~ Rapport de ZHPDiag v2013.9.26.48 - Nicolas Coolman (26/09/2013) ~ Lancé par Stef (27/09/2013 08:09:48) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\\ Navigateurs Internet MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 23.0.1 (Defaut) GCIE: Google Chrome v29.0.1547.76 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : HYRR2 Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Security Client v4.1.0522.0 Spybot - Search & Destroy v1.6.2 Windows Defender W7 ---\\ Logiciels d'optimisation du système CCleaner v3.13 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader X ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3327 MB (52% free) System Restore: Activé (Enable) System drive C: has 22 GB (22%) free of 98 GB ---\\ Mode de connexion au système ~ Computer Name: STEF-PC ~ User Name: Stef ~ All Users Names: Stef, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppData% : C:\Users\Stef\AppData\Roaming\ ~ %Desktop% : C:\Users\Stef\Desktop\ ~ %Favorites% : C:\Users\Stef\Favorites\ ~ %LocalAppData% : C:\Users\Stef\AppData\Local\ ~ %StartMenu% : C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Not Inserted) C: Hard drive, Flash drive, Thumb drive (Free 22 Go of 98 Go) D: Hard drive, Flash drive, Thumb drive (Free 155 Go of 488 Go) E: Hard drive, Flash drive, Thumb drive (Free 37 Go of 346 Go) F: CD-ROM drive (Not Inserted) G: Hard drive, Flash drive, Thumb drive (Free 2 Go of 37 Go) H: CD-ROM drive (Not Inserted) I: Hard drive, Flash drive, Thumb drive (Free 10 Go of 98 Go) J: Hard drive, Flash drive, Thumb drive (Free 17 Go of 29 Go) K: Hard drive, Flash drive, Thumb drive (Free 7 Go of 49 Go) L: Hard drive, Flash drive, Thumb drive (Free 4 Go of 34 Go) M: Hard drive, Flash drive, Thumb drive (Free 6 Go of 58 Go) O: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 37 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.B49B56B64F57699A1A663D2CF7D0A56F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/01/2013 - 23:03:20.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 3/214 ~ Mes musiques (My Musics) : 3/8 Mes Videos (My Videos) : 3/3 (Modified) ~ Mes Favoris (My Favorites) : 1/765 ~ Mes Documents (My Documents) : 2/1979 ~ Mon Bureau (My Desktop) : 1/132 ~ Menu demarrer (Programs) : 1/86 ~ Hidden Files: Scanned in 00mn 05s ---\\ Processus lancés [MD5.36916E254D0843603D65485FA45B3D87] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248] [PID.4020] [MD5.35F97E7C110FC49D4FFB290D5FD8A0DE] - (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files\Druide\Antidote 8\Programmes32\AgentAntidote.exe [1130280] [PID.2232] [MD5.B67322F9FF401846E56F3D719069270E] - (.Pas de propriétaire - Rainlendar2.) -- C:\Program Files\Rainlendar2\Rainlendar2.exe [2433024] [PID.340] [MD5.F80BB09A2AD634CCB755FF45B8E7FFDD] - (.FSPro Labs - Hide Folders 2009 Control Panel.) -- C:\Program Files\Hide Folders 2009\hf.exe [1934848] [PID.2984] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3180] =>Toolbar.Google [MD5.F7E1CCBAD109329203AACB1E87BE614C] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Stef\AppData\Roaming\Dropbox\bin\Dropbox.exe [27776968] [PID.3120] [MD5.A470CC40B031A0EE22017FBA72898A12] - (.Almico Software (www.almico.com) - Pas de description.) -- C:\Program Files\SpeedFan\speedfan.exe [4657048] [PID.2624] [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.5952] [MD5.08454A5469CDF1FFA8B090C61318747E] - (.Sysinternals - www.sysinternals.com - Sysinternals Process Explorer.) -- C:\Users\Stef\Desktop\procexp.exe [2799296] [PID.2192] [MD5.DC661CF87F2501A8B8D9628C006AA3BD] - (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\System32\perfmon.exe [157184] [PID.3788] [MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.4980] [MD5.72EF708552059546B1AAA82E7AA59439] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.3832] [MD5.8D4AFD5F4955A52C39C8C424FE5516D9] - (.Adobe Systems, Inc. - Adobe Flash Player 11.8 r800.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe [1862024] [PID.2976] [MD5.949691049DE62D6975B67D1C6D378418] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8014848] [PID.4960] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] http://www2.delta-search.com =>Toolbar.DeltaSearch G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com G0 - GCSP: Preference [User Data\Default] http://www.google.com G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé) ~ Google Browser: 9 Scanned in 00mn 15s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Stef\AppData\Roaming\Mozilla\Firefox\Profiles\psekkf0a.default\prefs.js C:\Users\Stef\AppData\Roaming\Mozilla\Firefox\Profiles\psekkf0a.default\user.js M3 - MFPP: Plugins - [Stef] -- C:\Users\Stef\AppData\Roaming\Mozilla\Firefox\Profiles\psekkf0a.default\searchplugins\askcom.xml M3 - MFPP: Plugins - [Stef] -- C:\Users\Stef\AppData\Roaming\Mozilla\Firefox\Profiles\psekkf0a.default\searchplugins\Search_Results.xml =>PUP.SearchResults M0 - MFSP: prefs.js [Stef - psekkf0a.default] http://www.google.fr M2 - MFEP: prefs.js [Stef - psekkf0a.default\2020Player_IKEA@2020Technologies.com] [] Visualisateur 3D de 20-20 v5.0.94.1 (..) M2 - MFEP: prefs.js [Stef - psekkf0a.default\speedanalysis03@SpeedAnalysis.com] [] Speed Analysis 3 v1.0.0.4 (..) =>PUP.SpeedAnalysis M2 - MFEP: prefs.js [Stef - psekkf0a.default\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}] [] UltraSurf Firefox Tool v1.0.0.4 (..) M2 - MFEP: prefs.js [Stef - psekkf0a.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.21 (..) P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Dassault Systèmes SolidWorks Corp. - EModel Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npEModelPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin8.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.4.634.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Windows\system32\C2MP\npdivx32.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@veetle.com/vbp;version=0.9.16] - (...) -- C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (.not file.) P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\Stef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.) ~ Firefox Browser: 52 Scanned in 00mn 01s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ IE Browser: 15 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 07s ~ Nombre de lignes (Lines number): 15344 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll O2 - BHO: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} . (.LULU Software - Soda PDF Helper.) -- C:\Program Files\Soda PDF 5\PDFIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ~ BHO: 18 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Soda PDF 5 IE Toolbar - [HKLM]{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} . (.LULU Software - Soda PDF 5 Toolbar.) -- C:\Program Files\Soda PDF 5\PDFIEPlugin.dll O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: ABBYY FineReader 11.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{F1100000-0011-0000-0001-074957833700}\_SHCT_FineReader_1_3E36FF39D91C47F89277D9CEE94684B9.exe O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd O4 - GS\Desktop [Public]: Client PRONOTE 2013.lnk . (...) -- C:\Program Files\Index Education\Pronote 2013\Réseau\Client PRONOTE 2013.exe O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe =>.Google Inc O4 - GS\Desktop [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe O4 - GS\Desktop [Public]: Le vocabulaire de la maison.lnk . (...) -- C:\JOCATOP\VocabulaireMaison\mDES.exe O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - GS\Desktop [Public]: Minuterie.lnk . (...) -- C:\Program Files\Minuterie\crebours.exe O4 - GS\Desktop [Public]: Origin.lnk . (.Electronic Arts - Origin.) -- C:\Program Files\Origin\Origin.exe O4 - GS\Desktop [Public]: pdf2swf.lnk . (...) -- C:\Program Files\SWFTools\gpdf2swf.exe O4 - GS\Desktop [Public]: PICAXE Programming Editor.lnk . (.Revolution Education Ltd - Programmer Editor.) -- C:\Program Files\Programming Editor\progedit.exe O4 - GS\Desktop [Public]: Recuva.lnk . (.Piriform Ltd - Recuva.) -- C:\Program Files\Recuva\Recuva.exe O4 - GS\Desktop [Public]: SolidWorks 2010.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}\i386_SldWorks.exe O4 - GS\Desktop [Public]: SolidWorks eDrawings 2013.lnk . (.Dassault Systèmes SolidWorks Corp. - EModelViewer Module.) -- C:\Program Files\Common Files\eDrawings2013\EModelViewer.exe O4 - GS\Desktop [Public]: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe O4 - GS\Desktop [Public]: TerraTec Home Cinema.lnk . (.TERRATEC Electronic GmbH - Home Cinema.) -- C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe O4 - GS\Desktop [Public]: Ulead VideoStudio 11.lnk . (.InterVideo Digital Technology Corporation - Ulead VideoStudio.) -- C:\Program Files\Ulead Systems\Ulead VideoStudio 11\vstudio.exe O4 - GS\Program [Public]: Adobe Device Central CS5.lnk . (.Adobe Systems Inc. - Adobe Device Central CS5.) -- C:\Program Files\Adobe\Adobe Device Central CS5\DeviceCentral.exe =>.Adobe Systems Incorporated O4 - GS\Program [Public]: Adobe Download Assistant.lnk . (...) -- C:\Program Files\Adobe Download Assistant\Adobe Download Assistant.exe O4 - GS\Program [Public]: Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O4 - GS\Program [Public]: Adobe ExtendScript Toolkit CS5.lnk . (.Adobe Systems Incorporated - ExtendScript Toolkit CS5 and Debugger (32 b.) -- C:\Program Files\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe =>.Adobe Systems Incorporated O4 - GS\Program [Public]: Adobe Extension Manager CS5.lnk . (.Adobe Systems Incorporated - Adobe Extension Manager CS5.) -- C:\Program Files\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe O4 - GS\Program [Public]: Adobe Help.lnk . (...) -- C:\Program Files\Adobe\Adobe Help\Adobe Help.exe O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O4 - GS\Program [Public]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) -- C:\Program Files\Audacity 1.3 Beta\audacity.exe =>.The Audacity Team O4 - GS\Program [Public]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe O4 - GS\Program [Public]: JDownloader Uninstaller.lnk . (...) -- C:\Program Files\JDownloader\JDUninstall.exe (.not file.) O4 - GS\Program [Public]: JDownloader Update.lnk . (...) -- C:\Program Files\JDownloader\JDUpdate.exe (.not file.) O4 - GS\Program [Public]: JDownloader.lnk . (...) -- C:\Program Files\JDownloader\JDownloaderPortable.exe (.not file.) O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Microsoft Fix it Center.lnk . (.Microsoft Corporation - Microsoft Fix it Center Cllient Application.) -- C:\Program Files\Microsoft Fix it Center\FixitCenter.exe O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - GS\Program [Public]: SumatraPDF.lnk . (.Krzysztof Kowalczyk - SumatraPDF.) -- C:\Program Files\SumatraPDF\SumatraPDF.exe O4 - GS\Program [Public]: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe O4 - GS\Program [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.) -- C:\Program Files\DVD Maker\DVDMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\NetProj.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation O4 - GS\QuickLaunch [Stef]: Foxit Reader.lnk . (.Foxit Corporation - Foxit Reader 4.1, Best Reader for Everyday.) -- C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe O4 - GS\QuickLaunch [Stef]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [Stef]: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe O4 - GS\QuickLaunch [Stef]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [Stef]: MediaCoder.lnk . (.Broad Intelligence - MediaCoder.) -- C:\Program Files\MediaCoder\mediacoder.exe O4 - GS\QuickLaunch [Stef]: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.exe O4 - GS\QuickLaunch [Stef]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\QuickLaunch [Stef]: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe O4 - GS\QuickLaunch [Stef]: SolidWorks 2010.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}\i386_SldWorks.exe O4 - GS\QuickLaunch [Stef]: SolidWorks eDrawings 2010.lnk . (.Dassault Systèmes SolidWorks Corp. - EModelViewer Module.) -- C:\Program Files\SolidWorks Corp\SolidWorks eDrawings\EModelViewer.exe O4 - GS\QuickLaunch [Stef]: SolidWorks Explorer 2010.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{2D8D14CC-5B31-44B9-87FC-BEC3D8AFFD1D}\NewShortcut1.exe O4 - GS\QuickLaunch [Stef]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - GS\QuickLaunch [Stef]: XnView.lnk . (.XnView, http://www.xnview.com - XnView for Windows.) -- C:\Program Files\XnView\xnview.exe O4 - GS\TaskBar [Stef]: Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe O4 - GS\TaskBar [Stef]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\TaskBar [Stef]: Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\TaskBar [Stef]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar [Stef]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar [Stef]: Microsoft Excel 2010.lnk . (...) -- C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe O4 - GS\TaskBar [Stef]: Microsoft Office Publisher 2003.lnk . (...) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe O4 - GS\TaskBar [Stef]: Microsoft Office Word 2003.lnk . (...) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe O4 - GS\TaskBar [Stef]: Microsoft Publisher 2010.lnk . (...) -- C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe O4 - GS\TaskBar [Stef]: Microsoft Word 2010.lnk . (...) -- C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe O4 - GS\TaskBar [Stef]: Minuterie.lnk . (...) -- C:\Program Files\Minuterie\crebours.exe O4 - GS\TaskBar [Stef]: Nero Burning ROM 10.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{7A5D731D-B4B3-490E-B339-75685712BAAB}\ScBurningROMStartM_7533AE23D677474387D2A66427FA7052.exe O4 - GS\TaskBar [Stef]: Paint Shop Pro 7.lnk . (.Jasc Software, Inc. - Paint Shop Pro 7.) -- K:\Paint Shop Pro 7\psp.exe O4 - GS\TaskBar [Stef]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\TaskBar [Stef]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation O4 - GS\TaskBar [Stef]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Stef]: Crédit Mutuel.lnk . (.Microsoft Corporation - Microsoft Silverlight Out-of-Browser Launch.) -- C:\Program Files\Microsoft Silverlight\sllauncher.exe O4 - GS\Program [Stef]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Accessories [Stef]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O4 - GS\Accessories [Stef]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [Stef]: Run.lnk - Clé orpheline O4 - GS\Accessories [Stef]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\SystemTools [Stef]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SystemTools [Stef]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation O4 - GS\SendTo [Stef]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe O4 - GS\SendTo [Stef]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe O4 - GS\SendTo [Stef]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe O4 - GS\SendTo [Stef]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe O4 - GS\Desktop [Stef]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) -- C:\Program Files\Audacity 1.3 Beta\audacity.exe =>.The Audacity Team O4 - GS\Desktop [Stef]: AVS Video Converter.lnk . (.Online Media Technologies Ltd. - Video Converter.) -- C:\Program Files\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe O4 - GS\Desktop [Stef]: Crédit Mutuel.lnk . (.Microsoft Corporation - Microsoft Silverlight Out-of-Browser Launch.) -- C:\Program Files\Microsoft Silverlight\sllauncher.exe O4 - GS\Desktop [Stef]: Cubase LE 5.lnk . (.Steinberg Media Technologies - Cubase LE.) -- C:\Program Files\Steinberg\Cubase LE 5\Cubase LE 5.exe O4 - GS\Desktop [Stef]: FileZilla.lnk . (.FileZilla Project - FileZilla FTP Client.) -- C:\Program Files\FileZilla FTP Client\filezilla.exe O4 - GS\Desktop [Stef]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe O4 - GS\Desktop [Stef]: FTP Expert 3.lnk . (.Visicom Media Inc. - AceFTP v3.) -- C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe O4 - GS\Desktop [Stef]: JDownloader.lnk . (...) -- C:\Program Files\JDownloader\JDownloaderPortable.exe (.not file.) O4 - GS\Desktop [Stef]: Le loto de Toto.lnk . (...) -- C:\Program Files\Le loto de Toto\lotototo.exe O4 - GS\Desktop [Stef]: MediaCoder.lnk . (.Broad Intelligence - MediaCoder.) -- C:\Program Files\MediaCoder\mediacoder.exe O4 - GS\Desktop [Stef]: Métamorphose.lnk . (.Ianaré Sévi - Métamorphose: a file -n- folder renamer.) -- C:\Program Files\metamorphose\metamorphose.exe O4 - GS\Desktop [Stef]: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe O4 - GS\Desktop [Stef]: RocketPDF.lnk . (.Krzysztof Kowalczyk - RocketPDF.) -- C:\Program Files\RocketPDF\RocketPDF.exe O4 - GS\Desktop [Stef]: SpeedFan.lnk . (.Almico Software (www.almico.com) - Pas de description.) -- C:\Program Files\SpeedFan\speedfan.exe O4 - GS\Desktop [Stef]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - GS\Desktop [Stef]: Sweet Home 3D.lnk . (.eTeks - Sweet Home 3D.) -- C:\Program Files\Sweet Home 3D\SweetHome3D.exe O4 - GS\Desktop [Stef]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [Stef]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman ~ Global Startup: 128 Scanned in 00mn 05s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Stef]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Stef\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [AgentAntidote32] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files\Druide\Antidote 8\Programmes32\AgentAntidote.exe O4 - HKCU\..\Run: [Rainlendar2] . (.Pas de propriétaire - Rainlendar2.) -- C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [hf2009] . (.FSPro Labs - Hide Folders 2009 Control Panel.) -- C:\Program Files\Hide Folders 2009\hf.exe O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-21-995397270-3947617806-4176101183-1000\..\Run: [Rainlendar2] . (.Pas de propriétaire - Rainlendar2.) -- C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKUS\S-1-5-21-995397270-3947617806-4176101183-1000\..\Run: [hf2009] . (.FSPro Labs - Hide Folders 2009 Control Panel.) -- C:\Program Files\Hide Folders 2009\hf.exe O4 - HKUS\S-1-5-21-995397270-3947617806-4176101183-1000\..\Run: [AdobeBridge] Clé orpheline O4 - HKUS\S-1-5-21-995397270-3947617806-4176101183-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office14\ONBttnIE.dll =>.Microsoft Corporation O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office14\ONBTTN~1.dll =>.Microsoft Corporation O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 8 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: Garmin Communicator Plug-In (Garmin Communicator Plug-In) - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} ((no name)) - http://www2.ac-nancy-metz.fr/qp2.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} ((no name)) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{645544DD-5BBC-4D26-8CD8-C6FAC7C96327}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{645544DD-5BBC-4D26-8CD8-C6FAC7C96327}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{645544DD-5BBC-4D26-8CD8-C6FAC7C96327}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ABBYY FineReader 11 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.11.0) . (.ABBYY - ABBYY network license server.) - C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: Crypkey License (Crypkey License) . (.CrypKey (Canada) Ltd. - CrypKey License Service.) - C:\Windows\System32\crypserv.exe O23 - Service: FSPro Filter Service (fsproflt) . (.FSPro Labs - FSPro Labs Filter Service.) - C:\Windows\system32\fsproflt.exe O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Mise à jour automatique - Index Educatio (MajIndexEducationService) . (...) - C:\Program Files\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe O23 - Service: MySQL (MySQL) . (...) - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: (Printer Control) . (.ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - PrintCtrl.) - C:\Windows\system32\PrintCtrl.exe O23 - Service: Soda PDF 5 Helper Service (Soda PDF 5 Helper Service) . (.LULU Software - Soda PDF 5 Helper Service.) - C:\Program Files\Soda PDF 5\HelperService.exe O23 - Service: Soda PDF 5 Service (Soda PDF 5 Service) . (.LULU Software - Soda PDF 5 Conversion Service.) - C:\Program Files\Soda PDF 5\ConversionService.exe O23 - Service: TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe ~ Services: 15 Scanned in 00mn 05s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-995397270-3947617806-4176101183-1000Core.job [902] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-995397270-3947617806-4176101183-1000UA.job [924] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1054] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SesamTVMC.job [104] [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-995397270-3947617806-4176101183-1000Core] (...) -- C:\Users\Stef\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-995397270-3947617806-4176101183-1000UA] (...) -- C:\Users\Stef\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664] [MD5.00000000000000000000000000000000] [APT] [{1B98AA9A-B6B7-45E1-AFEC-5B6621BB28B4}] (...) -- D:\T‚l‚chargements\O2010_Blue_86\Office 2010 Blue Edition - US\setup.exe (.not file.) [0] [MD5.743322167DD132E6CE084B29E7EF4567] [APT] [{3177BFE0-2FF3-47CA-BF16-69144359D761}] (...) -- K:\mp610_aomwin200ea24.exe [31130960] [MD5.00000000000000000000000000000000] [APT] [{61FACBF3-F278-4B7A-8D7A-337BF4F0FF18}] (...) -- C:\PRONOTE R‚seau 2012\Client PRONOTE 2012.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{62E64818-8657-419B-8E04-623E4B319703}] (...) -- D:\8.9.0.1023\iata_cd.exe (.not file.) [0] [MD5.A205551E7BA8580D2C0FF896A4D79FA9] [APT] [{C33491D0-6371-4652-A0C5-055A0AB2ABB6}] (.Macrovision Corporation.) -- C:\Program Files\InstallShield Installation Information\{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}\setup.exe [460248] [MD5.9DBE27218D30F525192A729096B8CA07] [APT] [{EAF6F58F-B556-42C0-BD89-75EF4916A67F}] (...) -- K:\swftools-0.9.1.exe [14296576] ~ Scheduled Task: 16 Scanned in 00mn 02s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\Windows\system32\msjava.dll O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\system32\Macromed\Flash\Flash32_11_7_700_202.ocx ~ Active Setup: 13 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (MpKsl1233756a) . (.Microsoft Corporation - KSLDriver.) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{86510041-B6D0-4919-A169-3834B63F94F8}\MpKsl1233756a.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (NetworkX) . (...) - C:\Windows\system32\ckldrv.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 68 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 3.3 - (...) [HKLM] -- Virtual Printer SDK Patch_is1 O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip O42 - Logiciel: ABBYY FineReader 11 - (.ABBYY.) [HKLM] -- {F1100000-0011-0000-0001-074957833700} O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408} O42 - Logiciel: AMD AVIVO Codecs - (.Advanced Micro Devices, Inc..) [HKLM] -- {E2B3AAF0-A450-1C61-F0CE-58ACD6D50686} O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {A994E9F7-A748-FFB1-01C2-9D64ADE870B4} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {C4100721-2D71-CC80-8877-0A7855B6EEFB} O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {81615131-4232-9370-7C96-8D693952020C} O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM] -- {943B2619-0E00-E9F1-73E3-03090965484E} O42 - Logiciel: AVS Video Converter 7 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1 O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {47FA2C44-D148-4DBC-AF60-B91934AA4842} O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.downloadassistant.AdobeDownloadAssistant O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- {5E21B617-F52E-BB10-92F9-C8AB2C799A8A} O42 - Logiciel: Adobe Dreamweaver CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {C79312BD-3E76-4474-A10C-1435D1856A4B} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.3) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Antidote 8 - (.Druide informatique inc..) [HKLM] -- {09AAAB09-6DBA-4DD9-9865-54597D3FBCA8}_is1 O42 - Logiciel: Audacity 1.3.12 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1 O42 - Logiciel: AviSynth 2.5 - (...) [HKLM] -- AviSynth O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd O42 - Logiciel: Canon MP610 series - (...) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series O42 - Logiciel: Canon My Printer - (.Canon Inc..) [HKLM] -- CanonMyPrinter O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM] -- {2ECA81CA-D932-4AD3-AD59-BF5CCF099C83} O42 - Logiciel: Champ de recherche rapide Google - (.Google, Inc..) [HKLM] -- Quick Search Box O42 - Logiciel: CharlyGraal V5 - (.Charlyrobot.) [HKLM] -- {43062EA1-4947-4FB6-BD91-EDC35F6DB3AD} O42 - Logiciel: Cinergy 2400i DT V1.1.0.284 - (...) [HKLM] -- Cinergy 2400i DT O42 - Logiciel: Crédit Mutuel - (.mobile.creditmutuel.fr.) [HKCU] -- 1392857124.mobile.creditmutuel.fr O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DWGeditor - (.SolidWorks.) [HKLM] -- {56DCD20A-E558-4396-AF59-14D15AA737BB} O42 - Logiciel: DiscAPI (Liquid) - (.Pinnacle Systems.) [HKLM] -- {690D1794-6D7C-4A55-8371-17BAC69C66CE} O42 - Logiciel: DiskExplorer for NTFS - (.Runtime Software.) [HKLM] -- {64630268-1833-4461-9EC3-857EEB8A0540} O42 - Logiciel: DivX - (.DivXNetworks, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2} O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox O42 - Logiciel: Dropbox Folder Sync - (...) [HKLM] -- Dropbox Folder Sync O42 - Logiciel: FIFA 13 - (.Electronic Arts.) [HKLM] -- {A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0} O42 - Logiciel: FTP Expert 3 - (...) [HKLM] -- FTP Expert 3 O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3} O42 - Logiciel: FileZilla Client 3.6.0.2 - (.FileZilla Project.) [HKLM] -- FileZilla Client O42 - Logiciel: FormatFactory 2.95 - (.Free Time.) [HKLM] -- FormatFactory O42 - Logiciel: Foxit Reader - (.Foxit Software Company.) [HKLM] -- Foxit Reader O42 - Logiciel: GetDataBack for FAT - (.Runtime Software.) [HKLM] -- {2EEEC858-21F8-419B-8FE2-820621BFFCD7} O42 - Logiciel: GetDataBack for NTFS - (.Runtime Software.) [HKLM] -- {56582EEA-3AEF-4D84-8B9D-C87A3CD9250F} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM] -- {1292B4A7-C072-413A-B1D0-A1BE7FB516B9} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} O42 - Logiciel: H-Series_ASIO32 - (.ZOOM.) [HKLM] -- {9F0118A0-49DA-11E0-82D5-00269E8DC781} O42 - Logiciel: HP USB Disk Storage Format Tool - (...) [HKLM] -- {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51} O42 - Logiciel: High-Definition Video Playback 10 - (.Nero AG.) [HKLM] -- {237CCB62-8454-43E3-B158-3ACD0134852E} O42 - Logiciel: INDEX EDUCATION - Client PRONOTE 2012 - (.Index-Education.) [HKLM] -- {39FDE434-458B-4A5B-BA3F-3663FE28B1C5} O42 - Logiciel: INDEX EDUCATION - Client PRONOTE 2013 - (.Index Education.) [HKLM] -- {0BF23E9F-5E99-4B6A-97CA-29ABC6C59E1F} O42 - Logiciel: Inkscape 0.48.3.1 - (...) [HKLM] -- Inkscape O42 - Logiciel: J2SE Runtime Environment 5.0 Update 21 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150210} O42 - Logiciel: JDownloader 0.9 - (.AppWork GmbH.) [HKLM] -- 5513-1208-7298-9440 O42 - Logiciel: Java(TM) 6 Update 31 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: K-Lite Mega Codec Pack 7.2.0 - (...) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: KaraFun 1.17a - (.Recisio.) [HKLM] -- KaraFun_is1 O42 - Logiciel: LAME v3.98.2 for Audacity - (...) [HKLM] -- LAME for Audacity_is1 O42 - Logiciel: Le loto de Toto - (...) [HKLM] -- Le loto de Toto O42 - Logiciel: Liveupdate4 - (.MSI, Inc..) [HKLM] -- Liveupdate4_is1 O42 - Logiciel: Logiciel d'archivage WinRAR - (...) [HKLM] -- WinRAR archiver O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Macromedia Extension Manager - (.Nom de votre société.) [HKLM] -- {3C8C9FB3-5FDF-40B4-B314-EAD722728C76} O42 - Logiciel: Macromedia Flash 8 - (.Macromedia.) [HKLM] -- {2BD5C305-1B27-4D41-B690-7A61172D2FEB} O42 - Logiciel: Macromedia Flash 8 Video Encoder - (.Macromedia.) [HKLM] -- {8BF2C401-02CE-424D-BC26-6C4F9FB446B6} O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Media Player Classic - Home Cinema v1.4.2499.0 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 O42 - Logiciel: MediaCoder 0.7.2.4570 - (.Broad Intelligence.) [HKLM] -- MediaCoder O42 - Logiciel: Micro Application - Architecte 3DHD Expert Cad - (...) [HKLM] -- {2C7FB3E3-A653-48A0-B290-885659E6ED5C} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft Fix it Center - (.Microsoft Corporation.) [HKLM] -- {B7588D45-AFDC-4C93-9E2E-A100F3554B64} O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {98EABC7F-B1A1-43A5-B505-5B4EC3908DCD} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Minuterie 2.6 - (.Jean-Paul Doeraene.) [HKLM] -- Minuterie_is1 O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 23.0.1 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: Multimedia Mouse Driver - (.Nom de votre société.) [HKLM] -- InstallShield_{A9495514-098A-4869-A464-C455857BC464} O42 - Logiciel: MySQL Server 5.1 - (.MySQL AB.) [HKLM] -- {291D8FE1-ED05-4934-80CE-A5F6B7A8718D} O42 - Logiciel: Mémory Lettres - (...) [HKLM] -- Mémory Lettres_is1 O42 - Logiciel: Nero 10 Menu TemplatePack Basic - (.Nero AG.) [HKLM] -- {63AA3EAB-23BB-48B2-9AD0-44F878075604} O42 - Logiciel: Nero 10 Movie ThemePack Basic - (.Nero AG.) [HKLM] -- {F5CB822F-B365-43D1-BCC0-4FDA1A2017A7} O42 - Logiciel: Nero BackItUp 10 - (.Nero AG.) [HKLM] -- {68AB6930-5BFF-4FF6-923B-516A91984FE6} O42 - Logiciel: Nero BackItUp 10 Help (CHM) - (.Nero AG.) [HKLM] -- {08C8666B-C502-4AB3-B4CB-D74AC42D14FE} O42 - Logiciel: Nero BurnRights 10 - (.Nero AG.) [HKLM] -- {943CFD7D-5336-47AF-9418-E02473A5A517} O42 - Logiciel: Nero BurnRights 10 Help (CHM) - (.Nero AG.) [HKLM] -- {555868C6-49FB-484F-BB43-8980651A1B00} O42 - Logiciel: Nero Burning ROM 10 - (.Nero AG.) [HKLM] -- {7A5D731D-B4B3-490E-B339-75685712BAAB} O42 - Logiciel: Nero BurningROM 10 Help (CHM) - (.Nero AG.) [HKLM] -- {9B6B24BE-80E7-46C4-9FA5-B167D5E0F345} O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM] -- {6DFB899F-17A2-48F0-A533-ED8D6866CF38} O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM] -- {523B2B1B-D8DB-4B41-90FF-C4D799E2758A} O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM] -- {2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} O42 - Logiciel: Nero CoverDesigner 10 - (.Nero AG.) [HKLM] -- {FCF00A6E-FB58-477A-ABE9-232907105521} O42 - Logiciel: Nero CoverDesigner 10 Help (CHM) - (.Nero AG.) [HKLM] -- {C3273C55-E1E4-41FF-8D69-0158090DB8D8} O42 - Logiciel: Nero DiscCopy Gadget 10 - (.Nero AG.) [HKLM] -- {92EC1A84-7FFC-42DF-A8F6-79C21C4765A5} O42 - Logiciel: Nero DiscCopyGadget 10 Help (CHM) - (.Nero AG.) [HKLM] -- {5F548A02-80BC-404D-BAE6-F05F9BF6B449} O42 - Logiciel: Nero DiscSpeed 10 - (.Nero AG.) [HKLM] -- {34490F4E-48D0-492E-8249-B48BECF0537C} O42 - Logiciel: Nero DiscSpeed 10 Help (CHM) - (.Nero AG.) [HKLM] -- {C18A0418-442A-4186-AF98-D08F5054A2FC} O42 - Logiciel: Nero Dolby Files 10 - (.Nero AG.) [HKLM] -- {C3580AC4-C827-4332-B935-9A282ED5BB97} O42 - Logiciel: Nero Express 10 - (.Nero AG.) [HKLM] -- {70550193-1C22-445C-8FA4-564E155DB1A7} O42 - Logiciel: Nero Express 10 Help (CHM) - (.Nero AG.) [HKLM] -- {33643918-7957-4839-92C7-EA96CB621A98} O42 - Logiciel: Nero InfoTool 10 - (.Nero AG.) [HKLM] -- {F412B4AF-388C-4FF5-9B2F-33DB1C536953} O42 - Logiciel: Nero InfoTool 10 Help (CHM) - (.Nero AG.) [HKLM] -- {66049135-9659-4AAD-9169-9CCA269EBB3E} O42 - Logiciel: Nero MediaHub 10 - (.Nero AG.) [HKLM] -- {1F7FB68F-52F6-46A3-B42F-38CE46295AE5} O42 - Logiciel: Nero MediaHub 10 Help (CHM) - (.Nero AG.) [HKLM] -- {F467862A-D9CA-47ED-8D81-B4B3C9399272} O42 - Logiciel: Nero Multimedia Suite 10 - (.Nero AG.) [HKLM] -- {277C1559-4CF7-44FF-8D07-98AA9C13AABD} O42 - Logiciel: Nero Recode 10 - (.Nero AG.) [HKLM] -- {8ECEC853-5C3D-4B10-B5C7-FF11FF724807} O42 - Logiciel: Nero Recode 10 Help (CHM) - (.Nero AG.) [HKLM] -- {DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF} O42 - Logiciel: Nero RescueAgent 10 - (.Nero AG.) [HKLM] -- {E337E787-CF61-4B7B-B84F-509202A54023} O42 - Logiciel: Nero RescueAgent 10 Help (CHM) - (.Nero AG.) [HKLM] -- {92E25238-61A3-4ACD-A407-3C480EEF47A7} O42 - Logiciel: Nero SoundTrax 10 - (.Nero AG.) [HKLM] -- {E1EE5339-5D32-458F-BAAB-B19F6301BCE2} O42 - Logiciel: Nero SoundTrax 10 Help (CHM) - (.Nero AG.) [HKLM] -- {16987E99-C95C-4513-9239-7B44A0A71DB5} O42 - Logiciel: Nero StartSmart 10 - (.Nero AG.) [HKLM] -- {F61D489E-6C44-49AC-AD02-7DA8ACA73A65} O42 - Logiciel: Nero StartSmart 10 Help (CHM) - (.Nero AG.) [HKLM] -- {F6117F9C-ADB5-4590-9BE4-12C7BEC28702} O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} O42 - Logiciel: Nero Vision 10 - (.Nero AG.) [HKLM] -- {9A4297F3-2A51-4ED9-92CA-4BCB8380947E} O42 - Logiciel: Nero Vision 10 Help (CHM) - (.Nero AG.) [HKLM] -- {329411A0-19F3-4740-874F-17400B126F27} O42 - Logiciel: Nero WaveEditor 10 - (.Nero AG.) [HKLM] -- {EDCDFAD5-DF80-4600-A493-E9DAD6810230} O42 - Logiciel: Nero WaveEditor 10 Help (CHM) - (.Nero AG.) [HKLM] -- {7A295D8F-484B-4FFB-89AB-C1FD497591FE} O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM] -- Origin O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de pilotes Windows - FTDI CDM Driver Package (02/17/2009 2.04.16) - (.FTDI.) [HKLM] -- 2DC0AA065FA83047D7ECD51C7000C1620D79A4C5 O42 - Logiciel: Package de pilotes Windows - FTDI CDM Driver Package (02/17/2009 2.04.16) - (.FTDI.) [HKLM] -- 51A4D522DD31538335EF5736F0E7F588C70BCB12 O42 - Logiciel: PhotoFiltre - (...) [HKCU] -- PhotoFiltre O42 - Logiciel: PhotoView 360 - (.SolidWorks Corporation.) [HKLM] -- {736D2DAD-3D87-4CAA-8646-83D238AD68E0} O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} O42 - Logiciel: Programming Editor - (.Revolution Education Ltd.) [HKLM] -- {2AEF43A9-E0D3-4EB6-91DF-5E2BCBAAAB6B} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {C9E14402-3631-4182-B377-6B0DFB1C0339} O42 - Logiciel: RAPID (Liquid) - (.Pinnacle Systems.) [HKLM] -- {CEF37035-C1BB-4174-8175-1E878435F61A} O42 - Logiciel: Rainlendar2 (remove only) - (...) [HKLM] -- Rainlendar2 O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva O42 - Logiciel: RocketPDF - (...) [HKLM] -- RocketPDF O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} O42 - Logiciel: SFR - Media Center - (.SFR.) [HKLM] -- SFR_Media Center O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: SimpleOCR 3.1 - (...) [HKLM] -- SimpleOCR 3.1 O42 - Logiciel: SmartSound Common Data - (.SmartSound Software Inc..) [HKLM] -- InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} O42 - Logiciel: SmartSound Common Data - (.SmartSound Software Inc..) [HKLM] -- {B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F} O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM] -- {2F8BA3FD-1FA9-4279-B696-712ABB12F09F} O42 - Logiciel: SmartSound Quicktracks Plugin - (.SmartSound Software Inc.) [HKLM] -- InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} O42 - Logiciel: Soda PDF 5 - (.LULU SOFTWARE LIMITED.) [HKLM] -- {B756A738-AC20-4C26-9EFD-80810B624642} O42 - Logiciel: Soda PDF OCR - (.LULU Software.) [HKLM] -- {8BE88409-618C-4136-ADD2-BE49B2B45048} O42 - Logiciel: SolidWorks 2010 SP0 - (.SolidWorks Corporation.) [HKLM] -- SolidWorks Installation Manager 20100-40000-1100-200 O42 - Logiciel: SolidWorks 2010 SP0 - (.SolidWorks.) [HKLM] -- {AF2066F6-7C57-46A1-A306-077EBBFC7B2B} O42 - Logiciel: SolidWorks Explorer 2010 SP0 - (.SolidWorks Corporation.) [HKLM] -- {2D8D14CC-5B31-44B9-87FC-BEC3D8AFFD1D} O42 - Logiciel: SolidWorks eDrawings 2010 - (.Dassault Systèmes SolidWorks Corp..) [HKLM] -- {1959101B-E34C-4266-8915-20F23B5BCF43} O42 - Logiciel: SolidWorks eDrawings 2013 - (.Dassault Systèmes SolidWorks Corp.) [HKLM] -- {74845D57-69D5-47D0-83ED-A0591689A3BD} O42 - Logiciel: Speed Analysis 3 - (.SpeedAnalysis.com.) [HKLM] -- Speed Analysis 3 =>PUP.SpeedAnalysis O42 - Logiciel: SpeedFan (remove only) - (...) [HKLM] -- SpeedFan O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Steinberg Cubase 5 - (.Steinberg Media Technologies GmbH.) [HKLM] -- {4A19D6AC-ADE0-4A07-80FF-9C9812C45557} O42 - Logiciel: Steinberg Cubase LE 5 - (.Steinberg Media Technologies GmbH.) [HKLM] -- {50C78780-1A54-4A5C-B3A7-FF828C62C5C2} O42 - Logiciel: Steinberg Groove Agent ONE Vintage Beatboxes - (.Steinberg Media Technologies GmbH.) [HKLM] -- {DBF4BC99-53F1-4C97-84C3-7557D103E182} O42 - Logiciel: Steinberg HALionOne GM Drum Set - (.Steinberg Media Technologies GmbH.) [HKLM] -- {AC997F93-0757-4ED4-A701-F40C2D654D09} O42 - Logiciel: Stereoscopic Player - (.3dtv.at.) [HKLM] -- {26B03CED-4E5A-4057-BCF9-EE80B13FCF94} O42 - Logiciel: SumatraPDF - (.Krzysztof Kowalczyk.) [HKLM] -- SumatraPDF O42 - Logiciel: Sweet Home 3D version 2.3 - (.eTeks.) [HKLM] -- Sweet Home 3D_is1 O42 - Logiciel: SyncBack - (.2BrightSparks.) [HKLM] -- SyncBack_is1 O42 - Logiciel: System Requirements Lab - (...) [HKLM] -- SystemRequirementsLab O42 - Logiciel: TV sur PC - (.SFR.) [HKLM] -- Neuf_TV_PC O42 - Logiciel: TeamViewer 7 - (.TeamViewer.) [HKLM] -- TeamViewer 7 O42 - Logiciel: TerraTec Home Cinema - (...) [HKLM] -- {63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9} O42 - Logiciel: TitleDeko - (...) [HKLM] -- {3938850F-423F-4C13-AC64-655387539156} O42 - Logiciel: Ulead VideoStudio 11 - (.InterVideo Digital Technology Corporation.) [HKLM] -- InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9} O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: WD Win98 SE USB Disk Driver, v1.00.09 - (.Western Digital Technologies.) [HKLM] -- {6F512339-216D-4FBE-8A83-3EDCC3F03F51} O42 - Logiciel: WOW Slider - (...) [HKLM] -- WOW Slider O42 - Logiciel: WinFast Multimedia Driver Installation - (.Multimedia.) [HKLM] -- {418EC9DD-25EE-4C3F-8827-B7AA9B26405B} O42 - Logiciel: WinHTTrack Website Copier 3.47-14 - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1 O42 - Logiciel: WinPcap 4.1.1 - (.CACE Technologies.) [HKLM] -- WinPcapInst O42 - Logiciel: Windows 7 Codec Pack 2.3.0 - (.Windows 7 Codec Pack.) [HKLM] -- Windows 7 - Codec Pack O42 - Logiciel: Windows Media Encoder 9 Series - (...) [HKLM] -- Windows Media Encoder 9 O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation O42 - Logiciel: XnView 1.97.8 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1 O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher O42 - Logiciel: eLicenser Control - (.Steinberg Media Technologies GmbH.) [HKLM] -- eLicenser Control O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: programme - (...) [HKLM] -- programme O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ~ Logic: 283 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\3dtv.at] [HKCU\Software\5ae8cd1e06de448] [HKCU\Software\7-Zip] [HKCU\Software\ABBYY] [HKCU\Software\ACP] [HKCU\Software\AMD] [HKCU\Software\APN PIP] [HKCU\Software\ASIO] [HKCU\Software\ASProtect] [HKCU\Software\ATI] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\Aleksandar Puskas Software] [HKCU\Software\AppDataLow\Google] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\ArcSoft] [HKCU\Software\Audacity] [HKCU\Software\Aurigma] [HKCU\Software\BitComet] =>P2P.BitComet [HKCU\Software\Blizzard Entertainment] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\Charlyrobot] [HKCU\Software\Cheat Engine] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreVorbis] [HKCU\Software\CyberLink] [HKCU\Software\Cygnus Solutions] [HKCU\Software\Cygwin] [HKCU\Software\DSP-worx] [HKCU\Software\DT Soft] [HKCU\Software\DVD Audio Extractor] [HKCU\Software\DVR-MS] [HKCU\Software\Delta] [HKCU\Software\DigitByteStudio] [HKCU\Software\DivXNetworks] [HKCU\Software\Druide informatique inc.] [HKCU\Software\EA Sports] [HKCU\Software\EffectMgr] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Electronic Arts] [HKCU\Software\Elgato Systems] [HKCU\Software\Eltima Software] [HKCU\Software\FSPro Labs] [HKCU\Software\Foxit Software] [HKCU\Software\FreeTime] [HKCU\Software\Freeware] [HKCU\Software\Fridgesoft] [HKCU\Software\GNU] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\Garmin] [HKCU\Software\Google] [HKCU\Software\GuideTool] [HKCU\Software\Haali] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\IPE] [HKCU\Software\IRAI] [HKCU\Software\Iceni Technology Limited] [HKCU\Software\ImgBurn] [HKCU\Software\Index Education] [HKCU\Software\Intel] [HKCU\Software\InterVideo] [HKCU\Software\Jasc] [HKCU\Software\JavaSoft] [HKCU\Software\Leadertech] [HKCU\Software\Leadtek] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\MAGIX AG] [HKCU\Software\MJLSoftware] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\Magix] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MatchWare] [HKCU\Software\MediaInfo] [HKCU\Software\MediaPortal] [HKCU\Software\Micro Application] [HKCU\Software\Minuterie] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\MultiStageTrayAgent] [HKCU\Software\Multimedia Combo Set] [HKCU\Software\MyFree Codec] [HKCU\Software\NCH Software] [HKCU\Software\NCH Swift Sound] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\NecroSystems] [HKCU\Software\NeroDigital] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Neuf] [HKCU\Software\NewBlue] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\OpenworldLearning] [HKCU\Software\PDFCreator] [HKCU\Software\Pegasys Inc.] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RECISIO] [HKCU\Software\Razer] [HKCU\Software\Realtek] [HKCU\Software\SBERender] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Samsung] [HKCU\Software\SecuROM] [HKCU\Software\Sephiroth] [HKCU\Software\Sesam.tv] [HKCU\Software\SkypeRS] [HKCU\Software\Soda PDF 5] [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\Softsoft Ltd.] [HKCU\Software\SolidWorks] [HKCU\Software\SourceTec] [HKCU\Software\SpeedFan] [HKCU\Software\Spointer] [HKCU\Software\Steinberg Media Technologies GmbH] [HKCU\Software\Steinberg] [HKCU\Software\Sysinternals] [HKCU\Software\TeamViewer] [HKCU\Software\TerraTec Electronic GmbH] [HKCU\Software\TerraTec] [HKCU\Software\Trolltech] [HKCU\Software\Ulead Systems] [HKCU\Software\Unigraphics Solutions] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VFPlugin] [HKCU\Software\VOB] [HKCU\Software\Valve] [HKCU\Software\VirtualDub.org] [HKCU\Software\WDC] [HKCU\Software\WOWSlider.com] [HKCU\Software\WTV2DVRMS] [HKCU\Software\Wget] [HKCU\Software\WinHTTrack Website Copier] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Windows 7 - Codec Pack] [HKCU\Software\Xara] [HKCU\Software\Xenocode] [HKCU\Software\Xi] [HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo [HKCU\Software\ZOOM] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\eDrawings] [HKCU\Software\ej-technologies] [HKCU\Software\keyhole.com] [HKCU\Software\madFlac] [HKCU\Software\mb Software AG] [HKCU\Software\metamorphose] [HKCU\Software\quiss.org] [HKCU\Software\srac] [HKCU\Software\testapp] [HKCU\Software\unpacker] [HKLM\Software\14919ea49a8f3b4aa3cf1058d9a64cec] [HKLM\Software\3dtv.at] [HKLM\Software\5ae8cd1e06de448] [HKLM\Software\] [HKLM\Software\ABBYY] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AMD] [HKLM\Software\ASIO] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\AVS4YOU] [HKLM\Software\ActMask Virtual Printer SDK] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Amazon] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\ArcSoft] [HKLM\Software\Audible] [HKLM\Software\Autodesk] [HKLM\Software\BrowserChoice] [HKLM\Software\Canon] [HKLM\Software\Charlyrobot] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Corel] [HKLM\Software\CyberLink] [HKLM\Software\Cygnus Solutions] [HKLM\Software\DT Soft] [HKLM\Software\DivXNetworks] [HKLM\Software\Druide informatique inc.] [HKLM\Software\EA Sports] [HKLM\Software\Editions JOCATOP] [HKLM\Software\Electronic Arts] [HKLM\Software\Eltima] [HKLM\Software\FAST Multimedia] [HKLM\Software\FSPro Labs] [HKLM\Software\FileZilla 3] [HKLM\Software\FlexCell Studio] [HKLM\Software\Foxit Software] [HKLM\Software\Fraps] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard Company] [HKLM\Software\Iceni Technology Limited] [HKLM\Software\Infix PDF] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\IproCAM] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Khronos] [HKLM\Software\Lame for Audacity] [HKLM\Software\Leadtek Research Inc.] [HKLM\Software\Leadtek] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MSI] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Magix] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Micro Application] [HKLM\Software\Moyea] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Multimedia] [HKLM\Software\MySQL AB] [HKLM\Software\NINOS CADCAM] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\Neuf] [HKLM\Software\Newmedia Consulting, Inc.] [HKLM\Software\ODBC] [HKLM\Software\On2 Technologies] [HKLM\Software\Ontrack] [HKLM\Software\OpenOffice.org] [HKLM\Software\Origin Games] [HKLM\Software\PDFCreator] [HKLM\Software\PIP] [HKLM\Software\Persits Software] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Protexis] [HKLM\Software\RECISIO] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Runtime Software] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Samsung] [HKLM\Software\Sesam.tv] [HKLM\Software\SmartSound Software] [HKLM\Software\SolidWorks Corporation] [HKLM\Software\SolidWorks] [HKLM\Software\Sonic] [HKLM\Software\SourceTec] [HKLM\Software\Srac] [HKLM\Software\StarterBackgroundChanger] [HKLM\Software\Steinberg] [HKLM\Software\Stellar information Systems ltd.] [HKLM\Software\Sun Microsystems] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\Tarma Installer] =>PUP.Tarma [HKLM\Software\TeamViewer] [HKLM\Software\TerraTec Electronic GmbH] [HKLM\Software\TerraTec] [HKLM\Software\The Silicon Realms Toolworks] [HKLM\Software\Trad-FR] [HKLM\Software\Ulead Systems] [HKLM\Software\Ulead] [HKLM\Software\VDownloader] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\Visicom Media] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\Western Digital Technologies] [HKLM\Software\WinHTTrack Website Copier] [HKLM\Software\WinPcap] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\Xara] [HKLM\Software\Xi] [HKLM\Software\XnView] [HKLM\Software\ZOOM] [HKLM\Software\eDrawings] [HKLM\Software\ej-technologies] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\quiss.org] ~ Key Software: 408 Scanned in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 04/10/2010 - 18:48:07 - [4,652] ----D C:\Program Files\2BrightSparks O43 - CFD: 02/12/2010 - 12:32:47 - [3,348] ----D C:\Program Files\7-Zip O43 - CFD: 04/08/2013 - 13:20:49 - [717,757] ----D C:\Program Files\ABBYY FineReader 11 O43 - CFD: 10/03/2013 - 10:57:54 - [725,676] ----D C:\Program Files\Adobe O43 - CFD: 01/04/2013 - 00:15:19 - [2,913] ----D C:\Program Files\Adobe Download Assistant O43 - CFD: 26/12/2009 - 19:17:02 - [7,806] ----D C:\Program Files\AGEIA Technologies O43 - CFD: 10/03/2012 - 10:48:15 - [1,863] ----D C:\Program Files\AMD APP O43 - CFD: 10/03/2012 - 10:48:21 - [5,936] ----D C:\Program Files\AMD AVT O43 - CFD: 24/10/2011 - 20:09:06 - [20,194] ----D C:\Program Files\ATI O43 - CFD: 10/03/2012 - 10:47:44 - [62,727] ----D C:\Program Files\ATI Technologies O43 - CFD: 04/03/2011 - 14:11:00 - [32,765] ----D C:\Program Files\Audacity 1.3 Beta O43 - CFD: 03/01/2010 - 13:03:43 - [29,368] ----D C:\Program Files\Audacity 1.3 Beta (Unicode) O43 - CFD: 15/12/2011 - 23:09:14 - [33,412] ----D C:\Program Files\Avid O43 - CFD: 16/12/2009 - 17:36:44 - [2,532] ----D C:\Program Files\AviSynth 2.5 O43 - CFD: 10/03/2013 - 11:07:23 - [30,332] ----D C:\Program Files\AVS4YOU O43 - CFD: 03/03/2013 - 17:37:17 - [10,595] ----D C:\Program Files\Canon O43 - CFD: 01/10/2012 - 13:56:04 - [24,161] --H-D C:\Program Files\CanonBJ O43 - CFD: 15/12/2011 - 11:00:22 - [4,120] ----D C:\Program Files\CCleaner =>Piriform Ltd O43 - CFD: 17/03/2013 - 15:49:04 - [25,982] ----D C:\Program Files\Charlyrobot O43 - CFD: 29/03/2013 - 14:42:44 - [1125,758] ----D C:\Program Files\Common Files O43 - CFD: 26/02/2013 - 18:18:11 - [0] ----D C:\Program Files\Corel O43 - CFD: 18/12/2009 - 19:33:38 - [9,902] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 08/02/2012 - 16:06:48 - [0,758] ----D C:\Program Files\DIFX O43 - CFD: 13/08/2010 - 21:37:22 - [0,437] ----D C:\Program Files\DivX O43 - CFD: 20/09/2012 - 18:09:45 - [1,315] ----D C:\Program Files\Dropbox Folder Sync O43 - CFD: 10/03/2013 - 11:18:23 - [450,149] ----D C:\Program Files\Druide O43 - CFD: 15/12/2011 - 23:12:12 - [0,053] ----D C:\Program Files\DScaler O43 - CFD: 09/12/2012 - 09:27:06 - [38,179] ----D C:\Program Files\DsNET Corp O43 - CFD: 29/07/2011 - 21:32:33 - [0,021] ----D C:\Program Files\Dusco O43 - CFD: 16/04/2011 - 13:40:47 - [79,371] ----D C:\Program Files\DVD Maker O43 - CFD: 11/04/2010 - 20:37:49 - [0] ----D C:\Program Files\DVRSoft O43 - CFD: 10/03/2013 - 11:10:48 - [0] ----D C:\Program Files\Elaborate Bytes O43 - CFD: 03/10/2011 - 22:17:38 - [6,292] ----D C:\Program Files\eLicenser O43 - CFD: 15/12/2011 - 23:12:20 - [0] ----D C:\Program Files\Eltima Software O43 - CFD: 04/12/2009 - 21:33:26 - [0] -SH-D C:\Program Files\Fichiers communs O43 - CFD: 26/02/2013 - 18:50:09 - [0] ----D C:\Program Files\Fifa Master O43 - CFD: 09/03/2013 - 20:59:28 - [16,769] ----D C:\Program Files\FileZilla FTP Client O43 - CFD: 12/09/2010 - 14:08:49 - [10,596] ----D C:\Program Files\Foxit Software O43 - CFD: 06/08/2010 - 08:20:28 - [0] ----D C:\Program Files\Free Hide Folder O43 - CFD: 06/02/2011 - 20:21:58 - [3,041] ----D C:\Program Files\FreeOCR O43 - CFD: 31/12/2011 - 19:19:59 - [111,531] ----D C:\Program Files\FreeTime O43 - CFD: 28/07/2013 - 07:13:10 - [713,029] ----D C:\Program Files\Google O43 - CFD: 06/08/2010 - 08:14:51 - [2,911] ----D C:\Program Files\Hide Folders 2009 O43 - CFD: 19/09/2013 - 08:58:43 - [122,200] ----D C:\Program Files\Index Education O43 - CFD: 07/10/2012 - 10:29:50 - [164,037] ----D C:\Program Files\Inkscape O43 - CFD: 02/09/2013 - 17:48:59 - [80,298] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 14/02/2013 - 08:32:27 - [6,552] ----D C:\Program Files\Internet Explorer O43 - CFD: 08/02/2012 - 16:06:05 - [2,549] ----D C:\Program Files\IproCAM O43 - CFD: 12/04/2011 - 21:20:41 - [153,750] ----D C:\Program Files\Java O43 - CFD: 12/01/2010 - 16:48:13 - [15,892] ----D C:\Program Files\JRE O43 - CFD: 29/07/2011 - 22:39:18 - [42,533] ----D C:\Program Files\K-Lite Codec Pack O43 - CFD: 21/12/2009 - 23:12:03 - [14,743] ----D C:\Program Files\KaraFun O43 - CFD: 26/01/2010 - 19:33:06 - [1,170] ----D C:\Program Files\Lame for Audacity O43 - CFD: 26/01/2011 - 16:32:00 - [46,016] ----D C:\Program Files\Le loto de Toto O43 - CFD: 15/12/2011 - 11:10:36 - [184,946] ----D C:\Program Files\Macromedia O43 - CFD: 15/12/2011 - 23:13:21 - [0,128] ----D C:\Program Files\MAGIX O43 - CFD: 13/09/2013 - 09:03:58 - [13,311] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 30/09/2010 - 12:40:17 - [2,414] ----D C:\Program Files\MarkAny O43 - CFD: 09/01/2011 - 15:13:54 - [30,911] ----D C:\Program Files\Media Player Classic - Home Cinema O43 - CFD: 29/12/2009 - 21:03:59 - [61,928] ----D C:\Program Files\MediaCoder O43 - CFD: 25/08/2010 - 14:01:11 - [15,648] ----D C:\Program Files\metamorphose O43 - CFD: 03/01/2011 - 16:11:50 - [1138,817] ----D C:\Program Files\Micro Application O43 - CFD: 21/10/2010 - 18:17:10 - [38,002] ----D C:\Program Files\Microsoft Analysis Services O43 - CFD: 27/12/2009 - 01:06:58 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 26/08/2010 - 20:56:05 - [22,162] ----D C:\Program Files\Microsoft Fix it Center O43 - CFD: 14/07/2009 - 11:01:21 - [140,966] ----D C:\Program Files\Microsoft Games O43 - CFD: 10/03/2013 - 12:37:29 - [1128,206] ----D C:\Program Files\Microsoft Office O43 - CFD: 27/09/2012 - 00:22:48 - [22,158] ----D C:\Program Files\Microsoft Security Client O43 - CFD: 09/05/2012 - 23:33:13 - [36,641] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 21/10/2010 - 18:20:03 - [3,467] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 21/10/2010 - 18:20:03 - [0,830] ----D C:\Program Files\Microsoft Sync Framework O43 - CFD: 21/10/2010 - 18:20:38 - [0,312] ----D C:\Program Files\Microsoft Synchronization Services O43 - CFD: 26/12/2009 - 19:16:03 - [88,739] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 10/03/2013 - 12:36:56 - [7,789] ----D C:\Program Files\Microsoft.NET O43 - CFD: 20/01/2013 - 17:36:01 - [1,192] ----D C:\Program Files\Minuterie O43 - CFD: 12/09/2013 - 22:50:51 - [50,413] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 18/08/2013 - 08:37:43 - [0,215] ----D C:\Program Files\Mozilla Maintenance Service O43 - CFD: 21/10/2010 - 18:21:24 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 18/03/2011 - 01:06:05 - [83,957] ----D C:\Program Files\MSECache O43 - CFD: 20/10/2011 - 21:03:44 - [10,683] ----D C:\Program Files\MSI O43 - CFD: 06/12/2009 - 22:01:22 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 27/04/2012 - 22:32:57 - [6,302] ----D C:\Program Files\Multimedia Mouse Driver O43 - CFD: 29/07/2011 - 21:54:12 - [107,316] ----D C:\Program Files\MySQL O43 - CFD: 08/08/2010 - 15:32:29 - [1334,780] ----D C:\Program Files\Nero O43 - CFD: 24/10/2011 - 20:04:08 - [98,974] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 15/12/2011 - 11:14:14 - [0,826] ----D C:\Program Files\Ontrack O43 - CFD: 12/01/2010 - 16:48:12 - [367,412] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 29/03/2013 - 14:45:50 - [126,212] ----D C:\Program Files\Origin O43 - CFD: 17/10/2012 - 18:08:55 - [1621,697] ----D C:\Program Files\Origin Games O43 - CFD: 20/01/2011 - 21:50:32 - [0] ----D C:\Program Files\PC Connectivity Solution O43 - CFD: 12/09/2012 - 15:38:43 - [32,488] ----D C:\Program Files\PDFCreator O43 - CFD: 03/06/2010 - 18:07:58 - [3,518] ----D C:\Program Files\PhotoFiltre O43 - CFD: 15/12/2011 - 23:08:46 - [704,122] ----D C:\Program Files\Pinnacle O43 - CFD: 03/01/2010 - 00:55:30 - [1,669] ----D C:\Program Files\PlayReady O43 - CFD: 28/03/2010 - 13:56:34 - [54,639] ----D C:\Program Files\Programming Editor O43 - CFD: 13/10/2011 - 22:41:15 - [77,549] ----D C:\Program Files\QuickTime O43 - CFD: 15/02/2012 - 18:02:37 - [22,269] ----D C:\Program Files\Rainlendar2 O43 - CFD: 31/12/2011 - 15:01:42 - [322,905] ----D C:\Program Files\RAR Password Cracker O43 - CFD: 03/01/2010 - 00:41:07 - [13,772] ----D C:\Program Files\Realtek O43 - CFD: 25/08/2010 - 19:58:04 - [1,906] ----D C:\Program Files\Recuva O43 - CFD: 14/07/2009 - 06:52:30 - [37,357] ----D C:\Program Files\Reference Assemblies O43 - CFD: 12/09/2013 - 22:51:04 - [4,781] ----D C:\Program Files\RocketPDF O43 - CFD: 03/12/2011 - 14:55:29 - [10,392] ----D C:\Program Files\Runtime Software O43 - CFD: 20/01/2011 - 21:50:36 - [333,963] ----D C:\Program Files\Samsung O43 - CFD: 20/10/2011 - 21:06:39 - [1,214] ----D C:\Program Files\Setup Files O43 - CFD: 10/01/2010 - 14:52:07 - [24,462] ----D C:\Program Files\SFR O43 - CFD: 04/09/2010 - 21:06:35 - [24,148] ----D C:\Program Files\SimpleOCR O43 - CFD: 24/10/2012 - 20:16:54 - [28,179] ----D C:\Program Files\SmartSound Software O43 - CFD: 04/08/2013 - 12:19:48 - [299,071] ----D C:\Program Files\Soda PDF 5 O43 - CFD: 24/01/2010 - 20:35:02 - [0] ----D C:\Program Files\SoftByte Labs O43 - CFD: 26/12/2009 - 19:24:12 - [-593,045] ----D C:\Program Files\SolidWorks Corp O43 - CFD: 27/09/2013 - 07:34:39 - [5,492] ----D C:\Program Files\SpeedFan O43 - CFD: 15/11/2011 - 19:11:53 - [76,882] ----D C:\Program Files\Spybot - Search & Destroy O43 - CFD: 31/12/2011 - 15:01:26 - [0,987] ----D C:\Program Files\StarterBackgroundChanger O43 - CFD: 03/10/2011 - 20:50:41 - [379,264] ----D C:\Program Files\Steinberg O43 - CFD: 15/12/2011 - 23:07:11 - [0] ----D C:\Program Files\Stellar Phoenix Windows Data Recovery O43 - CFD: 09/03/2013 - 15:49:22 - [9,307] ----D C:\Program Files\SumatraPDF O43 - CFD: 28/03/2010 - 16:46:53 - [97,090] ----D C:\Program Files\Sweet Home 3D O43 - CFD: 16/11/2012 - 14:54:00 - [55,655] ----D C:\Program Files\SWFTools O43 - CFD: 03/10/2011 - 20:48:44 - [0,164] ----D C:\Program Files\Syncrosoft O43 - CFD: 04/09/2010 - 20:17:51 - [0,387] ----D C:\Program Files\SyncToy 2.1 O43 - CFD: 01/01/2002 - 23:20:35 - [0,733] ----D C:\Program Files\SystemRequirementsLab O43 - CFD: 29/07/2011 - 21:54:35 - [2,232] ----D C:\Program Files\Team MediaPortal O43 - CFD: 01/12/2012 - 19:13:21 - [16,903] ----D C:\Program Files\TeamViewer O43 - CFD: 05/01/2013 - 22:10:21 - [0] --H-D C:\Program Files\Temp O43 - CFD: 16/03/2012 - 13:09:15 - [118,958] ----D C:\Program Files\TerraTec O43 - CFD: 03/10/2010 - 10:26:30 - [185,067] ----D C:\Program Files\Ulead Systems O43 - CFD: 12/09/2013 - 22:51:31 - [0,001] --H-D C:\Program Files\Uninstall Information O43 - CFD: 07/12/2009 - 23:39:18 - [71,675] ----D C:\Program Files\VideoLAN O43 - CFD: 05/12/2009 - 12:30:14 - [5,845] ----D C:\Program Files\Visicom Media O43 - CFD: 29/08/2010 - 10:31:09 - [0,542] ----D C:\Program Files\Western Digital Technologies O43 - CFD: 16/04/2011 - 13:40:44 - [2,909] ----D C:\Program Files\Windows Defender O43 - CFD: 10/05/2012 - 17:59:01 - [6,689] ----D C:\Program Files\Windows Journal O43 - CFD: 23/06/2012 - 09:43:11 - [140,665] ----D C:\Program Files\Windows Live O43 - CFD: 16/04/2011 - 13:40:47 - [5,895] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 03/10/2010 - 10:27:09 - [13,379] ----D C:\Program Files\Windows Media Components O43 - CFD: 16/04/2011 - 13:40:47 - [6,298] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 04/12/2009 - 21:33:26 - [11,632] ----D C:\Program Files\Windows NT O43 - CFD: 16/04/2011 - 13:40:46 - [4,213] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 16/04/2011 - 13:40:47 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 16/04/2011 - 13:40:47 - [26,140] ----D C:\Program Files\Windows Sidebar O43 - CFD: 09/06/2010 - 18:19:55 - [0,085] ----D C:\Program Files\WinFast O43 - CFD: 29/05/2013 - 13:46:24 - [11,300] ----D C:\Program Files\WinHTTrack O43 - CFD: 08/02/2013 - 18:05:25 - [0,182] ----D C:\Program Files\WinPcap O43 - CFD: 21/11/2012 - 08:04:16 - [4,964] ----D C:\Program Files\WinRAR O43 - CFD: 01/03/2012 - 18:02:01 - [32,404] ----D C:\Program Files\WOW Slider O43 - CFD: 05/05/2011 - 22:29:16 - [14,732] ----D C:\Program Files\XnView O43 - CFD: 27/09/2013 - 08:10:27 - [17,350] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman O43 - CFD: 25/09/2011 - 21:50:09 - [1,895] ----D C:\Program Files\ZOOM O43 - CFD: 10/03/2013 - 10:59:36 - [238,843] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 01/04/2013 - 00:15:13 - [38,049] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 04/12/2009 - 22:22:54 - [0,066] ----D C:\Program Files\Common Files\Adobe Systems Shared O43 - CFD: 27/03/2010 - 10:07:12 - [23,583] ----D C:\Program Files\Common Files\ArcSoft O43 - CFD: 24/10/2011 - 20:09:56 - [2,907] ----D C:\Program Files\Common Files\ATI Technologies O43 - CFD: 13/02/2011 - 12:47:26 - [82,261] ----D C:\Program Files\Common Files\AVSMedia O43 - CFD: 05/12/2009 - 11:18:08 - [60,194] ----D C:\Program Files\Common Files\BitDefender O43 - CFD: 29/05/2013 - 05:15:27 - [0] ----D C:\Program Files\Common Files\Blizzard Entertainment O43 - CFD: 10/03/2013 - 12:36:52 - [0,201] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 17/10/2012 - 18:08:43 - [0,714] --H-D C:\Program Files\Common Files\EAInstaller O43 - CFD: 12/03/2013 - 17:09:29 - [45,400] ----D C:\Program Files\Common Files\eDrawings2013 O43 - CFD: 26/12/2009 - 19:15:08 - [38,382] ----D C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks O43 - CFD: 27/03/2010 - 10:07:00 - [13,069] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 12/04/2011 - 21:19:58 - [30,070] ----D C:\Program Files\Common Files\Java O43 - CFD: 15/12/2011 - 11:10:41 - [0,016] ----D C:\Program Files\Common Files\Macromedia O43 - CFD: 26/12/2009 - 19:21:10 - [0,827] ----D C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 24/10/2010 - 13:54:40 - [0,849] ----D C:\Program Files\Common Files\MAGIX Services O43 - CFD: 03/10/2010 - 11:50:32 - [1,699] ----D C:\Program Files\Common Files\MAGIX Shared O43 - CFD: 10/03/2013 - 12:37:36 - [374,404] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 08/08/2010 - 15:25:45 - [19,034] ----D C:\Program Files\Common Files\Nero O43 - CFD: 16/01/2010 - 11:56:19 - [0] ----D C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 30/09/2010 - 18:53:26 - [0,255] ----D C:\Program Files\Common Files\Samsung O43 - CFD: 14/07/2009 - 04:37:05 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 26/12/2009 - 19:24:25 - [46,114] ----D C:\Program Files\Common Files\SolidWorks Shared O43 - CFD: 14/07/2009 - 04:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 02/12/2010 - 14:28:04 - [0,385] ----D C:\Program Files\Common Files\Steam O43 - CFD: 29/11/2011 - 14:04:36 - [17,109] ----D C:\Program Files\Common Files\System O43 - CFD: 17/03/2012 - 09:48:32 - [20,540] ----D C:\Program Files\Common Files\TerraTec O43 - CFD: 03/10/2010 - 10:27:06 - [29,837] ----D C:\Program Files\Common Files\Ulead Systems O43 - CFD: 29/04/2011 - 23:04:26 - [0] ----D C:\Program Files\Common Files\VST3 O43 - CFD: 04/12/2009 - 22:02:34 - [0] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 03/10/2010 - 11:49:30 - [1,750] ----D C:\Program Files\Common Files\xara O43 - CFD: 04/08/2013 - 13:13:10 - [4,640] ----D C:\ProgramData\ABBYY O43 - CFD: 28/04/2013 - 06:58:05 - [278,592] ----D C:\ProgramData\Adobe O43 - CFD: 04/12/2009 - 22:23:17 - [0,006] ----D C:\ProgramData\Adobe Systems O43 - CFD: 10/03/2012 - 10:48:22 - [14,843] ----D C:\ProgramData\AMD O43 - CFD: 13/10/2011 - 22:39:01 - [0] ----D C:\ProgramData\Apple O43 - CFD: 13/10/2011 - 22:40:46 - [25,516] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 06:53:55 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 24/11/2010 - 16:27:40 - [0,011] ----D C:\ProgramData\ArcSoft O43 - CFD: 06/06/2012 - 17:22:32 - [0,202] ----D C:\ProgramData\Ask O43 - CFD: 10/03/2012 - 10:53:24 - [0] ----D C:\ProgramData\ATI O43 - CFD: 12/04/2011 - 19:36:33 - [0,001] ----D C:\ProgramData\AutoUpdate O43 - CFD: 16/12/2009 - 17:21:10 - [0] ----D C:\ProgramData\AVS4YOU O43 - CFD: 29/03/2013 - 14:42:18 - [77,318] ----D C:\ProgramData\Battle.net O43 - CFD: 12/09/2013 - 22:50:36 - [2,657] ----D C:\ProgramData\BitGuard =>PUP.BitGuard O43 - CFD: 27/05/2013 - 23:34:06 - [87,795] ----D C:\ProgramData\Blizzard Entertainment O43 - CFD: 31/12/2011 - 19:02:58 - [0] ----D C:\ProgramData\boost_interprocess O43 - CFD: 04/12/2009 - 21:33:26 - [0] ----D C:\ProgramData\Bureau O43 - CFD: 29/03/2011 - 23:03:23 - [18,192] --H-D C:\ProgramData\CanonBJ O43 - CFD: 27/03/2010 - 01:18:27 - [0,017] ----D C:\ProgramData\CyberLink O43 - CFD: 18/12/2009 - 19:33:06 - [0] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/09/2011 - 17:35:39 - [0] ----D C:\ProgramData\DassaultSystemes O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Documents O43 - CFD: 11/09/2012 - 20:07:59 - [0,004] -SH-D C:\ProgramData\DSS O43 - CFD: 05/10/2011 - 19:32:16 - [0] ----D C:\ProgramData\EA Core O43 - CFD: 05/10/2011 - 19:32:18 - [0,208] ----D C:\ProgramData\Electronic Arts O43 - CFD: 03/10/2011 - 20:49:57 - [35,075] ----D C:\ProgramData\eLicenser O43 - CFD: 24/10/2012 - 20:16:56 - [0,344] ----D C:\ProgramData\eSellerate O43 - CFD: 04/12/2009 - 21:33:26 - [0] ----D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Favorites O43 - CFD: 12/03/2013 - 17:10:04 - [0,025] ----D C:\ProgramData\FLEXnet O43 - CFD: 08/02/2012 - 14:32:00 - [0,514] ----D C:\ProgramData\Google O43 - CFD: 25/09/2011 - 09:07:13 - [0] ----D C:\ProgramData\Iceni O43 - CFD: 08/02/2012 - 14:41:51 - [0,030] ----D C:\ProgramData\icons O43 - CFD: 26/09/2013 - 21:33:49 - [134,266] ----D C:\ProgramData\IndexEducation O43 - CFD: 24/10/2012 - 20:15:36 - [0,831] ----D C:\ProgramData\InterVideo O43 - CFD: 28/08/2010 - 09:35:41 - [59,534] ----D C:\ProgramData\Macromedia O43 - CFD: 15/12/2011 - 23:13:20 - [5,352] ----D C:\ProgramData\MAGIX O43 - CFD: 30/03/2011 - 07:49:11 - [16,367] ----D C:\ProgramData\Malwarebytes O43 - CFD: 29/10/2010 - 17:00:55 - [0] ----D C:\ProgramData\McAfee O43 - CFD: 04/12/2009 - 21:33:26 - [0] ----D C:\ProgramData\Menu Démarrer O43 - CFD: 26/02/2013 - 19:14:17 - [1430,705] -S--D C:\ProgramData\Microsoft O43 - CFD: 26/09/2013 - 23:23:51 - [0,066] ----D C:\ProgramData\Microsoft Help O43 - CFD: 04/12/2009 - 21:33:26 - [0] ----D C:\ProgramData\Modèles O43 - CFD: 26/06/2012 - 22:17:53 - [0,034] ----D C:\ProgramData\Mozilla O43 - CFD: 15/02/2012 - 17:26:39 - [115,748] ----D C:\ProgramData\MySQL O43 - CFD: 02/01/2010 - 01:10:11 - [6,177] ----D C:\ProgramData\NCH Swift Sound O43 - CFD: 08/08/2010 - 15:32:31 - [4,342] ----D C:\ProgramData\Nero O43 - CFD: 24/10/2011 - 20:04:03 - [0,001] ----D C:\ProgramData\NVIDIA O43 - CFD: 30/11/2012 - 00:12:50 - [7,251] ----D C:\ProgramData\Origin O43 - CFD: 18/12/2009 - 20:43:57 - [8,879] ----D C:\ProgramData\Pendulo Studios O43 - CFD: 13/08/2010 - 22:46:18 - [0,495] ----D C:\ProgramData\Pinnacle O43 - CFD: 13/08/2010 - 21:40:08 - [0,009] ----D C:\ProgramData\QuickTime O43 - CFD: 21/12/2009 - 23:12:02 - [0,019] ----D C:\ProgramData\Recisio O43 - CFD: 16/11/2011 - 15:12:56 - [0,005] ----D C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 22/10/2011 - 21:25:12 - [13,553] ----D C:\ProgramData\Samsung O43 - CFD: 24/10/2012 - 20:17:02 - [130,445] ----D C:\ProgramData\SmartSound Software Inc O43 - CFD: 26/12/2009 - 19:20:40 - [831,026] ----D C:\ProgramData\SolidWorks O43 - CFD: 21/09/2013 - 19:13:29 - [136,236] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Start Menu O43 - CFD: 29/04/2011 - 22:56:27 - [62,016] ----D C:\ProgramData\Steinberg O43 - CFD: 02/04/2010 - 10:45:53 - [0] ----D C:\ProgramData\Sun O43 - CFD: 03/10/2011 - 20:50:39 - [0] ----D C:\ProgramData\Syncrosoft O43 - CFD: 29/07/2011 - 21:54:33 - [481,568] ----D C:\ProgramData\Team MediaPortal O43 - CFD: 12/04/2011 - 20:58:14 - [0] ---AD C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:53:55 - [0] ----D C:\ProgramData\Templates O43 - CFD: 04/12/2009 - 22:52:58 - [6,792] ----D C:\ProgramData\TerraTec O43 - CFD: 26/02/2013 - 18:18:11 - [0,254] ----D C:\ProgramData\Ulead Systems O43 - CFD: 04/09/2010 - 18:32:10 - [0,274] ----D C:\ProgramData\Western Digital O43 - CFD: 29/03/2011 - 23:05:05 - [0,006] ----D C:\Users\Stef\AppData\Roaming\.metamorphose O43 - CFD: 04/08/2013 - 13:20:51 - [0,017] ----D C:\Users\Stef\AppData\Roaming\ABBYY O43 - CFD: 04/08/2013 - 12:24:37 - [0] ----D C:\Users\Stef\AppData\Roaming\ABBYY FineReader Engine 9.0 O43 - CFD: 10/03/2013 - 10:57:42 - [70,945] ----D C:\Users\Stef\AppData\Roaming\Adobe O43 - CFD: 05/12/2009 - 15:28:53 - [0] --H-D C:\Users\Stef\AppData\Roaming\AdobeUM O43 - CFD: 16/11/2011 - 15:00:32 - [0] --H-D C:\Users\Stef\AppData\Roaming\Amazon O43 - CFD: 13/10/2011 - 22:53:09 - [0] ----D C:\Users\Stef\AppData\Roaming\Apple Computer O43 - CFD: 29/03/2011 - 23:05:05 - [0] ----D C:\Users\Stef\AppData\Roaming\ArcSoft O43 - CFD: 25/09/2011 - 14:15:50 - [0] ----D C:\Users\Stef\AppData\Roaming\Aspell O43 - CFD: 24/10/2011 - 20:21:21 - [0] ----D C:\Users\Stef\AppData\Roaming\ATI O43 - CFD: 26/08/2013 - 09:42:25 - [0,004] ----D C:\Users\Stef\AppData\Roaming\Audacity O43 - CFD: 16/12/2009 - 17:21:11 - [0,143] --H-D C:\Users\Stef\AppData\Roaming\AVS4YOU O43 - CFD: 06/02/2011 - 21:32:06 - [0,038] --H-D C:\Users\Stef\AppData\Roaming\BitComet =>P2P.BitComet O43 - CFD: 29/03/2011 - 23:04:00 - [0,372] ----D C:\Users\Stef\AppData\Roaming\Broad Intelligence O43 - CFD: 01/10/2012 - 14:59:27 - [4,365] --H-D C:\Users\Stef\AppData\Roaming\Canon O43 - CFD: 10/09/2012 - 11:38:57 - [0,014] ----D C:\Users\Stef\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O43 - CFD: 26/02/2013 - 18:17:53 - [395,633] ----D C:\Users\Stef\AppData\Roaming\Corel O43 - CFD: 29/03/2011 - 23:04:00 - [0] ----D C:\Users\Stef\AppData\Roaming\CyberLink O43 - CFD: 10/03/2013 - 13:03:24 - [0] --H-D C:\Users\Stef\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 07/06/2010 - 18:33:44 - [0] --H-D C:\Users\Stef\AppData\Roaming\DassaultSystemes O43 - CFD: 16/12/2009 - 17:29:48 - [0] --H-D C:\Users\Stef\AppData\Roaming\DivX O43 - CFD: 27/09/2013 - 07:36:35 - [152,771] ----D C:\Users\Stef\AppData\Roaming\Dropbox O43 - CFD: 20/09/2012 - 18:09:44 - [0,088] ----D C:\Users\Stef\AppData\Roaming\Dropbox Folder Sync O43 - CFD: 07/02/2013 - 09:25:32 - [0,062] ----D C:\Users\Stef\AppData\Roaming\Druide O43 - CFD: 15/12/2011 - 23:12:11 - [0,003] ----D C:\Users\Stef\AppData\Roaming\DScaler4 O43 - CFD: 05/03/2013 - 14:36:59 - [0] ----D C:\Users\Stef\AppData\Roaming\dvdcss O43 - CFD: 09/12/2009 - 18:33:09 - [0,001] --H-D C:\Users\Stef\AppData\Roaming\DWGeditor O43 - CFD: 29/03/2011 - 23:05:05 - [0] ----D C:\Users\Stef\AppData\Roaming\EASYTools O43 - CFD: 12/03/2013 - 17:10:21 - [4,641] --H-D C:\Users\Stef\AppData\Roaming\EDrawings O43 - CFD: 15/12/2011 - 23:12:20 - [0] --H-D C:\Users\Stef\AppData\Roaming\Eltima Software O43 - CFD: 28/03/2010 - 17:03:21 - [14,160] --H-D C:\Users\Stef\AppData\Roaming\eTeks O43 - CFD: 16/09/2013 - 17:25:14 - [0,029] --H-D C:\Users\Stef\AppData\Roaming\FileZilla O43 - CFD: 12/09/2010 - 14:09:20 - [0] --H-D C:\Users\Stef\AppData\Roaming\Foxit Software O43 - CFD: 31/12/2011 - 19:03:02 - [0] ----D C:\Users\Stef\AppData\Roaming\FreeAudioPack O43 - CFD: 16/07/2010 - 12:41:43 - [0] --H-D C:\Users\Stef\AppData\Roaming\GARMIN O43 - CFD: 08/02/2012 - 14:32:00 - [0,004] --H-D C:\Users\Stef\AppData\Roaming\Google O43 - CFD: 16/11/2012 - 15:51:08 - [0,001] ----D C:\Users\Stef\AppData\Roaming\gpdf2swf O43 - CFD: 04/12/2009 - 21:33:42 - [0] --H-D C:\Users\Stef\AppData\Roaming\Identities O43 - CFD: 26/12/2009 - 16:56:12 - [0,071] --H-D C:\Users\Stef\AppData\Roaming\IM O43 - CFD: 16/04/2010 - 19:05:46 - [0] --H-D C:\Users\Stef\AppData\Roaming\ImgBurn O43 - CFD: 04/09/2012 - 12:21:53 - [0,042] --H-D C:\Users\Stef\AppData\Roaming\IndexEducation O43 - CFD: 07/10/2012 - 10:57:27 - [0,027] ----D C:\Users\Stef\AppData\Roaming\inkscape O43 - CFD: 24/11/2012 - 11:01:29 - [0] ----D C:\Users\Stef\AppData\Roaming\Jasc O43 - CFD: 03/10/2010 - 08:00:01 - [0] --H-D C:\Users\Stef\AppData\Roaming\Leadertech O43 - CFD: 29/03/2011 - 23:04:01 - [3,331] ----D C:\Users\Stef\AppData\Roaming\Macromedia O43 - CFD: 29/03/2011 - 23:04:01 - [0,020] ----D C:\Users\Stef\AppData\Roaming\MAGIX O43 - CFD: 30/03/2011 - 07:49:42 - [13,907] ----D C:\Users\Stef\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 11:00:32 - [0] --H-D C:\Users\Stef\AppData\Roaming\Media Center Programs O43 - CFD: 15/04/2011 - 14:23:47 - [0] --H-D C:\Users\Stef\AppData\Roaming\Media Player Classic O43 - CFD: 05/12/2009 - 11:34:52 - [0] --H-D C:\Users\Stef\AppData\Roaming\Megaupload O43 - CFD: 03/03/2013 - 16:38:15 - [133,535] -S--D C:\Users\Stef\AppData\Roaming\Microsoft O43 - CFD: 04/04/2011 - 16:42:08 - [0,609] ----D C:\Users\Stef\AppData\Roaming\moovida-1 =>Adware.SPointer O43 - CFD: 29/03/2011 - 23:04:06 - [62,832] ----D C:\Users\Stef\AppData\Roaming\Mozilla O43 - CFD: 29/03/2011 - 23:05:09 - [0,105] ----D C:\Users\Stef\AppData\Roaming\NCH Software O43 - CFD: 02/01/2010 - 01:09:27 - [0,003] --H-D C:\Users\Stef\AppData\Roaming\NCH Swift Sound O43 - CFD: 08/08/2010 - 15:33:58 - [0,183] --H-D C:\Users\Stef\AppData\Roaming\Nero O43 - CFD: 23/09/2011 - 23:28:18 - [0,001] ----D C:\Users\Stef\AppData\Roaming\NVIDIA O43 - CFD: 29/03/2011 - 23:04:06 - [2,481] ----D C:\Users\Stef\AppData\Roaming\OpenOffice.org O43 - CFD: 12/04/2011 - 21:29:11 - [0] ----D C:\Users\Stef\AppData\Roaming\Openworld Learning O43 - CFD: 30/11/2012 - 00:12:49 - [0,051] ----D C:\Users\Stef\AppData\Roaming\Origin O43 - CFD: 04/08/2013 - 12:24:08 - [0,013] ----D C:\Users\Stef\AppData\Roaming\PDF Software O43 - CFD: 13/09/2013 - 08:07:37 - [0] ----D C:\Users\Stef\AppData\Roaming\PerformerSoft O43 - CFD: 29/03/2011 - 23:05:09 - [0,001] ----D C:\Users\Stef\AppData\Roaming\PhotoFiltre O43 - CFD: 20/08/2011 - 09:10:45 - [1,036] ----D C:\Users\Stef\AppData\Roaming\Reasonable Software House Ltd O43 - CFD: 29/03/2011 - 22:49:12 - [0,780] ----D C:\Users\Stef\AppData\Roaming\RGE O43 - CFD: 12/09/2013 - 22:51:27 - [0,001] ----D C:\Users\Stef\AppData\Roaming\RocketPDF O43 - CFD: 28/11/2012 - 14:29:42 - [306,384] ----D C:\Users\Stef\AppData\Roaming\Samsung O43 - CFD: 21/03/2013 - 13:21:48 - [3,082] ----D C:\Users\Stef\AppData\Roaming\SolidWorks O43 - CFD: 03/10/2011 - 20:50:41 - [18,262] ----D C:\Users\Stef\AppData\Roaming\Steinberg O43 - CFD: 26/12/2010 - 23:24:25 - [0,149] --H-D C:\Users\Stef\AppData\Roaming\Stereoscopic Player O43 - CFD: 13/04/2011 - 00:10:12 - [0,012] ----D C:\Users\Stef\AppData\Roaming\Subversion O43 - CFD: 01/07/2013 - 12:45:46 - [0,915] ----D C:\Users\Stef\AppData\Roaming\SumatraPDF O43 - CFD: 02/12/2012 - 14:59:23 - [0] ----D C:\Users\Stef\AppData\Roaming\TeamViewer O43 - CFD: 15/02/2012 - 11:08:25 - [2,862] ----D C:\Users\Stef\AppData\Roaming\Temp O43 - CFD: 29/03/2011 - 23:05:09 - [0,184] ----D C:\Users\Stef\AppData\Roaming\TerraTec O43 - CFD: 29/03/2011 - 23:04:06 - [0,008] ----D C:\Users\Stef\AppData\Roaming\Thinstall O43 - CFD: 26/02/2013 - 18:18:11 - [18,659] ----D C:\Users\Stef\AppData\Roaming\Ulead Systems O43 - CFD: 08/02/2012 - 15:19:23 - [0,002] ----D C:\Users\Stef\AppData\Roaming\Unigraphics Solutions O43 - CFD: 29/03/2011 - 23:04:07 - [0,920] ----D C:\Users\Stef\AppData\Roaming\Visicom Media O43 - CFD: 19/09/2013 - 10:47:59 - [1,882] ----D C:\Users\Stef\AppData\Roaming\vlc O43 - CFD: 30/04/2011 - 10:28:08 - [0] ----D C:\Users\Stef\AppData\Roaming\VST3 Presets O43 - CFD: 26/12/2010 - 19:22:51 - [0] --H-D C:\Users\Stef\AppData\Roaming\Windows Live Writer O43 - CFD: 21/11/2012 - 00:25:49 - [0] --H-D C:\Users\Stef\AppData\Roaming\WinRAR O43 - CFD: 09/02/2010 - 15:49:59 - [0,124] --H-D C:\Users\Stef\AppData\Roaming\Xi O43 - CFD: 05/05/2011 - 22:29:52 - [0] ----D C:\Users\Stef\AppData\Roaming\XnView O43 - CFD: 27/09/2013 - 08:10:51 - [0,015] ----D C:\Users\Stef\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 04/08/2013 - 14:52:13 - [0,390] ----D C:\Users\Stef\AppData\Local\ABBYY O43 - CFD: 04/08/2013 - 12:24:37 - [0] ----D C:\Users\Stef\AppData\Local\ABBYY FineReader Engine 9.0 O43 - CFD: 13/11/2010 - 01:00:33 - [0] --H-D C:\Users\Stef\AppData\Local\Activision O43 - CFD: 05/08/2013 - 08:06:54 - [333,463] ----D C:\Users\Stef\AppData\Local\Adobe O43 - CFD: 10/12/2011 - 21:22:03 - [0,322] ----D C:\Users\Stef\AppData\Local\APN O43 - CFD: 13/10/2011 - 22:39:03 - [0] ----D C:\Users\Stef\AppData\Local\Apple O43 - CFD: 13/10/2011 - 22:56:49 - [0,002] ----D C:\Users\Stef\AppData\Local\Apple Computer O43 - CFD: 04/12/2009 - 21:33:34 - [0] -SH-D C:\Users\Stef\AppData\Local\Application Data O43 - CFD: 21/10/2010 - 19:03:48 - [0] --H-D C:\Users\Stef\AppData\Local\Apps O43 - CFD: 27/03/2010 - 10:10:11 - [0] --H-D C:\Users\Stef\AppData\Local\ArcSoft O43 - CFD: 25/09/2011 - 09:07:11 - [0] ----D C:\Users\Stef\AppData\Local\Aspell O43 - CFD: 29/03/2011 - 23:04:47 - [0,017] ----D C:\Users\Stef\AppData\Local\assembly O43 - CFD: 24/10/2011 - 20:21:21 - [0,068] ----D C:\Users\Stef\AppData\Local\ATI O43 - CFD: 29/03/2011 - 23:03:25 - [1,392] ----D C:\Users\Stef\AppData\Local\Broad Intelligence O43 - CFD: 07/06/2010 - 18:33:44 - [0] --H-D C:\Users\Stef\AppData\Local\DassaultSystemes O43 - CFD: 26/12/2010 - 19:00:48 - [0] --H-D C:\Users\Stef\AppData\Local\Deployment O43 - CFD: 05/06/2011 - 20:24:21 - [2,121] --H-D C:\Users\Stef\AppData\Local\Diagnostics O43 - CFD: 22/10/2011 - 21:21:24 - [236,553] ----D C:\Users\Stef\AppData\Local\Downloaded Installations O43 - CFD: 20/09/2012 - 18:10:11 - [0,001] ----D C:\Users\Stef\AppData\Local\Dropbox_Folder_Sync O43 - CFD: 03/10/2011 - 20:49:57 - [0] ----D C:\Users\Stef\AppData\Local\eLicenser O43 - CFD: 29/03/2011 - 23:03:26 - [0,392] ----D C:\Users\Stef\AppData\Local\FixItCenter O43 - CFD: 21/08/2013 - 08:20:57 - [95,471] ----D C:\Users\Stef\AppData\Local\Google O43 - CFD: 04/12/2009 - 21:33:34 - [0] -SH-D C:\Users\Stef\AppData\Local\Historique O43 - CFD: 29/03/2011 - 23:04:47 - [0] ----D C:\Users\Stef\AppData\Local\http___babgvant.com O43 - CFD: 25/09/2011 - 09:09:11 - [0,002] ----D C:\Users\Stef\AppData\Local\Iceni O43 - CFD: 24/07/2012 - 08:12:43 - [5,953] ----D C:\Users\Stef\AppData\Local\Macromedia O43 - CFD: 27/09/2013 - 07:48:54 - [-153,639] ----D C:\Users\Stef\AppData\Local\Microsoft O43 - CFD: 28/04/2012 - 02:18:28 - [0,633] ----D C:\Users\Stef\AppData\Local\Microsoft Games O43 - CFD: 27/05/2013 - 07:05:09 - [3,577] ----D C:\Users\Stef\AppData\Local\Microsoft Help O43 - CFD: 29/03/2011 - 19:11:51 - [0,450] --H-D C:\Users\Stef\AppData\Local\moovida Air =>Adware.SPointer O43 - CFD: 29/03/2011 - 23:03:42 - [66,743] ----D C:\Users\Stef\AppData\Local\Mozilla O43 - CFD: 23/03/2012 - 15:39:09 - [7,743] --H-D C:\Users\Stef\AppData\Local\Nero O43 - CFD: 29/03/2011 - 23:05:02 - [0,002] ----D C:\Users\Stef\AppData\Local\Nero_AG O43 - CFD: 10/01/2010 - 14:52:44 - [0,005] --H-D C:\Users\Stef\AppData\Local\Neuf O43 - CFD: 24/10/2012 - 16:30:24 - [2,465] ----D C:\Users\Stef\AppData\Local\NOS O43 - CFD: 23/06/2012 - 18:41:27 - [36,176] ----D C:\Users\Stef\AppData\Local\Origin O43 - CFD: 18/03/2012 - 10:48:25 - [0] ----D C:\Users\Stef\AppData\Local\PackageAware O43 - CFD: 07/02/2013 - 09:24:48 - [0] ----D C:\Users\Stef\AppData\Local\Programs O43 - CFD: 20/08/2011 - 09:11:04 - [0,003] ----D C:\Users\Stef\AppData\Local\Reasonable_Software_House O43 - CFD: 15/02/2012 - 17:00:30 - [0,111] ----D C:\Users\Stef\AppData\Local\Samsung O43 - CFD: 12/04/2011 - 21:19:46 - [13,227] ----D C:\Users\Stef\AppData\Local\Sun O43 - CFD: 27/09/2013 - 08:08:55 - [192,203] ----D C:\Users\Stef\AppData\Local\Temp O43 - CFD: 04/12/2009 - 21:33:34 - [0] -SH-D C:\Users\Stef\AppData\Local\Temporary Internet Files O43 - CFD: 05/12/2009 - 01:04:54 - [0] --H-D C:\Users\Stef\AppData\Local\Thinstall O43 - CFD: 30/10/2011 - 15:22:18 - [329,295] ----D C:\Users\Stef\AppData\Local\VirtualStore O43 - CFD: 29/01/2010 - 21:23:55 - [0,001] --H-D C:\Users\Stef\AppData\Local\VirtuaTennis2009 O43 - CFD: 04/09/2010 - 18:30:38 - [0,006] --H-D C:\Users\Stef\AppData\Local\Western Digital O43 - CFD: 03/02/2013 - 15:46:31 - [0,086] --H-D C:\Users\Stef\AppData\Local\Windows Live O43 - CFD: 21/04/2011 - 12:49:00 - [0,620] --H-D C:\Users\Stef\AppData\Local\Windows Live Writer O43 - CFD: 03/10/2010 - 11:50:36 - [0] --H-D C:\Users\Stef\AppData\Local\Xara O43 - CFD: 31/08/2011 - 10:49:02 - [63,665] ----D C:\Users\Stef\AppData\Local\Xenocode O43 - CFD: 29/03/2011 - 23:05:07 - [0,014] R---D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 12/07/2012 - 07:46:12 - [0] R---D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 13/08/2010 - 21:35:38 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avid Liquid 7.00 O43 - CFD: 16/12/2009 - 17:36:43 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5 O43 - CFD: 29/03/2011 - 23:05:07 - [0,001] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU O43 - CFD: 12/09/2013 - 22:50:49 - [0,001] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard O43 - CFD: 29/03/2011 - 23:05:07 - [0,002] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner =>Piriform Ltd O43 - CFD: 17/03/2013 - 15:49:04 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CharlyGraal V5 O43 - CFD: 08/02/2012 - 16:19:24 - [0,001] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dao de Azog 2000 O43 - CFD: 24/10/2012 - 14:20:05 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doctor+ FIFA 12 Demo Modded and Unlocked DB 1.0 O43 - CFD: 05/06/2013 - 07:14:40 - [0,002] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 05/01/2012 - 17:32:28 - [0,003] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox Folder Sync O43 - CFD: 17/09/2011 - 09:28:30 - [0,003] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA Web Portal O43 - CFD: 20/05/2012 - 22:45:47 - [0,004] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 05/12/2009 - 12:30:16 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTP Expert 3 O43 - CFD: 10/12/2011 - 19:44:16 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GuideTool O43 - CFD: 29/03/2011 - 23:06:33 - [0,006] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hide Folders 2009 O43 - CFD: 26/01/2011 - 16:32:00 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Le loto de Toto O43 - CFD: 29/03/2011 - 23:05:08 - [0,001] R---D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 29/03/2011 - 23:06:33 - [0,003] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder O43 - CFD: 27/04/2012 - 22:33:01 - [0,004] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multimedia Mouse Driver O43 - CFD: 25/08/2010 - 14:01:11 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Métamorphose O43 - CFD: 03/06/2010 - 18:07:58 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre O43 - CFD: 12/09/2013 - 22:51:04 - [0,002] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RocketPDF O43 - CFD: 13/04/2011 - 00:10:06 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SEPY ActionScript Editor O43 - CFD: 04/09/2010 - 21:06:09 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleOCR O43 - CFD: 06/07/2010 - 07:52:36 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan O43 - CFD: 05/06/2013 - 07:15:05 - [0,001] R---D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 29/04/2011 - 23:04:08 - [0,017] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5 O43 - CFD: 03/10/2011 - 20:50:57 - [0,016] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE 5 O43 - CFD: 19/06/2013 - 06:30:46 - [0] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Techno-Flash O43 - CFD: 21/11/2012 - 00:25:40 - [0,003] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 10/05/2011 - 19:52:58 - [0,002] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WINUPA O43 - CFD: 01/03/2012 - 18:02:03 - [0,003] ----D C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WOW Slider ~ 3563 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 3984 Scanned in 01mn 26s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.91B6DFBA0FD7D0F4836FB711D1B5D81C] - 27/09/2013 - 06:55:12 ---A- . (...) -- C:\Windows\System32\TrueSight.sys [26624] O44 - LFC:[MD5.82838BA3812C3FCFA05E4B1C6EAA3C04] - 27/09/2013 - 06:48:08 ---A- . (...) -- C:\Windows\System32\GDIPFONTCACHEV1.DAT [184344] O44 - LFC:[MD5.FBE2CD44E14704635EF8BD7AFA2E9E65] - 27/09/2013 - 06:39:07 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1816350] O44 - LFC:[MD5.12CE3CF650AF6ADF5CC68324245EEEEE] - 27/09/2013 - 06:32:06 ---A- . (...) -- C:\Windows\error.log [14508] O44 - LFC:[MD5.6B15CBF0D7FE509259CDB8F71C76E2E4] - 27/09/2013 - 06:32:00 ---A- . (...) -- C:\Windows\setupact.log [12282] O44 - LFC:[MD5.35D0D9A921D1777DE206C31E2A09DB59] - 27/09/2013 - 06:31:50 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.DF02A8BEA8E3BCB471FEF633935BE81E] - 27/09/2013 - 06:31:39 ---A- . (...) -- C:\Windows\errord.log [3294] O44 - LFC:[MD5.A6A2811EA3FA2A2EE8597EA5AB137C99] - 26/09/2013 - 22:12:31 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [733154] O44 - LFC:[MD5.F5A5F75B6020F503C0CA6665478592C8] - 26/09/2013 - 22:12:31 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106412] O44 - LFC:[MD5.5ABA25BCD2F8B137E870CABB0FAB8CFD] - 26/09/2013 - 22:12:31 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [6802] O44 - LFC:[MD5.0265F7D4D1DD39CF13DDF3DF1E322126] - 26/09/2013 - 22:12:31 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616032] O44 - LFC:[MD5.B1EB6099DBF2BE6A3BD58EB68F754AA9] - 26/09/2013 - 22:12:31 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [18690] O44 - LFC:[MD5.4CAC856E64F96C6949B0931964F9EE42] - 17/09/2013 - 05:51:54 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [692616] O44 - LFC:[MD5.184021B2B95F3BE1B8FD7EA4F8F23C38] - 17/09/2013 - 05:51:54 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [71048] O44 - LFC:[MD5.E5F2FB37F21B5CFEAE252DF84EEDC446] - 13/09/2013 - 11:17:47 ---A- . (...) -- C:\Windows\PFRO.log [21444] O44 - LFC:[MD5.90C970B8891E5B3F1AF46B60F1F7A3F3] - 13/09/2013 - 07:00:35 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [3935592] ~ Files: 16 Scanned in 00mn 30s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.7504E2BEB7009E2A15B7F688642FE46A] - 01/09/2013 - 07:34:51 ---A- - C:\Windows\Prefetch\AgCx_SC4.db O45 - LFCP:[MD5.530D41D36023935A145AB6A25AADC05D] - 22/09/2013 - 16:04:27 ---A- - C:\Windows\Prefetch\PSP.EXE-2213546D.pf O45 - LFCP:[MD5.E8EDE4303E954329C0DE416FB578CB0A] - 22/09/2013 - 16:05:05 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-036AFA27.pf O45 - LFCP:[MD5.2B559748CB168DFF151D4F7B18F96555] - 22/09/2013 - 23:07:22 ---A- - C:\Windows\Prefetch\SLDSHELLEXTSERVER.EXE-182AB518.pf O45 - LFCP:[MD5.53CCC02D6105C575018CA724D00C4CC9] - 23/09/2013 - 06:21:43 ---A- - C:\Windows\Prefetch\MSPUB.EXE-1D022D86.pf O45 - LFCP:[MD5.FDE032A65727F7583D11996330D53665] - 23/09/2013 - 06:25:07 ---A- - C:\Windows\Prefetch\MSOHELP.EXE-B9250D59.pf O45 - LFCP:[MD5.30C1A522861A1AAF6D34343F7F8E9D04] - 23/09/2013 - 16:32:39 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.393.0.EX-4FE85737.pf O45 - LFCP:[MD5.E8C966BF66F400E673BDF325B3223FA3] - 23/09/2013 - 19:24:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0CC0685B.pf O45 - LFCP:[MD5.B34938222DC02989B1FD6AAB2E13932F] - 23/09/2013 - 23:16:26 ---A- - C:\Windows\Prefetch\WMPSHARE.EXE-21664E2A.pf O45 - LFCP:[MD5.6AA58EF42F7D54E1E26263865670F272] - 23/09/2013 - 23:16:29 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-4B83B48C.pf O45 - LFCP:[MD5.26501B5A354432D88E6B2AA105D2F3E9] - 24/09/2013 - 12:12:04 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-49AB2735.pf O45 - LFCP:[MD5.683D3AED8896440C3CB76E3A63F0D519] - 24/09/2013 - 12:12:12 ---A- - C:\Windows\Prefetch\CSC.EXE-4B9DD51E.pf O45 - LFCP:[MD5.1E2461C1E590799C52A6C96092C4D078] - 24/09/2013 - 12:12:12 ---A- - C:\Windows\Prefetch\CVTRES.EXE-DF50F484.pf O45 - LFCP:[MD5.05B7E810F5F4DF225162EE9F6525A07A] - 24/09/2013 - 12:12:16 ---A- - C:\Windows\Prefetch\W32TM.EXE-945E1DC2.pf O45 - LFCP:[MD5.46D803129057999E7FDF29FC139C7353] - 24/09/2013 - 12:12:25 ---A- - C:\Windows\Prefetch\PING.EXE-7A606CA7.pf O45 - LFCP:[MD5.E3135F53AA55A935A560D1D45B015720] - 24/09/2013 - 16:56:01 ---A- - C:\Windows\Prefetch\AGCP.EXE-3A916717.pf O45 - LFCP:[MD5.56F3C8D0A13EAAF07A777B7118AF78C2] - 24/09/2013 - 17:22:28 ---A- - C:\Windows\Prefetch\CHROME.EXE-01F55070.pf O45 - LFCP:[MD5.6032F503C665A5D10276D052208D9C09] - 24/09/2013 - 19:52:23 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-D1DA8086.pf O45 - LFCP:[MD5.9C2E256B25EE33E50D74932E955A9E0F] - 24/09/2013 - 23:10:05 ---A- - C:\Windows\Prefetch\INSTALL_PRNCLIENT_FR2400506.E-EBAA9010.pf O45 - LFCP:[MD5.1234391DB128547D60020DD7ABCA032D] - 24/09/2013 - 23:10:14 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A946326D.pf O45 - LFCP:[MD5.11D58155244FC5F0C00D1DC20FFBC970] - 25/09/2013 - 11:27:49 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.478.0.EX-FF05C74B.pf O45 - LFCP:[MD5.559E6B732310FFC8F3EDA5560955CE7B] - 25/09/2013 - 18:49:45 ---A- - C:\Windows\Prefetch\EXCEL.EXE-437CB8EF.pf O45 - LFCP:[MD5.5758F3411E914D36D131852DBF075926] - 26/09/2013 - 06:09:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8D93F6A9.pf O45 - LFCP:[MD5.8E73A17AEDA652763A50231F2B4CF449] - 26/09/2013 - 06:10:00 ---A- - C:\Windows\Prefetch\SLLAUNCHER.EXE-5BDB2273.pf O45 - LFCP:[MD5.D3E34C7C4AF213FAE716B1AE69DC8109] - 26/09/2013 - 06:29:16 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-1C83139B.pf O45 - LFCP:[MD5.F39E0AE29B51082BB2090C4F3FA7E6F7] - 26/09/2013 - 06:29:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-2ACAD5D6.pf O45 - LFCP:[MD5.11989ED8E183E171ECE0EF23C40FFB58] - 26/09/2013 - 06:31:13 ---A- - C:\Windows\Prefetch\POWERCFG.EXE-5040475A.pf O45 - LFCP:[MD5.41A3D2728AC0C690D6F5C6B5851BF025] - 26/09/2013 - 09:30:04 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-57B20E66.pf O45 - LFCP:[MD5.722C6E8F3FE53EC47E09CE40A73704D9] - 26/09/2013 - 09:30:18 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARMANAGER_714BFB3B-852B7009.pf =>Toolbar.Google O45 - LFCP:[MD5.1F858854243C215FC3EBB2D7B61DD86E] - 26/09/2013 - 09:30:18 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEONDEMAND.EXE-C7FE5BA7.pf O45 - LFCP:[MD5.265206E00262C2DE0E85B34B72C4D634] - 26/09/2013 - 10:06:17 ---A- - C:\Windows\Prefetch\CALC.EXE-73C976E8.pf O45 - LFCP:[MD5.4790D6278A28D869292B851B7C95D8BF] - 26/09/2013 - 11:29:49 ---A- - C:\Windows\Prefetch\NERO.EXE-2593DB53.pf O45 - LFCP:[MD5.9849E4529CD4390B1BAA7F5B22AE615F] - 26/09/2013 - 13:06:40 ---A- - C:\Windows\Prefetch\CRASHREPORTER.EXE-054CAE62.pf O45 - LFCP:[MD5.02C08897078F0355C59A9FC2A3DB28F1] - 26/09/2013 - 13:54:02 ---A- - C:\Windows\Prefetch\SC.EXE-CC0C6DA7.pf O45 - LFCP:[MD5.E57F79FAB9D1EC00ED7048CD8CCFCF05] - 26/09/2013 - 18:52:01 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-72213283.pf O45 - LFCP:[MD5.04BDDE66751B953700515912FE8D4B94] - 26/09/2013 - 18:52:05 ---A- - C:\Windows\Prefetch\NISSRV.EXE-20A0CF51.pf O45 - LFCP:[MD5.986DA2E1805FB1A5E423016E92D93FA8] - 26/09/2013 - 18:52:05 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-A23C89C6.pf O45 - LFCP:[MD5.CAD3FF3E2E59F92C75088EDF22C75726] - 26/09/2013 - 18:52:06 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-DC6FFC18.pf O45 - LFCP:[MD5.F16FAF30887B799FF2638FF676C02EE0] - 26/09/2013 - 18:52:10 ---A- - C:\Windows\Prefetch\CLISTART.EXE-C4AF829E.pf O45 - LFCP:[MD5.A8AE9E0C6A30E400F57E60E0EEB58476] - 26/09/2013 - 18:52:19 ---A- - C:\Windows\Prefetch\MSSECES.EXE-BF594037.pf O45 - LFCP:[MD5.BD17C7A7D21D6DA7314860CA8CE0E522] - 26/09/2013 - 18:52:19 ---A- - C:\Windows\Prefetch\RTHDVCPL.EXE-91C743BD.pf O45 - LFCP:[MD5.DA79FFC8FF17EFD800B374136EC3C267] - 26/09/2013 - 18:52:27 ---A- - C:\Windows\Prefetch\RAINLENDAR2.EXE-C35E3733.pf O45 - LFCP:[MD5.90493EAED3D439AB4ECFAA84A94E114F] - 26/09/2013 - 18:52:32 ---A- - C:\Windows\Prefetch\AGENTANTIDOTE.EXE-F057DFFD.pf O45 - LFCP:[MD5.266CFBCA95D23A9B5B83C03A479D9AFB] - 26/09/2013 - 18:52:33 ---A- - C:\Windows\Prefetch\HF.EXE-39EDD4B1.pf O45 - LFCP:[MD5.0242F2D392D7BE5445ED3CC6D4733A2A] - 26/09/2013 - 18:52:35 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-FFFB0864.pf =>Toolbar.Google O45 - LFCP:[MD5.87EAB7F892FACBB27364163854C20109] - 26/09/2013 - 18:52:37 ---A- - C:\Windows\Prefetch\DROPBOX.EXE-CFAA068D.pf O45 - LFCP:[MD5.FE4258970F020DEB1CAD7EEDA7285849] - 26/09/2013 - 18:52:39 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-67378BFA.pf O45 - LFCP:[MD5.E44172106BC2904B6B01647FF1F55885] - 26/09/2013 - 18:53:15 ---A- - C:\Windows\Prefetch\EHTRAY.EXE-C5566E96.pf O45 - LFCP:[MD5.48F81BAA360E625048EFDF21D35205EA] - 26/09/2013 - 19:04:17 ---A- - C:\Windows\Prefetch\AM_DELTA_PATCH_1.159.648.0.EX-29E9E1CE.pf O45 - LFCP:[MD5.4664863D0AF7C5013E380C740C7DF6AB] - 26/09/2013 - 19:04:18 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-1E4BAB67.pf O45 - LFCP:[MD5.8BA0F3664C2A423A439C5C9733E4E6DD] - 26/09/2013 - 19:23:31 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.ED014550BA4AD24AE8399F4064332091] - 26/09/2013 - 19:33:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-1EBB7E14.pf O45 - LFCP:[MD5.5FE93057ED0F3C1AE5320C8EB3722D63] - 26/09/2013 - 19:33:37 ---A- - C:\Windows\Prefetch\VSSVC.EXE-3C0C319A.pf O45 - LFCP:[MD5.335F1F892E4892E5F6EA34900B116CD7] - 26/09/2013 - 19:34:13 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-5D163506.pf O45 - LFCP:[MD5.CA224B59C1DE7580724A64A68F9CEF4D] - 26/09/2013 - 20:33:52 ---A- - C:\Windows\Prefetch\NTVDM.EXE-79B2BD66.pf O45 - LFCP:[MD5.FE8ACCDE30F23038485AFBE708F26CA8] - 26/09/2013 - 20:33:58 ---A- - C:\Windows\Prefetch\CLIENT PRONOTE 2013.EXE-C8BC1A4D.pf O45 - LFCP:[MD5.4212BFA01AC1B41B4C8A946C927CB647] - 26/09/2013 - 20:38:43 ---A- - C:\Windows\Prefetch\ANTIDOTE.EXE-CEEA66AA.pf O45 - LFCP:[MD5.13E456C438A3263AA87A1379CED26CF8] - 26/09/2013 - 21:04:22 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-995397270-3947617806-4176101183-1000.db O45 - LFCP:[MD5.BD0A068C94DB65C075CE8DDFD4414364] - 26/09/2013 - 21:04:22 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-995397270-3947617806-4176101183-1000.db O45 - LFCP:[MD5.101B00C611AA9A01296B589A74CE5762] - 26/09/2013 - 21:17:29 ---A- - C:\Windows\Prefetch\SUMATRAPDF.EXE-14DF775D.pf O45 - LFCP:[MD5.E015D1FF96A940D1C185AC53DA372F62] - 26/09/2013 - 21:39:40 ---A- - C:\Windows\Prefetch\OSE.EXE-DAFF4EF2.pf O45 - LFCP:[MD5.988F7168F3E1701645EDD4F4858205BA] - 26/09/2013 - 21:39:41 ---A- - C:\Windows\Prefetch\MSOHTMED.EXE-73C317D8.pf O45 - LFCP:[MD5.75E77273AF7136BE8A3226479935CE06] - 26/09/2013 - 22:13:41 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-F0E541E0.pf O45 - LFCP:[MD5.90B5F05CF20F09CEFB06D5985BA188D7] - 26/09/2013 - 22:23:11 ---A- - C:\Windows\Prefetch\SETUP.EXE-5474523F.pf O45 - LFCP:[MD5.13A426453EEAC3940CCCA7B580B0F22A] - 26/09/2013 - 22:23:14 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-4491FC27.pf O45 - LFCP:[MD5.74F8EF9B96EB2B934ED4F9AB2F794395] - 26/09/2013 - 22:23:30 ---A- - C:\Windows\Prefetch\WINWORD.EXE-49614575.pf O45 - LFCP:[MD5.9B2A476BB6FBD22D74D95A967B2B9C9F] - 26/09/2013 - 22:23:42 ---A- - C:\Windows\Prefetch\BCSSYNC.EXE-16F2AFBB.pf O45 - LFCP:[MD5.6CCD91AA7F86DCDF58F1D193142C88BF] - 26/09/2013 - 22:23:50 ---A- - C:\Windows\Prefetch\MSOHTMED.EXE-F60D43CF.pf O45 - LFCP:[MD5.9CC0329575D998E940051908E189595E] - 26/09/2013 - 22:23:53 ---A- - C:\Windows\Prefetch\ADDINUTIL.EXE-8BF54656.pf O45 - LFCP:[MD5.752577F6C279E6BBC301B572D2046397] - 26/09/2013 - 22:54:27 ---A- - C:\Windows\Prefetch\MSPUB.EXE-F056F445.pf O45 - LFCP:[MD5.65228BB1144AE48C94DCAAA59F480C21] - 26/09/2013 - 23:03:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C8471742.pf O45 - LFCP:[MD5.A26B52F69F58E1BDF7AB0AC644D0B2D1] - 26/09/2013 - 23:03:16 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1A7C3DFD.pf O45 - LFCP:[MD5.91690A150858815582D5D54771632F8C] - 26/09/2013 - 23:07:16 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-8D561148.pf O45 - LFCP:[MD5.56309E31331435F6BCC28C59EE2E5555] - 26/09/2013 - 23:07:37 ---A- - C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-C4371B61.pf O45 - LFCP:[MD5.B3BB9CE9DDF973206081953DCE622113] - 26/09/2013 - 23:07:46 ---A- - C:\Windows\Prefetch\DXPSERVER.EXE-B476B278.pf O45 - LFCP:[MD5.87251044C091B9CC12C72D836973AECD] - 26/09/2013 - 23:08:43 ---A- - C:\Windows\Prefetch\WINWORD.EXE-4F15C744.pf O45 - LFCP:[MD5.7C60D53701828DFD6DBC1F9FAB29A194] - 26/09/2013 - 23:08:59 ---A- - C:\Windows\Prefetch\OSPPSVC.EXE-6148D951.pf O45 - LFCP:[MD5.ABCFD53A9DF6246407D0B2DC754CDEA2] - 26/09/2013 - 23:09:44 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-99AF9BC5.pf O45 - LFCP:[MD5.F95E1E86B4F7F675D93D3FEAD3532A6D] - 26/09/2013 - 23:10:18 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-8CBA30F8.pf O45 - LFCP:[MD5.BC9E5CD2F5EB742A41C4091D3C64696D] - 26/09/2013 - 23:20:38 ---A- - C:\Windows\Prefetch\CNMSE93.EXE-47BDD820.pf O45 - LFCP:[MD5.11BF5045AD93D8733682F8985941CEB0] - 26/09/2013 - 23:20:48 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EEC7D7D8.pf O45 - LFCP:[MD5.BEA1E30D2510AEB429E7FD556C296C68] - 26/09/2013 - 23:22:14 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8E42CC4F.pf O45 - LFCP:[MD5.4F0F83A658C7C3B6119469B15E2F2017] - 26/09/2013 - 23:28:45 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-D99D24E9.pf O45 - LFCP:[MD5.E6473F8D89D6CE5CE20465F5B9E2C939] - 26/09/2013 - 23:28:46 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARUSER_32.EXE-ACC1719B.pf =>Toolbar.Google O45 - LFCP:[MD5.E0DF3A691E693F772A7EA731C66BE51A] - 26/09/2013 - 23:28:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-5E5BA332.pf O45 - LFCP:[MD5.252E2E6C4679DA9121687D418F58D282] - 26/09/2013 - 23:28:59 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-AAD0A372.pf O45 - LFCP:[MD5.88A6A0ABAFEFB6F8329E457A89F53771] - 26/09/2013 - 23:29:15 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.D01CADF2D5ADF56A7665F8924AF843D0] - 27/09/2013 - 06:34:07 ---A- - C:\Windows\Prefetch\GESANT.EXE-CAAB7B24.pf O45 - LFCP:[MD5.673673AA47048F2E95E29D298F793E67] - 27/09/2013 - 06:34:16 ---A- - C:\Windows\Prefetch\INTEGRATEUR.EXE-D58F4F8C.pf O45 - LFCP:[MD5.0D2DA7D2B9C8F79908C34F713EEC5AF5] - 27/09/2013 - 06:34:20 ---A- - C:\Windows\Prefetch\MOTEURINTEGRATION.EXE-95369D2A.pf O45 - LFCP:[MD5.C6576A815DCF2D037364C32E69AE95EE] - 27/09/2013 - 06:34:36 ---A- - C:\Windows\Prefetch\EHREC.EXE-F75AA808.pf O45 - LFCP:[MD5.3F893BACA522F81BF3F22BD6B056D820] - 27/09/2013 - 06:34:49 ---A- - C:\Windows\Prefetch\SPEEDFAN.EXE-0551CE8B.pf O45 - LFCP:[MD5.9187DB253D8170250890BFC7F8A65B8C] - 27/09/2013 - 06:35:06 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-B153D8B6.pf O45 - LFCP:[MD5.EE34D0801A6BBF9AADB9712B81980DD4] - 27/09/2013 - 06:35:17 ---A- - C:\Windows\Prefetch\NASVC.EXE-3E46F7E5.pf O45 - LFCP:[MD5.7C8839863CF368BC2FA39C5EEE7CBBEC] - 27/09/2013 - 06:35:48 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6A2E8FC5.pf O45 - LFCP:[MD5.5606A5F82D75621EE6DD7585A9D65740] - 27/09/2013 - 06:35:57 ---A- - C:\Windows\Prefetch\WLMAIL.EXE-466A3B6F.pf O45 - LFCP:[MD5.90E6256B61D970B3040D816ECE025B9F] - 27/09/2013 - 06:36:15 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E299E3BE.pf O45 - LFCP:[MD5.A2140B550782FF7525896CBB2C52E9D6] - 27/09/2013 - 06:36:17 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-C42984CB.pf O45 - LFCP:[MD5.1C2DD020A34383DB9F03D1FD7EEB7072] - 27/09/2013 - 06:36:32 ---A- - C:\Windows\Prefetch\WLCOMM.EXE-F49DDED8.pf O45 - LFCP:[MD5.98ABA31AEA297B5B23F0D42835EA1EFE] - 27/09/2013 - 06:38:39 ---A- - C:\Windows\Prefetch\WINRAR.EXE-5120E7C5.pf O45 - LFCP:[MD5.1660A7C96BA32614CEA9A10E12047925] - 27/09/2013 - 06:38:49 ---A- - C:\Windows\Prefetch\PROCEXP.EXE-AFFB3EA7.pf O45 - LFCP:[MD5.2CFED670EBEF4B55016CBBA31C563E39] - 27/09/2013 - 06:39:16 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-11EE2502.pf O45 - LFCP:[MD5.C1057042BBD2196747DC93E0AB542E4F] - 27/09/2013 - 06:40:19 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-D0500CA3.pf O45 - LFCP:[MD5.1AAF81C1388DFDF20BAFA437982FE19E] - 27/09/2013 - 06:40:46 ---A- - C:\Windows\Prefetch\IGFXUPDATE.EXE-41A8EB56.pf O45 - LFCP:[MD5.2EC8006ABBAFAB08BF1F995457C520C3] - 27/09/2013 - 06:40:46 ---A- - C:\Windows\Prefetch\IGFXUPDATE.EXE-AF01F539.pf O45 - LFCP:[MD5.0E214109CA997FBE20F770C8E2A97879] - 27/09/2013 - 06:41:17 ---A- - C:\Windows\Prefetch\PROCEXP.EXE-14F0AB77.pf O45 - LFCP:[MD5.3F298476989F6142227EAF078E60D0A3] - 27/09/2013 - 06:45:06 ---A- - C:\Windows\Prefetch\WERMGR.EXE-8875B865.pf O45 - LFCP:[MD5.60066DBBCA6017D3BA403BE69664E064] - 27/09/2013 - 06:45:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EC7D4248.pf O45 - LFCP:[MD5.21BA748C2A0F14B19CB1A79ACE7E4EC8] - 27/09/2013 - 06:46:08 ---A- - C:\Windows\Prefetch\MMC.EXE-BA338D67.pf O45 - LFCP:[MD5.D9204FBD2386EFC3306BA505E7FACC5D] - 27/09/2013 - 06:47:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-70E7A76D.pf O45 - LFCP:[MD5.E1CC0FD48D7711E9F079A63CEC8F53FB] - 27/09/2013 - 06:48:07 ---A- - C:\Windows\Prefetch\MMC.EXE-19AC4416.pf O45 - LFCP:[MD5.75C4C8CA3B59A4544E9179C0B35E3045] - 27/09/2013 - 06:52:12 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-011BE6AE.pf O45 - LFCP:[MD5.1852CBD2B6DE2C9D2E0DF7CA366ACD09] - 27/09/2013 - 06:53:11 ---A- - C:\Windows\Prefetch\PERFMON.EXE-850C059C.pf O45 - LFCP:[MD5.D54F3F8E62458753D466C886A81723B9] - 27/09/2013 - 06:53:26 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-65EC0A25.pf O45 - LFCP:[MD5.AD7DE2297D825A925AE22780D93DDBB0] - 27/09/2013 - 06:54:59 ---A- - C:\Windows\Prefetch\ROGUEKILLER.EXE-E9E8B7B3.pf O45 - LFCP:[MD5.C08BB91FD566BAB3EDBDBFB1F95E24F1] - 27/09/2013 - 07:04:09 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-5FB9CF9A.pf O45 - LFCP:[MD5.19613C889BC71E64F6BBB8BB2B79FCF7] - 27/09/2013 - 07:04:09 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_8_800_16-6ABE5802.pf O45 - LFCP:[MD5.76119716AF9920779D5AA5749B66646F] - 27/09/2013 - 07:04:09 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-1A0BCDB9.pf O45 - LFCP:[MD5.A90758B1D39CDBF1FAF78D931D8BA193] - 27/09/2013 - 07:05:42 ---A- - C:\Windows\Prefetch\PREVHOST.EXE-38CCF158.pf O45 - LFCP:[MD5.CF3FBF13D5D5B688954CB852F18C834A] - 27/09/2013 - 07:06:49 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-774E2D1B.pf O45 - LFCP:[MD5.0CF749FD253211228F62C75EE296F7F1] - 27/09/2013 - 07:06:49 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-DDF28657.pf O45 - LFCP:[MD5.EA761D5FFA3DDCAF6FFEF62002E18223] - 27/09/2013 - 07:07:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-EA9181FA.pf O45 - LFCP:[MD5.DEDF1886988D077E3D5D47C8D39C4B40] - 27/09/2013 - 07:07:17 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F7D0A756.pf O45 - LFCP:[MD5.FE2D1A42FBEB208152AD5A2DA0043478] - 27/09/2013 - 07:07:23 ---A- - C:\Windows\Prefetch\CONSENT.EXE-F4D8795B.pf O45 - LFCP:[MD5.75D75113098BDCC58E256FA52C8AADDB] - 27/09/2013 - 07:07:28 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-18203843.pf O45 - LFCP:[MD5.69C50BBF6C50FF5BBBFB3DAAB86552C4] - 27/09/2013 - 07:08:06 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.92BF743F6CDC8C4F52B39F2379716BE0] - 27/09/2013 - 07:08:06 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.38A930252C06E164F8C6D6ECC31EDAF7] - 27/09/2013 - 07:08:06 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-0003997E.pf O45 - LFCP:[MD5.9F4B9F4A7C806B49C5C1957621955F74] - 27/09/2013 - 07:08:07 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.21DBF3F139AB5D9A980DBCA430DEA1E0] - 27/09/2013 - 07:08:07 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.9723CEF5B8CEAB2D5DAF065A8DE23AC6] - 27/09/2013 - 07:09:03 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-5BE99666.pf O45 - LFCP:[MD5.C9D1399192B1D0AADBDB449FF2D229CB] - 27/09/2013 - 07:09:30 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-22B146F5.pf O45 - LFCP:[MD5.1635D848F9BEACA815A8D96BC6C0FCEA] - 27/09/2013 - 07:09:58 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-2A4302F4.pf O45 - LFCP:[MD5.DCA2FE55E1BC61EC164DE5ADF15C3364] - 27/09/2013 - 07:09:58 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-32FC3D5D.pf O45 - LFCP:[MD5.954BDBF4CAA681963BEE9BC481D02797] - 27/09/2013 - 07:10:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-4787A8CB.pf O45 - LFCP:[MD5.F22DCC81BF8D8B04332D03BC0F0C50E0] - 27/09/2013 - 07:12:00 ---A- - C:\Windows\Prefetch\CONHOST.EXE-C0FB3CEF.pf ~ Prefetcher: 136 Scanned in 00mn 01s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.vp60"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll O52 - TDSD: \Drivers32\"vidc.vp61"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll O52 - TDSD: \Drivers32\"vidc.vp62"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll O52 - TDSD: \Drivers32\"msacm.divxa32"="DivXa32.acm" . (.Packed With Joy ! - DivX;-) Audio Codec.) -- C:\Windows\System32\DivXa32.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="LameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsvid.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsvid.dll O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivXNetworks, Inc. - DivX® Codec for Windows.) -- C:\Windows\System32\DivX.dll O52 - TDSD: \Drivers32\"VIDC.FMVC"="fmcodec.dll" . (.Fox Magic Software - FM Screen Capture Codec (VFW).) -- C:\Windows\System32\fmcodec.dll O52 - TDSD: \Drivers32\"msacm.l3fhg"="mp3fhg.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\mp3fhg.acm O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"DivXa32.acm"="DivX Audio Codec" . (.Packed With Joy ! - DivX;-) Audio Codec.) -- C:\Windows\System32\DivXa32.acm O52 - TDSD: \drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm O52 - TDSD: \drivers.desc\"frapsvid.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsvid.dll O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\System32\ff_vfw.dll ~ TDSD: 22 Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\command . (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\AdobeCS5ServiceManager [Key] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe O53 - SMSR:HKLM\...\startupreg\ApnUpdater [Key] . (...) -- C:\Program Files\Ask.com\Updater\Updater.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\ArcSoft Connection Service [Key] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation O53 - SMSR:HKLM\...\startupreg\Bonus.SSR.FR11 [Key] . (.ABBYY. - ABBYY ScreenshotReader.) -- C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (...) -- C:\Users\Stef\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\facemoods [Key] . (...) -- C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (.not file.) =>Adware.Facemoods O53 - SMSR:HKLM\...\startupreg\Google Quick Search Box [Key] . (.Google Inc. - Google Quick Search Box.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe O53 - SMSR:HKLM\...\startupreg\KiesAirMessage [Key] . (.Samsung Electronics - Pas de description.) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe O53 - SMSR:HKLM\...\startupreg\KiesHelper [Key] . (...) -- C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\KiesPDLR [Key] . (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O53 - SMSR:HKLM\...\startupreg\KiesPreload [Key] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe O53 - SMSR:HKLM\...\startupreg\KiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O53 - SMSR:HKLM\...\startupreg\KMConfig [Key] . (.UASSOFT.COM - DRIVER AUTORUN.) -- C:\Program Files\Multimedia Mouse Driver\V5\StartAutorun.exe O53 - SMSR:HKLM\...\startupreg\NBAgent [Key] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe O53 - SMSR:HKLM\...\startupreg\PinnacleDriverCheck [Key] . (...) -- C:\Windows\system32\PSDrvCheck.exe O53 - SMSR:HKLM\...\startupreg\PrintDisp [Key] . (.ActMask Co.,Ltd - http://www.all2pdf.com - PrintDisp.) -- C:\Windows\system32\PrintDisp.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\Remote Control Editor [Key] . (.Elgato Systems - Remote Control Receiver & Editor.) -- C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe O53 - SMSR:HKLM\...\startupreg\Standby [Key] . (...) -- c:\Program Files\Common Files\Corel\Standby\Standby.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O53 - SMSR:HKLM\...\startupreg\UVS11 Preload [Key] . (.InterVideo Digital Technology Corporation - Ulead VideoStudio.) -- C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O53 - SMSR:HKLM\...\startupreg\WD_SRT [Key] . (.Western Digital Technologies, Inc. - WD Safe Removal Tool.) -- C:\Program Files\Western Digital Technologies\WD Win98 SE USB Disk Driver, v1.00.09\WD_SRT.exe O53 - SMSR:HKLM\...\startupreg\Zune Launcher [Key] . (...) -- C:\Program Files\Zune\ZuneLauncher.exe (.not file.) ~ SMSR Keys: 30 Scanned in 00mn 01s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 1 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1 ~ MWPS: 17 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutorun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=255 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.9421EA92A017542E1B0FEC5B0513F6E2] - 17/08/2009 - 22:27:50 ---A- . (.NXP Semiconductors Germany GmbH - 3xHybrid.) -- C:\Windows\System32\Drivers\3xHybrid.sys [1008768] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: 17 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 24/09/2013 - 05:44:57 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524118c9 [124] O61 - LFC: 24/09/2013 - 05:47:13 ---A- . (...) -- C:\Users\Stef\.rainlendar2\backups\20130924-Rainlendar2Backup.zip [6812] O61 - LFC: 24/09/2013 - 05:49:44 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\l\52411960 [53392] O61 - LFC: 24/09/2013 - 16:23:39 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241ae7b [148] O61 - LFC: 24/09/2013 - 16:24:24 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\PDF-Edition-Complete-Forbach-du-24-09-2013.pdf [18201198] O61 - LFC: 24/09/2013 - 16:24:27 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\sumatrapdfcache\ab69b07e9f9388dafe59447db50cbc2a.png [48724] O61 - LFC: 24/09/2013 - 16:26:36 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241af2c [124] O61 - LFC: 24/09/2013 - 16:56:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16] O61 - LFC: 24/09/2013 - 16:56:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000078 [751] O61 - LFC: 24/09/2013 - 16:56:50 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [145] O61 - LFC: 24/09/2013 - 16:56:50 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 24/09/2013 - 16:56:50 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000095 [159] O61 - LFC: 24/09/2013 - 16:56:52 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8] O61 - LFC: 24/09/2013 - 16:56:59 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Favicons [79872] O61 - LFC: 24/09/2013 - 16:56:59 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC: 24/09/2013 - 16:57:28 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [20480] O61 - LFC: 24/09/2013 - 16:57:28 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384] O61 - LFC: 24/09/2013 - 16:57:29 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [38912] O61 - LFC: 24/09/2013 - 16:57:29 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384] O61 - LFC: 24/09/2013 - 17:02:50 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [260605] O61 - LFC: 24/09/2013 - 17:02:50 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set [260605] O61 - LFC: 24/09/2013 - 17:02:50 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.fingerprint [12] O61 - LFC: 24/09/2013 - 17:02:50 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json [34] O61 - LFC: 24/09/2013 - 17:07:29 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [12848] O61 - LFC: 24/09/2013 - 17:07:29 --HA- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Web Data [83968] O61 - LFC: 24/09/2013 - 17:16:12 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241bacc [148] O61 - LFC: 24/09/2013 - 17:26:01 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Top Sites [45056] O61 - LFC: 24/09/2013 - 17:26:01 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384] O61 - LFC: 24/09/2013 - 17:27:38 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [790676] O61 - LFC: 24/09/2013 - 17:27:42 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [18045548] O61 - LFC: 24/09/2013 - 17:27:42 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [2767692] O61 - LFC: 24/09/2013 - 17:27:42 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135236] O61 - LFC: 24/09/2013 - 17:27:42 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [30904] O61 - LFC: 24/09/2013 - 17:27:42 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6424] O61 - LFC: 24/09/2013 - 17:28:04 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 24/09/2013 - 17:28:04 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [75136] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0 [45056] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1 [270336] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2 [1056768] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-09 [77824] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-09-journal [16384] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [15168] O61 - LFC: 24/09/2013 - 17:28:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 24/09/2013 - 17:28:48 --HA- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\History [118784] O61 - LFC: 24/09/2013 - 17:28:48 --HA- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Local State [50838] O61 - LFC: 24/09/2013 - 17:28:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [12896] O61 - LFC: 24/09/2013 - 17:28:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Current Session [171779] O61 - LFC: 24/09/2013 - 17:28:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [266] O61 - LFC: 24/09/2013 - 17:28:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 24/09/2013 - 17:28:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5] O61 - LFC: 24/09/2013 - 17:28:49 --HA- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Cookies [57344] O61 - LFC: 24/09/2013 - 17:28:49 --HA- . (...) -- C:\Users\Stef\AppData\Local\Google\Chrome\User Data\Default\Preferences [109941] O61 - LFC: 24/09/2013 - 17:41:59 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241c0d7 [148] O61 - LFC: 24/09/2013 - 17:44:06 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241c156 [148] O61 - LFC: 24/09/2013 - 18:53:30 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241d19a [124] O61 - LFC: 24/09/2013 - 18:54:40 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241d1e0 [180] O61 - LFC: 24/09/2013 - 19:08:28 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241d51c [148] O61 - LFC: 24/09/2013 - 19:22:08 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5241d84f [148] O61 - LFC: 24/09/2013 - 22:21:19 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5242024e [148] O61 - LFC: 25/09/2013 - 00:21:49 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52421e8d [148] O61 - LFC: 25/09/2013 - 05:58:51 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52426d8a [124] O61 - LFC: 25/09/2013 - 06:00:43 ---A- . (...) -- C:\Users\Stef\.rainlendar2\backups\20130925-Rainlendar2Backup.zip [6812] O61 - LFC: 25/09/2013 - 06:03:25 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\l\52426e0d [53408] O61 - LFC: 25/09/2013 - 06:09:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52426ffc [148] O61 - LFC: 25/09/2013 - 06:10:14 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\PDF-Edition-Cahier-Sarreguemines-du-25-09-2013.pdf [14259989] O61 - LFC: 25/09/2013 - 06:10:22 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\sumatrapdfcache\c6db1d13718863f61955380618768729.png [39303] O61 - LFC: 25/09/2013 - 06:10:46 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\PDF-Edition-Complete-Forbach-du-25-09-2013.pdf [25521990] O61 - LFC: 25/09/2013 - 06:10:47 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\sumatrapdfcache\9eb5e24fac64308cdb0fce225ee637d2.png [42420] O61 - LFC: 25/09/2013 - 10:00:05 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5242a615 [148] O61 - LFC: 25/09/2013 - 10:12:05 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5242a8e5 [124] O61 - LFC: 25/09/2013 - 10:33:12 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CVRC60A.tmp.cvr [0] O61 - LFC: 25/09/2013 - 10:39:23 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CVR6D5E.tmp.cvr [0] O61 - LFC: 25/09/2013 - 10:40:37 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CVR8E2F.tmp.cvr [0] O61 - LFC: 25/09/2013 - 10:42:34 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5242b00a [160] O61 - LFC: 25/09/2013 - 10:44:33 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Evaluations.LNK [658] O61 - LFC: 25/09/2013 - 10:48:20 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CVRA0AB.tmp.cvr [0] O61 - LFC: 25/09/2013 - 11:37:29 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CVR9F39.tmp.cvr [0] O61 - LFC: 25/09/2013 - 11:38:57 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Divers.LNK [614] O61 - LFC: 25/09/2013 - 11:46:23 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\CVRC633.tmp.cvr [0] O61 - LFC: 25/09/2013 - 11:48:54 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Saison 2013.docx.LNK [645] O61 - LFC: 25/09/2013 - 18:48:15 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524321df [148] O61 - LFC: 25/09/2013 - 22:37:07 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Excel\Excel14.xlb [12821] O61 - LFC: 25/09/2013 - 22:37:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\dénombrer de 1 à 5 exercice 1.doc (2).LNK [913] O61 - LFC: 25/09/2013 - 22:37:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\dénombrer de 1 à 5 exercice 1.doc.LNK [913] O61 - LFC: 26/09/2013 - 05:56:23 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5243be76 [124] O61 - LFC: 26/09/2013 - 05:59:07 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5243bf1a [124] O61 - LFC: 26/09/2013 - 06:01:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\l\5243beff [52224] O61 - LFC: 26/09/2013 - 06:01:49 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5243bfbd [180] O61 - LFC: 26/09/2013 - 08:26:51 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5243e1bb [148] O61 - LFC: 26/09/2013 - 09:29:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Toolbar Cache\7.5.4413.1752\fr\translate_element.js.content [2381] O61 - LFC: 26/09/2013 - 09:29:48 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Toolbar Cache\7.5.4413.1752\fr\translate_languages.json.content [1497] O61 - LFC: 26/09/2013 - 10:29:49 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5243fe8d [148] O61 - LFC: 26/09/2013 - 10:31:28 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\sumatrapdfcache\f4ec3bcde06b5ec17260b96eea2f9999.png [6412] O61 - LFC: 26/09/2013 - 12:42:13 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52441d95 [124] O61 - LFC: 26/09/2013 - 13:26:40 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\sigstore.dbx [78642176] O61 - LFC: 26/09/2013 - 13:26:41 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\aggregation.dbx [4096] O61 - LFC: 26/09/2013 - 14:17:15 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\plan de travail semaine 40.doc.LNK [832] O61 - LFC: 26/09/2013 - 18:50:41 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524473f0 [124] O61 - LFC: 26/09/2013 - 18:52:45 ---A- . (...) -- C:\Users\Stef\.rainlendar2\backups\20130926-Rainlendar2Backup.zip [6812] O61 - LFC: 26/09/2013 - 18:54:32 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\l\52447478 [53184] O61 - LFC: 26/09/2013 - 18:56:12 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244753b [148] O61 - LFC: 26/09/2013 - 18:56:26 ---A- . (...) -- C:\Users\Stef\AppData\Local\Windows Live Writer\ResourceCache\live\Writer_Config.cab [26214] O61 - LFC: 26/09/2013 - 20:33:50 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52448c1e [180] O61 - LFC: 26/09/2013 - 21:06:35 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524493ca [124] O61 - LFC: 26/09/2013 - 21:13:02 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244954e [148] O61 - LFC: 26/09/2013 - 21:13:07 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\sumatrapdfcache\7d6ba0e1a1d944e2f1587fa4096249f4.png [18100] O61 - LFC: 26/09/2013 - 21:13:39 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52449573 [148] O61 - LFC: 26/09/2013 - 21:17:20 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\sumatrapdfcache\d40b7e993cf7d3276bc9d2436bfb7fbc.png [21482] O61 - LFC: 26/09/2013 - 21:17:36 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52449660 [140] O61 - LFC: 26/09/2013 - 21:19:06 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\InjtDUEG.pdf.part [589111] O61 - LFC: 26/09/2013 - 21:19:12 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\SumatraPDF-settings.txt [394180] O61 - LFC: 26/09/2013 - 21:19:12 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\SumatraPDF\sumatrapdfcache\a830de868dd363d8a41cc414cf153b8c.png [67172] O61 - LFC: 26/09/2013 - 21:23:43 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524497cf [160] O61 - LFC: 26/09/2013 - 21:24:02 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\57426752.jpg.LNK [778] O61 - LFC: 26/09/2013 - 21:32:54 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Word\Je%20reconstitue%20le%20puzzle%20de%20la%20maison%303254941267778041\Je%20reconstitue%20le%20puzzle%20de%20la%20maison%20image%20en-dessous.doc.lnk [1113] O61 - LFC: 26/09/2013 - 21:32:54 R---- . (.KIEFFER S..) -- C:\Users\Stef\AppData\Roaming\Microsoft\Word\Je%20reconstitue%20le%20puzzle%20de%20la%20maison%303254941267778041\Je%20reconstitue%20le%20puzzle%20de%20la%20maison%20image%20en-dessous((Autosaved-303255121474454448)).asd [150016] O61 - LFC: 26/09/2013 - 21:35:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Dino à l'école.LNK [780] O61 - LFC: 26/09/2013 - 21:35:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Je reconstitue le puzzle de la couverture du Dino.doc.LNK [1014] O61 - LFC: 26/09/2013 - 21:35:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Je reconstitue le puzzle de la maison image en-dessous.doc.LNK [1033] O61 - LFC: 26/09/2013 - 21:37:11 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52449af7 [160] O61 - LFC: 26/09/2013 - 21:37:42 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Paul KLEE.doc.LNK [838] O61 - LFC: 26/09/2013 - 21:38:30 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52449b46 [160] O61 - LFC: 26/09/2013 - 21:38:35 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\head of man productions des enfants.doc.LNK [916] O61 - LFC: 26/09/2013 - 21:39:11 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52449b6f [160] O61 - LFC: 26/09/2013 - 21:39:32 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\marilyn_warhol.jpg.LNK [853] O61 - LFC: 26/09/2013 - 21:40:15 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Head of a man.doc.LNK [850] O61 - LFC: 26/09/2013 - 21:50:38 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Word\Marilyn303254971578559747\Marilyn.docx.lnk [913] O61 - LFC: 26/09/2013 - 21:50:38 R---- . (.Stef.) -- C:\Users\Stef\AppData\Roaming\Microsoft\Word\Marilyn303254971578559747\Marilyn((Autosaved-303255143520929856)).asd [50688] O61 - LFC: 26/09/2013 - 21:58:08 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Marilyn.docx.LNK [835] O61 - LFC: 26/09/2013 - 21:58:08 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\Percevoir, imaginer, sentir , créer.LNK [724] O61 - LFC: 26/09/2013 - 21:58:09 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\mondrian.docx.LNK [838] O61 - LFC: 26/09/2013 - 22:00:31 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\images indices 1.doc.lnk [808] O61 - LFC: 26/09/2013 - 22:00:53 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\images indices 2.doc.lnk [808] O61 - LFC: 26/09/2013 - 22:01:23 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\images pour raconter l'histoire de patou.doc.lnk [880] O61 - LFC: 26/09/2013 - 22:01:33 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\je classe les mots selon le nombre de syllabes.doc.lnk [898] O61 - LFC: 26/09/2013 - 22:02:26 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\Patou la mêle-tout.lnk [673] O61 - LFC: 26/09/2013 - 22:02:26 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\je retrouve le nom des sorcières.doc.lnk [856] O61 - LFC: 26/09/2013 - 22:08:53 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244a265 [148] O61 - LFC: 26/09/2013 - 22:10:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244a2b8 [124] O61 - LFC: 26/09/2013 - 22:33:04 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244a810 [160] O61 - LFC: 26/09/2013 - 22:41:22 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\étiquettes casiers avec photos.pub.LNK [731] O61 - LFC: 26/09/2013 - 22:41:34 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\étiquettes prénoms en script pour les casiers.doc.LNK [776] O61 - LFC: 26/09/2013 - 22:42:33 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\étiquettes cursive casiers avec photos.pub.LNK [758] O61 - LFC: 26/09/2013 - 22:53:13 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\liste avec tableau.docx.LNK [698] O61 - LFC: 26/09/2013 - 22:56:48 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\P1060492.JPG.lnk [775] O61 - LFC: 26/09/2013 - 22:56:48 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\photo Pascale.lnk [664] O61 - LFC: 26/09/2013 - 23:01:03 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\Maternelle 2013 - 2014.lnk [554] O61 - LFC: 26/09/2013 - 23:01:03 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\Modèles.lnk [1103] O61 - LFC: 26/09/2013 - 23:01:03 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\Normal.dot.lnk [1228] O61 - LFC: 26/09/2013 - 23:01:03 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\photo activité filles garçons.doc.lnk [728] O61 - LFC: 26/09/2013 - 23:01:03 ---A- . (.Stef.) -- C:\Users\Stef\AppData\Roaming\Microsoft\Modèles\Normal.dot [37376] O61 - LFC: 26/09/2013 - 23:01:03 --H-- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Récent\index.dat [2103] O61 - LFC: 26/09/2013 - 23:07:06 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244b00a [124] O61 - LFC: 26/09/2013 - 23:08:01 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244b041 [124] O61 - LFC: 26/09/2013 - 23:08:52 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\5244b074 [160] O61 - LFC: 26/09/2013 - 23:21:54 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\photo activité filles garçons.doc.LNK [728] O61 - LFC: 26/09/2013 - 23:21:54 --H-- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\Office\Recent\index.dat [6010] O61 - LFC: 26/09/2013 - 23:28:46 ---A- . (...) -- C:\Users\Stef\AppData\Local\Google\Toolbar\broker_metrics.xml [2931] O61 - LFC: 26/09/2013 - 23:28:49 --HA- . (...) -- C:\Users\Stef\AppData\Local\IconCache.db [2337368] O61 - LFC: 27/09/2013 - 06:32:08 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52451857 [124] O61 - LFC: 27/09/2013 - 06:33:44 ---A- . (...) -- C:\Users\Stef\.rainlendar2\backups\20130927-Rainlendar2Backup.zip [6812] O61 - LFC: 27/09/2013 - 06:33:57 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Druide\Antidote\ConfigurationMenuAntidote8 [1877] O61 - LFC: 27/09/2013 - 06:34:43 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\sfamcc00001.dll [192512] O61 - LFC: 27/09/2013 - 06:34:43 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\sfareca00001.dll [172032] O61 - LFC: 27/09/2013 - 06:34:53 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\host.db [57] O61 - LFC: 27/09/2013 - 06:34:53 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\host.dbx [189] O61 - LFC: 27/09/2013 - 06:34:53 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\unlink.db [216] O61 - LFC: 27/09/2013 - 06:34:56 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\notifications.dbx [2048] O61 - LFC: 27/09/2013 - 06:35:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\deleted.dbx [441344] O61 - LFC: 27/09/2013 - 06:35:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\photo.dbx [13312] O61 - LFC: 27/09/2013 - 06:35:17 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\config.dbx [11264] O61 - LFC: 27/09/2013 - 06:36:18 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\l\524518d4 [53504] O61 - LFC: 27/09/2013 - 06:36:35 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\filecache.dbx [10132480] O61 - LFC: 27/09/2013 - 06:36:36 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52451963 [148] O61 - LFC: 27/09/2013 - 06:37:49 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524519ad [148] O61 - LFC: 27/09/2013 - 06:38:16 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524519c7 [140] O61 - LFC: 27/09/2013 - 06:38:29 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524519d5 [140] O61 - LFC: 27/09/2013 - 06:38:44 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\524519e3 [160] O61 - LFC: 27/09/2013 - 06:51:32 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Microsoft\MMC\taskschd [145672] O61 - LFC: 27/09/2013 - 06:52:24 ---A- . (...) -- C:\Users\Stef\AppData\Local\Resmon.ResmonCfg [7627] O61 - LFC: 27/09/2013 - 06:53:55 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\Dropbox\shellext\l\52451d73 [148] O61 - LFC: 27/09/2013 - 06:54:49 ---A- . (...) -- C:\Users\Stef\AppData\Local\Temp\RK_Mtx [0] O61 - LFC: 27/09/2013 - 07:12:58 ---A- . (...) -- C:\Users\Stef\AppData\Roaming\ZHP\Log.txt [19969] =>.Nicolas Coolman ~ 16 Fichiers temporaires (Temporary files) ~ Files: 184 Scanned in 02mn 53s ---\\ Fichiers Alternate Data Stream (ADS) (O62) O62 - ADS:Alternate Data Stream File - C:\Windows\System32\d3dx9_35.dll:Zone.Identifier ~ ADS: Scanned in 00mn 01s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 25/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 08/09/2011 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 02/01/1601 - Pas de propriétaire (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 25/09/2007 - Pas de propriétaire (CrystalSysInfo) .(...) - LEGACY_CRYSTALSYSINFO O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 02/01/1601 - Pas de propriétaire (dgderdrv) .(...) - LEGACY_DGDERDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 14/12/2007 - Pas de propriétaire (FLASHSYS) .(...) - LEGACY_FLASHSYS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 05/06/2008 - C:\Windows\System32\Drivers\FSPFltd.sys (FSProFilter) .(.FSPro Labs - FSPro File System Filter.) - LEGACY_FSPROFILTER O64 - Services: CurCS - 18/04/2013 - Pas de propriétaire (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 03/04/1996 - Pas de propriétaire (giveio) .(...) - LEGACY_GIVEIO O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 30/08/2012 - C:\Windows\System32\DRIVERS\MpFilter.sys (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER O64 - Services: CurCS - 27/09/2013 - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{86510041-B6D0-4919-A169-3834B63F94F8}\MpKsl1233756a.sys (MpKsl1233756a) .(.Microsoft Corporation - KSLDriver.) - LEGACY_MPKSL1233756A O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 17/03/2008 - Pas de propriétaire (NetworkX) .(...) - LEGACY_NETWORKX O64 - Services: CurCS - 30/08/2012 - C:\Windows\System32\DRIVERS\NisDrvWFP.sys (NisDrv) .(.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) - LEGACY_NISDRV O64 - Services: CurCS - 27/01/2010 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\sbp2port.sys (sbp2port) .(.Microsoft Corporation - SBP-2 Protocol Driver.) - LEGACY_SBP2PORT O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 18/03/2011 - C:\Windows\System32\speedfan.sys (speedfan) .(.Almico Software - SpeedFan x32 Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 02/01/1601 - Pas de propriétaire (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 27/09/2013 - Pas de propriétaire (TrueSight) .(...) - LEGACY_TRUESIGHT O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\vmbusres.dll (vmbus) .(.Microsoft Corporation - Fichier DLL de ressources de bus VMBus.) - LEGACY_VMBUS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 241 Scanned in 00mn 01s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (...) -- c:\Winnt\Regedit.exe O67 - Shell Spawning: <.exe> [HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (...) -- c:\Winnt\Regedit.exe ~ FASS Keys: 18 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: C:\Users\Stef\AppData\Roaming\Mozilla\Firefox\Profiles\psekkf0a.default\searchplugins\askcom.xml O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=18b8da890000000000000019dbf[...] =>Toolbar.DeltaSearch O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("avg.install.userSPSettings", "Delta Search"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.BabylonToolbar_i.newTab", true); =>Toolbar.Babylon O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.delta-search.com/?affID=119370&babsrc=NT_ss&mntrId=18b8da8900000000[...] =>Toolbar.Babylon O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.admin", false); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.aflt", "babsst"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.autoRvrt", "false"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.dfltLng", "en"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.excTlbr", false); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.id", "18b8da890000000000000019dbf660a2"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.instlDay", "15744"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.instlRef", "sst"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.newTab", false); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.prdct", "delta"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.prtnrId", "delta"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.rvrt", "false"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.smplGrp", "none"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.tlbrId", "base"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.tlbrSrchUrl", ""); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.vrsn", "1.8.10.0"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.vrsnTs", "1.8.10.017:04:53"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta.vrsni", "1.8.10.0"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta_i.babExt", ""); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta_i.babTrack", "affID=121299&tsp=5003"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.delta_i.srcExt", "ss"); O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.DNSErrUrl", "http://start.facemoods.com/?a=ddrnw&f=5"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.aflt", "ddrnw"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.dfltSrch", true); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.dnsErr", true); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.firstRun", true); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.hmpg", true); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.hmpgUrl", "http://start.facemoods.com/?a=ddrnw"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.id", "18b8da890000000000000019dbf660a2"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.instlDay", "15328"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.mntz", ""); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.newTab", true); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.newTabUrl", "http://start.facemoods.com/?a=ddrnw&f=2"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.prtnrId", "facemoods.com"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.searchProviderAdded", true); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.sid", "a5da144ca1b74c5a9c68ebd8792f7ed6"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.tlbrSrchUrl", "http://start.facemoods.com/?a=ddrnw&f=3"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.facemoods.vrsn", "1.4.17.11"); =>Adware.Facemoods O69 - SBI: prefs.js [Stef - psekkf0a.default] user_pref("extensions.ffxtlbr@Facemoods.com.install-event-fired", true); =>Adware.Facemoods O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Yahoo! Search) - http://search.yahoo.com =>Toolbar.Yahoo O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {74845B1A-5EAE-42DC-914A-6F96CA8E660B} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) K:\AVS 7.1.2.480 jeanbat\AVS.Video.Converter.v7.1.2.480.Cracked-DJiNN\Crack\AVSVideoConverter.exe K:\AVS 7.1.2.480 jeanbat\AVS.Video.Converter.v7.1.2.480.Cracked-DJiNN\Setup\avsvideoconverter_setup.exe K:\Clone DVD\Slysoft.CloneDVD.v2.8.5.1.Keygen.Only-TSZ.zip K:\Corel Video Studio Pro XIII\Video studio pro X3_keygen.exe K:\dream activation\p_A5ALL\q2822ycv\Keygen Adobe After Effects CS5.exe K:\dream activation\p_A5ALL\q2822ycv\Keygen Adobe Flash Professional CS5.exe K:\dream activation\p_A5ALL\q2822ycv\Keygen Adobe InDesign CS5.exe =>.Adobe Systems Incorporated K:\dream activation\p_A5ALL\q2822ycv\Keygen Adobe Photoshop CS5 Extended.exe =>.Adobe Systems Incorporated K:\dream activation\p_A5ALL\q2822ycv\Keygen Adobe Premiere Pro CS5.exe K:\dream activation\p_A5ALL\r28ef45r\keygen.exe K:\Hide_Folders_2009_3.4.19.609\CRACKED\hf.exe K:\Hide_Folders_2009_3.4.19.609\CRACKED\hf.reg K:\macromedia dreamweaver\dreamweaverv8.0keygenz.w.t.zip K:\macromedia dreamweaver\keygen.exe K:\Namewiz Renommer fichier en masse\NameWiz.4.11.keygen-SND\KeyGen.exe K:\Namewiz Renommer fichier en masse\NameWiz.4.11.keygen-SND.zip K:\PDF.Password.Cracker.Pro.v2.0.WinAll.Cracked-CRD\crack\crackpdf.exe K:\PDF.Password.Cracker.Pro.v2.0.WinAll.Cracked-CRD\setup\pdfcrackerpro.exe K:\pdfcrack\PDF.Password.Cracker.Pro.v2.0.WinAll.Cracked-CRD\crack\crackpdf.exe K:\pdfcrack\PDF.Password.Cracker.Pro.v2.0.WinAll.Cracked-CRD\setup\pdfcrackerpro.exe K:\RAR-Password-Cracker-4.12.43043.exe ~ Files: Scanned in 02mn 11s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504] O83 - Search Svchost Services: SearchIndexer (SearchIndexer) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) -- C:\Windows\System32\SearchIndexer.dll [371200] O83 - Search Svchost Services: SearchIndexer (SearchIndexer) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) -- C:\Windows\System32\SearchIndexer.dll [371200] O83 - Search Svchost Services: SearchIndexer (SearchIndexer) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) -- C:\Windows\System32\SearchIndexer.dll [371200] O83 - Search Svchost Services: SearchIndexer (SearchIndexer) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) -- C:\Windows\System32\SearchIndexer.dll [371200] O83 - Search Svchost Services: SearchIndexer (SearchIndexer) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) -- C:\Windows\System32\SearchIndexer.dll [371200] O83 - Search Svchost Services: SearchIndexer (SearchIndexer) . (.Microsoft Corporation - Microsoft Windows Search Indexer.) -- C:\Windows\System32\SearchIndexer.dll [371200] ~ Services: 39 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.A885390A85345EE0FC69D4B67F89BFC4] [SPRF][24/10/2012] (...) -- C:\ProgramData\42B81032FF.sys [88] [MD5.9C88AB5C2253471A65A7410DDE94565D] [SPRF][28/10/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [6266] [MD5.7E7EB7AFF595774E5E500B34058CC1A7] [SPRF][27/09/2013] (...) -- C:\Users\Stef\AppData\Local\Temp\sfamcc00001.dll [192512] [MD5.B0C5F70B896E18A5D9DAE1A1FBD9526A] [SPRF][27/09/2013] (...) -- C:\Users\Stef\AppData\Local\Temp\sfareca00001.dll [172032] [MD5.F1CE882434AE4449F2A536295758B00C] [SPRF][31/12/2011] (...) -- C:\Users\Stef\AppData\Roaming\waver_2.95.dat [2550] [MD5.08454A5469CDF1FFA8B090C61318747E] [SPRF][31/07/2013] (.Sysinternals - www.sysinternals.com - Sysinternals Process Explorer.) -- C:\Users\Stef\Desktop\procexp.exe [2799296] [MD5.CD6562008DD6EECEF9C8D6530ED2DA33] [SPRF][27/09/2013] (...) -- C:\Users\Stef\Desktop\RogueKiller.exe [922112] [MD5.76EB0224556164D2F1160F09DB59B46C] [SPRF][27/09/2013] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\Stef\Desktop\ZHPDiag2.exe [6826525] [MD5.77D31FB654A53DBFB151C7A8E11E3A02] [SPRF][17/07/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1962160] [MD5.1248A4B916DE187BC2AD35E6A16AE8E8] [SPRF][22/10/2008] (.IBM Corporation - Upload Module.) -- C:\Windows\Downloaded Program Files\qp2.dll [532480] [MD5.2FD994827193B68DD301F80BDF744231] [SPRF][03/04/2009] (.Husdawg, LLC - System Requirements Lab.) -- C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll [354608] ~ Files: 11 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-In" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-Out" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{8ABD633C-291C-4CB0-8750-E5FCAF7406D2}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{1930B535-A83C-4562-B822-B52798BAFA62}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{408D6F7B-7975-4C27-9284-19928F693BE6}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{AAD19805-0D9F-4167-BB7D-21A33EDECBC1}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{48124562-8012-484E-BEEB-A966E9AD01A7}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "{68AECC9A-6032-4D07-BA8B-9E71E63F161A}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "{2989224E-8FE3-490E-9A91-6AF3105E13F4}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "{16B005CB-3CA6-4024-9F68-CDFC846C3F34}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "{366CB9DB-F39A-4190-8AF7-BE3551F9F7EC}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{6B4DDD4E-C6C8-464F-9456-2F6720EF6493}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{283DE240-0B4C-4CB5-95E4-ADBEE559DA40}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{839BD823-DBE2-4A6C-AA85-AEFE98C0F0F1}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{9DB64F09-D1A0-4FAA-AD27-1E85CDF54806}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{3386AB5C-A263-4C63-9217-9E3B6D9CBE6F}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{554E09D3-E143-4D62-871A-2C3A02E8A626}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{EEDDA41A-6919-473C-A1D5-046F039E76FF}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{97469B7A-4B61-443A-A471-0815C6343E87}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{5142D2B0-2F6A-459B-9BDF-5F8FBCC685B9}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{FF704E10-B5F6-414B-A59C-4CD559D4ECAF}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E1FF1A1A-068D-4AB5-AAE7-312AEFD7D9D7}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{CA6B0CC1-D983-498E-B6C9-27C3DFBDAA42}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{12754F5D-258E-4554-9421-3BF270B7B9AB}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe O87 - FAEL: "{E63ECB43-617E-4345-BED3-853BBA056255}" | In - Private - P6 - TRUE | .(.TERRATEC Electronic GmbH - Home Cinema.) -- C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe O87 - FAEL: "{8F2E94C5-044E-4A1D-94A3-A651940F1067}" | In - Private - P17 - TRUE | .(.TERRATEC Electronic GmbH - Home Cinema.) -- C:\Program Files\TerraTec\TerraTec Home Cinema\CinergyDvr.exe O87 - FAEL: "{29A75DFA-7D93-4279-9020-53014472D501}" | In - Private - P6 - TRUE | .(.TERRATEC Electronic GmbH - tvtv Setup Wizard.) -- C:\Program Files\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe O87 - FAEL: "{D4040BC6-C63D-41A6-80E0-5C7262248BA4}" | In - Private - P17 - TRUE | .(.TERRATEC Electronic GmbH - tvtv Setup Wizard.) -- C:\Program Files\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe O87 - FAEL: "TCP Query User{5177F48F-7509-44F3-98A7-927213D44955}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" | In - Private - P6 - TRUE | .(.TERRATEC Electronic GmbH.) -- C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe O87 - FAEL: "UDP Query User{DAF3059E-FF1D-445B-B651-57977A915E89}C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe" | In - Private - P17 - TRUE | .(.TERRATEC Electronic GmbH.) -- C:\program files\terratec\terratec home cinema\versioncheck\versioncheck.exe O87 - FAEL: "{4825009E-08B0-4238-91F5-3034710AE717}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{91DE5C55-CABB-4655-B62E-B9CFF6AFF9EC}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TCP Query User{1533543D-DAB0-4BEF-8896-43B7D7238AA9}C:\program files\visicom media\ftp expert 3\ftpxpert3.exe" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - AceFTP v3.) -- C:\program files\visicom media\ftp expert 3\ftpxpert3.exe O87 - FAEL: "UDP Query User{21C945BE-2F45-494A-98E0-33C3962E69E3}C:\program files\visicom media\ftp expert 3\ftpxpert3.exe" | In - Private - P17 - TRUE | .(.Visicom Media Inc..) -- C:\program files\visicom media\ftp expert 3\ftpxpert3.exe O87 - FAEL: "TCP Query User{D25FF991-6B6C-4653-8691-F318DF0DD589}C:\program files\filezilla ftp client\filezilla.exe" | In - Private - P6 - TRUE | .(.FileZilla Project - FileZilla FTP Client.) -- C:\program files\filezilla ftp client\filezilla.exe O87 - FAEL: "UDP Query User{28A547D2-D7BE-4B06-A413-99712642378D}C:\program files\filezilla ftp client\filezilla.exe" | In - Private - P17 - TRUE | .(.FileZilla Project - FileZilla FTP Client.) -- C:\program files\filezilla ftp client\filezilla.exe O87 - FAEL: "{6A0C8521-C3BD-462B-8344-7664D4846A94}" | In - Private - P6 - TRUE | .(.Dassault Systèmes SolidWorks Corp. - DTSCoordinator.) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O87 - FAEL: "{BA296962-BD31-4BAD-B6DC-E93EC1FFF358}" | In - Private - P17 - TRUE | .(.Dassault Systèmes SolidWorks Corp. - DTSCoordinator.) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O87 - FAEL: "TCP Query User{2EBD0F83-26DC-449D-925C-24EDBB0817A1}C:\program files\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe O87 - FAEL: "UDP Query User{83E1CB85-E148-4BCE-ADFF-01B43DD2423A}C:\program files\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe O87 - FAEL: "TCP Query User{98434DD1-2059-4C29-9BF6-B91744B10DA5}C:\program files\radio fr solo\radio_fr_solo.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\radio fr solo\radio_fr_solo.exe (.not file.) O87 - FAEL: "UDP Query User{4149D4DC-2236-4576-AB8D-AA0983CDCB6D}C:\program files\radio fr solo\radio_fr_solo.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\radio fr solo\radio_fr_solo.exe (.not file.) O87 - FAEL: "{182B2BAF-46FC-49AF-8BD7-3D0A3382A824}" | In - Private - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe O87 - FAEL: "{48924197-BEC6-46E6-A693-A3E1153C770B}" | In - Private - P17 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\Program Files\SFR\Media Center\httpd\httpd.exe O87 - FAEL: "{12C68514-5117-4169-B755-C2BC698B97F6}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>P2P.BitComet O87 - FAEL: "{E9B10679-C0A8-40B9-B93E-73011BF02603}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>P2P.BitComet O87 - FAEL: "TCP Query User{E923116B-78F0-4708-AF44-91D0E1877779}C:\program files\xi\netxfer\nettransport.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\xi\netxfer\nettransport.exe (.not file.) O87 - FAEL: "UDP Query User{2928DCBA-F3AF-456D-8FD6-1244421E400D}C:\program files\xi\netxfer\nettransport.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\xi\netxfer\nettransport.exe (.not file.) O87 - FAEL: "{6A92ED3F-0937-4387-89E6-9D8B8AC83275}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe O87 - FAEL: "TCP Query User{B1ED2BEB-4697-4884-B322-C8DD8624D4D5}C:\program files\winfast\wfdtv\dvbtap.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\winfast\wfdtv\dvbtap.exe (.not file.) O87 - FAEL: "UDP Query User{187A7EB6-92F9-4263-B008-BDFC97B15DD4}C:\program files\winfast\wfdtv\dvbtap.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\winfast\wfdtv\dvbtap.exe (.not file.) O87 - FAEL: "TCP Query User{8D5987BD-DC4D-4CD1-999A-6DA338D51B37}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "UDP Query User{4EE989E2-ACDF-433B-B316-D289E0BF6B40}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "{C075437A-B32F-45AA-AF77-50F6594A7913}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Avid\Avid Liquid 7\Program\RM.exe (.not file.) O87 - FAEL: "{6D1356D0-5443-4E78-8408-767E49902A8B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Avid\Avid Liquid 7\Program\RM.exe (.not file.) O87 - FAEL: "{3341657A-A437-4E4D-B54E-15C0207002A3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Avid\Avid Liquid 7\Program\StudioU.mod (.not file.) O87 - FAEL: "{ECD7C16B-4D44-44C4-B3B0-022219E62D02}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Avid\Avid Liquid 7\Program\StudioU.mod (.not file.) O87 - FAEL: "TCP Query User{3B7C8905-5BCC-4C68-A077-1B03B6DFAD2E}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\ea sports\fifa 11 demo\game\fifa.exe (.not file.) O87 - FAEL: "UDP Query User{D9984195-07DD-4A34-8B96-23E998509623}C:\program files\ea sports\fifa 11 demo\game\fifa.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\ea sports\fifa 11 demo\game\fifa.exe (.not file.) O87 - FAEL: "{935C2330-47F0-492D-97FD-556BB73B9F22}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "{72F1A7B9-E00F-43FA-82C3-59A026ECEF26}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "TCP Query User{E3FF13AE-9DC3-456D-9DE0-024E43BDC535}C:\program files\ea sports\fifa 11\game\fifa.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\ea sports\fifa 11\game\fifa.exe (.not file.) O87 - FAEL: "UDP Query User{E82A1C76-46DE-46A2-8CD9-F1931C41CC68}C:\program files\ea sports\fifa 11\game\fifa.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\ea sports\fifa 11\game\fifa.exe (.not file.) O87 - FAEL: "TCP Query User{213F2C82-404E-45D5-A3CB-28CD547014C7}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe =>.Google Inc O87 - FAEL: "UDP Query User{CC33EB82-29DD-46C7-9879-AE35C3146DAB}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe =>.Google Inc O87 - FAEL: "TCP Query User{E7244E8A-A39C-4FD3-AE8F-2A78F26E3B2A}C:\users\stef\appdata\local\temp\keygen.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\stef\appdata\local\temp\keygen.exe (.not file.) O87 - FAEL: "UDP Query User{73B10B4D-2D4B-4F2E-8A3C-D9B1A63D225E}C:\users\stef\appdata\local\temp\keygen.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\stef\appdata\local\temp\keygen.exe (.not file.) O87 - FAEL: "{74D12B7D-9954-4C1B-95CC-40C7C9865541}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe O87 - FAEL: "{D48436B0-B799-4237-8F56-D47E8E2E199B}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe O87 - FAEL: "{1F0A18B6-E5D8-4D5B-84A6-9C49B5B2A87C}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation O87 - FAEL: "{B2EE1AAD-A488-4815-B263-4E24826CAACB}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation O87 - FAEL: "{93C2E46E-EEE5-4B61-A0FC-9899B8C960FB}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\outlook.exe O87 - FAEL: "TCP Query User{88E2C909-52BD-4A8C-9E27-D5610A7655C6}J:\call of duty black ops\blackops.exe" |In - Private - P6 - TRUE | .(...) -- J:\call of duty black ops\blackops.exe (.not file.) O87 - FAEL: "UDP Query User{E2C4867D-0D32-4FCC-B62F-ECE5C8B0D551}J:\call of duty black ops\blackops.exe" |In - Private - P17 - TRUE | .(...) -- J:\call of duty black ops\blackops.exe (.not file.) O87 - FAEL: "TCP Query User{C3C42EC2-DC74-4566-8AE1-859C68830F6F}J:\cod black ops\blackops.exe" |In - Private - P6 - TRUE | .(...) -- J:\cod black ops\blackops.exe (.not file.) O87 - FAEL: "UDP Query User{2F96BAB7-9645-412E-8AD6-E3C34425630F}J:\cod black ops\blackops.exe" |In - Private - P17 - TRUE | .(...) -- J:\cod black ops\blackops.exe (.not file.) O87 - FAEL: "{985BE501-4150-484F-A1F2-068060A599E5}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\Steam.exe (.not file.) O87 - FAEL: "{0C696552-70D1-49B1-AF76-48BCF867CEB8}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\Steam.exe (.not file.) O87 - FAEL: "{D7C56999-D63F-49C1-AA69-07A720E00DA7}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe O87 - FAEL: "RemoteDesktop-UserMode-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TCP Query User{4F401A64-29DB-4937-ABCB-1CC38D32CC86}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe O87 - FAEL: "UDP Query User{8B460769-C859-4298-BC19-8EC550AB8E39}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe O87 - FAEL: "TCP Query User{82546F91-67FF-438E-96F8-C107B3CB94A7}C:\program files\call of duty black ops\blackopsmp.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\call of duty black ops\blackopsmp.exe (.not file.) O87 - FAEL: "UDP Query User{A3418A50-04B9-4E6B-B7E5-56F90F44BAED}C:\program files\call of duty black ops\blackopsmp.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\call of duty black ops\blackopsmp.exe (.not file.) O87 - FAEL: "TCP Query User{90F97F88-F20E-480C-BF8D-FDE48196CF98}C:\program files\call of duty black ops\blackops.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\call of duty black ops\blackops.exe (.not file.) O87 - FAEL: "UDP Query User{4F1F6D62-5894-468D-93F5-DC8A69DB426C}C:\program files\call of duty black ops\blackops.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\call of duty black ops\blackops.exe (.not file.) O87 - FAEL: "{C9AECC07-2FAE-4CD9-8E30-574884B0BC51}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe (.not file.) O87 - FAEL: "{BC30A2FA-58C6-403B-A342-6500903C33DF}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe (.not file.) O87 - FAEL: "{77788C1E-37CA-4110-A173-5B2CD9FC098D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Team MediaPortal\MediaPortal TV Server\SetupTv.exe (.not file.) O87 - FAEL: "{48233C42-6461-4B83-A4EA-E45280EB3806}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Team MediaPortal\MediaPortal TV Server\SetupTv.exe (.not file.) O87 - FAEL: "{4682F568-FE88-46D6-865A-E0CDCC0A71AF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Team MediaPortal\MediaPortal\MediaPortal.exe (.not file.) O87 - FAEL: "{54B63421-358B-4176-97D1-8E7DD032560A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Team MediaPortal\MediaPortal\MediaPortal.exe (.not file.) O87 - FAEL: "TCP Query User{585FE1F0-7F0E-4933-AE30-8B43733D1A18}C:\program files\ea sports\fifa 12\game\fifa.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\ea sports\fifa 12\game\fifa.exe (.not file.) O87 - FAEL: "UDP Query User{66FBF27E-987E-44E3-AD74-99F5F499EAC2}C:\program files\ea sports\fifa 12\game\fifa.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\ea sports\fifa 12\game\fifa.exe (.not file.) O87 - FAEL: "{90AFCCDC-6D21-4350-8706-B59EB42E5396}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Media Center Extensibility Host.) -- C:\Windows\ehome\ehexthost.exe O87 - FAEL: "{635993F4-4026-40DD-976A-F27B7E963CE0}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Media Center Extensibility Host.) -- C:\Windows\ehome\ehexthost.exe O87 - FAEL: "{22C99940-9FF1-4E24-AE22-007FBC4D6989}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\Stef\AppData\Roaming\Dropbox\bin\Dropbox.exe O87 - FAEL: "{C64FE1A7-F8C8-4C65-8C1F-19B5C51E15FD}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\Stef\AppData\Roaming\Dropbox\bin\Dropbox.exe O87 - FAEL: "TCP Query User{EB58C99F-F6A9-464F-9DC1-9C05F1041056}C:\windows\system32\java.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\java.exe O87 - FAEL: "UDP Query User{DD6E6FC0-183F-4B2B-A102-81D12054AFB7}C:\windows\system32\java.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\windows\system32\java.exe O87 - FAEL: "{5FE29080-68A8-482E-871E-00391B19CCF4}" | In - Private - P6 - TRUE | .(.TERRATEC Electronic GmbH - Common helper functions.) -- C:\Program Files\TerraTec\TerraTec Home Cinema\InstTool.exe O87 - FAEL: "{FBC9CA33-39AA-4F66-B01A-04C6AB5A610B}" | In - Private - P17 - TRUE | .(.TERRATEC Electronic GmbH - Common helper functions.) -- C:\Program Files\TerraTec\TerraTec Home Cinema\InstTool.exe O87 - FAEL: "TCP Query User{DF235240-E754-467C-99F2-424B01C46C98}D:\call of duty black ops\blackops.exe" |In - Private - P6 - TRUE | .(...) -- D:\call of duty black ops\blackops.exe (.not file.) O87 - FAEL: "UDP Query User{F848E8B9-BBC0-49F0-9063-853C33F6140A}D:\call of duty black ops\blackops.exe" |In - Private - P17 - TRUE | .(...) -- D:\call of duty black ops\blackops.exe (.not file.) O87 - FAEL: "{26318CB7-9897-4622-98ED-A43BC9D19E92}" | In - Private - P6 - TRUE | .(.Electronic Arts - FIFA 13.) -- C:\Program Files\Origin Games\FIFA 13\Game\fifa13.exe O87 - FAEL: "{BBD539CA-6E60-4F72-8760-2A9C2A414E44}" | In - Private - P17 - TRUE | .(.Electronic Arts - FIFA 13.) -- C:\Program Files\Origin Games\FIFA 13\Game\fifa13.exe O87 - FAEL: "{9D8037D4-84C1-48FC-9C99-332E8AACB4C2}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe O87 - FAEL: "{4A5F109D-A4CD-4752-912A-6D9A4A582562}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe O87 - FAEL: "{D4988C0D-EF6C-4998-B55F-2B3C75C399BC}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O87 - FAEL: "{56525CE7-6729-4857-A76F-96F746F4EA3A}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe O87 - FAEL: "{B1034E67-7DFE-4C5D-8AC9-D4EB2E35653E}" |In - None - P17 - TRUE | .(...) -- C:\Users\Stef\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (.not file.) O87 - FAEL: "{05E72D41-3644-4851-A1DB-0BA5CC2B66D0}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe O87 - FAEL: "{B7DB705A-FF56-4FA1-8435-32DA5DFCF5E0}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe O87 - FAEL: "{6E69965D-B2FD-4822-8A2F-CBD1A13C60EC}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\StarCraft II\StarCraft II.exe (.not file.) O87 - FAEL: "{F75878DD-4263-49B5-97FE-B210D0AD0A88}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\StarCraft II\StarCraft II.exe (.not file.) O87 - FAEL: "{4A57F866-3460-470B-A4C9-60415766CA69}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\StarCraft II\StarCraft II Public Test.exe (.not file.) O87 - FAEL: "{DFEEB9DA-8629-4EE2-9367-AE7CDF9D7DB1}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\StarCraft II\StarCraft II Public Test.exe (.not file.) O87 - FAEL: "TCP Query User{AB65EECA-AE70-4065-9D90-32FF24A19452}C:\program files\starcraft ii\versions\base24944\sc2.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\starcraft ii\versions\base24944\sc2.exe (.not file.) O87 - FAEL: "UDP Query User{CC3EF193-91C0-47E9-8949-BBCB9DA71110}C:\program files\starcraft ii\versions\base24944\sc2.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\starcraft ii\versions\base24944\sc2.exe (.not file.) O87 - FAEL: "{0436397E-AA03-467E-99C7-C78B5E0B875A}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe O87 - FAEL: "{CA856CB9-0E26-4457-A494-620C3CD43499}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe ~ Firewall: 288 Scanned in 00mn 02s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "0000011F110000000010709475387300" . (.ABBYY FineReader 11.) -- C:\Windows\Installer\{F1100000-0011-0000-0001-074957833700}\ARPPRODUCTICON.exe O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe O90 - PUC: "0318D894178B49D4A9CD1C9FE981F8A3" . (.INDEX EDUCATION - Mise à jour automatique.) -- C:\Windows\Installer\{498D8130-B871-4D94-9ADC-C1F99E188F3A}\ARPPRODUCTICON.exe O90 - PUC: "0396BA86FFB56FF429B315A61989F46E" . (.Nero BackItUp 10.) -- C:\Windows\Installer\{68AB6930-5BFF-4FF6-923B-516A91984FE6}\ARPPRODUCTICON.exe O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico O90 - PUC: "0A1149233F91047478F47104B021F672" . (.Nero Vision 10 Help (CHM).) -- C:\Windows\Installer\{329411A0-19F3-4740-874F-17400B126F27}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "0A8110F9AD940E11285D0062E9D87C18" . (.H-Series_ASIO32.) -- C:\Windows\Installer\{9F0118A0-49DA-11E0-82D5-00269E8DC781}\ARPPRODUCTICON.exe O90 - PUC: "0C1FF52A6B08B8B45A15CD2565794A80" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{A25FF1C0-80B6-4B8B-A551-DC525697A408}\ARPPRODUCTICON.exe O90 - PUC: "0D00C83EB86A81348A6A7F4D5B1BFDE0" . (.Windows Media Encoder 9 Series.) -- C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon O90 - PUC: "0FAA3B2E054A16C10FEC85CA6D5D6068" . (.AMD AVIVO Codecs.) -- C:\Windows\Installer\{E2B3AAF0-A450-1C61-F0CE-58ACD6D50686}\ARPPRODUCTICON.exe O90 - PUC: "1038C85769625584FA5435B4210089A0" . (.Samsung Kies.) -- C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe O90 - PUC: "104C2FB8EC20D424CB62C6F4F94B646B" . (.Macromedia Flash 8 Video Encoder.) -- C:\Windows\Installer\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}\ARPPRODUCTICONFLV1.exe O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe O90 - PUC: "1270014C17D208CC8877A087556BEEBF" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{C4100721-2D71-CC80-8877-0A7855B6EEFB}\ARPPRODUCTICON.exe O90 - PUC: "1315161823240739C769D896932520C0" . (.AMD Drag and Drop Transcoding.) -- C:\Windows\Installer\{81615131-4232-9370-7C96-8D693952020C}\ARPPRODUCTICON.exe O90 - PUC: "16B3DA692EAE2E11E9278BCAF689CC3E" . (.Google Earth.) -- C:\Windows\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ARPPRODUCTICON.exe O90 - PUC: "1AE2603474946BF4DB19DE3CF5D63BDA" . (.CharlyGraal V5.) -- C:\Windows\Installer\{43062EA1-4947-4FB6-BD91-EDC35F6DB3AD}\_45091238.exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "1EF8D19250DE439408EC5A6F7B8A17D8" . (.MySQL Server 5.1.) -- C:\Windows\Installer\{291D8FE1-ED05-4934-80CE-A5F6B7A8718D}\MySQLServer.exe O90 - PUC: "20441E9C136328143B77B6D0BFC13093" . (.QuickTime.) -- C:\Windows\Installer\{C9E14402-3631-4182-B377-6B0DFB1C0339}\Installer.ico O90 - PUC: "20A845F5CB08D404AB6E0FF5B96F4B94" . (.Nero DiscCopyGadget 10 Help (CHM).) -- C:\Windows\Installer\{5F548A02-80BC-404D-BAE6-F05F9BF6B449}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "20B91A1DE71869244AB57058F37DD475" . (.Microsoft_VC80_MFC_x86.) -- C:\Windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe O90 - PUC: "2599DA5B617F2689E77D37E43082FCC7" . (.Catalyst Control Center.) -- C:\Windows\Installer\{B5AD9952-F716-9862-7ED7-734E0328CF7C}\ARPPRODUCTICON.exe O90 - PUC: "25BBB29DFF28DE24A8C3E460F249A47B" . (.Microsoft_VC80_MFCLOC_x86.) -- C:\Windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe O90 - PUC: "26BCC73245483E341B85A3DC104358E2" . (.High-Definition Video Playback 10.) -- C:\Windows\Installer\{237CCB62-8454-43E3-B158-3ACD0134852E}\ARPPRODUCTICON.exe O90 - PUC: "358CECE8D3C501B45B7CFF11FF278470" . (.Nero Recode 10.) -- C:\Windows\Installer\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}\ARPPRODUCTICON.exe O90 - PUC: "3910550722C1C544F84A65E451D51B7A" . (.Nero Express 10.) -- C:\Windows\Installer\{70550193-1C22-445C-8FA4-564E155DB1A7}\ARPPRODUCTICON.exe O90 - PUC: "3F7924A915A29DE429ACB4BC380849E7" . (.Nero Vision 10.) -- C:\Windows\Installer\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}\ARPPRODUCTICON.exe O90 - PUC: "4155949AA89096844A464C5558B74C46" . (.Multimedia Mouse Driver.) -- C:\Windows\Installer\{A9495514-098A-4869-A464-C455857BC464}\ARPPRODUCTICON.exe O90 - PUC: "42E9F99FF2EEDF74EA0BDF8B82955B9C" . (.VideoStudio.) -- C:\Windows\Installer\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\ARPPRODUCTICON.exe O90 - PUC: "48A1CE29CFF7FD248A6F972CC174565A" . (.Nero DiscCopy Gadget 10.) -- C:\Windows\Installer\{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}\ARPPRODUCTICON.exe O90 - PUC: "4971D096C7D655A4381771AB6CC966EC" . (.DiscAPI (Liquid).) -- C:\Windows\Installer\{690D1794-6D7C-4A55-8371-17BAC69C66CE}\ARPPRODUCTICON.exe O90 - PUC: "4CA0853C728C23349B53A982E25DBB79" . (.Nero Dolby Files 10.) -- C:\Windows\Installer\{C3580AC4-C827-4332-B935-9A282ED5BB97}\ARPPRODUCTICON.exe O90 - PUC: "503C5DB272B114D46B09A71671D2F2BE" . (.Macromedia Flash 8.) -- C:\Windows\Installer\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}\ARPPRODUCTICONFL8.exe O90 - PUC: "531940669569DAA41996C9AC62E9BBE3" . (.Nero InfoTool 10 Help (CHM).) -- C:\Windows\Installer\{66049135-9659-4AAD-9169-9CCA269EBB3E}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "54D8857BCDFA39C4E9E21A003F55B446" . (.Microsoft Fix it Center.) -- C:\Windows\Installer\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}\ProductIcon O90 - PUC: "550A7BD966C0913C6931ACDC5CD0BD83" . (.ccc-utility.) -- C:\Windows\Installer\{9DB7A055-0C66-C319-9613-CACDC50DDB38}\ARPPRODUCTICON.exe O90 - PUC: "55C3723C4E1EFF14D896108590D08B8D" . (.Nero CoverDesigner 10 Help (CHM).) -- C:\Windows\Installer\{C3273C55-E1E4-41FF-8D69-0158090DB8D8}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "5DAFDCDE08FD00644A399EAD6D182003" . (.Nero WaveEditor 10.) -- C:\Windows\Installer\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}\ARPPRODUCTICON.exe O90 - PUC: "67B3FB7D9FEE8684B9B224BA6FB072A9" . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.3) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O90 - PUC: "6C868555BF94F484BB34980856A1B100" . (.Nero BurnRights 10 Help (CHM).) -- C:\Windows\Installer\{555868C6-49FB-484F-BB43-8980651A1B00}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "6F6602FA75C71A643A6070E7BBCFB7B2" . (.SolidWorks 2010 SP0.) -- C:\Windows\Installer\{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}\i386_SldWorks.exe O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe O90 - PUC: "75D548475D960D7438DE0A9561983ADB" . (.SolidWorks eDrawings 2013.) -- C:\Windows\Installer\{74845D57-69D5-47D0-83ED-A0591689A3BD}\eModelViewer1.exe O90 - PUC: "787E733E16FCB7B48BF40529205A0432" . (.Nero RescueAgent 10.) -- C:\Windows\Installer\{E337E787-CF61-4B7B-B84F-509202A54023}\ARPPRODUCTICON.exe O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe O90 - PUC: "7F9E499A847A1BFF102CD946DA8E074B" . (.AMD Accelerated Video Transcoding.) -- C:\Windows\Installer\{A994E9F7-A748-FFB1-01C2-9D64ADE870B4}\ARPPRODUCTICON.exe O90 - PUC: "8140A81CA2446814FA890DF805452ACF" . (.Nero DiscSpeed 10 Help (CHM).) -- C:\Windows\Installer\{C18A0418-442A-4186-AF98-D08F5054A2FC}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "8193463375979384297CAE69BC26A189" . (.Nero Express 10 Help (CHM).) -- C:\Windows\Installer\{33643918-7957-4839-92C7-EA96CB621A98}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "83252E293A16DCA44A70C384E0FE747A" . (.Nero RescueAgent 10 Help (CHM).) -- C:\Windows\Installer\{92E25238-61A3-4ACD-A407-3C480EEF47A7}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "837A657B02CA62C4E9DF0818B0266424" . (.Soda PDF 5.) -- C:\Windows\Installer\{B756A738-AC20-4C26-9EFD-80810B624642}\main_icon O90 - PUC: "8C056FAD5EFA06431E4C9B17D6D25A2D" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{DAF650C8-AFE5-3460-E1C4-B9716D2DA5D2}\ARPPRODUCTICON.exe O90 - PUC: "90488EB8C8166314DA2DEB942B4B0584" . (.Soda PDF OCR.) -- C:\Windows\Installer\{8BE88409-618C-4136-ADD2-BE49B2B45048}\MainExecutableIco O90 - PUC: "9162B34900E01F9E373E3090905684E4" . (.AMD Media Foundation Decoders.) -- C:\Windows\Installer\{943B2619-0E00-E9F1-73E3-03090965484E}\ARPPRODUCTICON.exe O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe O90 - PUC: "9335EE1E23D5F854ABBA1BF93610CB2E" . (.Nero SoundTrax 10.) -- C:\Windows\Installer\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}\ARPPRODUCTICON.exe O90 - PUC: "9551C7727FC4FF44D87089AAC931AADB" . (.Nero Multimedia Suite 10.) -- C:\Windows\Installer\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}\ARPPRODUCTICON.exe O90 - PUC: "97E44AF0D7DCD8E42AEE62EF505F906B" . (.OpenOffice.org 3.1.) -- C:\Windows\Installer\{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}\soffice.exe O90 - PUC: "99E78961C59C31542993B7440A7AD15B" . (.Nero SoundTrax 10 Help (CHM).) -- C:\Windows\Installer\{16987E99-C95C-4513-9239-7B44A0A71DB5}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "9B8BD42DC6BB43346991ABC156E0313D" . (.Microsoft Primary Interoperability Assemblies 2005.) -- C:\Windows\Installer\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}\[SystemFolder]msiexec.exe O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico O90 - PUC: "A02DCD65855E6934FA95411DA57A73BB" . (.DWGeditor.) -- C:\Windows\Installer\{56DCD20A-E558-4396-AF59-14D15AA737BB}\ARPPRODUCTICON.exe O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico O90 - PUC: "A268764FAC9DDE74D8184B3B9C932927" . (.Nero MediaHub 10 Help (CHM).) -- C:\Windows\Installer\{F467862A-D9CA-47ED-8D81-B4B3C9399272}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "A4D1C7BDAB80E7C48AAA7B9FBB73D2FC" . (.Nero Recode 10 Help (CHM).) -- C:\Windows\Installer\{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "AC18ACE2239D3DA4DA95FBC5FC90C938" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}\ARPPRODUCTICON.exe O90 - PUC: "B1019591C43E66249851022FB3B5FC34" . (.SolidWorks eDrawings 2010.) -- C:\Windows\Installer\{1959101B-E34C-4266-8915-20F23B5BCF43}\eModelViewer1.exe O90 - PUC: "B1B2B325BD8D14B409FF4C7D992E57A8" . (.Nero ControlCenter 10 Help (CHM).) -- C:\Windows\Installer\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "B5844C4DBE618A132CED7D878E4E26B8" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{D4C4485B-16EB-31A8-C2DE-D778E8E4628B}\ARPPRODUCTICON.exe O90 - PUC: "B5DEF536D6C2EB94786EA7F6DC22CBA5" . (.Microsoft_VC90_MFC_x86.) -- C:\Windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe O90 - PUC: "B6668C80205C3BA44BBC7DA44CD241EF" . (.Nero BackItUp 10 Help (CHM).) -- C:\Windows\Installer\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "BAE3AA36BB322B84A90D448F87706540" . (.Nero 10 Menu TemplatePack Basic.) -- C:\Windows\Installer\{63AA3EAB-23BB-48B2-9AD0-44F878075604}\ARPPRODUCTICON.exe O90 - PUC: "C040110900063D11C8EF10054038389C" . (.Microsoft Office Professional Edition 2003.) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe,6 O90 - PUC: "C9F7116F5BDA0954B94E217CEB2C7820" . (.Nero StartSmart 10 Help (CHM).) -- C:\Windows\Installer\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "CC41D8D213B59B4478CFEB3C8DFADFD1" . (.SolidWorks Explorer 2010 SP0.) -- C:\Windows\Installer\{2D8D14CC-5B31-44B9-87FC-BEC3D8AFFD1D}\ARPPRODUCTICON.exe O90 - PUC: "D137D5A73B4BE0943B9357867521ABBA" . (.Nero Burning ROM 10.) -- C:\Windows\Installer\{7A5D731D-B4B3-490E-B339-75685712BAAB}\ARPPRODUCTICON.exe O90 - PUC: "D4ADF7A47D4F94A439A460D6954AC3E7" . (.SmartSound Quicktracks Plugin.) -- C:\Windows\Installer\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}\ARPPRODUCTICON.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "D7DFC3496335FA7449810E42375A5A71" . (.Nero BurnRights 10.) -- C:\Windows\Installer\{943CFD7D-5336-47AF-9418-E02473A5A517}\ARPPRODUCTICON.exe O90 - PUC: "DAD2D63778D3AAC46864382D83DA860E" . (.PhotoView 360.) -- C:\Windows\Installer\{736D2DAD-3D87-4CAA-8646-83D238AD68E0}\ARPPRODUCTICON.exe O90 - PUC: "DEC30B62A5E47504CB9FEE081BF3FC49" . (.Stereoscopic Player.) -- C:\Windows\Installer\{26B03CED-4E5A-4057-BCF9-EE80B13FCF94}\_853F67D554F05449430E7E.exe O90 - PUC: "DF3AB8F29AF197246B6917A2BB210FF9" . (.SmartSound Quicktracks 5.) -- c:\Windows\Installer\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\ARPPRODUCTICON.exe O90 - PUC: "E4F094430D84E29428944BB8CE0F35C7" . (.Nero DiscSpeed 10.) -- C:\Windows\Installer\{34490F4E-48D0-492E-8249-B48BECF0537C}\ARPPRODUCTICON.exe O90 - PUC: "E6A00FCF85BFA774BA9E329270015512" . (.Nero CoverDesigner 10.) -- C:\Windows\Installer\{FCF00A6E-FB58-477A-ABE9-232907105521}\ARPPRODUCTICON.exe O90 - PUC: "E873E3303DA65DA4DBBEBC6DB91340C6" . (.Microsoft_VC90_ATL_x86.) -- C:\Windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe O90 - PUC: "E9682A8BAC035C04C98FDB37455EE78F" . (.SmartSound Common Data.) -- c:\Windows\Installer\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}\ARPPRODUCTICON.exe O90 - PUC: "E984D16F44C6CA94DA20D78ACA7AA356" . (.Nero StartSmart 10.) -- C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ARPPRODUCTICON.exe O90 - PUC: "EB42B6B97E084C64F95A1B765D0E3F54" . (.Nero BurningROM 10 Help (CHM).) -- C:\Windows\Installer\{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "F143AF6E048881B6B5EC7CCCBEFD5E61" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{E6FA341F-8840-6B18-5BCE-C7CCEBDFE516}\ARPPRODUCTICON.exe O90 - PUC: "F228BC5F563B1D34CB0CF4ADA102717A" . (.Nero 10 Movie ThemePack Basic.) -- C:\Windows\Installer\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}\ARPPRODUCTICON.exe O90 - PUC: "F86BF7F16F253A644BF283EC6492A55E" . (.Nero MediaHub 10.) -- C:\Windows\Installer\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}\NeroMediaHub._63C8A7B0BBE5459F9AC436392B2FF50D.exe O90 - PUC: "F8D592A7B484BFF498BA1CDF945719EF" . (.Nero WaveEditor 10 Help (CHM).) -- C:\Windows\Installer\{7A295D8F-484B-4FFB-89AB-C1FD497591FE}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698 O90 - PUC: "F998BFD62A710F845A33DED88666FC83" . (.Nero Control Center 10.) -- C:\Windows\Installer\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ARPPRODUCTICON.exe O90 - PUC: "FA4B214FC8835FF4B9F233BDC1359635" . (.Nero InfoTool 10.) -- C:\Windows\Installer\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}\ARPPRODUCTICON.exe ~ Update Products: 197 Scanned in 00mn 00s ---\\ Export de clés de registre aléatoires (O91) [HKCU\Software\5ae8cd1e06de448\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5ae8cd1e06de448\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" [HKCU\Software\5ae8cd1e06de448] =>Toolbar.Babylon^ [HKCU\Software\5ae8cd1e06de448]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" [HKCU\Software\5ae8cd1e06de448]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb" [HKCU\Software\5ae8cd1e06de448]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard [HKCU\Software\5ae8cd1e06de448]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5ae8cd1e06de448]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5ae8cd1e06de448]:SERVICE_NAME="BitGuard" =>PUP.BitGuard [HKCU\Software\5ae8cd1e06de448]:usrcheckbox="1" [HKCU\Software\5ae8cd1e06de448]:version="2.6.1673.238" [HKLM\Software\14919ea49a8f3b4aa3cf1058d9a64cec] => Clé orpheline [HKLM\Software\5ae8cd1e06de448]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" [HKLM\Software\5ae8cd1e06de448]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb" [HKLM\Software\5ae8cd1e06de448]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard [HKLM\Software\5ae8cd1e06de448]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\5ae8cd1e06de448]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\5ae8cd1e06de448]:SERVICE_NAME="BitGuard" =>PUP.BitGuard [HKLM\Software\5ae8cd1e06de448]:usrcheckbox="1" [HKLM\Software\5ae8cd1e06de448]:version="2.6.1673.238" ~ Export Key Software: Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: Dossiers Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} ~ MNS: 1 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.8968FF302EE00D4A74DF6AA930F2D709] [WIS][04/09/2007] (.Charlyrobot - CharlyGraal V5.) -- C:\Windows\Installer\1247333.msi [184320] [MD5.E4AF16B0574B2598AADD353A35A3722B] [WIS][07/04/2010] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\170ca15.msi [2211328] [MD5.78B41A323699DAF1C25265890733BE26] [WIS][02/04/2010] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\170ca25.msi [1997312] [MD5.8BAD3B4225E4D8C0746ED2CF02A0B249] [WIS][02/04/2010] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\170ca35.msi [725504] [MD5.E85D953AE603484B31869F1D44B53B18] [WIS][02/04/2010] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\170ca45.msi [3670016] [MD5.95B5A4285B03437E4D83FB3615B9A10C] [WIS][02/04/2010] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\170ca55.msi [606208] [MD5.5807A6A79EBF57203BA6FD68E93A676C] [WIS][02/04/2010] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\170ca65.msi [12719104] [MD5.FC1AA030429442D4D36CFB3024FE70B5] [WIS][20/12/2012] (.Dassault Systèmes SolidWorks Corp. - SolidWorks eDrawings 2013.) -- C:\Windows\Installer\1fae76d.msi [6555648] [MD5.72316C87F3D53781D89835196361F2E8] [WIS][12/12/2008] (.Steinberg Media Technologies GmbH - Steinberg Cubase 5.0.0.) -- C:\Windows\Installer\2cbe216.msi [69288448] [MD5.3A558CDF97518F0E46BCA03B2ECA270A] [WIS][24/08/2007] (.Steinberg Media Technologies GmbH - Steinberg HALionOne GM Drum Set 1.0.1.457.) -- C:\Windows\Installer\2cbe234.msi [1275392] [MD5.DEA2EE2538535ABDE63EA5479CAFB3E5] [WIS][27/04/2012] (.UASSOFT - Multimedia Mouse Driver.) -- C:\Windows\Installer\2daf969.msi [2699264] [MD5.3F58A93E965F6051B0D82D5B61850C82] [WIS][15/12/2009] (.Nom de votre société - ExtensionManagerWrapper.) -- C:\Windows\Installer\2ee27e.msi [6181888] [MD5.5E11FE3BDDB8082742E1394C6CE73A02] [WIS][16/12/2009] (.Steinberg Media Technologies GmbH - Steinberg Cubase LE 5.1.2.) -- C:\Windows\Installer\2f4810f.msi [32031744] [MD5.0EBC5A8DFB48B98C05E29DB7E7F615B0] [WIS][02/04/2010] (.Adobe - Blank Project Template.) -- C:\Windows\Installer\32394a6.msi [2167296] [MD5.0DC255E119F654C7F5B561B8DCFA59BD] [WIS][10/11/2009] (.Steinberg Media Technologies GmbH - Steinberg Groove Agent ONE Vintage Beatboxes 1.0.0.000.) -- C:\Windows\Installer\32f0e6e.msi [1056768] [MD5.4706375BB9CD64BE1C8EC6670ADBD0E0] [WIS][04/12/2009] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\58d60.msi [28160] =>Toolbar.Google [MD5.94CE282F838F33CDE1DDB240F1606C31] [WIS][27/11/2011] (.Google, Inc. - Google SketchUp 8 Installer.) -- C:\Windows\Installer\5e7b25.msi [50499584] [MD5.F79F4648B4C05164A11EEFD4364DBABE] [WIS][15/10/2009] (.SolidWorks Corporation - SolidWorks 2010.) -- C:\Windows\Installer\7428a70.msi [16866304] [MD5.11BC575278A1A2BF4E05804B582AD1A9] [WIS][15/10/2009] (.SolidWorks Corporation - DWGeditor.) -- C:\Windows\Installer\7428a9b.msi [7211520] [MD5.DFBE39DAA4B75790A527C7198E1C29C9] [WIS][15/10/2009] (.SolidWorks Corporation - SolidWorks Photo Releastic Viewer.) -- C:\Windows\Installer\7428aa8.msi [4953088] [MD5.4149DEBC9B67ABC9476E6FEF66B4A53C] [WIS][15/10/2009] (.SolidWorks Corporation - [ProductName].) -- C:\Windows\Installer\7428aba.msi [11490304] [MD5.621BAFF8A0B00FDD4C05F5E19974D685] [WIS][25/09/2011] (.ZOOM - H-Series_ASIO32.) -- C:\Windows\Installer\92a25.msi [2370048] [MD5.638A2FDB9DE8D653D4593C61B8B5347B] [WIS][06/05/2013] (.LULU SOFTWARE LIMITED - Soda PDF 5 Installer.) -- C:\Windows\Installer\d3b3ef.msi [52133888] [MD5.AA2F9856D4960D7AD2D6328144946902] [WIS][07/05/2013] (.LULU Software - Soda PDF OCR.) -- C:\Windows\Installer\d3b3f3.msi [66322432] [MD5.5A077ABEFEE447CBB271E2AA7F6D5A47] [WIS][29/07/2011] (.MySQL AB - MySQL Database Server.) -- C:\Windows\Installer\f21a4.msi [40197120] ~ WIS: 204 Scanned in 00mn 26s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 22/12/2011 818952 | (ABBYY.Licensing.FineReader.Professional.11.0) . (.ABBYY.) - C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe SS - | Demand 04/12/2009 69632 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe SR - | Auto 04/04/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 08/09/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SS - | Demand 15/10/2009 87336 | (CoordinatorServiceHost) . (.Dassault Systèmes SolidWorks Corp..) - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe SR - | Auto 08/05/2008 122880 | (Crypkey License) . (.CrypKey (Canada) Ltd..) - C:\Windows\System32\crypserv.exe SS - | Demand 26/12/2009 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SR - | Auto 30/11/2009 136192 | (fsproflt) . (.FSPro Labs.) - C:\Windows\system32\fsproflt.exe SR - | Auto 18/04/2013 233472 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe SS - | Auto 01/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 01/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 24/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 18/09/2013 3104256 | (MajIndexEducationService) . (...) - C:\Program Files\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe SS - | Demand 17/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 18/08/2009 6041600 | (MySQL) . (...) - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe SR - | Auto 25/03/2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe SR - | Auto 28/10/2009 65536 | (Printer Control) . (.ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM.) - C:\Windows\system32\PrintCtrl.exe SR - | Auto 29/01/2013 1069408 | (Soda PDF 5 Helper Service) . (.LULU Software.) - C:\Program Files\Soda PDF 5\HelperService.exe SR - | Auto 29/01/2013 794464 | (Soda PDF 5 Service) . (.LULU Software.) - C:\Program Files\Soda PDF 5\ConversionService.exe SS - | Demand 26/12/2009 79360 | (SolidWorks Licensing Service) . (.SolidWorks.) - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe SR - | Auto 23/10/2012 2848168 | (TeamViewer7) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 28s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Stef at 27/09/2013 08:18:46 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x874251F8]<< 1 nt!IofCallDriver[0x84C81FB1] >> \Device\Harddisk2\DR2[0x886B9030] 3 CLASSPNP[0x8EBB259E] >> nt!IofCallDriver[0x84C81FB1] >> [0x88128788] 5 ACPI[0x8E3563D4] >> nt!IofCallDriver[0x84C81FB1] >> \Device\Ide\IdeDeviceP4T0L0-5[0x881E7030] \Driver\atapi[0x88198030] >> IRP_MJ_CREATE >> 0x874251F8 kernel: MBR read successfully user & kernel MBR OK ~ MBR: 14 Scanned in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Stef at 27/09/2013 08:18:48 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 12930 - (26/09/2013) Clés trouvées (Keys found) : 64 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 6 Fichiers trouvés (Files found) : 10 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 3] =>PUP.SpeedAnalysis^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\facemoods] =>Adware.Facemoods^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\swg] =>Toolbar.Google^ [HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip [HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip [HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent [HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon [HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask [HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon [HKLM\Software\Classes\CLSID\{E49F0B41-3322-11D4-AEFE-00C04F61025C}] =>Dialer.IEAcess [HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru [HKLM\Software\Classes\S] =>Toolbar.Agent [HKCU\Software\APN PIP] =>Toolbar.Ask [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater] =>Toolbar.Ask [HKLM\Software\PIP] =>Toolbar.Ask [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\Spointer] =>Adware.SPointer [HKLM\Software\Tarma Installer] =>PUP.Tarma [HKLM\Software\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon [HKLM\Software\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon [HKLM\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo [HKLM\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo [HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo [HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo [HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo [HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6}] =>Toolbar.Agent [HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods [HKLM\Software\Classes\AppID\spointercontrol.DLL] =>Adware.SPointer [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ C:\Users\Stef\AppData\Roaming\Mozilla\Firefox\Profiles\psekkf0a.default\speedanalysis03@SpeedAnalysis.com =>PUP.SpeedAnalysis^ C:\ProgramData\BitGuard =>PUP.BitGuard^ C:\Users\Stef\AppData\Roaming\moovida-1 =>Adware.SPointer^ C:\Users\Stef\AppData\Local\moovida Air =>Adware.SPointer^ C:\Users\Stef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard^ C:\Users\Stef\AppData\LocalLow\facemoods.com =>Adware.Facemoods C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^ C:\Users\Stef\AppData\Roaming\Mozilla\Firefox\Profiles\psekkf0a.default\searchplugins\Search_Results.xml =>PUP.SearchResults^ C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^ [HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^ C:\Windows\Prefetch\GOOGLETOOLBARMANAGER_714BFB3B-852B7009.pf =>Toolbar.Google^ C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-FFFB0864.pf =>Toolbar.Google^ C:\Windows\Prefetch\GOOGLETOOLBARUSER_32.EXE-ACC1719B.pf =>Toolbar.Google^ [HKCU\Software\5ae8cd1e06de448] =>Toolbar.Babylon^^ [HKLM\Software\5ae8cd1e06de448]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^ C:\Windows\Installer\58d60.msi =>Toolbar.Google^ ~ Additionnel Scan: 550405 Items scanned in 00mn 40s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults ~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo ~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer ~ http://nicolascoolman.webs.com/apps/blog/show/26764465-adware-facemoods =>Adware.Facemoods ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask ~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel ~ http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip ~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo ~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods ~ MSI: 16 link(s) detected in 00mn 41s End of the scan (3221 lines in 09mn 48s)(21)