Roaming\MPMAN
O43 - CFD: 10/08/2008 - 17:52:53 - [0,617] ----D C:\Users\Mathias\AppData\Roaming\muvee Technologies
O43 - CFD: 23/09/2012 - 09:30:05 - [0,112] ----D C:\Users\Mathias\AppData\Roaming\NCH Software
O43 - CFD: 13/01/2008 - 00:09:07 - [0,264] ----D C:\Users\Mathias\AppData\Roaming\Nero
O43 - CFD: 06/12/2012 - 15:49:05 - [0,001] ----D C:\Users\Mathias\AppData\Roaming\Nokia
O43 - CFD: 04/01/2009 - 20:26:21 - [239,052] ----D C:\Users\Mathias\AppData\Roaming\OpenOffice.org
O43 - CFD: 04/01/2009 - 18:48:38 - [33,476] ----D C:\Users\Mathias\AppData\Roaming\OpenOffice.org2
O43 - CFD: 28/02/2010 - 16:33:42 - [0,228] ----D C:\Users\Mathias\AppData\Roaming\Opera
O43 - CFD: 06/12/2012 - 15:51:01 - [0,009] ----D C:\Users\Mathias\AppData\Roaming\PC Suite
O43 - CFD: 24/11/2012 - 19:17:41 - [0,002] ----D C:\Users\Mathias\AppData\Roaming\PDF Writer
O43 - CFD: 26/02/2008 - 23:23:33 - [0] ----D C:\Users\Mathias\AppData\Roaming\PeerNetworking
O43 - CFD: 04/04/2010 - 10:05:39 - [0] ----D C:\Users\Mathias\AppData\Roaming\PlayFirst
O43 - CFD: 11/02/2008 - 17:19:50 - [0,185] ----D C:\Users\Mathias\AppData\Roaming\Podmailing
O43 - CFD: 04/12/2012 - 18:23:10 - [0,007] ----D C:\Users\Mathias\AppData\Roaming\Printer Info Cache
O43 - CFD: 30/03/2012 - 18:37:39 - [0] ----D C:\Users\Mathias\AppData\Roaming\RadarSync
O43 - CFD: 17/03/2013 - 11:49:24 - [3,914] ----D C:\Users\Mathias\AppData\Roaming\Real
O43 - CFD: 19/06/2013 - 07:52:20 - [0,027] ----D C:\Users\Mathias\AppData\Roaming\RealNetworks
O43 - CFD: 27/11/2007 - 18:07:17 - [5,371] ----D C:\Users\Mathias\AppData\Roaming\Roxio
O43 - CFD: 24/10/2009 - 23:24:52 - [24,639] ----D C:\Users\Mathias\AppData\Roaming\Samsung
O43 - CFD: 05/01/2008 - 16:30:46 - [0,010] R-H-D C:\Users\Mathias\AppData\Roaming\SecuROM
O43 - CFD: 30/05/2010 - 10:37:49 - [0] ----D C:\Users\Mathias\AppData\Roaming\Shareaza
O43 - CFD: 18/11/2009 - 16:49:25 - [0] ----D C:\Users\Mathias\AppData\Roaming\Skinux
O43 - CFD: 24/06/2013 - 19:47:27 - [6,748] ----D C:\Users\Mathias\AppData\Roaming\Skype
O43 - CFD: 19/07/2012 - 19:18:04 - [0,030] ----D C:\Users\Mathias\AppData\Roaming\skypePM
O43 - CFD: 04/03/2011 - 12:39:53 - [7,333] ----D C:\Users\Mathias\AppData\Roaming\Software Informer
O43 - CFD: 28/02/2013 - 18:15:42 - [0] ----D C:\Users\Mathias\AppData\Roaming\Solvusoft
O43 - CFD: 19/04/2013 - 18:50:46 - [0,662] ----D C:\Users\Mathias\AppData\Roaming\SUPERAntiSpyware.com
O43 - CFD: 21/04/2013 - 15:35:28 - [0] ----D C:\Users\Mathias\AppData\Roaming\Systweak
O43 - CFD: 25/11/2007 - 08:25:00 - [0,008] ----D C:\Users\Mathias\AppData\Roaming\Template
O43 - CFD: 27/02/2010 - 19:43:55 - [180,981] ----D C:\Users\Mathias\AppData\Roaming\Thunderbird
O43 - CFD: 21/12/2012 - 00:10:27 - [2,762] ----D C:\Users\Mathias\AppData\Roaming\uTorrent  =>P2P.µTorrent
O43 - CFD: 25/11/2012 - 15:51:16 - [0,072] ----D C:\Users\Mathias\AppData\Roaming\vlc
O43 - CFD: 19/06/2013 - 11:48:10 - [0,549] ----D C:\Users\Mathias\AppData\Roaming\VSO
O43 - CFD: 05/06/2013 - 08:14:19 - [0,114] ----D C:\Users\Mathias\AppData\Roaming\WebCake  =>Adware.WebCake
O43 - CFD: 23/10/2012 - 19:46:09 - [0] ----D C:\Users\Mathias\AppData\Roaming\WIindupdate
O43 - CFD: 11/02/2008 - 21:07:54 - [0] ----D C:\Users\Mathias\AppData\Roaming\WinBatch
O43 - CFD: 18/12/2010 - 18:28:33 - [0,000] ----D C:\Users\Mathias\AppData\Roaming\Windows Live Writer
O43 - CFD: 15/11/2008 - 14:17:15 - [0,001] ----D C:\Users\Mathias\AppData\Roaming\Xi
O43 - CFD: 11/06/2008 - 18:59:05 - [0,493] ----D C:\Users\Mathias\AppData\Roaming\XnView
O43 - CFD: 10/05/2009 - 10:25:21 - [0,248] ----D C:\Users\Mathias\AppData\Roaming\Zylom
O43 - CFD: 05/05/2013 - 19:11:01 - [170,375] ----D C:\Users\Mathias\AppData\Local\Adobe
O43 - CFD: 19/02/2012 - 22:18:19 - [0] ----D C:\Users\Mathias\AppData\Local\adslTV
O43 - CFD: 26/01/2008 - 18:44:48 - [0,193] ----D C:\Users\Mathias\AppData\Local\Ahead
O43 - CFD: 28/06/2013 - 18:42:13 - [32,493] ----D C:\Users\Mathias\AppData\Local\Akamai
O43 - CFD: 01/05/2009 - 15:10:09 - [0] ----D C:\Users\Mathias\AppData\Local\Apple
O43 - CFD: 05/01/2010 - 20:50:35 - [0,191] ----D C:\Users\Mathias\AppData\Local\Apple Computer
O43 - CFD: 24/11/2007 - 16:24:13 - [0] ----D C:\Users\Mathias\AppData\Local\Application Data
O43 - CFD: 02/02/2008 - 16:00:56 - [0] ----D C:\Users\Mathias\AppData\Local\Apps
O43 - CFD: 14/12/2008 - 18:55:08 - [0,001] ----D C:\Users\Mathias\AppData\Local\ArcSoft
O43 - CFD: 05/04/2009 - 09:01:37 - [-2019,688] ----D C:\Users\Mathias\AppData\Local\Ares
O43 - CFD: 24/11/2007 - 16:32:20 - [0,069] ----D C:\Users\Mathias\AppData\Local\ATI
O43 - CFD: 24/10/2009 - 23:22:06 - [97,070] ----D C:\Users\Mathias\AppData\Local\Downloaded Installations
O43 - CFD: 12/12/2010 - 14:54:41 - [7,573] ----D C:\Users\Mathias\AppData\Local\EdenFlash
O43 - CFD: 27/03/2009 - 18:10:27 - [0,000] ----D C:\Users\Mathias\AppData\Local\eMule
O43 - CFD: 02/03/2012 - 22:12:22 - [7,422] ----D C:\Users\Mathias\AppData\Local\Facebook
O43 - CFD: 09/10/2009 - 18:26:51 - [0,012] ----D C:\Users\Mathias\AppData\Local\FLVService
O43 - CFD: 02/05/2012 - 15:44:39 - [0,026] ----D C:\Users\Mathias\AppData\Local\FVD Suite
O43 - CFD: 22/05/2013 - 12:54:40 - [89,089] ----D C:\Users\Mathias\AppData\Local\Google
O43 - CFD: 15/12/2007 - 17:21:53 - [8,594] ----D C:\Users\Mathias\AppData\Local\Hama Web
O43 - CFD: 24/11/2007 - 16:32:36 - [0,005] ----D C:\Users\Mathias\AppData\Local\Hewlett-Packard
O43 - CFD: 24/11/2007 - 16:24:13 - [0] ----D C:\Users\Mathias\AppData\Local\Historique
O43 - CFD: 09/12/2007 - 14:29:35 - [1,584] ----D C:\Users\Mathias\AppData\Local\HP
O43 - CFD: 18/11/2009 - 16:50:00 - [0] ----D C:\Users\Mathias\AppData\Local\KodakGallery
O43 - CFD: 13/06/2012 - 22:34:10 - [0] ----D C:\Users\Mathias\AppData\Local\Macromedia
O43 - CFD: 23/10/2011 - 16:38:24 - [-341,302] ----D C:\Users\Mathias\AppData\Local\Microsoft
O43 - CFD: 29/12/2007 - 21:02:36 - [1,682] ----D C:\Users\Mathias\AppData\Local\Microsoft Games
O43 - CFD: 27/11/2007 - 18:06:49 - [0,064] ----D C:\Users\Mathias\AppData\Local\MicroVision Applications
O43 - CFD: 03/06/2008 - 18:39:57 - [99,684] ----D C:\Users\Mathias\AppData\Local\Mozilla
O43 - CFD: 13/01/2008 - 00:39:53 - [0,061] ----D C:\Users\Mathias\AppData\Local\Nero
O43 - CFD: 28/02/2010 - 16:33:43 - [0,517] ----D C:\Users\Mathias\AppData\Local\Opera
O43 - CFD: 15/10/2011 - 12:20:50 - [0] ----D C:\Users\Mathias\AppData\Local\PackageAware
O43 - CFD: 24/11/2012 - 19:22:40 - [0] ----D C:\Users\Mathias\AppData\Local\PDF Writer
O43 - CFD: 03/02/2008 - 22:40:47 - [0] ----D C:\Users\Mathias\AppData\Local\PHOTOCITE Collection
O43 - CFD: 28/04/2013 - 17:27:04 - [0,001] ----D C:\Users\Mathias\AppData\Local\PutLockerDownloader  =>Spyware.PutLocker
O43 - CFD: 20/12/2012 - 15:22:18 - [0] ----D C:\Users\Mathias\AppData\Local\Real
O43 - CFD: 28/04/2013 - 17:32:06 - [0,015] ----D C:\Users\Mathias\AppData\Local\Savings Wave  =>PUP.CrossRider
O43 - CFD: 21/08/2012 - 21:54:27 - [0] ----D C:\Users\Mathias\AppData\Local\SCE
O43 - CFD: 17/08/2008 - 10:04:12 - [-1991,626] ----D C:\Users\Mathias\AppData\Local\Shareaza
O43 - CFD: 27/11/2010 - 18:34:16 - [0,012] ----D C:\Users\Mathias\AppData\Local\Songr
O43 - CFD: 13/05/2009 - 14:34:23 - [1,015] ----D C:\Users\Mathias\AppData\Local\TechSmith
O43 - CFD: 29/06/2013 - 19:07:12 - [54,163] ----D C:\Users\Mathias\AppData\Local\Temp
O43 - CFD: 24/11/2007 - 16:24:13 - [0] ----D C:\Users\Mathias\AppData\Local\Temporary Internet Files
O43 - CFD: 07/12/2010 - 20:08:22 - [3,782] ----D C:\Users\Mathias\AppData\Local\Thunderbird
O43 - CFD: 28/04/2013 - 17:31:43 - [0,201] ----D C:\Users\Mathias\AppData\Local\Updater12765  =>PUP.CrossRider
O43 - CFD: 05/12/2007 - 22:40:51 - [438,414] ----D C:\Users\Mathias\AppData\Local\VirtualStore
O43 - CFD: 03/01/2009 - 17:03:07 - [0,010] ----D C:\Users\Mathias\AppData\Local\VSO
O43 - CFD: 22/08/2012 - 13:53:53 - [0,164] ----D C:\Users\Mathias\AppData\Local\Windows Live
O43 - CFD: 07/11/2010 - 10:32:57 - [0,623] ----D C:\Users\Mathias\AppData\Local\Windows Live Writer
O43 - CFD: 09/10/2010 - 19:34:09 - [2,036] ----D C:\Users\Mathias\AppData\Local\Xenocode
O43 - CFD: 07/08/2011 - 14:53:47 - [0,009] ----D C:\Users\Mathias\AppData\Local\YesMessenger
O43 - CFD: 13/05/2009 - 14:13:18 - [0,016] ----D C:\Users\Mathias\AppData\Local\Zylom Games
~ 18 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 385 Scanned in 00mn 37s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2EE9CD4D9CA2D4A43D8703E27539E1F3] - 29/06/2013 - 12:43:08 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1621380]
O44 - LFC:[MD5.3A2B2A04751473490792DBF45DDB525E] - 29/06/2013 - 12:37:35 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.36815EF6CE269A5100136B2E16522CFC] - 29/06/2013 - 09:42:57 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1504004]
O44 - LFC:[MD5.316D739E1B62B6CEEE2555AFDF03AE91] - 29/06/2013 - 09:42:57 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [105324]
O44 - LFC:[MD5.47A752C1708376469510880ACE7E16E0] - 29/06/2013 - 09:42:57 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [127872]
O44 - LFC:[MD5.399D9D167CBA2D83F09539A80F8E4C1B] - 29/06/2013 - 09:42:57 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [598652]
O44 - LFC:[MD5.D564B8C43D941B8402BEDF3BAE8415FE] - 29/06/2013 - 09:42:57 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [681658]
O44 - LFC:[MD5.1D9B3568CFDB55316985A053D6D96030] - 28/06/2013 - 20:35:33 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge.dll   [94632]
O44 - LFC:[MD5.A1987D2842E598D20FD4D0453742EEDB] - 28/06/2013 - 20:35:31 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe   [175016]
O44 - LFC:[MD5.DE2E2F1370FFDAB7F307F895292A3B62] - 28/06/2013 - 20:35:31 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe   [175016]
O44 - LFC:[MD5.7766DD87973104E565647C09040F0EA1] - 28/06/2013 - 20:35:31 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe   [263592]
O44 - LFC:[MD5.2A7915FBC3601CDF5F4C2F6528A501FB] - 28/06/2013 - 20:35:30 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll   [789416]
O44 - LFC:[MD5.D7324EB1EDCB8990F8522DE0311359E9] - 28/06/2013 - 20:35:30 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll   [867240]
O44 - LFC:[MD5.A1E39D4F4BCAACF0A23DB36FE5939386] - 28/06/2013 - 20:14:44 ---A- . (...) -- C:\Windows\MEMORY.DMP   [249512660]
O44 - LFC:[MD5.7D9F163B90CE913DB3FAB297468619FA] - 28/06/2013 - 20:14:44 ---A- . (...) -- C:\Windows\PFRO.log   [5068]
O44 - LFC:[MD5.A8B28B52CE53F22C6E07A2C27E23FC18] - 19/06/2013 - 06:50:59 ---A- . (.RealNetworks, Inc. - Real Player(tm) ActiveX Control.) -- C:\Windows\System32\rmoc3260.dll   [201872]
O44 - LFC:[MD5.33833B3EDA1B07EBD367FA9B38B23E60] - 19/06/2013 - 06:50:37 ---A- . (.RealNetworks, Inc. - 16 bit DirectX helper DLL.) -- C:\Windows\System32\pndx5016.dll   [6656]
O44 - LFC:[MD5.B74E422BC81236042529DC8A42A18423] - 19/06/2013 - 06:50:37 ---A- . (.RealNetworks, Inc. - 32 bit DirectX helper DLL.) -- C:\Windows\System32\pndx5032.dll   [5632]
O44 - LFC:[MD5.86F1895AE8C5E8B17D99ECE768A70732] - 19/06/2013 - 06:50:26 ---A- . (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\Windows\System32\msvcr71.dll   [348160]
O44 - LFC:[MD5.561FA2ABB31DFA8FAB762145F81667C2] - 19/06/2013 - 06:50:26 ---A- . (.Microsoft Corporation - Microsoft® C++ Runtime Library.) -- C:\Windows\System32\msvcp71.dll   [499712]
~ Files: 20 Scanned in 01mn 19s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.7C65F6D015F5C0D95FE58E9B3E7836C7] - 03/06/2013 - 13:22:42 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-219577271-1366622661-2790460906-1000.snp.db
O45 - LFCP:[MD5.4C6103B38A54C7C9DB4C7727BD53EE38] - 03/06/2013 - 19:55:00 ---A- - C:\Windows\Prefetch\AgCx_SC3_8F48275A.db
O45 - LFCP:[MD5.BCB93120B641D861DCCF87B356E5D138] - 24/06/2013 - 09:48:47 ---A- - C:\Windows\Prefetch\RECORDINGMANAGER.EXE-539D4751.pf
O45 - LFCP:[MD5.CE39C91D04A393C010BE677792B75260] - 26/06/2013 - 07:49:01 ---A- - C:\Windows\Prefetch\REALUPGRADE.EXE-3EAD5EB9.pf
O45 - LFCP:[MD5.DF99A878A3BAE9E09EE8F3244CF577CF] - 26/06/2013 - 15:28:52 ---A- - C:\Windows\Prefetch\HPHC_SCHEDULER.EXE-B0CCDC1E.pf
O45 - LFCP:[MD5.330FDD91C6C011AB8A6E6411BEE709F8] - 26/06/2013 - 15:29:40 ---A- - C:\Windows\Prefetch\CABARC.EXE-CB8F9AC3.pf
O45 - LFCP:[MD5.75D0D92C8AD65CD263FF770508E64D0E] - 26/06/2013 - 15:29:47 ---A- - C:\Windows\Prefetch\HPDOWNLOAD.EXE-16630A8F.pf
O45 - LFCP:[MD5.2FB9AF89E3B43FCE902B3DEF556DC52F] - 26/06/2013 - 15:31:10 ---A- - C:\Windows\Prefetch\HPDOBJECT.EXE-4E420546.pf
O45 - LFCP:[MD5.626AD05C23AD86DC6963DE180E102C3A] - 26/06/2013 - 15:31:10 ---A- - C:\Windows\Prefetch\RESETFILETIME.EXE-14D83F34.pf
O45 - LFCP:[MD5.1A7D973F8679F9281D724997A54646B6] - 26/06/2013 - 15:31:13 ---A- - C:\Windows\Prefetch\UNZIP.EXE-38755058.pf
O45 - LFCP:[MD5.C7FFCD7A321611CDD7490D20CFC51E54] - 26/06/2013 - 15:31:18 ---A- - C:\Windows\Prefetch\SIASSETEXT.EXE-C45A936E.pf
O45 - LFCP:[MD5.E39A0864F99B60677FC576EE3B1286D0] - 26/06/2013 - 15:31:24 ---A- - C:\Windows\Prefetch\WSCRIPT.EXE-65A9658F.pf
O45 - LFCP:[MD5.64A4DD1E2714B9D07FF57A25B1FD17B6] - 26/06/2013 - 15:31:26 ---A- - C:\Windows\Prefetch\HPASSET.EXE-71B58925.pf
O45 - LFCP:[MD5.E06142B78DE489BD526EA43916ECF2E0] - 26/06/2013 - 15:32:13 ---A- - C:\Windows\Prefetch\HPCEE.EXE-D44DC0B2.pf
O45 - LFCP:[MD5.F56531E9578A4B52D7E98A0ACA3F195F] - 26/06/2013 - 15:34:51 ---A- - C:\Windows\Prefetch\JP2LAUNCHER.EXE-A7380F76.pf
O45 - LFCP:[MD5.AF7CE215603A1A592D686B29B2D2416B] - 26/06/2013 - 16:35:10 ---A- - C:\Windows\Prefetch\UPDATER12765.EXE-8363F7A5.pf
O45 - LFCP:[MD5.2E4E0911C3146587DF1ADF7C6EED320E] - 27/06/2013 - 05:47:03 ---A- - C:\Windows\Prefetch\MCUPDATE.EXE-AF07FDE6.pf
O45 - LFCP:[MD5.D9C4A176A43E17B9D112446ED64D6F23] - 27/06/2013 - 05:47:31 ---A- - C:\Windows\Prefetch\IELOWUTIL.EXE-79D45B69.pf
O45 - LFCP:[MD5.B141C1ABC8935650DD58EB6621E2F555] - 28/06/2013 - 07:37:02 ---A- - C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf
O45 - LFCP:[MD5.6B537771CD64CB00427979BB45C31068] - 28/06/2013 - 12:43:27 ---A- - C:\Windows\Prefetch\REALSCHED.EXE-89156BB8.pf
O45 - LFCP:[MD5.7A45352C75BA350BD85825A98D29D78C] - 28/06/2013 - 13:49:50 ---A- - C:\Windows\Prefetch\GUI.EXE-01FB0D96.pf
O45 - LFCP:[MD5.4C05382D0DB57063B7BF324F3D6393EF] - 28/06/2013 - 13:50:24 ---A- - C:\Windows\Prefetch\GSWIN32C.EXE-D3D85B8B.pf
O45 - LFCP:[MD5.3EB338B6F8E650E691E0C41E5EE517CC] - 28/06/2013 - 17:41:45 ---A- - C:\Windows\Prefetch\INSTALLER_NO_UPLOAD_SILENT.EX-22812639.pf
O45 - LFCP:[MD5.907FEDE84A5BCBDE8723C56EDB8A9CEB] - 28/06/2013 - 17:41:51 ---A- - C:\Windows\Prefetch\CONTROLPANEL_INSTALLER.EXE-99A9697B.pf
O45 - LFCP:[MD5.40C395F62445A08A82F02662CE54AB61] - 28/06/2013 - 17:42:09 ---A- - C:\Windows\Prefetch\INSTALLER_UPLOADER.EXE-79E3BABA.pf
O45 - LFCP:[MD5.3E064A8B96D0EA503DD3CB55BBA349A6] - 28/06/2013 - 17:42:21 ---A- - C:\Windows\Prefetch\NETSESSION_WIN.EXE-D506BF1D.pf
O45 - LFCP:[MD5.3A05B54B85724EFB431747059F25454D] - 28/06/2013 - 19:03:10 ---A- - C:\Windows\Prefetch\WMPSHARE.EXE-73C9F24C.pf
O45 - LFCP:[MD5.2766384EDB6C2D8B187E13EBAEE0E224] - 28/06/2013 - 19:03:12 ---A- - C:\Windows\Prefetch\MFPMP.EXE-73140A33.pf
O45 - LFCP:[MD5.B215731E85064B8FF8521B713BF124A9] - 28/06/2013 - 19:23:54 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-738093E8.pf
O45 - LFCP:[MD5.926CC39EBF9114D0A43C6B0F6C18C0DE] - 28/06/2013 - 19:23:54 ---A- - C:\Windows\Prefetch\DFRGNTFS.EXE-4F838A89.pf
O45 - LFCP:[MD5.C21C9740482BA9E01B15B954897C257A] - 28/06/2013 - 20:17:51 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-CD982D99.pf
O45 - LFCP:[MD5.A8529F7184472B34978787462DB1F446] - 28/06/2013 - 20:19:14 ---A- - C:\Windows\Prefetch\HPQSTE08.EXE-2C76ABC1.pf
O45 - LFCP:[MD5.5ED9B6C4196A49380291C50F84B18980] - 28/06/2013 - 20:19:40 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-50F8773C.pf
O45 - LFCP:[MD5.4BD2770C443E213A7FECD21FDD699F43] - 28/06/2013 - 20:19:41 ---A- - C:\Windows\Prefetch\JAVA.EXE-872FBD82.pf
O45 - LFCP:[MD5.3A92DF98B8F1D5E8A1D607D1DAB1F937] - 28/06/2013 - 20:19:50 ---A- - C:\Windows\Prefetch\JUCHECK.EXE-FC0B4709.pf
O45 - LFCP:[MD5.B40C0008EAA4A3D4BAF7F6150922C981] - 28/06/2013 - 20:20:30 ---A- - C:\Windows\Prefetch\JRE-7U25-WINDOWS-I586-IFTW.EX-40E0D224.pf
O45 - LFCP:[MD5.3CA1D9143A887488DE408C94CFBCA0F8] - 28/06/2013 - 20:26:40 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf
O45 - LFCP:[MD5.91A64B99BD42F415C836F120F76837B3] - 28/06/2013 - 20:33:02 ---A- - C:\Windows\Prefetch\MSI994.TMP-5258DE1D.pf
O45 - LFCP:[MD5.91477CD86F2B3D92CC4E0DF2D14069CE] - 28/06/2013 - 20:33:36 ---A- - C:\Windows\Prefetch\GOOGLEEARTH.EXE-C7C9B977.pf
O45 - LFCP:[MD5.598A35E19DB60BDD28A902A528CFAA6C] - 28/06/2013 - 20:33:59 ---A- - C:\Windows\Prefetch\JQS.EXE-DC079BC6.pf
O45 - LFCP:[MD5.4E57D12425E9D21ADF66C5CA583B3F54] - 28/06/2013 - 20:34:01 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-5D54EAD0.pf
O45 - LFCP:[MD5.B5F3618DEEEED5C4242CC1BCB0666AE9] - 28/06/2013 - 20:34:03 ---A- - C:\Windows\Prefetch\MSIF75A.TMP-AAAD93FE.pf
O45 - LFCP:[MD5.205A24005E9B2429B3447B0EE323D02D] - 28/06/2013 - 20:35:57 ---A- - C:\Windows\Prefetch\UNPACK200.EXE-2F49EBEC.pf
O45 - LFCP:[MD5.8F919890BA78026B8F44F7121FED36B6] - 28/06/2013 - 20:36:04 ---A- - C:\Windows\Prefetch\JAVAW.EXE-59CBCAE5.pf
O45 - LFCP:[MD5.60BDC272980ED518F94116A85AFC490A] - 28/06/2013 - 20:36:05 ---A- - C:\Windows\Prefetch\JQS.EXE-080A5413.pf
O45 - LFCP:[MD5.9BE6194EDC088B589873F296128BC77F] - 28/06/2013 - 20:36:33 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf
O45 - LFCP:[MD5.85F49EF0B126291FC9538663B0BD2ECF] - 28/06/2013 - 20:36:36 ---A- - C:\Windows\Prefetch\JAUREG.EXE-DF073ACE.pf
O45 - LFCP:[MD5.566B3A35F9F70C1914A4A46B1899431A] - 28/06/2013 - 20:41:15 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf
O45 - LFCP:[MD5.E16C2902AAE595D34F52E437150BCD1D] - 29/06/2013 - 08:47:21 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf
O45 - LFCP:[MD5.9398E0FA886E3C0D3DD7E4D7AF072BA2] - 29/06/2013 - 08:50:04 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf
O45 - LFCP:[MD5.57DDF34321CDA650CCC326EE103BE086] - 29/06/2013 - 08:50:08 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf
O45 - LFCP:[MD5.4787EF215A9F505BC2C31BF02A0ECB48] - 29/06/2013 - 08:50:14 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.B0FE06AA792919DCE07E376CA56935D0] - 29/06/2013 - 09:39:12 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-9A451F51.pf
O45 - LFCP:[MD5.1AD78E04DF0DF4A603B5BFF69F8A0082] - 29/06/2013 - 09:39:12 ---A- - C:\Windows\Prefetch\RECGUARD.EXE-B51EE930.pf
O45 - LFCP:[MD5.5A51A52595257F821BC9C2415A2F1679] - 29/06/2013 - 09:39:12 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E33ED995.pf
O45 - LFCP:[MD5.0A7C205227ACB3F124ECDDE1C41C38F6] - 29/06/2013 - 09:39:14 ---A- - C:\Windows\Prefetch\REMIND.EXE-058BA002.pf
O45 - LFCP:[MD5.171145834C49F7BF3BD5314B47941EF4] - 29/06/2013 - 09:39:14 ---A- - C:\Windows\Prefetch\REMIND_XP.DLL-30BF0B17.pf
O45 - LFCP:[MD5.4694A0375109FC1F419535F46260A262] - 29/06/2013 - 09:39:58 ---A- - C:\Windows\Prefetch\EHMSAS.EXE-6BE9D904.pf
O45 - LFCP:[MD5.1145B0BD00269364C2ECB748BD1C3E66] - 29/06/2013 - 09:39:58 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-FE3D1158.pf
O45 - LFCP:[MD5.A76B54F47337AC9A1F08B5E5E3D331EA] - 29/06/2013 - 09:40:08 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-135A30D8.pf
O45 - LFCP:[MD5.8F02F0DD3140258B6611B8D61EDBA726] - 29/06/2013 - 09:40:16 ---A- - C:\Windows\Prefetch\READER_SL.EXE-9594AF7E.pf
O45 - LFCP:[MD5.74A8167D2C22677887C5A786AAE0DF5D] - 29/06/2013 - 09:40:25 ---A- - C:\Windows\Prefetch\HPQBAM08.EXE-F839B01D.pf
O45 - LFCP:[MD5.96299F00A3BB44D75193A69CE58EE607] - 29/06/2013 - 09:40:28 ---A- - C:\Windows\Prefetch\CSC.EXE-4EF173D0.pf
O45 - LFCP:[MD5.2378373991ACF659B51C4788CA77F289] - 29/06/2013 - 09:40:28 ---A- - C:\Windows\Prefetch\CVTRES.EXE-419E4E46.pf
O45 - LFCP:[MD5.47FA2C8A516681AF1AFA97CAF6E9A366] - 29/06/2013 - 09:40:35 ---A- - C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-42767AE9.pf
O45 - LFCP:[MD5.529CFA5C22A036590A9C5B99C8B6769D] - 29/06/2013 - 09:40:38 ---A- - C:\Windows\Prefetch\CONIME.EXE-B273009A.pf
O45 - LFCP:[MD5.D6031FF673434A0BED60504C8612E705] - 29/06/2013 - 09:41:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-FAA88858.pf
O45 - LFCP:[MD5.019D0B60687DB6C2BF66CA0B50329C81] - 29/06/2013 - 09:41:02 ---A- - C:\Windows\Prefetch\SCALC.EXE-EB3F5356.pf
O45 - LFCP:[MD5.12B5D7223579D7F06166022D2E9A90B8] - 29/06/2013 - 09:41:02 ---A- - C:\Windows\Prefetch\SOFFICE.EXE-B7A9F84B.pf
O45 - LFCP:[MD5.A6297983DE38582A84879D325F0F46BA] - 29/06/2013 - 09:41:10 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-AB381126.pf
O45 - LFCP:[MD5.112B5C8D2AC519C1FCD55565F5EDC4F9] - 29/06/2013 - 09:41:14 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-BD0344CA.pf
O45 - LFCP:[MD5.39D65CBF276889988F8F0D8E44F8DD0B] - 29/06/2013 - 09:41:33 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf
O45 - LFCP:[MD5.9315BAC1F2C97958387ED920692CE842] - 29/06/2013 - 09:50:25 ---A- - C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf
O45 - LFCP:[MD5.DAE37CB700E5B87234FB35BAAF3B32CE] - 29/06/2013 - 09:52:31 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E2054E7F.pf
O45 - LFCP:[MD5.626EF0197D0CD0F64BF3E27A3785BC9B] - 29/06/2013 - 09:53:45 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-3A16BB9F.pf
O45 - LFCP:[MD5.2C68FF0EEC99632B2CE7A591C375A4B6] - 29/06/2013 - 09:53:45 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-9CF43216.pf
O45 - LFCP:[MD5.5AF7BEFAD3152D41D0C853EDD6AD6BEC] - 29/06/2013 - 09:58:16 ---A- - C:\Windows\Prefetch\CALC.EXE-AC08706A.pf
O45 - LFCP:[MD5.81C43C4D6C922CD5DD7065F5272F62C7] - 29/06/2013 - 12:21:29 ---A- - C:\Windows\Prefetch\IPMGUI.EXE-2BFE8AEE.pf
O45 - LFCP:[MD5.ECF5399937AA820DCE559F0EEC06E988] - 29/06/2013 - 12:37:37 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.EF7A541A066178F87945DBA72E840466] - 29/06/2013 - 12:37:38 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf
O45 - LFCP:[MD5.60494DF8A4F1A63451107B3C2C6DDDA7] - 29/06/2013 - 12:38:38 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.C4D0ECD75B44C6E3D53C8EA210FF8067] - 29/06/2013 - 13:12:51 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F452D79D.pf
O45 - LFCP:[MD5.751D06BFA4C623F9DD83FFB481A92ABF] - 29/06/2013 - 13:12:51 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf
O45 - LFCP:[MD5.6C3159F030B44DF96F02798CCC6FF578] - 29/06/2013 - 13:12:51 ---A- - C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf
O45 - LFCP:[MD5.287D76B7B3363857A825B39AD07D1531] - 29/06/2013 - 14:09:36 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.1A890DB9EF9C6A44E4B6ABB9682DB77E] - 29/06/2013 - 14:32:10 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-86987901.pf
O45 - LFCP:[MD5.4C6EB15B5316F86D03E36EAE7F37E196] - 29/06/2013 - 14:37:05 ---A- - C:\Windows\Prefetch\AVNOTIFY.EXE-4291C867.pf
O45 - LFCP:[MD5.BC840EDEC21EA7E9A3EA99AFF468F976] - 29/06/2013 - 14:37:06 ---A- - C:\Windows\Prefetch\UPDATE.EXE-3FBE35E6.pf
O45 - LFCP:[MD5.A98962D0B71B4D999EE5EC1148A24F39] - 29/06/2013 - 14:37:11 ---A- - C:\Windows\Prefetch\UPDRGUI.EXE-481C2DBF.pf
O45 - LFCP:[MD5.631A59B32491D514E2AE8DB284B38FF5] - 29/06/2013 - 15:59:59 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-E2CE6542.pf
O45 - LFCP:[MD5.08AD2B2AB20CD12906CA4606B803EB0C] - 29/06/2013 - 16:42:01 ---A- - C:\Windows\Prefetch\FACEBOOKUPDATE.EXE-C24234EF.pf
O45 - LFCP:[MD5.199AB1F4BBC9B1A0302C46280FDB1FE5] - 29/06/2013 - 17:14:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-0CF170F4.pf
O45 - LFCP:[MD5.3BED79CA9E06C9A2DEABA9384AC8BAC7] - 29/06/2013 - 17:21:34 ---A- - C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf
O45 - LFCP:[MD5.4871A390E7121716CA77CE28E6AA6535] - 29/06/2013 - 17:22:26 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.6591EE361B2BE33698D7AD347474A8BC] - 29/06/2013 - 17:22:26 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.676279232F979B021C45AFC102510919] - 29/06/2013 - 17:22:27 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.313D72704FF3EBD6C776028648A0408B] - 29/06/2013 - 17:22:27 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.14F379A417CE597869545759A7BBF1DC] - 29/06/2013 - 17:51:11 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-9DE758AE.pf
O45 - LFCP:[MD5.6E593623FF6E019950BA62E3FB0050C5] - 29/06/2013 - 17:51:37 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-E60C0AA7.pf
O45 - LFCP:[MD5.0F7B6E37E0DBEF6DD5A09F49D5F0AB33] - 29/06/2013 - 17:51:53 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_7_700_22-3D804307.pf
O45 - LFCP:[MD5.88CE405C4BE3670D41E3CA8656779D7D] - 29/06/2013 - 17:51:53 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-1D5F6C6B.pf
O45 - LFCP:[MD5.196E02CED26F33EBB72A726F232369DE] - 29/06/2013 - 17:53:06 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-33939BD1.pf
O45 - LFCP:[MD5.D67C716BE6C0CB05B0DD8677BDC11EB7] - 29/06/2013 - 17:53:30 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf
O45 - LFCP:[MD5.5C560B9879CF51834E5860F0CDC97009] - 29/06/2013 - 17:54:14 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf
O45 - LFCP:[MD5.1D7CE4C2F4E6280C52AD51C8192B74FA] - 29/06/2013 - 17:55:10 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-219577271-1366622661-2790460906-1000.db
O45 - LFCP:[MD5.3FEB76E3A340D34A10D120DB52D5D163] - 29/06/2013 - 17:55:10 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-219577271-1366622661-2790460906-1000.db
O45 - LFCP:[MD5.2071DB2147EEF0AFB0CC928BF2A2C06F] - 29/06/2013 - 18:03:59 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-8973CEDD.pf
O45 - LFCP:[MD5.A75F3BE4F1A2BE1B749E5C615DDB9B8B] - 29/06/2013 - 18:05:00 ---A- - C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf
O45 - LFCP:[MD5.76CEBAEF1D7F859EF29F846ABFCF91D9] - 29/06/2013 - 18:05:00 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-073BE0BF.pf
O45 - LFCP:[MD5.52B52F8BCB74A9EDCB056A26E075F290] - 29/06/2013 - 18:05:05 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf
O45 - LFCP:[MD5.88A9E6B2B983AC75A141B0EFEDF550CA] - 29/06/2013 - 18:05:10 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-9D0EE457.pf
O45 - LFCP:[MD5.5B87980EE5B75556643468277A58BF0B] - 29/06/2013 - 18:05:18 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
O45 - LFCP:[MD5.04E964F002275354338F502D328BAB5F] - 29/06/2013 - 18:06:09 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E4C98DEB.pf
O45 - LFCP:[MD5.ADDC39E0390891DD36E2BD78ABF39123] - 29/06/2013 - 18:06:10 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf
O45 - LFCP:[MD5.8AE80B28365427B3F35FFA7A156A2706] - 29/06/2013 - 18:06:24 ---A- - C:\Windows\Prefetch\PV.EXE-8E63E86A.pf
O45 - LFCP:[MD5.D0AD9C9F6E34D6E0ADBCC8B7D4FCE64C] - 29/06/2013 - 18:06:37 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf
O45 - LFCP:[MD5.C3F86C731AE927B165302382BE6F7FDF] - 29/06/2013 - 18:06:40 ---A- - C:\Windows\Prefetch\CMD.EXE-89305D47.pf
O45 - LFCP:[MD5.29261A38B753045609B1C3700AB9A044] - 29/06/2013 - 18:06:40 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-AD2C3B41.pf
O45 - LFCP:[MD5.FE6B3C233F9ED4934B2605842503D16E] - 29/06/2013 - 18:06:51 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-2DE769BF.pf
O45 - LFCP:[MD5.2979703D541868F693B7F848BD64051E] - 29/06/2013 - 18:08:00 ---A- - C:\Windows\Prefetch\AVWSC.EXE-877F4F63.pf
O45 - LFCP:[MD5.4E772FCFDAE4E5956324344C791217E0] - 29/06/2013 - 18:08:33 ---A- - C:\Windows\Prefetch\REALPLAY.EXE-FD224278.pf
~ Prefetcher: 121 Scanned in 00mn 01s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL
O46 - SEH:ShellExecuteHooks - SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{4fc131e4-d9db-11e0-9c3e-00e04c100ea2}\AutoRun\command. (...) -- J:\USBAutoRun.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.tssoft32"="tssoft32.acm" . (.DSP GROUP, INC. - DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50.) -- C:\Windows\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\Windows\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal StudioD
FileDescription - DivX WMA Audio6

FileVersion.) -- C:\Windows\System32\divxa32.acm
O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"msacm.lameacm"="LameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm
O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\Windows\System32\tsccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (...) -- C:\Windows\System32\iyvu9_32.dll
O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\Iac25_32.ax
O52 - TDSD: \drivers.desc\"tssoft32.acm"="TrueSpeech Audio" . (.DSP GROUP, INC. - DSP Group TrueSpeech(TM) Audio Codec for MSACM V3.50.) -- C:\Windows\System32\tssoft32.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\Windows\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal StudioD
FileDescription - DivX WMA Audio6

FileVersion.) -- C:\Windows\System32\divxa32.acm
O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (...) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm
O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\Windows\System32\tsccvid.dll
~ TDSD: 24 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Drivers:  Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 26/06/2013 - 06:29:52 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_052952.sent   [1039]
O61 - LFC: 26/06/2013 - 06:30:00 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_062953.sent   [452]
O61 - LFC: 26/06/2013 - 06:45:19 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51ca7fef   [148]
O61 - LFC: 26/06/2013 - 07:31:55 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_072953.sent   [672]
O61 - LFC: 26/06/2013 - 08:20:55 ---A- C:\Users\Mathias\Videos\Punisher.War.Zone.FRENCH.DVDRiP.XviD-ULTRASON.avi   [727875584]
O61 - LFC: 26/06/2013 - 08:35:38 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_082954.sent   [672]
O61 - LFC: 26/06/2013 - 09:38:32 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_092954.sent   [672]
O61 - LFC: 26/06/2013 - 11:39:39 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_103939.sent   [1040]
O61 - LFC: 26/06/2013 - 11:44:57 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cac629   [148]
O61 - LFC: 26/06/2013 - 15:28:21 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_142821.sent   [673]
O61 - LFC: 26/06/2013 - 15:32:00 ---A- C:\Users\Mathias\AppData\Roaming\Hewlett-Packard\HP Active Support\cee\1151874547.cee   [1091]
O61 - LFC: 26/06/2013 - 15:34:47 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cafc07   [144]
O61 - LFC: 26/06/2013 - 16:34:54 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130626_153454.sent   [672]
O61 - LFC: 26/06/2013 - 16:35:42 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cb0a4e   [148]
O61 - LFC: 26/06/2013 - 16:35:53 ---A- C:\Users\Mathias\Documents\TRADIVAL\Avocat\Conclusions Prud-hommes 1-07 SILVEREANO-TRADIVAL.pdf   [130621]
O61 - LFC: 26/06/2013 - 16:38:54 ---A- C:\Users\Mathias\AppData\Roaming\Real\RealPlayer\WatchFolders\fldrscan.out   [8331]
O61 - LFC: 27/06/2013 - 05:46:33 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130627_044633.sent   [673]
O61 - LFC: 27/06/2013 - 05:49:38 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cbc462   [148]
O61 - LFC: 27/06/2013 - 06:51:14 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130627_055114.sent   [1030]
O61 - LFC: 27/06/2013 - 07:57:49 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130627_065749.sent   [1432]
O61 - LFC: 27/06/2013 - 08:26:10 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cbe912   [148]
O61 - LFC: 27/06/2013 - 08:35:40 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cbeb4c   [148]
O61 - LFC: 27/06/2013 - 08:35:46 -SHA- C:\Users\Mathias\AppData\Local\Temp\Cookies\index.dat   [16384]
O61 - LFC: 27/06/2013 - 08:35:46 -SHA- C:\Users\Mathias\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat   [32768]
O61 - LFC: 27/06/2013 - 08:35:46 -SHA- C:\Users\Mathias\AppData\Local\Temp\History\History.IE5\index.dat   [16384]
O61 - LFC: 27/06/2013 - 08:36:09 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cbeb69   [160]
O61 - LFC: 27/06/2013 - 08:36:57 ---A- C:\Users\Mathias\Documents\professionnel et administratif (CV, lettre...)\POLEMPLOI\justificatif actualisation du mois de Juin 2013.pdf   [186236]
O61 - LFC: 27/06/2013 - 08:52:42 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130627_075750.sent   [1790]
O61 - LFC: 27/06/2013 - 19:16:38 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130627_181638.sent   [584]
O61 - LFC: 27/06/2013 - 19:23:32 ---A- C:\Users\Mathias\AppData\Roaming\Real\Msg\Messages.dat   [571]
O61 - LFC: 28/06/2013 - 07:00:49 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_060049.sent   [828]
O61 - LFC: 28/06/2013 - 07:37:50 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cd2f3e   [148]
O61 - LFC: 28/06/2013 - 08:00:50 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_070050.sent   [306]
O61 - LFC: 28/06/2013 - 12:43:08 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_114308.sent   [103]
O61 - LFC: 28/06/2013 - 12:43:20 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_124309.sent   [672]
O61 - LFC: 28/06/2013 - 13:43:53 ---A- C:\Users\Mathias\Documents\Paramètres internet\1.ods   [20208]
O61 - LFC: 28/06/2013 - 13:48:12 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cd860c   [148]
O61 - LFC: 28/06/2013 - 13:49:48 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cd866c   [148]
O61 - LFC: 28/06/2013 - 13:50:24 ---A- C:\Users\Mathias\Documents\professionnel et administratif (CV, lettre...)\Facture Internet\Merci pour votre commande - Achat_Vente Merci pour votre commande - RueDuCommerce.pdf   [68069]
O61 - LFC: 28/06/2013 - 15:13:47 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_141347.sent   [1038]
O61 - LFC: 28/06/2013 - 17:38:25 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_163825.sent   [673]
O61 - LFC: 28/06/2013 - 17:41:33 ---A- C:\Users\Mathias\AppData\Local\Akamai\installer_no_upload_silent.exe   [10028936]
O61 - LFC: 28/06/2013 - 17:41:35 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_164135.sent   [656]
O61 - LFC: 28/06/2013 - 17:41:36 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\daemon.debug.log.130628_164136.sent   [307]
O61 - LFC: 28/06/2013 - 17:41:52 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\daemon.debug.log.130628_164152.sent   [395]
O61 - LFC: 28/06/2013 - 17:41:57 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_164157.sent   [782]
O61 - LFC: 28/06/2013 - 17:42:13 ---A- C:\Users\Mathias\AppData\Local\Akamai\installer.txt   [224316]
O61 - LFC: 28/06/2013 - 17:42:21 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\daemon1.debug.log.130628_164221.sent   [867]
O61 - LFC: 28/06/2013 - 18:37:26 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_174158.sent   [1779]
O61 - LFC: 28/06/2013 - 18:45:41 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_184158.sent   [682]
O61 - LFC: 28/06/2013 - 18:48:58 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cdcc8a   [148]
O61 - LFC: 28/06/2013 - 20:15:17 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cde0c5   [124]
O61 - LFC: 28/06/2013 - 20:18:21 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\daemon.debug.log.130628_191821.sent   [388]
O61 - LFC: 28/06/2013 - 20:18:51 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130628_191851.sent   [1086]
O61 - LFC: 28/06/2013 - 20:19:02 ---A- C:\Users\Mathias\Downloads\ARTEFACTaiChiLiMiTEDFRENCHDVDRipXviD2012bitododo.rar   [98]
O61 - LFC: 28/06/2013 - 20:20:22 ---A- C:\Users\Mathias\AppData\Local\Temp\jinstall.cfg   [1154]
O61 - LFC: 28/06/2013 - 20:22:06 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cde25e   [148]
O61 - LFC: 28/06/2013 - 20:33:44 ---A- C:\Users\Mathias\AppData\Local\Temp\geColladaModelCacheLock   [0]
O61 - LFC: 28/06/2013 - 20:33:44 ---A- C:\Users\Mathias\AppData\Local\Temp\geIconCacheLock   [0]
O61 - LFC: 28/06/2013 - 20:33:46 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cde51a   [164]
O61 - LFC: 28/06/2013 - 20:36:36 ---A- C:\Users\Mathias\AppData\Local\Temp\AUCHECK_PARSER.txt   [366]
O61 - LFC: 28/06/2013 - 20:40:59 ---A- C:\Users\Mathias\AppData\Roaming\Google\GoogleEarth\myplaces.kml   [16587]
O61 - LFC: 29/06/2013 - 08:36:51 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_073651.sent   [2118]
O61 - LFC: 29/06/2013 - 08:49:53 --HA- C:\Users\Mathias\AppData\Local\IconCache.db   [3695918]
O61 - LFC: 29/06/2013 - 08:49:56 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_074956.sent   [1404]
O61 - LFC: 29/06/2013 - 08:49:57 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\daemon.debug.log.130629_074957.sent   [312]
O61 - LFC: 29/06/2013 - 09:37:27 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51ce9cc7   [124]
O61 - LFC: 29/06/2013 - 09:39:14 ---A- C:\Users\Mathias\AppData\Local\Temp\Mathias.bmp   [31832]
O61 - LFC: 29/06/2013 - 09:39:46 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\daemon.debug.log.130629_083946.sent   [389]
O61 - LFC: 29/06/2013 - 09:39:52 ---A- C:\Users\Mathias\AppData\Local\Akamai\extraroot.pem   [490796]
O61 - LFC: 29/06/2013 - 09:39:52 ---A- C:\Users\Mathias\AppData\Local\Akamai\root.pem   [13711]
O61 - LFC: 29/06/2013 - 09:39:59 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_083959.sent   [775]
O61 - LFC: 29/06/2013 - 09:39:59 ---A- C:\Users\Mathias\AppData\Local\Akamai\readme.txt   [20228]
O61 - LFC: 29/06/2013 - 09:40:27 ---A- C:\Users\Mathias\AppData\Roaming\Hewlett-Packard\HPAdvisor\HPAdvisor.MainFrame.Controls.DockPopup.Main.xml   [994]
O61 - LFC: 29/06/2013 - 09:43:38 ---A- C:\Users\Mathias\Documents\professionnel et administratif (CV, lettre...)\Charges mensuelles\Charges mensuelles 2013\Charges 2013.ods   [22591]
O61 - LFC: 29/06/2013 - 09:43:40 ---A- C:\Users\Mathias\AppData\Roaming\OpenOffice.org\3\user\registrymodifications.xcu   [282152]
O61 - LFC: 29/06/2013 - 09:43:40 ---A- C:\Users\Mathias\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\log.txt   [396142]
O61 - LFC: 29/06/2013 - 09:52:43 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cea05b   [148]
O61 - LFC: 29/06/2013 - 09:53:14 ---A- C:\Users\Mathias\Downloads\ZHPDiag2.exe   [5691768]
O61 - LFC: 29/06/2013 - 10:41:44 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_094144.sent   [1064]
O61 - LFC: 29/06/2013 - 10:41:53 ---A- C:\Users\Mathias\AppData\Roaming\Real\RealPlayer\RealPlayer\ErrorLogs\log1.dmp   [29842]
O61 - LFC: 29/06/2013 - 12:21:17 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_112117.sent   [1202]
O61 - LFC: 29/06/2013 - 12:37:35 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_122118.sent   [1344]
O61 - LFC: 29/06/2013 - 12:47:42 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cec95e   [148]
O61 - LFC: 29/06/2013 - 14:08:17 ---A- C:\Users\Mathias\Downloads\Tai.Chi.Zero.2012.LiMiTED.FRENCH.DVDRip.XviD-ARTEFAC-Zone-Telechargement.Com.avi   [727983653]
O61 - LFC: 29/06/2013 - 14:19:04 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_132118.sent   [1260]
O61 - LFC: 29/06/2013 - 15:17:54 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_142119.sent   [682]
O61 - LFC: 29/06/2013 - 15:21:22 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_152119.sent   [105]
O61 - LFC: 29/06/2013 - 16:23:42 ---A- C:\Users\Mathias\AppData\Local\Akamai\Logs\debug.log.130629_162120.sent   [682]
O61 - LFC: 29/06/2013 - 17:51:20 ---A- C:\Users\Mathias\AppData\Local\Akamai\euc_state.json   [17069]
O61 - LFC: 29/06/2013 - 17:52:52 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cf10e4   [148]
O61 - LFC: 29/06/2013 - 17:52:55 R--A- C:\Users\Mathias\AppData\Local\Temp\facture_17585014.pdf   [24783]
O61 - LFC: 29/06/2013 - 17:53:20 ---A- C:\Users\Mathias\AppData\Roaming\Dropbox\shellext\l\51cf1100   [160]
O61 - LFC: 29/06/2013 - 17:54:14 ---A- C:\Users\Mathias\Documents\professionnel et administratif (CV, lettre...)\Facture Internet\facture_17585014  rue du commerce.pdf   [24783]
O61 - LFC: 29/06/2013 - 17:54:18 ---A- C:\Users\Mathias\AppData\Roaming\Adobe\Acrobat\10.0\JSCache\GlobSettings   [24]
O61 - LFC: 29/06/2013 - 17:54:19 ---A- C:\Users\Mathias\AppData\Roaming\Adobe\Acrobat\10.0\TMDocs.sav   [36]
O61 - LFC: 29/06/2013 - 17:54:19 ---A- C:\Users\Mathias\AppData\Roaming\Adobe\Acrobat\10.0\TMGrpPrm.sav   [54]
~ 9 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 97 Scanned in 01mn 24s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 21/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 10/07/2007 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag)  .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 27/03/2013 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt)  .(.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 27/03/2013 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb)  .(.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 27/03/2013 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr)  .(.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - LEGACY_AVKMGR
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (Boonty Games)  .(...) - LEGACY_BOONTY_GAMES
O64 - Services: CurCS - 22/02/2011 - C:\Windows\System32\DRIVERS\bowser.sys (bowser)  .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (catchme)  .(...) - LEGACY_CATCHME
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\CLFS.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\crcdisk.sys (crcdisk)  .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - 25/09/2007 - Pas de propriétaire (CrystalSysInfo)  .(...) - LEGACY_CRYSTALSYSINFO
O64 - Services: CurCS - 14/04/2011 - C:\Windows\System32\Drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 15/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 02/11/2006 - C:\Windows\ehome\ehstart.dll (ehstart)  .(.Microsoft Corporation - Lanceur des services Windows Media Center.) - LEGACY_EHSTART
O64 - Services: CurCS - 25/11/2007 - C:\Windows\system32\ezNTSvc.exe (ezntsvc)  .(.EasyBits Software Corp. - EasyBits Magic Desktop Services for Windows.) - LEGACY_EZNTSVC
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat)  .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 31/03/2009 - Pas de propriétaire (FsUsbExDisk)  .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (gtermddo)  .(...) - LEGACY_GTERMDDO
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\svchost.exe (hpqddsvc)  .(.Microsoft Corporation - Processus hôte pour les services Windows.) - LEGACY_HPQDDSVC
O64 - Services: CurCS - 24/05/2007 - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (HP Health Check Service)  .(.Hewlett-Packard - HP Health Check Service.) - LEGACY_HP_HEALTH_CHECK_SERVICE
O64 - Services: CurCS - 20/02/2010 - C:\Windows\System32\drivers\HTTP.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 04/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (Lbd)  .(...) - LEGACY_LBD
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 19/01/2008 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\drivers\mountmgr.sys (MountMgr)  .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 19/01/2008 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\drivers\mrxdav.sys (MRxDAV)  .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb.sys (mrxsmb)  .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 06/07/2011 - C:\Windows\System32\DRIVERS\mrxsmb10.sys (mrxsmb10)  .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\mrxsmb20.sys (mrxsmb20)  .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\netbt.sys (netbt)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\pacer.sys (PSched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\rasacd.sys (RasAcd)  .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\rdbss.sys (rdbss)  .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\drivers\rdpencdd.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 01/05/2012 - C:\Windows\System32\Drivers\RDPWD.sys (RDPWD)  .(.Microsoft Corporation - RDP Terminal Stack Driver.) - LEGACY_RDPWD
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 22/07/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys (SASDIFSV)  .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV
O64 - Services: CurCS - 12/07/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL)  .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Smb)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 18/02/2011 - C:\Windows\System32\DRIVERS\srv.sys (srv)  .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srv2.sys (srv2)  .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 27/08/2012 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv)  .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - 08/08/2007 - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Core LC)  .(.Symantec Corporation - Symantec Core Component.) - LEGACY_SYMANTEC_CORE_LC
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 08/12/2009 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\drivers\tdtcp.sys (TDTCP)  .(.Microsoft Corporation - TCP Transport Driver.) - LEGACY_TDTCP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\tssecsrv.sys (tssecsrv)  .(.Microsoft Corporation - TS Security Filter Driver.) - LEGACY_TSSECSRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\DRIVERS\udfs.sys (udfs)  .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - 19/01/2008 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 21/08/2012 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 19/01/2008 - C:\Windows\System32\DRIVERS\wanarp.sys (Wanarpv6)  .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 19/01/2008 - C:\Windows\system32\drivers\ws2ifsl.sys (ws2ifsl)  .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL
O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (WSearch)  .(...) - LEGACY_WSEARCH
O64 - Services: CurCS - 26/07/2012 - C:\Windows\system32\drivers\Wudfpf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 101 Scanned in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119988&babsrc=HP_ss&mntrId=3E3300FF2203F905");  =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("avg.install.userSPSettings", "Delta Search");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.bbDpng", "7");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.hdrMd5", "61BDDFED796AA51806969EE8459061FF");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.id", "3e33deaf00000000000000ff2203f905");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.instlDay", "15802");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.lastVrsnTs", "1.8.10.012:42:12");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.sg", "czb");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.vrsnTs", "1.8.10.012:42:12");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.helperbar.Country", "France");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.helperbar.DockingPositionDown", false);
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.helperbar.LastHiddenTime", 22764074);
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.helperbar.SmartbarDisabled", true);  =>Hijacker.SmartBar
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.helperbar.SmartbarStateMinimaized", false);  =>Hijacker.SmartBar
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.helperbar.UserID", "f8d8b560-87cd-4f58-ac03-2ef40ec4278a");
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("extensions.helperbar.Visibility", false);
O69 - SBI: prefs.js [Mathias - jdbm0zry.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.5173f35b0b408.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,se[...]  =>Toolbar.Babylon
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.crossrider.bic", "13e5148380a59425da88bbab4841ecd9");  =>PUP.CrossRider
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.id", "3e33deaf00000000000000ff2203f905");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.instlDay", "15857");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.vrsn", "1.8.21.5");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.vrsnTs", "1.8.21.514:13:46");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta.vrsni", "1.8.21.5");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta_i.babExt", "");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta_i.babTrack", "affID=119988&tt=gc_");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("extensions.delta_i.srcExt", "ss");
O69 - SBI: prefs.js [Mathias - t1w8ju6k.default-1366397431922] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {8481BCFF-AB17-47AD-92E4-AAFB43886FD8} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (Recherche Crawler) - http://www.crawler.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (Recherche Crawler) - http://www.crawler.com
~ Keys:  Scanned in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll   [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll   [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [68096]
~ Services: 31 Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.151EB1FB2A86EE308A43CD2C3CC88DA3] [SPRF][23/04/2009] (...) -- C:\ProgramData\ezsidmv.dat   [56]
[MD5.67BA5726BB8AA6049EB0D7672A97399E] [SPRF][13/02/2013] (...) -- C:\Users\Mathias\AppData\Local\d3d9caps.dat   [1356]
[MD5.E0BC912961CADEC91DE3B1BAF463E386] [SPRF][10/05/2009] (...) -- C:\Users\Mathias\AppData\Local\ukqqq.bat   [92]
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][01/06/2013] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\Mathias\AppData\Local\Temp\htmlayout.dll   [947200]
[MD5.B1957B038895642DF9F662326E7D4DDC] [SPRF][22/06/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Mathias\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe   [903080]
[MD5.110292FB946BED3AE871281633253473] [SPRF][10/06/2013] (.Skype Technologies S.A. - Skype.) -- C:\Users\Mathias\AppData\Local\Temp\SkypeSetup.exe   [30670440]
[MD5.7EC6C8E88BECD3C40AE35AAD1DF6EB0A] [SPRF][23/05/2013] (.RealNetworks, Inc. - RealDownloader Application.) -- C:\Users\Mathias\AppData\Local\Temp\stubhelper.dll   [90624]
[MD5.FB58CA29357D25ECD447E79F61B03B67] [SPRF][01/06/2013] (.WebCake LLC - Installer.) -- C:\Users\Mathias\AppData\Local\Temp\toolbar260786.exe   [272128]  =>Adware.WebCake
[MD5.EB2764885565B6C01CB32E5F51F213B3] [SPRF][01/06/2013] (...) -- C:\Users\Mathias\AppData\Local\Temp\toolbar262003.exe   [785904]
[MD5.20FA6F5139B1785326BB86EE5CDEFBCE] [SPRF][03/06/2013] (...) -- C:\Users\Mathias\AppData\Local\Temp\Uninst.bat   [481]
[MD5.89505DACB8B6A97A448F3409DAB18BCD] [SPRF][20/05/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Mathias\AppData\Local\Temp\uninst1.exe   [395248]  =>Toolbar.Babylon
[MD5.D5DCF2AAD2B60E58F5272505714D4D0B] [SPRF][01/06/2013] (.http://www.goforfiles.com/ - GoforFiles.) -- C:\Users\Mathias\AppData\Local\Temp\update224828.exe   [5293704]  =>P2P.GoforFiles
[MD5.C1056E429C755D110C13A74A6BCFCC97] [SPRF][03/02/2008] (...) -- C:\Users\Mathias\AppData\Roaming\mdb.bin   [13262]
[MD5.0C75B92FFA64194ECE05755E8DB5C0E4] [SPRF][28/02/2013] (...) -- C:\Users\Mathias\AppData\Roaming\wklnhst.dat   [834]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll   [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe   [201648]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][10/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll   [484272]
[MD5.E266683FC95ABDEC17CD378564E1B54B] [SPRF][14/02/2008] (.EnTech Taiwan - TVicHW32 Driver for Windows NT/2000/XP.) -- C:\Windows\Downloaded Program Files\tvichw32.sys   [23600]
~ Files:  Scanned in 00mn 01s



---\\ Recherche d'infection Rogue (O86)
O43 - CFD: 12/09/2012 - 21:37:09 - [0,006] ----D C:\ProgramData\036DFF98197A756F9CB4A57D2F3B707C
~ Files:  Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-In-TCP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-P2P-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WinCollab-P2P-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "BITSSVC-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "BITSSVC-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "BITSSVC-RPC-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "BITSSVC-RPCSS-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "{0B970DF5-D5BA-486F-B8A2-77FE71573764}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O87 - FAEL: "{CD876957-5CEC-4F72-883E-4A20646E6877}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O87 - FAEL: "{18D3D2FE-6559-40C4-8CE4-9E2ADB5A552E}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O87 - FAEL: "{CC246050-D59A-493E-AA92-E63CDE86978E}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O87 - FAEL: "TCP Query User{033A7746-51F8-4C69-BDF8-89B7548F4CA8}C:\program files\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{67FE823A-39FF-46F8-B2D8-D4A6672DCE6A}C:\program files\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "{5538C0FA-BC03-4B83-A1D0-713FF4A452DD}" | In - Private - P6 - TRUE | .(.Microsoft® Corporation - Microsoft® Works Database.) -- C:\Program Files\Microsoft Works\wksdb.exe
O87 - FAEL: "{98CEE3B7-7FD1-4D60-A489-D6C8210E2BDA}" | In - Private - P17 - TRUE | .(.Microsoft® Corporation - Microsoft® Works Database.) -- C:\Program Files\Microsoft Works\wksdb.exe
O87 - FAEL: "{D5F741AA-7F3B-4C22-89C3-2E2B9D2E762A}" | In - Private - P6 - FALSE | .(.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\Neuf\Kit\9props.exe
O87 - FAEL: "{B587F0A4-F6CF-4605-9F29-F2E96DF597E8}" | In - Private - P17 - FALSE | .(.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\Neuf\Kit\9props.exe
O87 - FAEL: "{C85DB15E-E8BA-4302-9D25-21FC805B8C64}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3EBE8B2A-2E90-4C6C-90F3-272B2EA58F95}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{6BEA7398-57A7-48BF-A4BE-F6D136ABFB96}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4407373F-D5D8-4609-BA42-A17E9A789B21}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{2C1918F8-642F-4C02-BA78-7286E3865873}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP_1" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP_1" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP_1" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP_1" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP_1" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP_1" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP_1" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP_1" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP_1" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{E41F7ADC-39C0-4C85-A358-7ACFA11EEE2B}" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe  =>P2P.BitTorrent
O87 - FAEL: "{6D4605EC-3616-47CA-A4AC-075CE773B213}" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe  =>P2P.BitTorrent
O87 - FAEL: "{6CFA6C18-BC36-45A9-A85A-4BE4A5437EBC}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "TCP Query User{907A943B-091E-459F-B791-D683A854AC58}C:\program files\xi\netxfer\nettransport.exe" | In - Private - P6 - TRUE | .(.Xi - NetXfer Download Manager.) -- C:\program files\xi\netxfer\nettransport.exe
O87 - FAEL: "UDP Query User{AA8E15F4-614E-49EF-92FD-45BEE590E6B4}C:\program files\xi\netxfer\nettransport.exe" | In - Private - P17 - TRUE | .(.Xi - NetXfer Download Manager.) -- C:\program files\xi\netxfer\nettransport.exe
O87 - FAEL: "TCP Query User{6171F08C-EFD5-45FD-A9CF-8CC1D0456321}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "UDP Query User{1FB459FE-7442-4C12-9A5C-CBB387865748}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: "{5E2731C6-6535-41D1-920C-C56D855C3F99}" | In - Private - P6 - TRUE | .(.SFR - Assistant de configuration mail.) -- C:\Program Files\Neuf\Kit\9mail.exe
O87 - FAEL: "{7DD778D3-EAFD-439F-AAAC-63B47E52D2A3}" | In - Private - P17 - TRUE | .(.SFR - Assistant de configuration mail.) -- C:\Program Files\Neuf\Kit\9mail.exe
O87 - FAEL: "{0DFB6782-DDAC-447C-B62C-525C4BF91747}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{21D1492B-CC76-49B3-ADEA-114DB2194504}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{7125C12B-E10D-43E0-8923-76D99C39FD83}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{C4B9E918-C8FC-4CF4-8FCD-EF7791DD1210}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{6953E173-00D5-4A75-BD5A-ACD925913EDA}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{90FD80F1-A3D8-4B9A-A563-26C98CB143E1}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4DE6BD4B-ED4D-4CFC-B62B-76F8A82E2360}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "{348F2B21-2438-41DB-AAF4-A62AA14F8FA1}" | In - Private - P6 - TRUE | .(.SFR - Kit de connexion neufbox.) -- C:\Program Files\Neuf\Kit\9conf.exe
O87 - FAEL: "{F026CCAC-46D5-4662-91B8-55AA1691ECBE}" | In - Private - P17 - TRUE | .(.SFR - Kit de connexion neufbox.) -- C:\Program Files\Neuf\Kit\9conf.exe
O87 - FAEL: "{A18CD7D5-B4BD-4CDE-97D7-15C1D54E9653}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{60789C90-9965-472B-8ECF-583795C9B164}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe
O87 - FAEL: "{89CBF2D6-7896-4E98-BCC2-088D9F46E367}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
O87 - FAEL: "{881178DD-21E1-4BFD-9487-7F95DE5BA3C4}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
O87 - FAEL: "{A2CCD73D-0930-414B-8822-FB55E46C6FC6}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
O87 - FAEL: "{333DE7F3-A5BC-4099-B704-3849A4CC8519}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
O87 - FAEL: "{A69FC38A-A638-4EBB-9569-DD701BBBACD5}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\VideoLAN\VLC\vlc.exe (.not file.)
O87 - FAEL: "{EFBD389C-9988-473A-91CB-E451AE519B92}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\VideoLAN\VLC\vlc.exe (.not file.)
O87 - FAEL: "{B754E469-D3EB-4EFA-88B1-11E10730AAE5}" | In - Private - P6 - TRUE | .(.adsl TV / FM - adsl TV.) -- C:\Program Files\adslTV\adsltv.exe
O87 - FAEL: "{236425C6-110B-4EBE-8B29-F6BD28B5E1B9}" | In - Private - P17 - TRUE | .(.adsl TV / FM - adsl TV.) -- C:\Program Files\adslTV\adsltv.exe
O87 - FAEL: "{97271B6A-2BC5-488A-B324-22A7699D0897}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\adslTV\VLC\vlc.exe
O87 - FAEL: "{3F6D95B9-EA7D-4520-9504-34EAA3DBD5C5}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\adslTV\VLC\vlc.exe
O87 - FAEL: "{8686AA56-BA61-4645-93D4-3CB0DCC3EE0D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Java\jre6\bin\javaw.exe (.not file.)
O87 - FAEL: "{032C6E13-D08B-40D9-8955-048BAE4D577D}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Java\jre6\bin\javaw.exe (.not file.)
O87 - FAEL: "{0FD51D32-EA77-4E4D-9F99-938C7E3C48F5}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Java\jre6\bin\javaws.exe (.not file.)
O87 - FAEL: "{20B9C88A-5DF4-4D41-8B39-39996497B842}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Java\jre6\bin\javaws.exe (.not file.)
O87 - FAEL: "TCP Query User{65BFED14-C18C-44D6-9281-4B6003A37278}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program files\java\jre6\launch4j-tmp\crazyloader.exe  =>Adware.SPointer
O87 - FAEL: "UDP Query User{5C1E21D8-6710-4220-AE7F-918A872B0B9D}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program files\java\jre6\launch4j-tmp\crazyloader.exe  =>Adware.SPointer
O87 - FAEL: "{DA5F9F39-6A65-4ED8-B9DB-F2449748AD52}" | In - Private - P6 - FALSE | .(.Adobe Systems Incorporated - Adobe Photoshop Elements 8.0 (component).) -- C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{D287D76B-8B6C-42A8-9066-AD3B8CCF567B}" | In - Private - P17 - FALSE | .(.Adobe Systems Incorporated - Adobe Photoshop Elements 8.0 (component).) -- C:\Program Files\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{6342E806-FF84-421A-AC8A-A8E00C8E7464}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{00478B68-DE00-4722-AA9C-9259BC3A03BB}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe
O87 - FAEL: "{2D4FE606-BBBE-4A13-9717-FD02AE06F54E}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{4E26B6C9-670B-47B4-8A92-32284A2DC4EF}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe
O87 - FAEL: "{63115976-4EE0-48D8-86E2-F0B8214F92D2}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O87 - FAEL: "{7D0BDF2F-B688-47C5-80EC-EF9308024975}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{DEE37460-EE3B-40F6-BE7A-4FD7BA25E8A4}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{6446329C-527C-4126-B718-20760A9644B8}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "TCP Query User{199B3639-2B3E-4133-B468-7EE34B3E4713}C:\users\mathias\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\mathias\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "UDP Query User{BDF2A418-BF97-40FF-AC66-2D6DE75280C7}C:\users\mathias\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\mathias\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "{307FAA5B-1C93-4BD7-BA1A-4D9F1AB94298}" | In - Private - P6 - TRUE | .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe
O87 - FAEL: "{3A35648B-B274-4471-B1BA-E214936DD997}" | In - Private - P17 - TRUE | .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Mathias\AppData\Local\Akamai\netsession_win.exe
O87 - FAEL: "TCP Query User{DBB3C465-74AE-4F9C-8887-81852217D39A}C:\users\mathias\appdata\local\akamai\netsession_win.exe" | In - Public - P6 - TRUE | .(.Akamai Technologies, Inc..) -- C:\users\mathias\appdata\local\akamai\netsession_win.exe
O87 - FAEL: "UDP Query User{9DD0BF23-8542-4B2B-86C3-2EF45F3312F6}C:\users\mathias\appdata\local\akamai\netsession_win.exe" | In - Public - P17 - TRUE | .(.Akamai Technologies, Inc..) -- C:\users\mathias\appdata\local\akamai\netsession_win.exe
O87 - FAEL: "{0FB4CF77-711F-4DAC-AD61-60419CA4B3F6}" | In - None - P17 - TRUE | .(.Skype Limited - Facebook Video Calling.) -- C:\Users\Mathias\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
O87 - FAEL: "{73754947-F2A2-4103-9C0B-CBE760619139}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O87 - FAEL: "{7F666B3D-5F63-4ED7-950C-CAA1ECF7A53C}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O87 - FAEL: "{A5FAF982-E711-4BED-8C05-EBF3107FC37B}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
O87 - FAEL: "{43918973-FC8C-43DF-A993-E035F1398049}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
O87 - FAEL: "{F7A5B9AF-21FE-4A6D-B51C-F04259D603FA}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O87 - FAEL: "{91BF1E79-E1E6-46AF-B429-D08CDCE8EDC4}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O87 - FAEL: "{552EB163-D794-43CA-A793-4DC81F79092D}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe
O87 - FAEL: "{E4F0312D-140D-4116-84A4-EB53230C31C2}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe
O87 - FAEL: "{2125D414-67A9-4F8B-91ED-2E184AEB378C}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\CyberLink\PowerDirector\PDR9.exe
O87 - FAEL: "{61DC46DC-3ADA-481D-8CDD-F65CED785F3B}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O87 - FAEL: "{A19F9CEE-B61B-487B-9F3D-FD972313215E}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe
O87 - FAEL: "{71B5226D-94DB-4E0D-A688-6274B395C56B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)  =>PUP.SweetIM
O87 - FAEL: "{94F4232A-533F-4425-8CCF-2582FA0CD15B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)  =>PUP.SweetIM
O87 - FAEL: "{E067DF0A-6BD2-42C4-B685-B8E132CD151A}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{A85A96A2-DBF6-4919-B083-328F3177FB4E}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{97EFBC61-B9DF-4CEF-BAF1-6F75E7F52561}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{39043C0F-836B-456A-9BA9-AB9BB19A95FC}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{EFE70342-961B-4391-9047-F4A64EDC86F9}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{980E663F-B964-4B25-A6AD-A7D64E64712F}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{6A41BD8E-C04B-4EB3-8A38-0AF79B9731FF}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{77139EBA-CB96-4592-9447-82479AC99EB1}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{D653B90B-8FBD-4D31-A440-87A24C998B46}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{3A014AAC-D708-41B2-91A9-41A9CFE54A85}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{FA301867-9FC1-4A0C-91C8-F2CB1841EEBB}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{AD8CFAB3-9EBB-46FC-B5F3-ABE49568D8BB}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{6F2C6A44-61EC-4B30-816C-91E036B6EA67}" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{0F9F4305-185A-4B9B-B169-3DA095948465}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{96283444-38BF-4F31-A78C-F726FE960B75}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{DF64AE8A-EE07-46EB-B4AE-2BADF65829F2}" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{EA8E2FF0-5A18-45C7-90BB-C62350F928A1}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "{96DB6FDE-DCBC-42DC-9004-C53D55EE48AE}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "{4016964B-F7D9-4ABB-9572-BBE7B658CB5D}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "{E796CFFF-A8A1-4E3D-9700-B1A252A22565}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
O87 - FAEL: "{7015362D-774F-47D2-8873-BF0D0C397F22}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{73C1E900-9577-40D3-806C-2BCD752AA67B}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{E12B779B-644F-493C-ADAE-320C2B2CB2B5}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O87 - FAEL: "{F9F77A4E-143C-4DE6-B154-DE7F9DABF8C8}" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{94351EFF-932E-46AE-BA2E-1AAD22C72191}" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A3DFC72D-B42D-47A5-8D51-580F6B2732F6}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{D1BF917D-58C7-4DD2-9748-D8BD7227AD6A}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{FC502221-D278-4A76-86BA-6B8C58E5DEE7}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{131A4181-4DE3-4829-BD64-25DDFC35C7C0}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{8521AD62-56E5-47F8-ADFB-C689A70BC0CE}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{0F1C24AD-7EE9-4D99-945A-4A90ABB91C8A}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{001249F9-E169-4CD1-A03E-535E011D7888}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{F0486931-E941-4A12-A67A-0F558F70B7B7}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{ECCED9BB-0043-4325-B0A6-0E9C9FF37C6A}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{7DBD15D4-BFB8-4F79-AE01-1FA0FA08ED91}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{D8EE13B9-5B26-4B6E-A794-D9005023F0DE}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\Downloads\FrozenWay 1.6.2\FrozenWay 1.6.2\FrozenWay.exe (.not file.)
O87 - FAEL: "{61B20557-9EBF-4C7E-841C-886E2CCD93CD}" |In - None - P17 - TRUE | .(...) -- C:\Users\Mathias\AppData\Local\Temp\Rar$EX08.029\FrozenWay 1.6.1\FrozenWay.exe (.not file.)
O87 - FAEL: "{D2C97763-B1F2-43A2-ADFC-26AF4B31D32E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O87 - FAEL: "{EB69394F-8FB8-42AD-92F9-7A29F7BF0F8F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O87 - FAEL: "{749AA48A-99ED-4C87-89F3-EB16ACEBD500}" | In - Private - P6 - TRUE | .(.http://goforfiles.com/ - goforfilesdl Application.) -- C:\Program Files\GoforFiles\goforfilesdl.exe  =>P2P.GoforFiles
O87 - FAEL: "{7AA697D9-014D-4C3F-A121-D50C98902D06}" | In - Private - P17 - TRUE | .(.http://goforfiles.com/ - goforfilesdl Application.) -- C:\Program Files\GoforFiles\goforfilesdl.exe  =>P2P.GoforFiles
O87 - FAEL: "{C0CF0C12-86AB-4E56-9EA7-39E01F666DF3}" | In - Private - P6 - TRUE | .(.http://goforfiles.com/ - GoforFiles Application.) -- C:\Program Files\GoforFiles\GoforFiles.exe  =>P2P.GoforFiles
O87 - FAEL: "{8E8DBE90-CB91-47F0-916C-E34E4A93A83E}" | In - Private - P17 - TRUE | .(.http://goforfiles.com/ - GoforFiles Application.) -- C:\Program Files\GoforFiles\GoforFiles.exe  =>P2P.GoforFiles
~ Firewall: 300 Scanned in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : v2.12613 - (28/06/2013)
Clés trouvées (Keys found) : 132
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 12
Fichiers trouvés  (Files found) : 2

[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{18FB3DED-CD6D-4420-9DD5-8E531BDF666F}] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{8F682661-3653-47FA-8713-9DF7424B6E09}] =>Spyware.AgenceExclusive
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Adware.Yontoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\CC94835868BCA58489B0D79DE655BCB1] =>PUP.Dealio
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\PIP] =>Toolbar.Ask
[HKLM\Software\PIP] =>Toolbar.Ask
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\SProtector] =>PUP.AdvancedSystemProtector
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM
[HKCU\Software\FVDToolbar] =>Toolbar.Agent
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}] =>Adware.Browse2Save
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKCU\Software\AppDataLow\Software\Savings Wave] =>PUP.CrossRider
[HKLM\Software\Savings Wave] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savings Wave] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf] =>Hijacker.TornTV
[HKLM\Software\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn] =>Adware.Downware
[HKLM\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater] =>Adware.WebCake
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}] =>Adware.WebCake
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake
[HKLM\Software\Classes\CrossriderApp0012765.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0012765.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0012765.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0012765.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\FVDToolbar.CTBShow] =>Toolbar.Conduit
[HKLM\Software\Classes\FVDToolbar.CTBShow.1] =>Toolbar.Conduit
[HKLM\Software\Classes\FVDToolbar.CToolbarShower] =>Toolbar.Conduit
[HKLM\Software\Classes\FVDToolbar.CToolbarShower.1] =>Toolbar.Conduit
[HKLM\Software\Classes\Tuto4pcFrSoftonicBHO.Tuto4pcBHO] =>Spyware.AgenceExclusive
[HKLM\Software\Classes\Tuto4pcFrSoftonicBHO.Tuto4pcBHO.1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271165}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110111271165}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220122272265}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\Tuto4pcFrSoftonicBHO.DLL] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271165}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111271165}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111271165}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111271165}] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Windows Searchqu Toolbar] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Tuto4pc_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271165}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_48c708f2] =>Adware.Browse2Save^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:WebCake Desktop =>Adware.WebCake
C:\Program Files\FTDownloader.com =>Adware.Downware
C:\Program Files\BrowseToSave =>Adware.Browse2Save
C:\Program Files\Savings Wave =>PUP.CrossRider
C:\Program Files\WebCake =>Adware.WebCake
C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com =>Toolbar.Babylon
C:\ProgramData\InstallMate =>Toolbar.Agent
C:\Users\Mathias\AppData\Roaming\WebCake =>Adware.WebCake
C:\Users\Mathias\AppData\Local\PutLockerDownloader =>Spyware.PutLocker
C:\Users\Mathias\AppData\Local\Savings Wave =>PUP.CrossRider
C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch
C:\ProgramData\Breowsse2isavee =>Adware.Browse2Save
C:\ProgramData\Broywsee2save =>Adware.Browse2Save
C:\Users\Mathias\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon
~ Additionnel Scan: 380311 Items scanned in 00mn 38s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "05ED57BE4575F6F478D521E6FDE8C43B" . (.HPSSupply.) -- C:\Windows\Installer\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "098990BCF5D15D11E99A0005AB3E711E" . (.PowerDirector.) -- C:\Windows\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe
O90 - PUC: "0C1FF52A6B08B8B45A15CD2565794A80" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{A25FF1C0-80B6-4B8B-A551-DC525697A408}\ARPPRODUCTICON.exe
O90 - PUC: "0C22D86408082E118BE68BCAF689CC3E" . (.Google Earth.) -- C:\Windows\Installer\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}\ARPPRODUCTICON.exe
O90 - PUC: "183E5ABA64CEC524685CC51DB5FB4BFB" . (.Garmin USB Drivers.) -- C:\Windows\Installer\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}\GarminSetup.ico
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Complément Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "218A12BEB17680D49B47A243F7D0F807" . (.HP Photosmart Essential.) -- C:\Windows\Installer\{EB21A812-671B-4D08-B974-2A347F0D8F70}\ARPPRODUCTICON.exe
O90 - PUC: "24E34A3785639DD45815AFDC3A365283" . (.HP Advisor.) -- C:\Windows\Installer\{73A43E42-3658-4DD9-8551-FACDA3632538}\ARPPRODUCTICON.exe
O90 - PUC: "36573447027D703009CFC153B101147D" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{74437563-D720-0307-90FC-1C351B1041D7}\ARPPRODUCTICON.exe
O90 - PUC: "393793D005B925c4485D773E4482F978" . (.Roxio Creator Data.) -- c:\Windows\Installer\{0D397393-9B50-4c52-84D5-77E344289F87}\RoxioCentral.exe
O90 - PUC: "50788DBD0752ABA4E88C34A2EC40186A" . (.Registry Reviver.) -- C:\Windows\Installer\{DBD88705-2570-4ABA-8EC8-432ACE0481A6}\ARPPRODUCTICON.exe
O90 - PUC: "5392EF0065BF0144BAF56D7EC071172D" . (.Garmin WebUpdater.) -- C:\Windows\Installer\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}\GarminSetup.ico
O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.7) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "6BC47BAEC0676312CF77599427F18BA4" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{EAB74CB6-760C-2136-FC77-9549721FB84A}\ARPPRODUCTICON.exe
O90 - PUC: "79D3E6D2FDF13994CA57275FE94C545C" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}\fssicon.ico
O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe
O90 - PUC: "7CFCFF386C886c14782559A85423C528" . (.Roxio Creator Audio.) -- c:\Windows\Installer\{83FFCFC7-88C6-41c6-8752-958A45325C82}\RoxioCentral.exe
O90 - PUC: "7DC1B83906C7E194AA09F18188612804" . (.Roxio MyDVD Basic v9.) -- c:\Windows\Installer\{938B1CD7-7C60-491E-AA90-1F1888168240}\ARPPRODUCTICON.exe
O90 - PUC: "838272F86DDB334B6D05522E13EAAFA8" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{8F272838-BDD6-B433-D650-25E231AEFA8A}\ARPPRODUCTICON.exe
O90 - PUC: "84EFC47DF7801E64086E2E59E0A1D8EC" . (.HP Photosmart Essential 2.5.) -- C:\Windows\Installer\{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}\ARPPRODUCTICON.exe
O90 - PUC: "8CAF48E7815C9F048970475503D1D652" . (.SamsungConnectivityCableDriver.) -- C:\Windows\Installer\{7E84FAC8-C518-40F9-9807-7455301D6D25}\ARPPRODUCTICON.exe
O90 - PUC: "8CDC4930DBAF8de41B4030938367FDFD" . (.Roxio Creator Tools.) -- c:\Windows\Installer\{0394CDC8-FABD-4ed8-B104-03393876DFDF}\RoxioCentral.exe
O90 - PUC: "907018673D7AD86419761A87C0E167C6" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{76810709-A7D3-468D-9167-A1780C1E766C}\FolderShare48x48.ico
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe  =>PUP.SweetIM
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A1DD019B1B948604C9803E3CEA0C3CA0" . (.Keyboard & Mouse Driver.) -- C:\Windows\Installer\{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}\ARPPRODUCTICON.exe
O90 - PUC: "A8DDC9166B411a34BAC6F0E44EC80E84" . (.Roxio Creator Copy.) -- c:\Windows\Installer\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}\RoxioCentral.exe
O90 - PUC: "B0860B8CEADC9084F91983B7D60EF0C7" . (.Roxio Creator Basic v9.) -- c:\Windows\Installer\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}\RoxioCentral.exe
O90 - PUC: "B4B39F110F84E4A4EA77FD9AA69966B4" . (.Roxio Creator EasyArchive.) -- c:\Windows\Installer\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}\RoxioCentral.exe
O90 - PUC: "BB378CD33EFFFB647910629BEA73F1F9" . (.RealDownloader.) -- C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\AddRemoveProgramsIcon
O90 - PUC: "C4E4AFE2F5B77F841A0CA18A287B9A3C" . (.HP Update.) -- C:\Windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe
O90 - PUC: "C5BA7CF5CF16FD249A321593CB1FD024" . (.Microsoft LifeCam.) -- C:\Windows\Installer\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}\LifeCamIcon.ico
O90 - PUC: "CD58E7FAC7135F7418E08BE20E396A21" . (.Samsung New PC Studio USB Driver Installer.) -- C:\Windows\Installer\{AF7E85DC-317C-47F5-810E-B82EE093A612}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- C:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
O90 - PUC: "E0CF391F81E9CF049A4705A9B1DD42A0" . (.Samsung New PC Studio.) -- C:\Windows\Installer\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\ARPPRODUCTICON.exe
O90 - PUC: "E5A3369098038A14F91F83121724C3D5" . (.PSSWCORE.) -- C:\Windows\Installer\{09633A5E-3089-41A8-9FF1-382171423C5D}\ARPPRODUCTICON.exe
O90 - PUC: "E688CB9EA8D05FE47B3903BD77C6E6C2" . (.PC Connectivity Solution.) -- C:\Windows\Installer\{E9BC886E-0D8A-4EF5-B793-30DB776C6E2C}\ARPPRODUCTICON.exe
O90 - PUC: "E6EBDF634866B264EA89A9931A2B00CC" . (.HP Product Assistant.) -- C:\Windows\Installer\{36FDBE6E-6684-462B-AE98-9A39A1B200CC}\ARPPRODUCTICON.exe
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.3.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "EC08DF9F8440F4D4B8DC77CF15C4F399" . (.Vista Codec Package.) -- C:\Windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ARPPRODUCTICON.exe
O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico
O90 - PUC: "F60C1AD7319C7C64A8F0ADC2AB71AED1" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico
O90 - PUC: "F7AC5766B15EA6F4994D8F0F21C4E6AA" . (.Roxio Express Labeler 3.) -- c:\Windows\Installer\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}\staxIcon.exe
O90 - PUC: "FFAB74A0FF4D3DB469AC202AE26A7222" . (.HP Active Support Library.) -- c:\Windows\Installer\{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}\ARPPRODUCTICON.exe
~ Update Products: 183 Scanned in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\5853dddae069bd17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5853dddae069bd17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\5853dddae069bd17] =>Toolbar.Babylon^
[HKLM\Software\5853dddae069bd17] => Clé orpheline
~ Export Key Software:  Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/07/2012 116608 |  (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe
SR - | Auto 09/10/2009 169312 |  (AdobeActiveFileMonitor8.0) . (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
SR - | Auto 10/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 12/06/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 19/01/2008 21504 | c:\program files\common files\akamai\netsession_win_ca0e279.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SS - | Auto  0 |  (AMD External Events Utility) . (...) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 27/03/2013 86752 |  (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/03/2013 110816 |  (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 10/07/2007 606208 |  (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SS - | Demand  0 |  (Boonty Games) . (...) - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
SR - | Auto 25/11/2007 33792 |  (ezntsvc) . (.EasyBits Software Corp..) - C:\Windows\system32\ezNTSvc.exe
SS - | Demand 08/09/2010 867080 |  (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 31/03/2009 233472 |  (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SS - | Auto 16/02/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/02/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 24/05/2007 61440 |  (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 19/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Disabled 19/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 02/06/2008 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SS - | Demand 22/10/2004 73728 |  (IDriverT) . (.Macrovision Corporation.) - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SR - | Auto 23/06/2008 208896 |  (KMWDSERVICE) . (.UASSOFT.COM.) - C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe
SR - | Auto 28/06/2007 79136 |  (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 23/05/2013 117144 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 19/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto  0 |  (Planificateur LiveUpdate automatique) . (...) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
SS - | Auto 19/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto  39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto  247152 |  (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SS - | Demand 11/05/2007 887544 |  (RoxMediaDB9) . (.Sonic Solutions.) - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
SR - | Auto 22/09/2010 249136 |  (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Demand 29/04/2008 572928 |  (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 28/02/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 03/05/2007 74656 |  (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SS - | Demand 08/08/2007 1174664 |  (Symantec Core LC) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
SR - | Auto 31/05/2013 23552 |  (WebCake Desktop Updater) . (.WebCake LLC.) - C:\Program Files\WebCake\WebCakeDesktop.Updater.exe  =>Adware.WebCake
SS - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Mathias at 29/06/2013 19:12:35

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



---\\ Malicius Software Information
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ http://nicolascoolman.webs.com/apps/blog/entries/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26627530-adware-browse2save =>Adware.Browse2Save
~ http://nicolascoolman.webs.com/apps/blog/show/26632189-adware-magnipic =>Adware.MagniPic
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26690384-adware-downware =>Adware.Downware
~ http://nicolascoolman.webs.com/apps/blog/show/27285539-adware-webcake =>Adware.WebCake
~ MSI:  Scanned in 00mn 04s



End of the scan (2648 lines in 06mn 37s)(0)