Rapport de ZHPDiag v2013.6.6.10 par Nicolas Coolman, Update du 06/06/2013
Run by ninie lolo at 06/06/2013 19:54:45
WebSite: http://nicolascoolman.webs.com
State : Version à jour.
WhiteList : Disable
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16576
MFIE: Mozilla Firefox 21.0 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Spybot - Search & Destroy v1.6.2
Windows Defender W7

---\\ System Optimizer
CCleaner v3.00   =>Piriform Ltd

---\\ Peer To Peer (P2P)
eMule
µTorrent v3.3.0.29420   =>P2P.µTorrent

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 95 GB (20%) free of 458 GB

---\\ Logged in mode
~ Computer Name: NINIELOLO-PC
~ User Name: ninie lolo
~ All Users Names: ninie lolo, HomeGroupUser$, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\ninie lolo\AppData\Roaming\
~ %Desktop% : C:\Users\ninie lolo\Desktop\
~ %Favorites% : C:\Users\ninie lolo\Favorites\
~ %LocalAppData% : C:\Users\ninie lolo\AppData\Local\
~ %StartMenu% : C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 95 Go of 458 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 458 Go of 458 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 30 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.27A9000C534AA9BADC9EE74940F50C6D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/04/2013 - 07:52:14.) -- C:\Windows\System32\wininet.dll [2242048]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/92
~ Mes musiques (My Musics) : 2/196
~ Mes Videos (My Videos) : 2/5
~ Mes Favoris (My Favorites) : 1/51
~ Mes Documents (My Documents) : 2/402
~ Mon Bureau (My Desktop) : 2/1504
~ Menu demarrer (Programs) : 1/106
~ Hidden Files:  Scanned in 00mn 01s



---\\ Processus lancés
[MD5.981794879E8FD26CDD6ABCFF3F3F65EF] - (...) -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe   [3085264] [PID.1192]
[MD5.BB7245420097B251D1271F5B6F0C9F02] - (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe   [802136] [PID.2500]   =>P2P.µTorrent
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4858968] [PID.1412]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [253816] [PID.4148]
[MD5.0572A34D8A8EA8166DFE27AB9703E1E0] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files (x86)\ZHPFix\ZHPFix.exe   [2726912] [PID.2896]
[MD5.95110A1C5A1D228AC1DDF6AB67D00BEB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [920472] [PID.6572]
[MD5.4B54D0C57B9E2E13FD416502CEA11CB8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7463936] [PID.1472]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [46808] [PID.1180]
[MD5.6D9FC1E7EA3C548F4D3455F0C3FEEF8C] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe   [169312] [PID.1768]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.1956]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe   [1150496] [PID.1320]
[MD5.F0F6BEE889236BB6D6A94560D7EEA2AC] - (.RealNetworks, Inc. - Online Games Manager.) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe   [559168] [PID.2148]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe   [76888] [PID.2244]
[MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe   [240160] [PID.2356]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\ninie lolo\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\prefs.js
C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\user.js
M3 - MFPP: Plugins - [ninie lolo] -- C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\searchplugins\orange.xml
M0 - MFSP: prefs.js [ninie lolo - ep8ti82w.default] http://www.google.fr
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\menu_contextuel_orange@orange.fr] [] Menu Contextuel Orange v1.1 (..)
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\piclens@cooliris.com] [] Cooliris v1.12.3.58254 (..)
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\toolbar@Orange.fr] [] barre d'outils Orange v4.2.4.0 (..)
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR Community Toolbar v3.18.0.7 (..)   =>P2P.µTorrent
M2 - MFEP: prefs.js [ninie lolo - ep8ti82w.default\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}] [] Plugin Orange Installeur v1.2.4.5 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0042.0.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.03.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npwachk.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\ninie lolo\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\ninie lolo\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\ninie lolo\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [amazon.com/AmazonMP3DownloaderPlugin] - (.Amazon.com, Inc. - Amazon MP3 Downloader Plugin 1.0.17.) -- C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll
~ Firefox Browser: 36 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 17 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Canon Easy-WebPrint EX BHO [64Bits] - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 8 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\ninie lolo\AppData\Local\Google\Update\GoogleUpdate.exe 
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.µTorrent
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-21-3251470970-1943291794-2502108607-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\ninie lolo\AppData\Local\Google\Update\GoogleUpdate.exe 
O4 - HKUS\S-1-5-21-3251470970-1943291794-2502108607-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.µTorrent
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\TaskBar: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.)  -- C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe 
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Programs: Photo to Cartoon.lnk . (...)  -- C:\Users\ninie lolo\AppData\Roaming\Microsoft\Installer\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}\_CFAB5842CE4CA8EE43C154.exe
O4 - GS\QuickLaunch: Infotravail.lnk - Clé orpheline
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.µTorrent
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe 
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe 
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files (x86)\Skype\Phone\Skype.exe 
O4 - GS\Desktop: 2 Tasty Too.lnk . (...)  -- C:\Zylom Games\2 Tasty Too\ZY-2TastyToo.exe
O4 - GS\Desktop: Ancient Secrets - Mystery of the Vanishing Bride.lnk . (...)  -- C:\Zylom Games\Ancient Secrets - Mystery of the Vanishing Bride\ZY-AncientSecrets2.exe
O4 - GS\Desktop: AnmanieSMP.lnk . (...)  -- C:\Program Files (x86)\AnmSMP\AnmanieSMP.exe
O4 - GS\Desktop: Assistance Livebox.lnk . (.Orange - Assistance Livebox.)  -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe 
O4 - GS\Desktop: Bigfoot - Chasing Shadows.lnk . (...)  -- C:\Zylom Games\Bigfoot - Chasing Shadows\ZY-Bigfoot.exe
O4 - GS\Desktop: Book of Legends Deluxe.lnk . (...)  -- C:\Users\ninie lolo\AppData\Local\Zylom Games\Book of Legends Deluxe\bookoflegends.exe
O4 - GS\Desktop: Chronicles of Albian - The Magic Convention.lnk . (...)  -- C:\Zylom Games\Chronicles of Albian - The Magic Convention\ZY-chroniclesofalbian.exe
O4 - GS\Desktop: Empress of the Deep 2 - Song of the Blue Whale.lnk . (...)  -- C:\Zylom Games\Empress of the Deep 2 - Song of the Blue Whale\empressofthedeep2.exe
O4 - GS\Desktop: Enlightenus.lnk . (...)  -- C:\Zylom Games\Enlightenus\ZY-Enlightenus.exe
O4 - GS\Desktop: films.lnk . (...)  -- C:\Users\ninie lolo\Downloads\temporaire 
O4 - GS\Desktop: Gardenscapes Deluxe.lnk . (...)  -- C:\Users\ninie lolo\AppData\Local\Zylom Games\Gardenscapes Deluxe\Gardenscapes.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\ninie lolo\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop: Hodgepodge Hollow - A Potions Primer.lnk . (.Jolly Bear Games - Hodgepodge Hollow - A Potions Primer.)  -- C:\Zylom Games\Hodgepodge Hollow - A Potions Primer\ZY-HodgepodgeHollow.exe 
O4 - GS\Desktop: Hollywood - The Director's Cut Deluxe.lnk . (...)  -- C:\Users\ninie lolo\AppData\Local\Zylom Games\Hollywood - The Director's Cut Deluxe\hollywoodthedirectorscut.exe
O4 - GS\Desktop: Letters from Nowhere.lnk . (...)  -- C:\Zylom Games\Letters from Nowhere\LettersFromNowhere.exe
O4 - GS\Desktop: Light Image Resizer 4.lnk . (.ObviousIdea SARL - ImageResizer.)  -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe 
O4 - GS\Desktop: Mirror Mysteries Deluxe.lnk . (...)  -- C:\Users\ninie lolo\AppData\Local\Zylom Games\Mirror Mysteries Deluxe\mirrormysteries.exe
O4 - GS\Desktop: My Free Mahjong.lnk . (...)  -- C:\Program Files (x86)\My Free Mahjong\mahjongg.exe
O4 - GS\Desktop: Mystery Legends - The Phantom of the Opera.lnk . (.pixelStorm entertainment studios Inc. - Mystery Legends™ Phantom of the Opera.)  -- C:\Zylom Games\Mystery Legends - The Phantom of the Opera\ZY-mysterylegendsthephantomoftheopera.exe 
O4 - GS\Desktop: Mystery P.I.(TM) - The Curious Case of Counterfeit Cove.lnk . (.SpinTop Games - Mystery P.I. - The Curious Case of Counterf.)  -- C:\Zylom Games\Mystery P.I.(TM) - The Curious Case of Counterfeit Cove\ZY-MysteryPINewEngland.exe 
O4 - GS\Desktop: Paige Harper and the Tome of Mystery.lnk . (...)  -- C:\Zylom Games\Paige Harper and the Tome of Mystery\paige_harper.exe
O4 - GS\Desktop: PC Wizard 2010.lnk . (.CPUID - System Information Analyzer.)  -- C:\Program Files (x86)\CPUID\PC Wizard 2010\PC Wizard.exe 
O4 - GS\Desktop: Photo Flash Maker Free.lnk . (.AnvSoft Inc. - Photo Slideshow Maker Free Version.)  -- C:\Program Files (x86)\AnvSoft\Photo Flash Maker Free Version\pfmfree.exe 
O4 - GS\Desktop: Photo Slideshow Maker Free.lnk . (.AnvSoft Inc. - Photo Slideshow Maker Free Version.)  -- C:\Program Files (x86)\AnvSoft\Photo Flash Maker Free Version\pfmfree.exe 
O4 - GS\Desktop: Photo to Cartoon.lnk . (...)  -- C:\Users\ninie lolo\AppData\Roaming\Microsoft\Installer\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}\_FE06834DA7988E6849D002.exe
O4 - GS\Desktop: Photorécit1 - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop: Pirateville Deluxe.lnk . (...)  -- C:\Users\ninie lolo\AppData\Local\Zylom Games\Pirateville Deluxe\pirateville.exe
O4 - GS\Desktop: Portrait Professional 9 Trial.lnk . (.Anthropics Technology Ltd. - Portrait Professional.)  -- C:\Program Files (x86)\Portrait Professional 9 Trial\PortraitProfessionalTrial.exe 
O4 - GS\Desktop: Poster Forge.lnk . (.RonyaSoft - Poster Forge - poster generator..)  -- C:\Program Files (x86)\Poster Forge\Poster Forge.exe 
O4 - GS\Desktop: Puzzles Collection 3.lnk . (...)  -- C:\Program Files (x86)\Puzzles Collection 3\PuzzlesCollection3.exe
O4 - GS\Desktop: Rita James and the Race to Shangri La.lnk . (...)  -- C:\Zylom Games\Rita James and the Race to Shangri La\ZY-Shangri La.exe
O4 - GS\Desktop: Spirit of Wandering Deluxe.lnk . (...)  -- C:\Users\ninie lolo\AppData\Local\Zylom Games\Spirit of Wandering Deluxe\spiritofwandering.exe
O4 - GS\Desktop: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.)  -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe 
O4 - GS\Desktop: The Enchanting Islands.lnk . (...)  -- C:\Program Files (x86)\MyPlayCity.com\The Enchanting Islands\The Enchanting Islands.exe
O4 - GS\Desktop: The Tiny Bang Story.lnk . (...)  -- C:\Zylom Games\The Tiny Bang Story\ZY-game.exe
O4 - GS\Desktop: Vacation Quest(TM) - The Hawaiian Islands.lnk . (.SpinTop Games - Vacation Quest - The Hawaiian Islands.)  -- C:\Zylom Games\Vacation Quest(TM) - The Hawaiian Islands\VacationQuest.exe 
O4 - Global Startup: C:\Users\ninie lolo\Desktop\Zylom.url . (...)  -- C:\Users\ninie lolo\Desktop\Zylom.url
~ Global Startup:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Winsock: 8 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE05B85D-9BF2-45EC-A27E-8A2B4957965A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BE05B85D-9BF2-45EC-A27E-8A2B4957965A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BE05B85D-9BF2-45EC-A27E-8A2B4957965A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ForceWare Intelligent Application Manage (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.4.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Online Games Manager (ogmservice) . (.RealNetworks, Inc. - Online Games Manager.) - C:\Program Files (x86)\Online Games Manager\ogmservice.exe
O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
~ Services: 13 Scanned in 00mn 07s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1066]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1070]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3251470970-1943291794-2502108607-1000Core.job   [1046]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3251470970-1943291794-2502108607-1000UA.job   [1098]
[MD5.F040037B149FD0F5A5044AE563390FA7] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [256904]
[MD5.5CE2C1433B9B634591F0A1C4C1203A0B] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [251784]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskUserS-1-5-21-3251470970-1943291794-2502108607-1000Core] (.Google Inc..) -- C:\Users\ninie lolo\AppData\Local\Google\Update\GoogleUpdate.exe   [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskUserS-1-5-21-3251470970-1943291794-2502108607-1000UA] (.Google Inc..) -- C:\Users\ninie lolo\AppData\Local\Google\Update\GoogleUpdate.exe   [135664]
[MD5.00000000000000000000000000000000] [APT] [{084056D5-3ADA-4CF7-ABD4-B6A9FC70241D}] (...) -- C:\Users\ninie lolo\Desktop\OOo_3.3.0_Win_x86_install-wJRE_fr.exe (.not file.)   [0]
[MD5.16DD45BC2674FC281E5115EB709998E3] [APT] [{102D5EF3-D1C9-4F5C-A832-2465CC731026}] (.Nullsoft, Inc..) -- C:\Program Files (x86)\Winamp\winamp.exe   [1595520]
[MD5.00000000000000000000000000000000] [APT] [{190CB91A-5A3D-4FDE-B884-B7C70572E3F3}] (...) -- C:\Users\ninie lolo\Desktop\eCOMO_Installer_2.00f.exe (.not file.)   [0]
[MD5.6B19EF12328CB4735410495D313FCB21] [APT] [{1F44C62C-6AEF-4710-88B3-F428FFE7305A}] (.pixelStorm entertainment studios Inc..) -- C:\Zylom Games\Mystery Legends - The Phantom of the Opera\ZY-mysterylegendsthephantomoftheopera.exe   [3641345]
[MD5.00000000000000000000000000000000] [APT] [{208F58C7-9AB3-4362-B1E5-71F222DB84D9}] (...) -- C:\Program Files (x86)\Creative\Shared Files\CamTray.exe (.not file.)   [0]
[MD5.16DD45BC2674FC281E5115EB709998E3] [APT] [{32E36B92-DB36-44C0-8F44-47D327601EF2}] (.Nullsoft, Inc..) -- C:\Program Files (x86)\Winamp\winamp.exe   [1595520]
[MD5.00000000000000000000000000000000] [APT] [{360DC700-F0D9-4134-94BF-E0545AF057B4}] (...) -- E:\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4020DFE8-5481-4B3B-AA52-049871527697}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4D4D7677-84C5-44F7-8990-0E4E59390C66}] (...) -- E:\JM20337\jm20337\Win98 Driver\Setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4FBB0666-6D9E-411E-A4F0-61A8C4886E8D}] (...) -- E:\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{5E58BC2F-48CA-4D25-AFAD-BE71EFFA1517}] (...) -- C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{6158B185-6220-45C2-945D-744BF8652106}] (...) -- C:\Users\ninie lolo\Desktop\OOo_3.3.0_Win_x86_install-wJRE_fr.exe (.not file.)   [0]
[MD5.DB1C358D7E3AC52DA1877EBF2CBC455C] [APT] [{80950962-CB4E-453E-AFF0-CA01FF8B761B}] (...) -- C:\Zylom Games\Paige Harper and the Tome of Mystery\paige_harper.exe   [4084737]
[MD5.CBEC06E32D0AC9C3D0A9199EDC1FB959] [APT] [{97F228CB-07B9-4618-B50F-EA06C3DA0ECA}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [17418928]
[MD5.16DD45BC2674FC281E5115EB709998E3] [APT] [{AB638467-62C6-4AE2-85D3-79ACF6F26984}] (.Nullsoft, Inc..) -- C:\Program Files (x86)\Winamp\winamp.exe   [1595520]
[MD5.00000000000000000000000000000000] [APT] [{AC40F822-F302-4FF8-AF2E-B03358F0DA6A}] (...) -- C:\Program Files (x86)\Creative\Shared Files\CamTray.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{B9754366-586A-46E5-B27C-E2B0F3F7951E}] (...) -- C:\Program Files (x86)\Creative\Shared Files\CamTray.exe (.not file.)   [0]
[MD5.2E19857E9FFD395FAA6686959624297A] [APT] [{D70BA6B6-0CCC-4A3C-909B-4C483FF193AF}] (...) -- C:\Users\ninie lolo\Downloads\AmazonMP3Installer-fr_FR.exe   [1008760]
[MD5.00000000000000000000000000000000] [APT] [{E3796512-8982-45A0-A93C-0E4551D30480}] (...) -- C:\Users\ninie lolo\Downloads\eCOMO_Installer_2.00f(2).exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E709B475-289C-4F16-B9EF-1C769213DFF6}] (...) -- C:\Program Files (x86)\Creative\Shared Files\CamTray.exe (.not file.)   [0]
[MD5.2B05E5A3D9C44A1FF372F913E94FCF71] [APT] [{EBF6F58B-2C4E-4D1E-BFA6-EDA18A79585E}] (.Nicolas Coolman.) -- C:\Users\ninie lolo\Downloads\ZHPDiag2.exe   [5672928]
[MD5.00000000000000000000000000000000] [APT] [{EC3B2FB6-6E98-4AF0-9CCC-C7A624F2660E}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.)   [0]
[MD5.61E91D4E29AE5FFF8367F0A7349F32A0] [APT] [{EF326DF9-0F7D-424D-958C-96508B751CD5}] (.Amazon.com.) -- C:\Users\ninie lolo\Desktop\AmazonMP3Downloader.exe   [2495080]
[MD5.00000000000000000000000000000000] [APT] [{FE84B442-7639-4760-9F36-172E11D8A5EC}] (...) -- C:\Program Files (x86)\Creative\Creative WebCam NX\PC-CAM Center\CTPCCam.exe (.not file.)   [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe   [561984]
~ Scheduled Task: 39 Scanned in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 63 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 2 Tasty Too - (...) [HKLM][64Bits] -- 4a59be4a3c521b1d4ad3b973d231204c
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A0087DDE-69D0-11E2-AD57-43CA6188709B}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 7
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5511C07D-A83C-45AD-92B6-42DF99729A3C}
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
O42 - Logiciel: Adobe Reader XI (11.0.03) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}
O42 - Logiciel: Akamai NetSession Interface - (...) [HKCU][64Bits] -- Akamai
O42 - Logiciel: Akamai NetSession Interface Service - (...) [HKLM][64Bits] -- Akamai
O42 - Logiciel: Amazon MP3 Downloader 1.0.17 - (.Amazon Services LLC.) [HKLM][64Bits] -- Amazon MP3 Downloader
O42 - Logiciel: Ancient Secrets - Mystery of the Vanishing Bride - (...) [HKLM][64Bits] -- fe12c1396cd3793221deac53b1b25127
O42 - Logiciel: AnmanieSMP 2.4 i - (.Christoph Walter.) [HKLM][64Bits] -- AnmanieSMP_is1
O42 - Logiciel: AnvSoft Photo Flash Maker Free 5.32 - (.AnvSoft, Inc..) [HKLM][64Bits] -- AnvSoft Photo Flash Maker Free
O42 - Logiciel: AnvSoft Photo Slideshow Maker Free 5.56 - (.AnvSoft, Inc..) [HKLM][64Bits] -- AnvSoft Photo Slideshow Maker Free
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: ArtRage 2 - (.Ambient Design.) [HKLM][64Bits] -- {191A4D02-C94E-45D4-89BD-2D9CFB05A1FA}
O42 - Logiciel: Assistance Livebox - (.Orange.) [HKLM][64Bits] -- Assistance Livebox
O42 - Logiciel: Audacity 1.2.6 - (...) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Azada In Libro fr - (.Boonty.) [HKLM][64Bits] -- Azada In Libro_is1
O42 - Logiciel: Big Fish Games: Game Manager - (...) [HKLM][64Bits] -- BFGC
O42 - Logiciel: Bigfoot - Chasing Shadows - (...) [HKLM][64Bits] -- b1f65ba6669c74ccfc041d0a33916095
O42 - Logiciel: Blender (remove only) - (...) [HKLM][64Bits] -- Blender
O42 - Logiciel: Book of Legends Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Book of Legends Deluxe
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner   =>Piriform Ltd
O42 - Logiciel: CD-LabelPrint - (...) [HKLM][64Bits] -- MediaNavigation.CDLabelPrint
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM][64Bits] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Canon Easy-PhotoPrint EX - (...) [HKLM][64Bits] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Easy-WebPrint EX - (...) [HKLM][64Bits] -- Easy-WebPrint EX
O42 - Logiciel: Canon MG5200 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series
O42 - Logiciel: Canon MP Navigator EX 4.0 - (...) [HKLM][64Bits] -- MP Navigator EX 4.0
O42 - Logiciel: Canon My Printer - (...) [HKLM][64Bits] -- CanonMyPrinter
O42 - Logiciel: Canon Solution Menu EX - (...) [HKLM][64Bits] -- CanonSolutionMenuEX
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Chronicles of Albian - The Magic Convention - (...) [HKLM][64Bits] -- 05c96500c2ef73bd4b45ae2c74ccfa94
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM][64Bits] -- Defraggler
O42 - Logiciel: Detective Stories - Hollywood fr - (.Boonty.) [HKLM][64Bits] -- Detective Stories - Hollywood_is1
O42 - Logiciel: Dream Chronicles The Chosen Child fr - (.Boonty.) [HKLM][64Bits] -- Dream Chronicles The Chosen Child_is1
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: Détection de l'application Winamp - (.Nullsoft, Inc.) [HKCU][64Bits] -- Winamp Detect
O42 - Logiciel: Empress of the Deep 2 - Song of the Blue Whale - (...) [HKLM][64Bits] -- 990f450b7c7c164e1b5889a26084f8b3
O42 - Logiciel: Enlightenus - (...) [HKLM][64Bits] -- 0f86e91e1c85e653cd399572f1ae38e7
O42 - Logiciel: Enregistrement utilisateur de Canon MG5200 series - (...) [HKLM][64Bits] -- Enregistrement utilisateur de Canon MG5200 series
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU][64Bits] -- Facebook Plug-In
O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
O42 - Logiciel: Free Studio version 2013 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free Studio_is1
O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM][64Bits] -- WinGimp-2.0_is1
O42 - Logiciel: Gardenscapes Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Gardenscapes Deluxe
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {1C3DA126-D523-4089-BCCA-FA46FE34D6F8}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {468D22C0-8080-11E2-B86E-B8AC6F98CCE3}
O42 - Logiciel: Granny In Paradise - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: HiYo - (.IncrediMail - Certified Microsoft Partner.) [HKLM][64Bits] -- {00E1E235-AB45-4695-A156-073118949ED4}
O42 - Logiciel: Hodgepodge Hollow - A Potions Primer - (...) [HKLM][64Bits] -- 6541e23fa1482a67c05d48034fa94304
O42 - Logiciel: Hollywood - The Director's Cut Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Hollywood - The Director's Cut Deluxe
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF}
O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}
O42 - Logiciel: Java(TM) 6 Update 33 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K-Lite Codec Pack 7.0.0 (Standard) - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: Letters from Nowhere - (...) [HKLM][64Bits] -- ed0e05c3d6f3043c4632b93b87cf7b4c
O42 - Logiciel: Light Image Resizer 4.0.9.0 - (.ObviousIdea.) [HKLM][64Bits] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1
O42 - Logiciel: Love and Death - Bitten Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Love and Death - Bitten Deluxe
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM][64Bits] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mirror Mysteries Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Mirror Mysteries Deluxe
O42 - Logiciel: Mozilla Firefox 21.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 21.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: My Free Mahjong v.2.0 - (.MyPlayCity.com.) [HKLM][64Bits] -- My Free Mahjong_is1
O42 - Logiciel: Mystery Legends - The Phantom of the Opera - (...) [HKLM][64Bits] -- 186925203a082b2aa564afeee96c92d1
O42 - Logiciel: Mystery P.I.(TM) - The Curious Case of Counterfeit Cove - (...) [HKLM][64Bits] -- 9aea8113fec7f3ffa39d4a623b54ba96
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (...) [HKLM][64Bits] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM][64Bits] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {DEA314C4-0929-4250-BC92-98E4C105F28D}
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: Natural Threat: L'Ile Aux Plantes - (...) [HKLM][64Bits] -- BFG-Natural Threat - L'Ile Aux Plantes
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {db7aa853-5c26-43a5-85c9-6d6329fc379a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {dba84796-8503-4ff0-af57-1747dd9a166d}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348b586-c9ae-46ce-936c-a68e9426e214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM][64Bits] -- {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}
O42 - Logiciel: NewFreeScreensaver nfsBadWeather - (...) [HKLM][64Bits] -- nfsBadWeather New Free Screensaver_is1
O42 - Logiciel: Online Games Manager v1.20 - (.Real Networks, Inc..) [HKLM][64Bits] -- Online Games Manager
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {05653DE1-6567-40C6-B930-39D399B64369}
O42 - Logiciel: Orange Inside - (.Orange.) [HKCU][64Bits] -- Orange Inside
O42 - Logiciel: Orange Installeur version 1.2.3.1 - (.Orange.) [HKLM][64Bits] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.3.1
O42 - Logiciel: Orange Installeur version 1.2.5.0 - (.Orange.) [HKLM][64Bits] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.5.0
O42 - Logiciel: Orange update - (.Orange.) [HKLM][64Bits] -- OrangeUpdateManager
O42 - Logiciel: PC Wizard 2010.1.96 - (.CPUID.) [HKLM][64Bits] -- PC Wizard 2010_is1
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: Packard Bell GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1
O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell InfoCentre
O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell Incorporated.) [HKLM][64Bits] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Software Suite SE - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Software Suite SE
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Paige Harper and the Tome of Mystery - (...) [HKLM][64Bits] -- 938d07d7bd75bfa7107c9861e6bc3e15
O42 - Logiciel: Photo to Cartoon - (.Caricature Software.) [HKLM][64Bits] -- {3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}
O42 - Logiciel: Photorécit 3 pour Windows - (.Microsoft Corporation.) [HKLM][64Bits] -- {4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Pirateville Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Pirateville Deluxe
O42 - Logiciel: Portrait Professional 9.8 Trial - (.Anthropics Technology Ltd..) [HKLM][64Bits] -- PortraitProfessional9Trial_is1
O42 - Logiciel: Poster Forge 1.01 - (...) [HKCU][64Bits] -- Poster Forge
O42 - Logiciel: Puzzles Collection 3 1.0 - (.Falco Software, Inc..) [HKLM][64Bits] -- Puzzles Collection 3_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Rita James and the Race to Shangri La - (...) [HKLM][64Bits] -- a0f2af2133ef9a161a3775139c6c14b4
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (...) [HKLM][64Bits] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: Spirit of Wandering Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Spirit of Wandering Deluxe
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Star Defender 4 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}
O42 - Logiciel: The Enchanting Islands - (.MyPlayCity, Inc..) [HKLM][64Bits] -- The Enchanting Islands_is1
O42 - Logiciel: The Lost Cases of Sherlock Holmes 2 fr - (.Boonty.) [HKLM][64Bits] -- The Lost Cases of Sherlock Holmes 2_is1
O42 - Logiciel: The Spirit of Wandering fr - (.Boonty.) [HKLM][64Bits] -- The Spirit of Wandering_is1
O42 - Logiciel: The Tiny Bang Story - (...) [HKLM][64Bits] -- efb14509cb6a3ef54a4c5ced627d9d9e
O42 - Logiciel: VLC media player 2.0.6 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Vacation Quest(TM) - The Hawaiian Islands - (...) [HKLM][64Bits] -- 4b62d16726998792cf0efbb78e743684
O42 - Logiciel: Vodafone WCDMA Composite Device Drive Software - (...) [HKLM][64Bits] -- Vodafone WCDMA Composite Device Drive
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM][64Bits] -- Winamp
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: avast! Free Antivirus v8.0.1489.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: barre d'outils Orange - (.Orange.) [HKLM][64Bits] -- OrangeToolbar
O42 - Logiciel: eMule - (...) [HKLM][64Bits] -- eMule
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent   =>P2P.µTorrent
~ Logic: 301 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AKVIS]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Acer]
[HKCU\Software\Amazon]
[HKCU\Software\AmbientDesign]
[HKCU\Software\AmeGami]
[HKCU\Software\Anthropics]
[HKCU\Software\Anvsoft]
[HKCU\Software\AppDataLow\Software\Canon]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Artifex Mundi]
[HKCU\Software\Audacity]
[HKCU\Software\Auslogics]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BitTorrent]   =>P2P.BitTorrent
[HKCU\Software\Bobyte]
[HKCU\Software\Boonty]
[HKCU\Software\BugSplat]
[HKCU\Software\CPUID]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Caricature Software]
[HKCU\Software\Class]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Codeminion]
[HKCU\Software\Creative Tech]
[HKCU\Software\DSS]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\DesktopPaints.com]
[HKCU\Software\Detective Stories: Hollywood]
[HKCU\Software\Digital River]
[HKCU\Software\Freeware]
[HKCU\Software\GNU]
[HKCU\Software\GOG]
[HKCU\Software\Gabest]
[HKCU\Software\GameHouse]
[HKCU\Software\GlarySoft]
[HKCU\Software\Good games]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HiYo]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\ImInstaller]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MagiciansHandbook2ReleaseV1.2]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Media Research Group]
[HKCU\Software\MediaInfo]
[HKCU\Software\MediaNavigation]
[HKCU\Software\Meridian93]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\NirSoft]
[HKCU\Software\Nitro PDF]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Oberon Media]
[HKCU\Software\ObviousIdea]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Packard Bell]
[HKCU\Software\Paint.NET]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RonyaSoft]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softland]
[HKCU\Software\SolidDocuments]
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKCU\Software\TeleCharger]
[HKCU\Software\Test3D]
[HKCU\Software\Thinking Thing Software]
[HKCU\Software\Trolltech]
[HKCU\Software\VSO]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ZjSoft]
[HKCU\Software\Zylom]
[HKCU\Software\Zyrax Software]
[HKCU\Software\adobe]
[HKCU\Software\dskMetrics]
[HKCU\Software\eMule]
[HKCU\Software\madFlac]
[HKLM\Software\<company>]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\AntiHacks]
[HKLM\Software\Audible]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Amazon]
[HKLM\Software\Wow6432Node\AmbientDesign]
[HKLM\Software\Wow6432Node\Anthropics]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\BlenderFoundation]
[HKLM\Software\Wow6432Node\Boonty]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Canneverbe Limited]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Codec Tweak Tool]
[HKLM\Software\Wow6432Node\Creative Tech]
[HKLM\Software\Wow6432Node\DVDVideoSoft]
[HKLM\Software\Wow6432Node\Digital River]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\Even Balance]
[HKLM\Software\Wow6432Node\FRANCE TELECOM]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\GameInstaller]
[HKLM\Software\Wow6432Node\GamersFirst]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\HiYo]
[HKLM\Software\Wow6432Node\ImInstaller]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JGsoft]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KLCodecPack]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\MCCI]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nullsoft]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\ObviousIdea]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\Orange]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Sonic]
[HKLM\Software\Wow6432Node\Sun Microsystems]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Thomson]
[HKLM\Software\Wow6432Node\Trad-FR]
[HKLM\Software\Wow6432Node\Trolltech]
[HKLM\Software\Wow6432Node\Uniblue]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\WinPcap]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\vso]
[HKLM\Software\Wow6432Node]
~ Key Software: 349 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/08/2012 - 12:11:10 - [0] ----D C:\Program Files (x86)\AbiWord
O43 - CFD: 18/01/2013 - 14:31:50 - [508,114] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 07/09/2011 - 17:39:20 - [6,583] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 22/09/2010 - 22:09:17 - [13,445] ----D C:\Program Files (x86)\Ambient Design
O43 - CFD: 01/10/2010 - 13:45:12 - [1,411] ----D C:\Program Files (x86)\AnmSMP
O43 - CFD: 17/06/2012 - 13:21:25 - [0] ----D C:\Program Files (x86)\Anti-Hacks Free
O43 - CFD: 14/01/2011 - 20:32:39 - [88,658] ----D C:\Program Files (x86)\AnvSoft
O43 - CFD: 30/03/2013 - 12:54:45 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 18/09/2011 - 11:45:48 - [8,289] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 24/09/2011 - 14:23:29 - [0] ----D C:\Program Files (x86)\AVS4YOU
O43 - CFD: 20/08/2011 - 16:30:22 - [22,762] ----D C:\Program Files (x86)\bfgclient
O43 - CFD: 19/06/2010 - 19:48:24 - [31,316] ----D C:\Program Files (x86)\Blender Foundation
O43 - CFD: 15/12/2009 - 18:36:37 - [0] ----D C:\Program Files (x86)\bobyte
O43 - CFD: 01/02/2013 - 20:47:38 - [1050,093] ----D C:\Program Files (x86)\BoontyGames
O43 - CFD: 22/02/2012 - 23:21:31 - [352,252] ----D C:\Program Files (x86)\Canon
O43 - CFD: 11/11/2012 - 11:10:56 - [7,281] ----D C:\Program Files (x86)\Caricature Software
O43 - CFD: 14/03/2013 - 14:35:58 - [5,888] ----D C:\Program Files (x86)\CCleaner   =>Piriform Ltd
O43 - CFD: 15/08/2010 - 11:40:07 - [5,914] ----D C:\Program Files (x86)\CDBurnerXP
O43 - CFD: 26/04/2013 - 09:34:08 - [882,211] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 24/01/2010 - 10:42:23 - [8,088] ----D C:\Program Files (x86)\CPUID
O43 - CFD: 22/07/2010 - 16:59:01 - [0,001] ----D C:\Program Files (x86)\Didapages
O43 - CFD: 24/05/2013 - 20:34:02 - [273,964] ----D C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 14/12/2009 - 16:13:24 - [714,096] ----D C:\Program Files (x86)\eMule
O43 - CFD: 17/12/2009 - 13:21:39 - [17,731] ----D C:\Program Files (x86)\Executive Software
O43 - CFD: 24/05/2013 - 20:17:43 - [0,116] ----D C:\Program Files (x86)\Free Video Converter
O43 - CFD: 15/01/2013 - 20:17:41 - [0] ----D C:\Program Files (x86)\FreeTime
O43 - CFD: 29/08/2010 - 19:29:29 - [108,131] ----D C:\Program Files (x86)\GIMP-2.0
O43 - CFD: 24/05/2013 - 22:42:05 - [363,927] ----D C:\Program Files (x86)\Google
O43 - CFD: 02/01/2010 - 21:10:08 - [3,662] ----D C:\Program Files (x86)\HiYo
O43 - CFD: 09/03/2011 - 13:31:52 - [19,070] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/05/2013 - 13:27:58 - [7,040] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 21/12/2009 - 21:00:39 - [13,492] ----D C:\Program Files (x86)\Inventel
O43 - CFD: 26/04/2013 - 09:33:58 - [294,287] ----D C:\Program Files (x86)\Java
O43 - CFD: 20/01/2010 - 22:21:10 - [0,031] ----D C:\Program Files (x86)\Jeux.fr
O43 - CFD: 31/07/2012 - 12:59:49 - [37,282] ----D C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 24/05/2013 - 17:40:46 - [13,447] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 26/05/2010 - 21:54:33 - [2,020] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 11/12/2011 - 15:05:20 - [38,002] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 11/12/2011 - 15:09:52 - [1273,987] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 15/08/2009 - 02:37:57 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 14/03/2013 - 10:58:29 - [40,835] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 11/12/2011 - 15:09:49 - [3,467] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 11/12/2011 - 15:09:49 - [0,757] ----D C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 11/12/2011 - 15:10:12 - [0,312] ----D C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 05/10/2009 - 22:30:23 - [1,568] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 10/10/2012 - 13:02:27 - [138,959] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 11/12/2011 - 15:09:49 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 10/03/2010 - 13:37:35 - [8,906] ----D C:\Program Files (x86)\Movie Maker 2.6
O43 - CFD: 20/05/2013 - 13:52:43 - [49,675] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 21/05/2013 - 09:04:05 - [0,214] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 01/10/2012 - 21:03:00 - [10,268] ----D C:\Program Files (x86)\MP3 Rocket
O43 - CFD: 11/12/2011 - 15:10:54 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 14/12/2009 - 22:31:31 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 20/12/2009 - 22:22:33 - [4,786] ----D C:\Program Files (x86)\My Free Mahjong
O43 - CFD: 14/10/2010 - 12:04:03 - [40,484] ----D C:\Program Files (x86)\MyPlayCity.com
O43 - CFD: 22/07/2012 - 10:06:22 - [631,821] ----D C:\Program Files (x86)\Natural Threat - L'Ile Aux Plantes
O43 - CFD: 15/08/2009 - 02:51:34 - [364,582] ----D C:\Program Files (x86)\Nero
O43 - CFD: 14/04/2011 - 13:50:30 - [1,151] ----D C:\Program Files (x86)\NewFreeScreensavers
O43 - CFD: 16/09/2012 - 13:51:17 - [79,759] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 16/01/2010 - 22:18:07 - [0,013] ----D C:\Program Files (x86)\Oberon Media
O43 - CFD: 13/04/2011 - 18:41:34 - [34,934] ----D C:\Program Files (x86)\ObviousIdea
O43 - CFD: 04/09/2012 - 20:23:46 - [0,577] ----D C:\Program Files (x86)\Online Games Manager
O43 - CFD: 10/11/2011 - 16:25:11 - [411,321] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 02/07/2012 - 13:00:20 - [33,205] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 05/04/2013 - 10:02:01 - [143,024] ----D C:\Program Files (x86)\Orange
O43 - CFD: 31/08/2010 - 10:36:59 - [63,627] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 17/06/2011 - 22:24:35 - [766,121] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 09/08/2012 - 13:23:55 - [15,658] ----D C:\Program Files (x86)\Photo Story 3 for Windows
O43 - CFD: 12/02/2011 - 23:06:23 - [52,200] ----D C:\Program Files (x86)\Portrait Professional 9 Trial
O43 - CFD: 24/09/2010 - 13:12:54 - [4,937] ----D C:\Program Files (x86)\Poster Forge
O43 - CFD: 06/10/2012 - 11:47:59 - [42,851] ----D C:\Program Files (x86)\Puzzles Collection 3
O43 - CFD: 30/03/2013 - 12:56:22 - [72,326] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 14/03/2013 - 14:35:58 - [4,474] ----D C:\Program Files (x86)\RealArcade
O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 17/04/2010 - 16:41:20 - [36,633] ----D C:\Program Files (x86)\Securitoo
O43 - CFD: 05/09/2012 - 00:22:12 - [24,550] R---D C:\Program Files (x86)\Skype
O43 - CFD: 05/04/2010 - 10:19:35 - [52,723] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 05/10/2009 - 22:06:57 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 03/05/2013 - 17:53:44 - [0,765] ----D C:\Program Files (x86)\uTorrent   =>P2P.µTorrent
O43 - CFD: 13/12/2009 - 13:46:20 - [101,902] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 24/07/2011 - 18:49:16 - [59,173] ----D C:\Program Files (x86)\Winamp
O43 - CFD: 24/07/2011 - 18:48:41 - [0,148] ----D C:\Program Files (x86)\Winamp Detect
O43 - CFD: 21/07/2010 - 19:35:57 - [1,986] ----D C:\Program Files (x86)\WinAVI Video Capture
O43 - CFD: 02/09/2009 - 20:26:53 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/04/2012 - 19:52:34 - [180,865] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 13/03/2011 - 14:15:19 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 13/03/2011 - 14:15:19 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 13/03/2011 - 14:15:18 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 13/03/2011 - 14:15:19 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 13/03/2011 - 14:15:19 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 06/06/2013 - 19:54:53 - [16,851] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 06/06/2013 - 19:44:34 - [6,599] ----D C:\Program Files (x86)\ZHPFix
O43 - CFD: 18/01/2013 - 14:31:51 - [61,362] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 18/05/2013 - 12:50:07 - [45,628] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 06/06/2013 - 12:15:22 - [30,506] ----D C:\Program Files (x86)\Common Files\Akamai
O43 - CFD: 30/03/2013 - 12:54:58 - [64,235] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 24/09/2011 - 14:23:24 - [0,171] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 25/12/2009 - 13:16:49 - [0,066] ----D C:\Program Files (x86)\Common Files\BOONTY Shared
O43 - CFD: 11/12/2011 - 15:10:11 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 24/05/2013 - 20:28:56 - [92,633] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 17/04/2010 - 16:43:38 - [2,445] ----D C:\Program Files (x86)\Common Files\France Telecom
O43 - CFD: 17/12/2009 - 13:19:39 - [3,322] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/04/2013 - 09:34:08 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 05/10/2009 - 22:22:56 - [0,622] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 14/03/2013 - 01:44:20 - [374,315] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 15/08/2009 - 02:52:57 - [115,717] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 22/01/2010 - 22:48:18 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 25/04/2011 - 12:10:32 - [4,626] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 29/04/2012 - 14:22:34 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 05/10/2009 - 22:22:45 - [0,324] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 15/11/2012 - 23:28:55 - [16,742] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 05/10/2009 - 22:24:10 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 16/09/2012 - 13:51:13 - [25,877] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 13/02/2013 - 15:02:23 - [529,410] ----D C:\ProgramData\Adobe
O43 - CFD: 25/09/2010 - 23:08:06 - [0,046] ----D C:\ProgramData\Alawar Stargaze
O43 - CFD: 20/12/2009 - 12:58:57 - [33,683] ----D C:\ProgramData\Apple
O43 - CFD: 30/03/2013 - 12:56:06 - [25,485] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 13/12/2009 - 10:51:30 - [0,971] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 30/06/2010 - 22:00:32 - [0,194] ----D C:\ProgramData\Artifex Mundi
O43 - CFD: 09/03/2011 - 09:08:11 - [103,432] ----D C:\ProgramData\AVAST Software
O43 - CFD: 24/09/2011 - 14:01:23 - [0] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 28/05/2010 - 14:04:55 - [0] ----D C:\ProgramData\BanzaiInteractive
O43 - CFD: 13/01/2010 - 20:12:46 - [31,657] ----D C:\ProgramData\BC Soft Games
O43 - CFD: 01/02/2010 - 22:57:16 - [0,000] ----D C:\ProgramData\Becky Brogan
O43 - CFD: 29/11/2011 - 14:57:17 - [0] ----D C:\ProgramData\Big Finish
O43 - CFD: 20/08/2011 - 16:30:21 - [14,837] ----D C:\ProgramData\Big Fish Games
O43 - CFD: 30/07/2010 - 20:46:38 - [7,965] ----D C:\ProgramData\BlitPop
O43 - CFD: 25/12/2009 - 13:16:52 - [0,107] ----D C:\ProgramData\BOONTY
O43 - CFD: 24/05/2013 - 22:22:05 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 06/06/2013 - 07:26:31 - [8,371] ----D C:\ProgramData\Browser Manager
O43 - CFD: 13/12/2009 - 10:40:17 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 14/08/2010 - 18:22:10 - [0] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 22/02/2012 - 23:15:33 - [21,123] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 22/02/2012 - 23:21:32 - [0] --H-D C:\ProgramData\CanonEPP
O43 - CFD: 22/02/2012 - 19:30:40 - [0,000] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 22/02/2012 - 23:21:32 - [0] --H-D C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 22/02/2012 - 17:52:55 - [0,003] ----D C:\ProgramData\CanonIJMSetup
O43 - CFD: 01/03/2012 - 22:00:33 - [0,002] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 22/02/2012 - 17:52:27 - [0,065] ----D C:\ProgramData\CanonIJWSpt
O43 - CFD: 20/04/2013 - 16:55:43 - [0] ----D C:\ProgramData\Colibri Games
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 13/12/2009 - 10:40:17 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 13/12/2009 - 13:53:32 - [0,001] ----D C:\ProgramData\FLEXnet
O43 - CFD: 16/01/2010 - 22:20:36 - [0] ----D C:\ProgramData\Flood Light Games
O43 - CFD: 26/12/2009 - 21:30:35 - [0,003] ----D C:\ProgramData\Friends Games
O43 - CFD: 08/01/2011 - 19:13:02 - [41,940] ----D C:\ProgramData\GameHouse
O43 - CFD: 07/03/2010 - 22:55:52 - [0,999] ----D C:\ProgramData\Gogii Games
O43 - CFD: 09/08/2012 - 12:23:14 - [0,502] ----D C:\ProgramData\Google
O43 - CFD: 12/02/2010 - 17:30:18 - [0,011] ----D C:\ProgramData\HideAndSecret3
O43 - CFD: 02/01/2010 - 21:10:08 - [5,243] ----D C:\ProgramData\HiYo
O43 - CFD: 07/06/2011 - 14:55:04 - [0,003] ----D C:\ProgramData\JollyBear
O43 - CFD: 21/09/2011 - 11:18:13 - [17,283] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 05/12/2012 - 19:13:56 - [0] ----D C:\ProgramData\Maximize Games
O43 - CFD: 13/12/2009 - 10:40:17 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 14/01/2010 - 21:00:14 - [45,333] ----D C:\ProgramData\Meridian93
O43 - CFD: 15/08/2010 - 20:54:46 - [0] ----D C:\ProgramData\Merscom
O43 - CFD: 21/03/2013 - 22:08:24 - [387,219] -S--D C:\ProgramData\Microsoft
O43 - CFD: 16/05/2013 - 13:11:13 - [0,081] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 13/12/2009 - 10:40:17 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 04/05/2012 - 18:30:08 - [0,035] ----D C:\ProgramData\Mozilla
O43 - CFD: 11/03/2011 - 15:53:15 - [0,247] ----D C:\ProgramData\MumboJumbo
O43 - CFD: 25/11/2012 - 16:17:42 - [0] ----D C:\ProgramData\NCH Software
O43 - CFD: 15/08/2009 - 02:50:44 - [10,851] ----D C:\ProgramData\Nero
O43 - CFD: 05/09/2011 - 16:15:09 - [0] ----D C:\ProgramData\Nitro PDF
O43 - CFD: 13/12/2009 - 10:44:55 - [0,000] ----D C:\ProgramData\Norton
O43 - CFD: 15/08/2009 - 02:55:39 - [6,106] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 06/08/2010 - 19:31:15 - [0,262] ----D C:\ProgramData\NVIDIA
O43 - CFD: 13/12/2009 - 10:41:27 - [0,000] ----D C:\ProgramData\OEM
O43 - CFD: 13/12/2012 - 09:01:39 - [12,224] ----D C:\ProgramData\Orange
O43 - CFD: 15/08/2009 - 02:46:02 - [4,078] ----D C:\ProgramData\Packard Bell
O43 - CFD: 09/01/2011 - 19:03:50 - [0,000] ----D C:\ProgramData\PlayFirst
O43 - CFD: 21/06/2010 - 14:28:21 - [57,206] ----D C:\ProgramData\Playrix Entertainment
O43 - CFD: 08/05/2011 - 14:08:53 - [0] ----D C:\ProgramData\PoBros
O43 - CFD: 04/03/2010 - 17:31:01 - [0,144] ----D C:\ProgramData\Sandlot Games
O43 - CFD: 29/04/2010 - 19:34:42 - [0,000] ----D C:\ProgramData\SecretsOfOlympus
O43 - CFD: 05/09/2012 - 00:22:10 - [82,175] ----D C:\ProgramData\Skype
O43 - CFD: 11/06/2012 - 23:09:47 - [40,412] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 02/04/2010 - 11:55:21 - [0,001] ----D C:\ProgramData\Sun
O43 - CFD: 20/05/2013 - 13:36:07 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 19/04/2011 - 15:19:40 - [0,002] ----D C:\ProgramData\Terrafarmers
O43 - CFD: 24/01/2010 - 22:15:54 - [0,004] ----D C:\ProgramData\The Mirror Mysteries
O43 - CFD: 03/10/2010 - 16:02:26 - [0] -SH-D C:\Users\ninie lolo\AppData\Roaming\.#
O43 - CFD: 25/07/2012 - 20:19:31 - [11,702] ----D C:\Users\ninie lolo\AppData\Roaming\Adobe
O43 - CFD: 07/09/2011 - 17:39:28 - [0,124] ----D C:\Users\ninie lolo\AppData\Roaming\Amazon
O43 - CFD: 22/09/2010 - 22:09:44 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\Ambient Design
O43 - CFD: 26/01/2010 - 22:13:04 - [0,000] ----D C:\Users\ninie lolo\AppData\Roaming\Ancient Quest of Saqqarah_boonty
O43 - CFD: 12/02/2011 - 23:06:57 - [0,028] ----D C:\Users\ninie lolo\AppData\Roaming\Anthropics
O43 - CFD: 10/03/2013 - 23:09:12 - [1,467] ----D C:\Users\ninie lolo\AppData\Roaming\Anvsoft
O43 - CFD: 28/05/2012 - 22:38:06 - [2,467] ----D C:\Users\ninie lolo\AppData\Roaming\Apple Computer
O43 - CFD: 09/03/2010 - 13:27:04 - [0,057] ----D C:\Users\ninie lolo\AppData\Roaming\Artogon
O43 - CFD: 17/12/2009 - 13:25:39 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Auslogics
O43 - CFD: 24/09/2011 - 14:01:23 - [0,006] ----D C:\Users\ninie lolo\AppData\Roaming\AVS4YOU
O43 - CFD: 01/01/2011 - 11:48:09 - [0,196] ----D C:\Users\ninie lolo\AppData\Roaming\Awem
O43 - CFD: 28/05/2010 - 14:04:55 - [0,015] ----D C:\Users\ninie lolo\AppData\Roaming\BanzaiInteractive
O43 - CFD: 29/11/2011 - 14:57:17 - [0,082] ----D C:\Users\ninie lolo\AppData\Roaming\Big Finish
O43 - CFD: 04/10/2011 - 14:55:16 - [0,003] ----D C:\Users\ninie lolo\AppData\Roaming\BitTorrent   =>P2P.BitTorrent
O43 - CFD: 19/06/2010 - 19:48:26 - [0,022] ----D C:\Users\ninie lolo\AppData\Roaming\Blender Foundation
O43 - CFD: 04/05/2012 - 18:36:48 - [0,013] ----D C:\Users\ninie lolo\AppData\Roaming\Boolat Games
O43 - CFD: 25/11/2012 - 20:53:32 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Broad Intelligence
O43 - CFD: 14/08/2010 - 18:22:10 - [0,009] ----D C:\Users\ninie lolo\AppData\Roaming\Canneverbe Limited
O43 - CFD: 01/03/2012 - 22:00:33 - [0,014] ----D C:\Users\ninie lolo\AppData\Roaming\Canon
O43 - CFD: 27/12/2009 - 14:21:24 - [0,000] ----D C:\Users\ninie lolo\AppData\Roaming\casanova
O43 - CFD: 23/05/2012 - 16:38:02 - [0,472] ----D C:\Users\ninie lolo\AppData\Roaming\CD-LabelPrint
O43 - CFD: 04/09/2012 - 20:26:54 - [0,211] ----D C:\Users\ninie lolo\AppData\Roaming\cerasus.media
O43 - CFD: 20/04/2013 - 16:55:43 - [0,006] ----D C:\Users\ninie lolo\AppData\Roaming\Colibri Games
O43 - CFD: 22/12/2009 - 18:53:02 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Creative
O43 - CFD: 16/09/2011 - 19:54:57 - [0,799] ----D C:\Users\ninie lolo\AppData\Roaming\DarkParablesBriarRose_BFG_SE
O43 - CFD: 19/03/2010 - 22:21:35 - [48,325] ----D C:\Users\ninie lolo\AppData\Roaming\Dekovir
O43 - CFD: 28/02/2013 - 20:59:24 - [0,000] ----D C:\Users\ninie lolo\AppData\Roaming\dvdcss
O43 - CFD: 24/05/2013 - 20:45:35 - [27,869] ----D C:\Users\ninie lolo\AppData\Roaming\DVDVideoSoft
O43 - CFD: 15/02/2010 - 13:41:47 - [5,224] ----D C:\Users\ninie lolo\AppData\Roaming\ElementalsTheMagicKey
O43 - CFD: 27/12/2012 - 15:22:57 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\Enlightenus
O43 - CFD: 22/09/2012 - 22:14:12 - [0,030] ----D C:\Users\ninie lolo\AppData\Roaming\ERS Game Studios
O43 - CFD: 17/04/2010 - 21:37:14 - [6,255] ----D C:\Users\ninie lolo\AppData\Roaming\Facebook
O43 - CFD: 27/01/2010 - 22:15:13 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\FastStone
O43 - CFD: 21/03/2010 - 22:07:44 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\FILEminimizerPictures
O43 - CFD: 16/01/2010 - 22:20:36 - [0,036] ----D C:\Users\ninie lolo\AppData\Roaming\Flood Light Games
O43 - CFD: 23/01/2010 - 14:44:38 - [0,041] ----D C:\Users\ninie lolo\AppData\Roaming\FlyWheelGames
O43 - CFD: 24/05/2013 - 20:13:34 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\FreeVideoConverter
O43 - CFD: 09/10/2010 - 21:56:06 - [0,030] ----D C:\Users\ninie lolo\AppData\Roaming\Friday's games
O43 - CFD: 01/04/2011 - 20:39:29 - [1,150] ----D C:\Users\ninie lolo\AppData\Roaming\Frogwares
O43 - CFD: 17/11/2011 - 22:42:15 - [0,006] ----D C:\Users\ninie lolo\AppData\Roaming\Funswitch
O43 - CFD: 13/12/2009 - 10:55:38 - [0,017] ----D C:\Users\ninie lolo\AppData\Roaming\GameConsole
O43 - CFD: 08/01/2011 - 19:13:02 - [0,096] ----D C:\Users\ninie lolo\AppData\Roaming\GameHouse
O43 - CFD: 29/12/2009 - 20:44:16 - [0,010] ----D C:\Users\ninie lolo\AppData\Roaming\GameHousev1002
O43 - CFD: 04/04/2011 - 15:13:17 - [1,775] ----D C:\Users\ninie lolo\AppData\Roaming\GlarySoft
O43 - CFD: 15/12/2011 - 21:47:51 - [0,727] ----D C:\Users\ninie lolo\AppData\Roaming\Gogii
O43 - CFD: 07/03/2010 - 22:55:52 - [0,189] ----D C:\Users\ninie lolo\AppData\Roaming\Gogii Games
O43 - CFD: 13/12/2009 - 11:15:31 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Google
O43 - CFD: 31/07/2012 - 17:57:37 - [0,000] ----D C:\Users\ninie lolo\AppData\Roaming\gtk-2.0
O43 - CFD: 13/06/2011 - 18:32:42 - [0,116] ----D C:\Users\ninie lolo\AppData\Roaming\HdO Adventure
O43 - CFD: 02/01/2010 - 21:10:16 - [115,981] ----D C:\Users\ninie lolo\AppData\Roaming\HiYo
O43 - CFD: 25/08/2010 - 22:42:55 - [0,004] ----D C:\Users\ninie lolo\AppData\Roaming\IBAGroup
O43 - CFD: 08/02/2011 - 14:08:02 - [0,004] ----D C:\Users\ninie lolo\AppData\Roaming\Icones
O43 - CFD: 12/01/2011 - 22:32:25 - [0,058] ----D C:\Users\ninie lolo\AppData\Roaming\Identities
O43 - CFD: 11/05/2011 - 13:55:41 - [0,007] ----D C:\Users\ninie lolo\AppData\Roaming\iMaxGen
O43 - CFD: 22/03/2012 - 17:25:06 - [0,002] ----D C:\Users\ninie lolo\AppData\Roaming\Islands3
O43 - CFD: 19/06/2011 - 18:32:02 - [54,583] ----D C:\Users\ninie lolo\AppData\Roaming\JoyBits
O43 - CFD: 01/02/2013 - 20:49:37 - [0,003] ----D C:\Users\ninie lolo\AppData\Roaming\LegacyInteractive
O43 - CFD: 13/12/2009 - 10:41:53 - [7,790] ----D C:\Users\ninie lolo\AppData\Roaming\Macromedia
O43 - CFD: 28/01/2010 - 20:22:26 - [0,007] ----D C:\Users\ninie lolo\AppData\Roaming\Magic Academy
O43 - CFD: 27/08/2010 - 15:31:41 - [0,082] ----D C:\Users\ninie lolo\AppData\Roaming\Magic3
O43 - CFD: 21/09/2011 - 11:18:20 - [36,881] ----D C:\Users\ninie lolo\AppData\Roaming\Malwarebytes
O43 - CFD: 05/12/2012 - 19:13:56 - [0,005] ----D C:\Users\ninie lolo\AppData\Roaming\Maximize Games
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Media Center Programs
O43 - CFD: 18/12/2012 - 11:37:20 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Media Player Classic
O43 - CFD: 14/01/2010 - 20:59:57 - [0,048] ----D C:\Users\ninie lolo\AppData\Roaming\Meridian93
O43 - CFD: 15/08/2010 - 20:54:46 - [3,050] ----D C:\Users\ninie lolo\AppData\Roaming\Merscom
O43 - CFD: 20/11/2012 - 22:01:07 - [8,940] -S--D C:\Users\ninie lolo\AppData\Roaming\Microsoft
O43 - CFD: 02/12/2010 - 22:39:09 - [121,907] ----D C:\Users\ninie lolo\AppData\Roaming\Mozilla
O43 - CFD: 01/10/2012 - 21:03:04 - [2,196] ----D C:\Users\ninie lolo\AppData\Roaming\MP3Rocket
O43 - CFD: 12/03/2013 - 13:49:03 - [0,037] ----D C:\Users\ninie lolo\AppData\Roaming\My Games
O43 - CFD: 18/02/2011 - 14:15:06 - [30,290] ----D C:\Users\ninie lolo\AppData\Roaming\Mystery of Mortlake Mansion
O43 - CFD: 22/08/2012 - 14:46:27 - [0,608] ----D C:\Users\ninie lolo\AppData\Roaming\Natural Threat.Ominous Shores
O43 - CFD: 25/11/2012 - 16:18:46 - [4,985] ----D C:\Users\ninie lolo\AppData\Roaming\NCH Software
O43 - CFD: 01/06/2010 - 15:39:50 - [0,123] ----D C:\Users\ninie lolo\AppData\Roaming\Nero
O43 - CFD: 26/08/2012 - 15:24:28 - [0,005] ----D C:\Users\ninie lolo\AppData\Roaming\Nitro PDF
O43 - CFD: 16/09/2012 - 14:28:18 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\NVIDIA
O43 - CFD: 28/04/2013 - 16:53:11 - [0,038] ----D C:\Users\ninie lolo\AppData\Roaming\ObviousIdea
O43 - CFD: 10/08/2010 - 19:53:55 - [2,895] ----D C:\Users\ninie lolo\AppData\Roaming\OpenOffice.org
O43 - CFD: 05/04/2013 - 10:02:05 - [6,254] ----D C:\Users\ninie lolo\AppData\Roaming\Orange
O43 - CFD: 04/03/2011 - 18:04:14 - [0,003] ----D C:\Users\ninie lolo\AppData\Roaming\Orneon
O43 - CFD: 23/06/2010 - 16:57:18 - [0,000] ----D C:\Users\ninie lolo\AppData\Roaming\Packard Bell
O43 - CFD: 10/12/2011 - 22:54:17 - [0,874] ----D C:\Users\ninie lolo\AppData\Roaming\Paige Harper and the Tome of Mystery
O43 - CFD: 04/06/2011 - 22:04:57 - [0,011] ----D C:\Users\ninie lolo\AppData\Roaming\Phantasmat_zylom_ce
O43 - CFD: 07/01/2010 - 23:51:37 - [0,005] ----D C:\Users\ninie lolo\AppData\Roaming\Pharaohs Secret
O43 - CFD: 07/10/2012 - 19:07:08 - [0,652] ----D C:\Users\ninie lolo\AppData\Roaming\Phocus
O43 - CFD: 31/12/2009 - 15:14:25 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\PhotoFiltre
O43 - CFD: 02/01/2010 - 19:34:35 - [0,034] ----D C:\Users\ninie lolo\AppData\Roaming\Pirateville
O43 - CFD: 09/01/2011 - 19:03:50 - [0,852] ----D C:\Users\ninie lolo\AppData\Roaming\PlayFirst
O43 - CFD: 08/05/2011 - 14:08:53 - [0,003] ----D C:\Users\ninie lolo\AppData\Roaming\PoBros
O43 - CFD: 15/08/2011 - 16:20:24 - [0,019] ----D C:\Users\ninie lolo\AppData\Roaming\Princess Isabella
O43 - CFD: 25/01/2010 - 22:30:51 - [0,009] ----D C:\Users\ninie lolo\AppData\Roaming\RobinsonCrusoe
O43 - CFD: 17/05/2010 - 19:57:31 - [0,015] R-H-D C:\Users\ninie lolo\AppData\Roaming\SecuROM
O43 - CFD: 14/04/2011 - 15:28:42 - [0,042] ----D C:\Users\ninie lolo\AppData\Roaming\Silverback Productions
O43 - CFD: 26/09/2012 - 20:04:42 - [4,608] ----D C:\Users\ninie lolo\AppData\Roaming\Skype
O43 - CFD: 16/01/2012 - 14:45:18 - [0,012] ----D C:\Users\ninie lolo\AppData\Roaming\skypePM
O43 - CFD: 09/03/2011 - 16:09:00 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\Softland
O43 - CFD: 22/12/2011 - 23:05:01 - [0,017] ----D C:\Users\ninie lolo\AppData\Roaming\SpinTop Games
O43 - CFD: 15/04/2010 - 13:18:16 - [0,013] ----D C:\Users\ninie lolo\AppData\Roaming\Template
O43 - CFD: 15/03/2011 - 23:11:58 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\ThreeDays2
O43 - CFD: 14/11/2010 - 22:17:29 - [0,049] ----D C:\Users\ninie lolo\AppData\Roaming\Total Eclipse
O43 - CFD: 15/08/2010 - 10:08:57 - [0,006] ----D C:\Users\ninie lolo\AppData\Roaming\Uniblue
O43 - CFD: 06/06/2013 - 19:53:54 - [6,656] ----D C:\Users\ninie lolo\AppData\Roaming\uTorrent   =>P2P.µTorrent
O43 - CFD: 13/12/2009 - 23:00:37 - [1,623] ----D C:\Users\ninie lolo\AppData\Roaming\V-Games
O43 - CFD: 17/08/2010 - 22:33:08 - [0,127] ----D C:\Users\ninie lolo\AppData\Roaming\VampireSaga
O43 - CFD: 06/06/2013 - 18:06:46 - [0,470] ----D C:\Users\ninie lolo\AppData\Roaming\vlc
O43 - CFD: 24/11/2012 - 21:58:01 - [0,192] ----D C:\Users\ninie lolo\AppData\Roaming\VSO
O43 - CFD: 06/06/2013 - 18:04:28 - [0,116] ----D C:\Users\ninie lolo\AppData\Roaming\Winamp
O43 - CFD: 07/07/2010 - 19:51:06 - [0,359] ----D C:\Users\ninie lolo\AppData\Roaming\Windows Live Writer
O43 - CFD: 07/01/2011 - 23:04:04 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\WinRAR
O43 - CFD: 17/05/2010 - 19:58:07 - [0,006] ----D C:\Users\ninie lolo\AppData\Roaming\YoudaGames
O43 - CFD: 09/01/2011 - 19:03:49 - [0,252] ----D C:\Users\ninie lolo\AppData\Roaming\Zylom
O43 - CFD: 18/06/2010 - 21:33:05 - [0,011] ----D C:\Users\ninie lolo\AppData\Roaming\Zylomv1001
O43 - CFD: 25/07/2012 - 20:19:25 - [33,260] ----D C:\Users\ninie lolo\AppData\Local\Adobe
O43 - CFD: 12/11/2011 - 11:17:28 - [33,094] ----D C:\Users\ninie lolo\AppData\Local\Akamai
O43 - CFD: 03/03/2010 - 18:34:15 - [0,002] ----D C:\Users\ninie lolo\AppData\Local\AlwaysNeat
O43 - CFD: 20/12/2009 - 12:58:58 - [0] ----D C:\Users\ninie lolo\AppData\Local\Apple
O43 - CFD: 25/05/2012 - 16:43:19 - [19,430] ----D C:\Users\ninie lolo\AppData\Local\Apple Computer
O43 - CFD: 13/12/2009 - 10:40:26 - [0] ----D C:\Users\ninie lolo\AppData\Local\Application Data
O43 - CFD: 05/01/2010 - 22:34:22 - [0,007] ----D C:\Users\ninie lolo\AppData\Local\Astar Games
O43 - CFD: 23/05/2012 - 16:34:42 - [0,102] ----D C:\Users\ninie lolo\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 13/12/2011 - 15:49:29 - [0,007] ----D C:\Users\ninie lolo\AppData\Local\Chronicles of Albian
O43 - CFD: 09/05/2010 - 15:36:17 - [1,272] ----D C:\Users\ninie lolo\AppData\Local\Cooliris
O43 - CFD: 26/05/2013 - 08:26:44 - [0] ----D C:\Users\ninie lolo\AppData\Local\Diagnostics
O43 - CFD: 03/03/2013 - 11:07:07 - [0] ----D C:\Users\ninie lolo\AppData\Local\Downloaded Installations
O43 - CFD: 17/03/2013 - 20:38:27 - [0] ----D C:\Users\ninie lolo\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/05/2013 - 22:42:08 - [443,379] ----D C:\Users\ninie lolo\AppData\Local\Google
O43 - CFD: 13/12/2009 - 10:40:26 - [0] ----D C:\Users\ninie lolo\AppData\Local\Historique
O43 - CFD: 07/06/2011 - 14:55:03 - [0] ----D C:\Users\ninie lolo\AppData\Local\JollyBear
O43 - CFD: 16/06/2012 - 10:44:49 - [0] ----D C:\Users\ninie lolo\AppData\Local\Macromedia
O43 - CFD: 24/01/2010 - 11:18:42 - [0] ----D C:\Users\ninie lolo\AppData\Local\Magentic
O43 - CFD: 07/05/2010 - 14:07:55 - [0,013] ----D C:\Users\ninie lolo\AppData\Local\Menge
O43 - CFD: 21/03/2013 - 22:08:24 - [-1041,486] ----D C:\Users\ninie lolo\AppData\Local\Microsoft
O43 - CFD: 04/03/2010 - 15:59:23 - [0,780] ----D C:\Users\ninie lolo\AppData\Local\Microsoft Games
O43 - CFD: 06/04/2012 - 19:42:05 - [0,141] ----D C:\Users\ninie lolo\AppData\Local\Microsoft Help
O43 - CFD: 13/12/2009 - 11:45:23 - [72,078] ----D C:\Users\ninie lolo\AppData\Local\Mozilla
O43 - CFD: 04/03/2010 - 17:45:59 - [45,001] ----D C:\Users\ninie lolo\AppData\Local\Oberon Games
O43 - CFD: 23/06/2010 - 16:57:17 - [0,002] ----D C:\Users\ninie lolo\AppData\Local\Packard Bell
O43 - CFD: 11/11/2012 - 12:26:00 - [0] ----D C:\Users\ninie lolo\AppData\Local\Programs
O43 - CFD: 16/09/2012 - 14:29:08 - [1,365] ----D C:\Users\ninie lolo\AppData\Local\PunkBuster
O43 - CFD: 06/06/2013 - 19:52:46 - [3,770] ----D C:\Users\ninie lolo\AppData\Local\Temp
O43 - CFD: 13/12/2009 - 10:40:26 - [0] ----D C:\Users\ninie lolo\AppData\Local\Temporary Internet Files
O43 - CFD: 04/10/2011 - 15:13:00 - [0] ----D C:\Users\ninie lolo\AppData\Local\uTorrent   =>P2P.µTorrent
O43 - CFD: 25/05/2012 - 16:43:27 - [1,580] ----D C:\Users\ninie lolo\AppData\Local\VirtualStore
O43 - CFD: 18/08/2012 - 09:00:58 - [0,117] ----D C:\Users\ninie lolo\AppData\Local\Windows Live
O43 - CFD: 05/07/2010 - 21:41:14 - [0,630] ----D C:\Users\ninie lolo\AppData\Local\Windows Live Writer
O43 - CFD: 01/01/2010 - 22:50:09 - [0] ----D C:\Users\ninie lolo\AppData\Local\WMTools Downloaded Files
O43 - CFD: 02/05/2011 - 21:18:52 - [762,435] ----D C:\Users\ninie lolo\AppData\Local\Zylom Games
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/05/2013 - 13:31:15 - [0,000] R---D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/03/2013 - 23:08:55 - [0,008] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnvSoft
O43 - CFD: 19/06/2010 - 19:49:05 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender Foundation
O43 - CFD: 13/12/2009 - 13:38:26 - [0,002] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner   =>Piriform Ltd
O43 - CFD: 09/05/2010 - 15:36:18 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cooliris
O43 - CFD: 25/04/2011 - 12:10:37 - [0,001] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Détection de l'application Winamp
O43 - CFD: 09/01/2011 - 19:03:38 - [0,011] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 15/01/2013 - 14:01:47 - [0,002] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/07/2012 - 20:21:00 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Application
O43 - CFD: 22/07/2012 - 10:05:16 - [0,004] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Natural Threat - L'Ile Aux Plantes
O43 - CFD: 25/07/2012 - 20:20:37 - [0,003] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange
O43 - CFD: 24/09/2010 - 13:12:54 - [0] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poster Forge
O43 - CFD: 16/05/2013 - 13:31:15 - [0,000] R---D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 02/05/2011 - 21:18:52 - [0,012] ----D C:\Users\ninie lolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zylom Games
~ 1718 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 2072 Scanned in 00mn 06s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.3C7F48F116C764A4FE7CBC0B2EA75B0D] - 06/06/2013 - 12:00:16 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [195166]
O44 - LFC:[MD5.AC849B99E032F4017BB1CE37934DD4AF] - 06/06/2013 - 11:14:47 ---A- . (...) -- C:\Windows\setupact.log   [112]
O44 - LFC:[MD5.9B62593D5439CB24B0E7500FB86BFE9E] - 06/06/2013 - 11:14:46 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/06/2013 - 06:26:37 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.C253A6EF150151C0654520BCA0C0102A] - 06/06/2013 - 06:26:31 ---A- . (...) -- C:\Windows\PFRO.log   [6664]
O44 - LFC:[MD5.3645EBFA0C392B08DD8A7231A25006D5] - 04/06/2013 - 16:16:02 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1549936]
O44 - LFC:[MD5.402FB9D87618AC6A18F6173FB316F2A3] - 04/06/2013 - 16:16:02 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [106412]
O44 - LFC:[MD5.F736B24446F185CB07A274F8E53CCCFA] - 04/06/2013 - 16:16:02 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [130770]
O44 - LFC:[MD5.AB25CCB184BEFD4DE8C1579926E56598] - 04/06/2013 - 16:16:02 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [616032]
O44 - LFC:[MD5.96E52D5D6904CADB1700AEF31405850D] - 04/06/2013 - 16:16:02 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [704464]
O44 - LFC:[MD5.3645EBFA0C392B08DD8A7231A25006D5] - 04/06/2013 - 16:16:02 RSHAD . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1549936]
O44 - LFC:[MD5.402FB9D87618AC6A18F6173FB316F2A3] - 04/06/2013 - 16:16:02 RSHAD . (...) -- C:\Windows\System32\perfc009.dat   [106412]
O44 - LFC:[MD5.F736B24446F185CB07A274F8E53CCCFA] - 04/06/2013 - 16:16:02 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat   [130770]
O44 - LFC:[MD5.AB25CCB184BEFD4DE8C1579926E56598] - 04/06/2013 - 16:16:02 RSHAD . (...) -- C:\Windows\System32\perfh009.dat   [616032]
O44 - LFC:[MD5.96E52D5D6904CADB1700AEF31405850D] - 04/06/2013 - 16:16:02 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat   [704464]
~ Files: 15 Scanned in 00mn 04s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher  [Key] . (...) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Akamai NetSession Interface  [Key] . (.Akamai Technologies, Inc - Akamai NetSession Client.) -- C:\Users\ninie lolo\AppData\Local\Akamai\netsession_win.exe
O53 - SMSR:HKLM\...\startupreg\ApnUpdater  [Key] . (...) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\APSDaemon  [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\BCSSync  [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
O53 - SMSR:HKLM\...\startupreg\CanonMyPrinter  [Key] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenuEx  [Key] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe
O53 - SMSR:HKLM\...\startupreg\Global Registration  [Key] . (.Acer Incorporated - Global Registration.) -- C:\Program Files (x86)\Packard Bell\Registration\GREG.exe
O53 - SMSR:HKLM\...\startupreg\Google Update  [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\ninie lolo\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\Hiyo  [Key] . (.IncrediMail, Ltd. - HiYo.) -- C:\Program Files (x86)\HiYo\bin\HiYo.exe
O53 - SMSR:HKLM\...\startupreg\orangeinside  [Key] . (.Orange - Executable Orange Inside.) -- C:\Users\ninie lolo\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task  [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl  [Key] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O53 - SMSR:HKLM\...\startupreg\Sidebar  [Key] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\swg  [Key] . (...) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent  [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.µTorrent
O53 - SMSR:HKLM\...\startupreg\WinampAgent  [Key] . (.Nullsoft, Inc. - Winamp Agent.) -- C:\Program Files (x86)\Winamp\winampa.exe
~ SMSR Keys: 18 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 28/11/2006 - 21:46:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\SysWOW64\drivers\PCAMp50.sys   [28224]
~ Drivers:  Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: ZHPFix 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1
~ ADS:  Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 09/05/2013 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk)  .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 09/05/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 09/05/2013 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr)  .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 09/05/2013 - Pas de propriétaire (aswRvrt)  .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 09/05/2013 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 09/05/2013 - C:\Windows\System32\Drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 09/05/2013 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 09/05/2013 - Pas de propriétaire (aswVmm)  .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser)  .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\cng.sys (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 07/03/2009 - C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz64.sys (cpuz132)  .(.Windows (R) Codename Longhorn DDK provider - CPUID Driver.) - LEGACY_CPUZ132
O64 - Services: CurCS - 09/07/2010 - C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys (cpuz134)  .(.Windows (R) Win 7 DDK provider - CPUID Driver.) - LEGACY_CPUZ134
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache)  .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\exfat.sys (exfat)  .(.Microsoft Corporation - Microsoft Extended FAT File System.) - LEGACY_EXFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat)  .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol)  .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP)  .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr)  .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\webclnt.dll (MRxDAV)  .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf)  .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw)  .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH)  .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rasacd.sys (RasAcd)  .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP)  .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr)  .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2)  .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg)  .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs)  .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf)  .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\wimmount.sys (WIMMount)  .(.Microsoft Corporation - Wim file system Driver.) - LEGACY_WIMMOUNT
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf)  .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 75 Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 19 Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\ninie lolo\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Launcher.exe> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639..clientLogIsEnabled", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.AppTrackingLastCheckTime", "Wed Nov 09 2011 13:10:54 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.CTID", "CT2851639");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.CurrentServerDate", "9-11-2011");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.DSInstall", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.DialogsGetterLastCheckTime", "Sun Nov 06 2011 18:59:19 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.EMailNotifierPollDate", "Wed Nov 09 2011 16:52:03 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedLastCount2548968607390276962", 488);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156812186649977", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156813040823546", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156813130095866", "Wed Nov 09 2011 16:25:29 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156813224203613", "Wed Nov 09 2011 16:25:29 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156813230837251", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156813454291735", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156813729834876", "Wed Nov 09 2011 16:25:29 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156813860870021", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156814264681793", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156814863075366", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedPollDate2429156815257761081", "Wed Nov 09 2011 16:25:29 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedTTL2429156813040823546", 15);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedTTL2429156813130095866", 10);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedTTL2429156813454291735", 5);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FeedTTL2429156814264681793", 5);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FirstServerDate", "6-10-2011");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FirstTime", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FirstTimeFF3", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.FixPageNotFoundErrors", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.HPInstall", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.HomepageBeforeUnload", "http://www.google.fr/");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.Initialize", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.InstallationType", "UnknownIntegration");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.InstalledDate", "Thu Oct 06 2011 14:52:05 GMT+0200");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.IsGrouping", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.IsInitSetupIni", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.IsMulticommunity", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.IsOpenUninstallPage", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.LanguagePackLastCheckTime", "Tue Nov 08 2011 20:10:46 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.LastLogin_3.7.0.6", "Tue Nov 08 2011 20:02:50 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.LastLogin_3.8.0.8", "Wed Nov 09 2011 13:13:29 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.LatestVersion", "3.8.0.8");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.Locale", "fr");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.OriginalFirstVersion", "3.7.0.6");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SHRINK_TOOLBAR", 1);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchBoxWidth", 263);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search");   =>P2P.µTorrent
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchEngineBeforeUnload", "Google");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&q=");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchInNewTabLastCheckTime", "Tue Nov 08 2011 20:10:44 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ServiceMapLastCheckTime", "Tue Nov 08 2011 20:10:47 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SettingsLastCheckTime", "Wed Nov 09 2011 16:25:28 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.SettingsLastUpdate", "1313478221");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Thu Oct 27 2011 15:15:28 GMT+0200");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1255344667");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.TrusteLinkUrl", "http://trust.conduit.com/CT2851639");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.UserID", "UN22526310860290712");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ValidationData_Search", 1);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.WeatherNetwork", "");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.WeatherPollDate", "Wed Nov 09 2011 16:25:37 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.WeatherUnit", "C");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.alertChannelId", "1243674");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.backendstorage.cbfirsttime", "546875204F637420303620323031312031343A35323A313320474D542B30323030");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.backendstorage.url_history", "687474703A2F2F7777772E6C646C632E636F6D2F696E666F726D6174697175652F6F7264696E617[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.backendstorage.url_history_time", "31333138303035353337393532");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.components.129351529700900053", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.components.129422840102831305", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.components.129544678881551249", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Wed Nov 09 2011 13:13:29 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.initDone", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.myStuffEnabled", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.oldAppsList", "129351529700431300,129351529700743801,111,1000234,129351529700900053,1000034,12942284010283130[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.revertSettingsEnabled", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.testingCtid", "");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Tue Nov 08 2011 20:10:45 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Thu Nov 03 2011 14:03:25 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CT2851639.usagesFlag", 2);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\"");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", "\"1290675760\"");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr", "kLE3EoupXhh+3ayzzXG[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr", "TA2mKqdBHssHhc1ui1OG[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr", "ev2KSD8BFMMs2dxsoAq[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr", "hOlcV9OHcX1OR8Faic1Xmg[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"")[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639", "\"56fe0d15406c7b69464328b19c[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2851639&octid=CT2851639", "\"1313478221\"");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=fr", "\"864b96cefc08a4496f11285e75305e25\[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\ninie lolo\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\ep8ti82[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.0.8");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://cdn.triplegames.com/shared/apps/gamearcade/arcade.htm?ctId=CT2851639", "744[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://listen.grooveshark.com/ ", "800x598");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ToolbarsList", "CT2851639");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2851639");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2851639");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Oct 07 2011 16:28:20 GMT+0200");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.globalUserId", "1a2a9023-2c98-4af1-979a-df6423c8f2e2");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Nov 03 2011 14:10:40 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Nov 08 2011 20:10:53 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.locale", "en");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Nov 08 2011 20:10:45 GMT+0100");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.notifications.userId", "91b8125a-473d-4e01-8f76-ddc655b7c831");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.originalHomepage", "http://www.google.fr/");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("CommunityToolbar.originalSearchEngine", "Google");
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.admin", false);   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.aflt", "babsst");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dfltLng", "en");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.dpkLst", "1169821598,3855095921,302281469,2400444324,3654782829,1334533236,3874294282,3866767[...]   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.excTlbr", false);   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.id", "0cc8ba79000000000000002511a8d2d2");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlDay", "15655");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.instlRef", "sst");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrId", "base");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=0cc8ba79000000000000002511a8d2[...]   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=108988&tt=4512_3&babsrc=NT_ss&mntrId=0cc8ba79[...]   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.811:28:44");   =>Toolbar.Babylon
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("extensions.asktb.ff-original-keyword-url", "http://r.orange.fr/r?ref=O_OI_hook_openSearchFF&url=http%3A//rws.search.ke.[...]
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...]   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.height", "335");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_options_dialog");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.title", "$string.config.label;");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...]   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.1.width", "761");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.height", "300");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_example_dialog");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.title", "Example (unit-test) dialog");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.url", "chrome://sim_toolbar_package/content/exampledialog.html");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.2.width", "500");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.height", "150");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.id", "id_dialog_hide_disable_remove");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.title", "Option Dialog");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.url", "http://www.sweetim.com/simffbar/simcdadialog.asp");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dialogs.3.width", "530");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...]   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.mode.debug", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.created", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.newtab.enable", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.previous.keyword.URL", "");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.enable", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.enable", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.addcontextdiv", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.callback", "");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...]   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.domain-whitelist", "");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.elementid", "id_predict_include_script");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.enable", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.id", "id_script_prad");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.scripts.3.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\[...]   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.search.history.capacity", "10");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.enable", "false");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.simapp_id", "{C0BE43C4-616A-11E2-9A1C-002511A8D2D2}");   =>PUP.SweetIM
O69 - SBI: prefs.js [ninie lolo - ep8ti82w.default] user_pref("sweetim.toolbar.version", "1.9.0.0");   =>PUP.SweetIM
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys:  Scanned in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Services: 32 Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.EF994903FCE2CE3E2D57579B419FF4FC] [SPRF][19/07/2010] (...) -- C:\ProgramData\ezsidmv.dat   [48]
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe   [36136]
[MD5.610F73168D34158BD1FCDA0842957326] [SPRF][09/03/2011] (...) -- C:\Users\ninie lolo\AppData\Roaming\wklnhst.dat   [1082]
[MD5.5D04D875F415062F8BABD49656FF7D3A] [SPRF][26/09/2011] (.AbiSource Developers - Installer for AbiWord.) -- C:\Users\ninie lolo\Desktop\abiword-setup-2.8.6.exe   [8335349]
[MD5.61E91D4E29AE5FFF8367F0A7349F32A0] [SPRF][23/01/2010] (.Amazon.com - Amazon MP3 Downloader.) -- C:\Users\ninie lolo\Desktop\AmazonMP3Downloader.exe   [2495080]
[MD5.2E19857E9FFD395FAA6686959624297A] [SPRF][24/07/2012] (...) -- C:\Users\ninie lolo\Desktop\AmazonMP3DownloaderInstall.exe   [1008760]
[MD5.7524A45287EEC6A98685FD3F0C775510] [SPRF][09/03/2011] (.Softland - doPDF 7 printer Setup.) -- C:\Users\ninie lolo\Desktop\dopdf-7.exe   [4174272]
[MD5.DAF2D9AA422C3D065C6F4E8823644944] [SPRF][04/01/2013] (.Pas de propriétaire - Guiformat.) -- C:\Users\ninie lolo\Desktop\guiformat.exe   [73728]
[MD5.F8B23AC008D885BF38E9E95A5DF0690A] [SPRF][06/06/2013] (.Nicolas Coolman - ZHPFix.) -- C:\Users\ninie lolo\Desktop\ZHPFix.exe   [3435403]
[MD5.9865E9F85F993C21387B6AEADE59AB23] [SPRF][18/07/2010] (.Piriform Ltd - Defraggler Installer.) -- C:\Program Files (x86)\dfsetup120.exe   [4064168]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll   [304544]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll   [131472]
~ Files:  Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{078CF9C8-C373-4653-81DB-9960A7CB2E8A}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{44CA7831-5257-461D-8416-9D5FAFA52CB0}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{5E8670E4-2BE8-4AF7-B20B-287DF7ABC624}" | In - Public - P6 - FALSE | .(.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{5A6A8D51-B281-4D63-9972-A9EE6DE33D54}" | In - Public - P17 - FALSE | .(.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{0DCD3F4E-1596-422A-812E-7A23A5972612}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{966C74CC-AC9F-4E67-A313-AA40DFC211E8}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{F4C2C991-0375-4BF6-9E07-B36FA8E755C9}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{1B81C106-98A1-4F17-8A59-BCFBB843CACF}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{06CCAC51-4E5D-46DB-A3D8-7D8F110E1979}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{E5B4530F-CEE2-4B98-9438-848EF56E9736}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{EEB39649-F487-4C79-9AED-9D1E5667559A}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{4EA3632E-6318-42B3-A135-ACCDCB095A5A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{04A7AB72-7AD9-4E50-9A65-D2FDE0E36692}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{71A3E2D5-8520-48C2-A5CB-C306340A8C6B}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{911203D9-280B-4B1E-9A9B-0BA0DC1879AA}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{BA43457F-D671-4B60-A009-A51ADEA5DBE2}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{000A0E30-388F-4342-908C-348BAFF5304F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{CBE0E87F-6DCC-4698-ABBB-7345EAD6FDA2}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{1152B046-93A9-4409-899F-6BED83CC75D1}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{3CD62604-4AC6-4BEC-A6BA-CC4AD87528A7}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{AA6D3D9D-B208-43A7-9775-1C71226CBD38}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{55A84553-EAF1-49CE-B204-DE9EA3D29227}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{A81EDFC4-7C73-4CC5-99E6-074388F7FB55}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{543658D2-A983-4025-8590-F9D32CC2DA08}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{721812F1-6AA9-4052-9BCB-D8529DF49384}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{6BAD3721-4BC9-4678-8CD5-5141A6D4BC2E}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe
O87 - FAEL: "{4B6A07CB-F2A5-4EDF-8FE5-80240F86E1BE}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
O87 - FAEL: "TCP Query User{9B130DBF-CC3C-4AF8-9EEA-7B913BEC27C8}C:\program files (x86)\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "UDP Query User{C3F08076-54C5-418D-BEE6-857DF5AF84D0}C:\program files (x86)\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "{9E094EE0-8E65-4893-9500-654963BF62CC}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{C60AE237-6B71-4D87-AADA-6C850D1CEE1C}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "TCP Query User{B6027333-8A1F-446F-83D7-8D5F38CCA963}C:\program files (x86)\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files (x86)\mozilla firefox\firefox.exe
O87 - FAEL: "UDP Query User{7A0C4998-88E2-46C8-B8C1-A43A58911299}C:\program files (x86)\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files (x86)\mozilla firefox\firefox.exe
O87 - FAEL: "{017B847A-5FE0-4720-8765-3116F8D3404F}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Magentic\bin\MgImp.exe (.not file.)
O87 - FAEL: "{F46FBD7E-C405-4F4B-AC4A-0EDDFF7B117F}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Magentic\bin\MgImp.exe (.not file.)
O87 - FAEL: "{D02F3BD0-E30E-48C4-9668-C23293775E4C}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Magentic\bin\Magentic.exe (.not file.)
O87 - FAEL: "{D9B4457C-33A2-4679-B519-EC5D39A09766}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Magentic\bin\Magentic.exe (.not file.)
O87 - FAEL: "{9A905E4F-FD23-4C5C-B480-EFDB13D4E9C8}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Magentic\bin\MgApp.exe (.not file.)
O87 - FAEL: "{5E6C82CF-F93B-4529-8BA2-0807F6BE9BBC}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Magentic\bin\MgApp.exe (.not file.)
O87 - FAEL: "{637FDC55-D49D-423F-B6D6-248AE8B52FC4}" | In - Private - P6 - TRUE | .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "{0EDD51C5-E6BA-44E4-B010-0940B0C4DF2B}" | In - Private - P17 - TRUE | .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "{12E37ABB-D204-4C74-A4ED-683334C5C202}" | In - Domain - P6 - FALSE | .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "{148FDF39-77BF-47EC-B831-6659D67311BB}" | In - Domain - P17 - FALSE | .(.Nullsoft, Inc. - Winamp.) -- C:\Program Files (x86)\Winamp\winamp.exe
O87 - FAEL: "TCP Query User{18B8FE78-7E8B-48A6-B4EE-9E35C81AF4BD}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(.VideoLAN - VLC media player 2.0.6.) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "UDP Query User{BBE7F32D-B5B6-4023-8983-2D6324E87D44}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(.VideoLAN - VLC media player 2.0.6.) -- C:\program files (x86)\videolan\vlc\vlc.exe
O87 - FAEL: "TCP Query User{37D3CF96-530F-48F8-9213-48958DCE06C5}C:\program files (x86)\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "UDP Query User{D389BA23-904A-4088-8893-E00DE7B36ACF}C:\program files (x86)\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe
O87 - FAEL: "{32FC9129-FFEE-4B71-91CC-066400F2829F}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{9DFC832F-3C29-430D-BEF0-6D062CCEF1A6}" |In - Private - P6 - FALSE | .(...) -- C:\Users\ninie lolo\AppData\Local\Temp\ImInstaller\HiYo_Installer.exe (.not file.)
O87 - FAEL: "{7E0E19A6-23CE-41D9-8779-09A6F54DFF30}" |In - Private - P17 - FALSE | .(...) -- C:\Users\ninie lolo\AppData\Local\Temp\ImInstaller\HiYo_Installer.exe (.not file.)
O87 - FAEL: "{5513D92A-871B-46B5-B7C0-3FFD2C2AB52E}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{D9006030-BDD3-4799-93DB-10E4BA0DB0AA}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre6\bin\javaw.exe
O87 - FAEL: "UDP Query User{7FB01A2A-BFA9-46FE-8975-114F389AE287}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program files (x86)\java\jre6\bin\javaw.exe
O87 - FAEL: "TCP Query User{1071F218-4B5F-4D64-88A2-C120A227A61A}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google.) -- C:\program files (x86)\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{7688DBF1-4C28-40A4-BA5B-16E8EE02B070}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google.) -- C:\program files (x86)\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{D218D6F5-E275-4892-896F-7F5BBD451BFA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Private - P6 - TRUE | .(.Google.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe
O87 - FAEL: "UDP Query User{C2957E08-79E2-4427-8842-679BCB7F16F5}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Private - P17 - TRUE | .(.Google.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe
O87 - FAEL: "{947E5C35-73D7-4598-A48C-93E782EE54D3}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
O87 - FAEL: "TCP Query User{FE3C0AA8-79B1-46CF-B70D-EA1C57EBA705}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe   =>P2P.µTorrent
O87 - FAEL: "UDP Query User{EF6E7A8D-433B-4B16-9029-DB3F1CFBAD98}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe   =>P2P.µTorrent
O87 - FAEL: "{67AE082F-1104-4547-A546-B26D0D62781F}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.µTorrent
O87 - FAEL: "{BC32E3BA-3521-42BD-AB9D-6E883C2FF9EC}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe   =>P2P.µTorrent
O87 - FAEL: "{CEAD7C73-B586-466F-ADCA-F9531ACBD0C0}" | In - Private - P6 - TRUE | .(.Akamai Technologies, Inc - Akamai NetSession Client.) -- C:\Users\ninie lolo\AppData\Local\Akamai\netsession_win.exe
O87 - FAEL: "{4A015BFE-B386-4300-B084-363CC2228101}" | In - Private - P17 - TRUE | .(.Akamai Technologies, Inc - Akamai NetSession Client.) -- C:\Users\ninie lolo\AppData\Local\Akamai\netsession_win.exe
O87 - FAEL: "TCP Query User{BEC8282A-5CF3-49C3-B56E-A03D5F42683D}C:\users\ninie lolo\appdata\local\akamai\netsession_win.exe" | In - Public - P6 - TRUE | .(.Akamai Technologies, Inc.) -- C:\users\ninie lolo\appdata\local\akamai\netsession_win.exe
O87 - FAEL: "UDP Query User{30D5EC8B-2335-49B4-8FFA-7B3BE29223ED}C:\users\ninie lolo\appdata\local\akamai\netsession_win.exe" | In - Public - P17 - TRUE | .(.Akamai Technologies, Inc.) -- C:\users\ninie lolo\appdata\local\akamai\netsession_win.exe
O87 - FAEL: "{D139A0B0-00BB-4F9A-9A1A-B517D16DCE44}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\ma-config.com\x64\maconfservice.exe (.not file.)
O87 - FAEL: "{FBD78DB3-55C1-4732-A5AB-888C31FD2B10}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\ma-config.com\x64\maconfservice.exe (.not file.)
O87 - FAEL: "{B5E2EB1F-E082-41B5-A5F1-D566B2BDF72F}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{FFF071C5-0272-4228-86B6-BA29169AA2ED}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{28F466AF-6BD1-401C-978B-E5812CDF84B3}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe
O87 - FAEL: "{1902AF3D-32B1-408F-A449-96A0A0E1E885}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe
O87 - FAEL: "{E9B3543E-5A47-438A-8896-9737A86FE533}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
O87 - FAEL: "TCP Query User{D424B13E-7EC9-49D9-B9B2-EB153548F996}C:\program files (x86)\mozilla firefox\plugin-container.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation.) -- C:\program files (x86)\mozilla firefox\plugin-container.exe
O87 - FAEL: "UDP Query User{B0AB05EC-9879-4A61-B935-31830E39348A}C:\program files (x86)\mozilla firefox\plugin-container.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation.) -- C:\program files (x86)\mozilla firefox\plugin-container.exe
O87 - FAEL: "{DD9F6354-2FC9-4FBB-8C01-62A4DF1CC655}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{91F41525-9424-4F97-ACDF-0A731F2F0263}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{6C214B0A-1D9C-4B23-B5FA-49867440B512}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{BF20E814-CB26-4E67-8BC0-7357B263176B}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{6BE08DE7-5DBF-4AF8-9D12-07455030D4E8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe (.not file.)
O87 - FAEL: "{DDFC77F7-40EC-4960-B9A9-B5E1DFD51B6F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe (.not file.)
O87 - FAEL: "{5A8CF86E-E40C-479F-AF27-A8415DF25A4C}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe (.not file.)
O87 - FAEL: "{24444059-389F-4993-9112-91BF9562F253}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe (.not file.)
O87 - FAEL: "TCP Query User{7905ECAC-D782-404D-9292-DA506D070E08}C:\program files (x86)\java\jre7\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\javaw.exe
O87 - FAEL: "UDP Query User{CC4D86E6-F4DE-400A-835A-BDEA80A48BB6}C:\program files (x86)\java\jre7\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\javaw.exe
O87 - FAEL: "{2E04C42D-1732-4BD7-978B-8497CE098973}" | In - Private - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O87 - FAEL: "{8BBC01B1-3B0F-47A3-9B7F-E0A5821E6E48}" | In - Private - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O87 - FAEL: "RemoteDesktop-UserMode-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{B54FA302-46AC-4D86-A83E-2096CEE3FAE7}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "{54F74102-0731-419F-8756-02FBF7BACE9A}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "{1989B001-EB1B-46EF-A666-597352C211C3}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
~ Firewall: 258 Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.12397 - (06/06/2013)
Clés trouvées (Keys found) : 31
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 3
Fichiers trouvés  (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]   =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}]   =>Toolbar.Orange
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater]   =>Toolbar.Ask
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]   =>Toolbar.Ask
[HKLM\Software\Classes\Toolbar.CT2851639]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440}   =>Adware.AskSBAR
C:\ProgramData\Browser Manager   =>Toolbar.Babylon
C:\Users\ninie lolo\AppData\LocalLow\AskToolbar   =>Toolbar.AskTBar
C:\Users\ninie lolo\AppData\LocalLow\Conduit   =>Toolbar.Conduit
C:\Users\ninie lolo\AppData\Roaming\Mozilla\Firefox\Profiles\ep8ti82w.default\bprotector_extensions.sqlite   =>PUP.BProtector
~ Additionnel Scan: 313351 Items scanned in 00mn 26s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- c:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- c:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "0C22D86408082E118BE68BCAF689CC3E" . (.Google Earth.) -- C:\Windows\Installer\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}\ARPPRODUCTICON.exe
O90 - PUC: "0C7EC0FA4E3A37D489B82B1978CEE6A9" . (.QuickTime.) -- C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\Installer.ico
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "144A4120BA4A8A34D8FEF2375C636437" . (.Microsoft Works.) -- c:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\MSWorks.exe
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Complément Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "1ED3565076566C049B03933D996B3496" . (.OpenOffice.org 3.3.) -- C:\Windows\Installer\{05653DE1-6567-40C6-B930-39D399B64369}\soffice.ico
O90 - PUC: "20D4A191E49C4D5498DBD2C9BF501AAF" . (.ArtRage 2.) -- C:\Windows\Installer\{191A4D02-C94E-45D4-89BD-2D9CFB05A1FA}\controlPanelIcon_1.exe
O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype™ 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
O90 - PUC: "3E64AFC7F2CC553428EA0621CD6333DF" . (.NVIDIA ForceWare Network Access Manager.) -- C:\Windows\Installer\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\ARPPRODUCTICON.exe
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "487EA05EEBAFAD641A8FB7B665CD2BE2" . (.Microsoft Office Suite Activation Assistant.) -- C:\Windows\Installer\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}\ARPPRODUCTICON.exe
O90 - PUC: "532E1E0054BA59641A6570138149E94D" . (.HiYo.) -- C:\Windows\Installer\{00E1E235-AB45-4695-A156-073118949ED4}\ARPPRODUCTICON.exe
O90 - PUC: "621AD3C1325D9804CBACAF64EF436D8F" . (.Google Drive.) -- C:\Windows\Installer\{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}\DriveIcon
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.03) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "76EA78D0BE4101C4885AADC61318BE81" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico
O90 - PUC: "7CEBB04F4A2C00A4B942A750A5C22526" . (.Microsoft Office Live Add-in 1.5.) -- C:\Windows\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon
O90 - PUC: "82D6625F2B0E0314FB5CEE51A55D41CD" . (.Apple Application Support.) -- C:\Windows\Installer\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}\WinInstall.ico
O90 - PUC: "86DA14F42F9826243AC2F2070BF1ECE9" . (.Photorécit 3 pour Windows.) -- C:\Windows\Installer\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}\PhotoStory3_ICON
O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe   =>Toolbar.Ask
O90 - PUC: "D366E3D3E7E477545A06E7DCDD5445A8" . (.PVSonyDll.) -- C:\Windows\Installer\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico
~ Update Products: 161 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 08/12/2008 169312 |  (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
SR - | Auto 11/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 16/05/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 14/07/2009 27136 | c:\program files (x86)\common files\akamai\netsession_win_ca0e279.dll (Akamai) . (.Akamai Technologies, Inc..) - C:\Windows\System32\svchost.exe
SR - | Auto 09/05/2013 46808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 25/12/2009 69120 |  (Boonty Games) . (.BOONTY.) - C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe
SS - | Demand 05/10/2009 651720 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto  625184 |  (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SR - | Auto 04/06/2009 1150496 |  (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
SS - | Auto 29/01/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 29/01/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/08/2009 182768 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 20/05/2013 117144 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 28/07/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto  207904 |  (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SR - | Auto 03/04/2010 159336 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 12/03/2013 559168 |  (ogmservice) . (.RealNetworks, Inc..) - C:\Program Files (x86)\Online Games Manager\ogmservice.exe
SS - | Auto 18/09/2012 1082016 |  (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto  0 |  (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SS - | Auto 13/07/2012 160944 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 04/07/2009 240160 |  (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 00s



End of the scan (2153 lines in 01mn 06s)(0)