cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.10.86 By Nicolas Coolman (2015/07/10)
~ Run by Goyallon (Administrator) (2015/07/10 14:53:12)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Goyallon\Desktop\ZHPDiag.txt
~ Report: C:\Users\Goyallon\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows VISTA, 32-bit Service Pack 2 (Build 6002)

---\\ Windows Product Information (2) - 2s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found

---\\ System protection software (1) - 1s
Avast Free Antivirus v10.2.2218

---\\ Surveillance software (1) - 2s
Adobe Reader X

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 14 Stepping 12, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 1037756
~ System Restore: Activé (Enable)
~ System drive C: has 5 GB free of 72 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: GOYALLON-PC
~ User Name: Goyallon
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 5 GB free of 72 GB (System)
~ Drive D: has 15 GB free of 72 GB

---\\ Search Generic System Files (22) - 10s
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [96768]
[MD5.6788C8BBFD00EA99D6DA2AB5EA4F9A2C] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [224640]

---\\ Process running (14) - 21s
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1748]
[MD5.B5D974C1FD078A68C7536C561B031D39] - (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352] [PID.2428]
[MD5.EC6A73CD8413F68655E5E0B99C415A21] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872] [PID.2536]
[MD5.8FE6AB59CAB8F2C038FEA9522A5EEBA7] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664] [PID.2660]
[MD5.2D1389E05A807D956829F44BD4B60389] - (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048] [PID.2704]
[MD5.C1C3BAF078BE5A14384A4BA2D730817D] - (.Nuance Communications, Inc. - PDFPro IFilter Service.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672] [PID.2780]
[MD5.32E4E820EDBD675009605F90DD97EE6C] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4186112] [PID.3884]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.2168]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5515496] [PID.3612]
[MD5.E5F1D2C7D51C816437BBE2306828BC4B] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984] [PID.3684]
[MD5.9F0ACAA725CF5A391AF7E2067AE45746] - (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192] [PID.2980]
[MD5.6BF7676296D5359AFC135A5397000053] - (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496] [PID.3496]
[MD5.5EF87457AB8A58694EBE35E55D093D04] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\Goyallon\AppData\Local\Temp\RtkBtMnt.exe [208896] [PID.3020]
[MD5.E970929B7FC9CE646A78B5ECABAF9136] - (.Acresso Corporation - Acresso Software Manager Agent.) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe [1152288] [PID.2936]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (3) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://www.google.com"
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (8) - 3s
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
P2 - EXT: (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(T.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\QuickTimePlugin.class
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@canalplus.fr/Assistants VOD,version=1.0.0.0] - (.Canal+ Active.) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\npCpVod.dll
P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc..) -- C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (11) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer, Proxy Management (R5) (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)

---\\ Internet Explorer Toolbars (O3) (3) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (Orphean)
O3 - Toolbar: EPTBL - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology Corp. - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

---\\ Auto loading programs from Registry and folders (O4) (37) - 4s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [NPSStartup] (Orphean)
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
O4 - HKLM\..\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files\Nuance\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [PPort12reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe
O4 - HKLM\..\Run: [PDFHook] . (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] . (.Nuance Communications, Inc. - PDF Converter Registry Controller.) -- C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files\ControlCenter4\BrCcBoot.exe
O4 - HKLM\..\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Windows Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (.not file.)
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (.not file.)
O4 - HKCU\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEJE.EXE
O4 - HKCU\..\Run: [ISUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Windows Media Player Network Sharing Servic.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKUS\S-1-5-21-2825547128-1186964202-3486866448-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2825547128-1186964202-3486866448-1000\..\Run: [Windows Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2825547128-1186964202-3486866448-1000\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (.not file.)
O4 - HKUS\S-1-5-21-2825547128-1186964202-3486866448-1000\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (.not file.)
O4 - HKUS\S-1-5-21-2825547128-1186964202-3486866448-1000\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEJE.EXE
O4 - HKUS\S-1-5-21-2825547128-1186964202-3486866448-1000\..\Run: [ISUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
O4 - HKUS\S-1-5-21-2825547128-1186964202-3486866448-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Windows Media Player Network Sharing Servic.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe

---\\ Lop.com/Domain Hijackers (O17) (6) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 172.20.2.10 172.20.2.39
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: DhcpNameServer = 172.20.2.10 172.20.2.39

---\\ AppInit_DLLs Registry value Autorun (O20) (1) - 0s
O20 - AppInit_DLLs: . (...) - eNetHook.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL (.not file.)

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (12) - 7s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler (Automatic LiveUpdate Scheduler) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (.not file.)
O23 - Service: LiveUpdate Notice Service (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PDFProFiltSrvPP (PDFProFiltSrvPP) . (.Nuance Communications, Inc. - PDFPro IFilter Service.) - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

---\\ Task Planned Automatically (O39) (11) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\BFGLaunch_bfgclient [3184]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\BFGLaunch_bfgprocess [3348]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\BFGLaunch_mahjongworld_s5_l4_gF1561T1L4_d103491156[1] [3272]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\BFGLaunch_mahjongworld_s5_l4_gF1561T1L4_d103491203[1] [3272]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3800]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4052]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{0AF79FF6-5DE3-4234-ADBC-D0AA9380AB74} [3026]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{FEA540C4-D20B-4B32-9EC3-2DA608E98DE6} [3016]

---\\ Software installed (O42) (89) - 23s
O42 - Logiciel: Acer Assist - (.Acer Inc..) [HKLM] -- Acer Assist
O42 - Logiciel: Acer Registration - (.Acer - Leader Technologies.) [HKLM] -- Acer Registration
O42 - Logiciel: Adobe® Photoshop® Album Edition Découverte 3.2 - (.http://www.adobe.fr.) [HKLM] -- Adobe® Photoshop® Album Edition Découverte 3.2
O42 - Logiciel: Advanced Registry Optimizer - (.Sammsoft.) [HKLM] -- Advanced Registry Optimizer_is1 =>PUP.Optional.WinZipRegistry
O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: BellePoule version 4.8 - (.betton.escrime.) [HKLM] -- BellePoule_is1
O42 - Logiciel: BricoCalculette 1.1 - (.RozetUtil.) [HKLM] -- BricoCalculette_is1
O42 - Logiciel: Converter version 0.1 - (...) [HKLM] -- Converter_is1
O42 - Logiciel: EPSON BX300F Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON BX300F Series
O42 - Logiciel: EPSON Scan - (...) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus Office BX300F_TX300F Manuel - (...) [HKLM] -- EPSON Stylus Office BX300F_TX300F Guide d'utilisation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Acer GridVista - (...) [HKLM] -- GridVista
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: Texas Instruments PCIxx21/x515/xx12 drivers. - (.Texas Instruments Inc..) [HKLM] -- InstallShield_{0409969E-BEFB-44D3-90B9-63BE50FBAE5E}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate
O42 - Logiciel: Launch Manager - (...) [HKLM] -- LManager
O42 - Logiciel: MultiMedia Software - (.MultiMedia Software.) [HKLM] -- MultiMedia Software
O42 - Logiciel: Power Commander 3 - (...) [HKLM] -- Power Commander 3
O42 - Logiciel: Power Commander 3 USB - (...) [HKLM] -- Power Commander 3 USB
O42 - Logiciel: Registry Mechanic 8.0 - (.PC Tools.) [HKLM] -- Registry Mechanic_is1
O42 - Logiciel: Shockwave - (...) [HKLM] -- Shockwave
O42 - Logiciel: SoulSeek Client 156c - (...) [HKLM] -- Soulseek
O42 - Logiciel: StairDesigner 6.06b - (.Boole & Partners.) [HKLM] -- StairDesigner 6
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Ultra AVI Converter 4.2.0909 - (.Aone Software.) [HKLM] -- Ultra AVI Converter_is1
O42 - Logiciel: VSO Image Resizer 1.3.4d - (.VSO-Software.) [HKLM] -- VSO Image Resizer_is1
O42 - Logiciel: GTK+ 2.4.14 runtime environment - (.Tor Lillqvist.) [HKLM] -- WinGTK-2_is1
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: CANAL+ CANALSAT A LA DEMANDE - (.CanalPlus.) [HKLM] -- {04DA096D-6236-4A5D-8FB6-3081E67009BA}
O42 - Logiciel: WD Diagnostics - (.Western Digital Technologies.) [HKLM] -- {0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Acer Mobility Center Plug-In - (.Acer Inc..) [HKLM] -- {11316260-6666-467B-AC34-183FCB5D4335}
O42 - Logiciel: Acer eLock Management - (.Acer Inc..) [HKLM] -- {116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}
O42 - Logiciel: OpenOffice 4.1.1 - (.Apache Software Foundation.) [HKLM] -- {121727D5-FDF3-4723-BA57-EB383440ED72}
O42 - Logiciel: Brother MFL-Pro Suite MFC-J6710DW - (.Brother Industries, Ltd..) [HKLM] -- {17795164-3BC1-4D4F-8ADA-65C895EBFC9A}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: Windows Mobile Device Center - (.Microsoft Corporation.) [HKLM] -- {1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}
O42 - Logiciel: Sony Ericsson PC Suite - (.Sony Ericsson.) [HKLM] -- {25BEC3AB-5CD4-481D-9143-215C1BBB189E}
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF}
O42 - Logiciel: Nuance PDF Viewer Plus - (.Nuance Communications, Inc.) [HKLM] -- {28656860-4728-433C-8AD4-D1A930437BC8}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
O42 - Logiciel: USB-SIR Adapter Device - (.Nom de votre société.) [HKLM] -- {4DEFAA0B-3E04-4ADD-B037-5E93EFA3FAD9}
O42 - Logiciel: Acer ePower Management - (.Acer Inc..) [HKLM] -- {58E5844B-7CE2-413D-83D1-99294BF6C74F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {67ADE9AF-5CD9-4089-8825-55DE4B366799}
O42 - Logiciel: Nuance PaperPort 12 - (.Nuance Communications, Inc..) [HKLM] -- {6C0A559F-8583-4B5A-8B50-20BEE15D8E64}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6D52C408-B09A-4520-9B18-475B81D393F1}
O42 - Logiciel: PaperPort Image Printer - (.Nuance Communications, Inc..) [HKLM] -- {6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Acer ScreenSaver - (.Acer Inc..) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Acer Tour - (.Acer Inc..) [HKLM] -- {94389919-B0AA-4882-9BE8-9F0B004ECA35}
O42 - Logiciel: Free YouTube Downloader 3.5.124 - (.HOW Inc..) [HKLM] -- {A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Acer Empowering Technology - (.Acer Inc..) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2}
O42 - Logiciel: Adobe Reader X (10.1.13) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001}
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: Acer eDataSecurity Management - (.HiTRUST Inc..) [HKLM] -- {AEEAE013-92F1-4515-B278-139F1A692A36}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
O42 - Logiciel: PowerProducer - (...) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: Acer ePresentation Management - (.Acer Inc..) [HKLM] -- {BF839132-BD43-4056-ACBF-4377F4A88E2A}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: Acer eNet Management - (.Acer Inc..) [HKLM] -- {C06554A1-2C1E-4D20-B613-EE62C79927CC}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: Sony Ericsson Drivers - (.Sony Ericsson.) [HKLM] -- {C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
O42 - Logiciel: Sony Ericsson Device Data - (.Sony Ericsson.) [HKLM] -- {C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
O42 - Logiciel: Windows Mobile Device Center Driver Update - (.Microsoft Corporation.) [HKLM] -- {CB8CA439-DA83-419C-A4CF-5A0A50025144}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {CE1F04C7-79BC-4219-BE6A-BA490224D4B5}
O42 - Logiciel: Acer eSettings Management - (.Acer Inc..) [HKLM] -- {CE65A9A0-9686-45C6-9098-3C9543A412F0}
O42 - Logiciel: DivX Content Uploader - (.DivX, Inc..) [HKLM] -- {D050D7362D214723AD585B541FFB6C11}
O42 - Logiciel: Sony Ericsson PC Suite - (...) [HKLM] -- {D6BF6477-8369-489F-8DE6-3731F4B88560}
O42 - Logiciel: LiveUpdate Notice (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {DEDB47A3-C988-4A43-A645-E2CEA571E680}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {E1DB0812-2D60-43DB-AE09-6C7027D93B28}
O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM] -- {E3F4EA31-41D7-4789-9AC4-F26CDAF797BA}
O42 - Logiciel: Light Image Resizer 4.0.9.0 - (.ObviousIdea.) [HKLM] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1
O42 - Logiciel: Acer Arcade Deluxe - (...) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox

---\\ HKCU & HKLM Software Keys (179) - 23s
HKLM\SOFTWARE\ABBYY
HKLM\SOFTWARE\acer
HKLM\SOFTWARE\Acer Inc.
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Agere
HKLM\SOFTWARE\Alcohol Soft
HKLM\SOFTWARE\ALWIL Software
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\Big Fish Games
HKLM\SOFTWARE\Boole & Partners
HKLM\SOFTWARE\Bouygues
HKLM\SOFTWARE\Brother
HKLM\SOFTWARE\Brother Industries, Ltd.
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Canon
HKLM\SOFTWARE\CheckPoint
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\DEVGURU
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\Dynojet Research Inc.
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\EPSON
HKLM\SOFTWARE\Ericsson
HKLM\SOFTWARE\Free YouTube Downloader
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Geek Squad
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GTK
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\KasperskyLab
HKLM\SOFTWARE\Leadertech
HKLM\SOFTWARE\Lexmark
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\LightScribe
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\MarkAny
HKLM\SOFTWARE\mcafeeupdater
HKLM\SOFTWARE\MCCI
HKLM\SOFTWARE\Memeo
HKLM\SOFTWARE\MimarSinan
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\muvee Technologies
HKLM\SOFTWARE\NewTech Infosystems
HKLM\SOFTWARE\nSplitter
HKLM\SOFTWARE\Nuance
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ObviousIdea
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OpenOffice
HKLM\SOFTWARE\PCTools
HKLM\SOFTWARE\Phonemonitor
HKLM\SOFTWARE\Quanta
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.
HKLM\SOFTWARE\ReaSoft
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Sammsoft
HKLM\SOFTWARE\Samsung
HKLM\SOFTWARE\ScanSoft
HKLM\SOFTWARE\Serif
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Sony Ericsson
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\SymDebug
HKLM\SOFTWARE\Synaptics
HKLM\SOFTWARE\Teleca
HKLM\SOFTWARE\TwonkyMedia
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Visioneer
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\vso
HKLM\SOFTWARE\Westwood
HKLM\SOFTWARE\WholeSecurity
HKLM\SOFTWARE\Windows
HKLM\SOFTWARE\Wise Solutions
HKLM\SOFTWARE\Yahoo
HKLM\SOFTWARE\ZEON
HKLM\SOFTWARE\Zone Labs
HKCU\SOFTWARE\2015
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\ABBYY
HKCU\SOFTWARE\Acer
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Alarme
HKCU\SOFTWARE\Alcohol Soft
HKCU\SOFTWARE\ALWIL Software
HKCU\SOFTWARE\AnimatedMenus.com
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Boole & Partners
HKCU\SOFTWARE\Bouygues
HKCU\SOFTWARE\Brother
HKCU\SOFTWARE\Bugsplat
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CanonBJ
HKCU\SOFTWARE\Codeminion
HKCU\SOFTWARE\Cyberlink
HKCU\SOFTWARE\Digital River
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\Dynojet Research Inc.
HKCU\SOFTWARE\EngardePr
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\Eset
HKCU\SOFTWARE\Eyeblaster
HKCU\SOFTWARE\FC
HKCU\SOFTWARE\FLEXnet
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HOW Inc.
HKCU\SOFTWARE\Hugx
HKCU\SOFTWARE\InstallShield
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\keyhole.com
HKCU\SOFTWARE\Leadertech
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mediachance
HKCU\SOFTWARE\Micro Application
HKCU\SOFTWARE\Mihov Image Resizer
HKCU\SOFTWARE\Mihove feke
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewTech Infosystems
HKCU\SOFTWARE\ObviousIdea
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Online Add-on
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\OpenOffice.org
HKCU\SOFTWARE\Paint.NET
HKCU\SOFTWARE\PCTools
HKCU\SOFTWARE\PopCap
HKCU\SOFTWARE\Quanta
HKCU\SOFTWARE\Reactor
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\ReaSoft
HKCU\SOFTWARE\Sammsoft
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\ScanSoft
HKCU\SOFTWARE\SEIKO EPSON
HKCU\SOFTWARE\Serif
HKCU\SOFTWARE\Sony Ericsson
HKCU\SOFTWARE\Soulseek
HKCU\SOFTWARE\Symantec
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Teleca
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Veoh
HKCU\SOFTWARE\VSO
HKCU\SOFTWARE\WBC
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinStars2
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\Zeon
HKCU\SOFTWARE\ZeroSpyware
HKCU\SOFTWARE\Zylom
HKCU\SOFTWARE\AppDataLow\Google
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Google
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Yahoo

---\\ Contents of the Common Files folders (O43) (277) - 24s
O43 - CFD: 2011/03/06 23:33:11 - [] D -- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 2007/03/28 13:15:59 - [] D -- C:\Program Files\Acer Arcade Deluxe
O43 - CFD: 2007/07/20 13:28:58 - [] D -- C:\Program Files\Acer Assist
O43 - CFD: 2007/07/20 13:29:26 - [] D -- C:\Program Files\Acer Inc
O43 - CFD: 2007/07/20 13:28:57 - [] D -- C:\Program Files\Acer Registration
O43 - CFD: 2007/03/28 14:02:06 - [] D -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 2015/01/19 13:12:31 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2011/03/28 15:45:08 - [] D -- C:\Program Files\Advanced Registry Optimizer
O43 - CFD: 2008/10/24 13:19:15 - [] D -- C:\Program Files\Alcohol Soft
O43 - CFD: 2011/10/25 20:11:39 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2014/11/16 23:19:50 - [] D -- C:\Program Files\AVAST Software
O43 - CFD: 2015/05/31 19:53:44 - [] D -- C:\Program Files\BellePoule
O43 - CFD: 2011/12/19 22:17:19 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2009/09/17 12:27:32 - [] D -- C:\Program Files\Boole & Partners
O43 - CFD: 2011/02/16 14:05:59 - [] D -- C:\Program Files\Bouygues Telecom
O43 - CFD: 2014/12/13 10:50:29 - [] D -- C:\Program Files\Brother
O43 - CFD: 2014/12/13 10:50:58 - [] D -- C:\Program Files\Browny02
O43 - CFD: 2008/11/17 16:11:37 - [] D -- C:\Program Files\Canal
O43 - CFD: 2011/01/02 20:14:13 - [] D -- C:\Program Files\Canal+
O43 - CFD: 2011/07/05 11:16:01 - [] D -- C:\Program Files\Canon
O43 - CFD: 2015/01/19 12:39:59 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/02/10 10:10:05 - [] D -- C:\Program Files\ControlCenter4
O43 - CFD: 2007/03/28 13:17:52 - [] D -- C:\Program Files\CyberLink
O43 - CFD: 2009/08/24 17:36:53 - [] D -- C:\Program Files\DIFX
O43 - CFD: 2013/01/27 18:43:55 - [] D -- C:\Program Files\DivX
O43 - CFD: 2011/03/06 23:30:51 - [] D -- C:\Program Files\epson
O43 - CFD: 2011/03/06 23:33:29 - [] D -- C:\Program Files\Epson Software
O43 - CFD: 2009/08/10 11:38:00 - [] D -- C:\Program Files\Eset
O43 - CFD: 2012/02/13 17:36:52 - [] D -- C:\Program Files\Free YouTube Downloader
O43 - CFD: 2014/11/16 23:06:25 - [] D -- C:\Program Files\Google
O43 - CFD: 2014/12/13 10:48:58 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2009/02/19 11:55:37 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/06/11 03:36:16 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/04/28 20:21:12 - [] D -- C:\Program Files\iPod
O43 - CFD: 2015/04/28 20:23:45 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2014/06/20 10:25:36 - [] D -- C:\Program Files\Java
O43 - CFD: 2011/02/16 15:16:33 - [] D -- C:\Program Files\Kit Internet Mobile Bouygues Telecom
O43 - CFD: 2007/05/25 11:08:51 - [] D -- C:\Program Files\Launch Manager
O43 - CFD: 2009/08/10 11:17:48 - [] D -- C:\Program Files\Memeo
O43 - CFD: 2007/10/11 12:06:31 - [] D -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 2006/11/02 14:37:34 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2013/06/25 14:11:33 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2015/05/14 14:09:05 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2013/06/25 14:11:26 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 2013/06/25 14:11:33 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2007/08/27 14:17:51 - [] D -- C:\Program Files\MosSir
O43 - CFD: 2010/08/12 00:00:06 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 2011/07/05 11:16:47 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2006/11/02 14:37:34 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2014/12/13 10:31:44 - [] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 2007/03/28 13:21:15 - [] D -- C:\Program Files\NewTech Infosystems
O43 - CFD: 2014/12/13 10:44:14 - [] D -- C:\Program Files\Nuance
O43 - CFD: 2014/11/05 13:12:05 - [] D -- C:\Program Files\OpenOffice 4
O43 - CFD: 2008/07/10 11:58:18 - [] D -- C:\Program Files\OpenOffice.org 2.2
O43 - CFD: 2009/05/21 11:42:23 - [] D -- C:\Program Files\OpenOffice.org 2.4
O43 - CFD: 2014/11/05 13:10:44 - [] D -- C:\Program Files\OpenOffice.org 3
O43 - CFD: 2013/06/25 13:55:11 - [0] D -- C:\Program Files\Paint.NET
O43 - CFD: 2007/07/24 06:00:17 - [] D -- C:\Program Files\PokerStars
O43 - CFD: 2015/04/28 19:57:12 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 2007/11/01 22:32:09 - [] D -- C:\Program Files\ReaConverter 5.0 Pro
O43 - CFD: 2007/03/28 13:00:13 - [] D -- C:\Program Files\Realtek
O43 - CFD: 2006/11/02 14:37:34 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2011/12/11 22:07:59 - [] D -- C:\Program Files\resizer
O43 - CFD: 2008/06/10 19:04:54 - [] D -- C:\Program Files\RozetUtil
O43 - CFD: 2010/03/05 11:00:04 - [] D -- C:\Program Files\Samsung
O43 - CFD: 2008/01/10 00:44:02 - [] D -- C:\Program Files\Sony Ericsson
O43 - CFD: 2007/09/17 17:32:44 - [] D -- C:\Program Files\Soulseek
O43 - CFD: 2008/11/05 12:42:18 - [] D -- C:\Program Files\Symantec
O43 - CFD: 2007/03/28 12:46:41 - [] D -- C:\Program Files\Synaptics
O43 - CFD: 2007/12/12 12:23:41 - [] D -- C:\Program Files\Trend Micro
O43 - CFD: 2007/09/18 11:07:56 - [] D -- C:\Program Files\Ultra AVI Converter
O43 - CFD: 2006/11/02 15:01:55 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2008/01/06 14:10:41 - [] D -- C:\Program Files\Video Add-on
O43 - CFD: 2007/08/08 15:44:42 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2008/05/06 00:34:30 - [] D -- C:\Program Files\VSO
O43 - CFD: 2008/11/04 02:02:26 - [] D -- C:\Program Files\Western Digital
O43 - CFD: 2008/11/04 01:58:03 - [] D -- C:\Program Files\Western Digital Technologies
O43 - CFD: 2009/08/09 17:28:35 - [] D -- C:\Program Files\Windows Calendar
O43 - CFD: 2009/08/09 17:28:30 - [] D -- C:\Program Files\Windows Collaboration
O43 - CFD: 2009/08/09 17:28:06 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/05/15 21:56:28 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2012/04/13 03:03:45 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/06/11 03:36:16 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2006/11/02 14:37:34 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2009/08/09 17:28:25 - [] D -- C:\Program Files\Windows Photo Gallery
O43 - CFD: 2009/11/19 04:28:38 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2011/10/07 12:36:01 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2007/08/16 16:37:12 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2009/08/10 11:12:05 - [] D -- C:\Program Files\Yahoo!
O43 - CFD: 2011/03/06 23:33:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
O43 - CFD: 2011/03/05 04:06:11 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2007/05/25 11:13:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Empowering Technology
O43 - CFD: 2007/05/25 11:14:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GridVista
O43 - CFD: 2007/03/28 12:53:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
O43 - CFD: 2011/03/05 04:06:11 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2010/09/23 11:32:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Registry Optimizer
O43 - CFD: 2011/07/05 11:03:18 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alarme 3.0
O43 - CFD: 2008/10/24 13:19:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
O43 - CFD: 2015/01/06 15:42:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2015/05/31 19:53:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BellePoule
O43 - CFD: 2009/09/17 12:27:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boole & Partners
O43 - CFD: 2008/06/10 19:04:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BricoCalculette
O43 - CFD: 2014/12/13 11:13:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
O43 - CFD: 2011/01/02 20:14:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canal+
O43 - CFD: 2009/03/16 17:55:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP540 series Manual
O43 - CFD: 2008/01/11 01:45:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cuckoo
O43 - CFD: 2007/03/28 13:18:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer
O43 - CFD: 2013/01/27 18:43:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
O43 - CFD: 2011/03/06 23:29:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 2011/03/06 23:34:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
O43 - CFD: 2008/11/08 23:21:08 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 2012/02/13 17:37:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
O43 - CFD: 2009/08/10 11:14:24 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2013/01/13 18:19:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2010/06/25 03:32:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop
O43 - CFD: 2013/04/21 17:53:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
O43 - CFD: 2009/02/16 17:36:27 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/04/28 20:24:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2007/05/25 11:08:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch Manager
O43 - CFD: 2008/07/16 01:09:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveUpdate Notice
O43 - CFD: 2006/11/02 14:56:46 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2013/06/25 14:10:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/05/14 01:58:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2009/12/10 04:11:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
O43 - CFD: 2009/07/28 05:11:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mihov Image Resizer
O43 - CFD: 2007/03/28 13:21:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup NOW! 4.7
O43 - CFD: 2007/03/28 13:20:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI CD & DVD-Maker 7
O43 - CFD: 2014/12/13 10:42:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
O43 - CFD: 2011/12/11 22:08:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea
O43 - CFD: 2014/11/05 13:14:56 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
O43 - CFD: 2008/05/30 09:23:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Commander 3
O43 - CFD: 2009/06/22 10:45:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Commander 3 USB
O43 - CFD: 2015/04/28 19:56:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 2008/01/10 00:45:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
O43 - CFD: 2007/09/17 17:32:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek
O43 - CFD: 2013/01/14 09:37:42 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2006/11/02 14:37:34 - [] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2007/09/18 11:05:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra AVI Converter
O43 - CFD: 2014/11/17 13:37:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2008/05/06 00:34:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
O43 - CFD: 2010/07/16 15:21:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
O43 - CFD: 2007/08/16 16:37:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2010/09/13 10:58:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinStars 2
O43 - CFD: 2015/04/28 20:19:53 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 2015/01/19 13:20:25 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/04/28 20:03:09 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2009/12/25 02:07:35 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2006/11/02 15:02:03 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/03/01 21:53:58 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/04/28 20:23:45 - [] D -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 2009/09/17 12:27:41 - [] D -- C:\ProgramData\Boole & Partners
O43 - CFD: 2011/02/16 15:20:57 - [] D -- C:\ProgramData\Bouygues Telecom
O43 - CFD: 2014/12/13 11:12:31 - [] D -- C:\ProgramData\Brother
O43 - CFD: 2009/10/03 00:02:44 - [] HD -- C:\ProgramData\CanonIJEGV
O43 - CFD: 2011/07/05 11:13:34 - [0] HD -- C:\ProgramData\CanonIJScan
O43 - CFD: 2010/08/02 23:13:31 - [] D -- C:\ProgramData\CheckPoint
O43 - CFD: 2014/12/13 10:50:58 - [] D -- C:\ProgramData\ControlCenter4
O43 - CFD: 2007/07/22 05:48:48 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2006/11/02 15:02:03 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2006/11/02 15:02:03 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2011/03/06 23:29:27 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 2006/11/02 15:02:03 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2014/12/13 10:38:08 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2013/06/25 13:02:03 - [] D -- C:\ProgramData\Google
O43 - CFD: 2007/07/20 13:29:31 - [] D -- C:\ProgramData\InstallShield
O43 - CFD: 2014/11/16 23:14:59 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2012/01/16 15:27:33 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2009/08/10 11:17:23 - [] SD -- C:\ProgramData\Memeo
O43 - CFD: 2014/01/29 04:08:27 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2013/06/25 14:13:12 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2011/06/06 17:18:43 - [0] D -- C:\ProgramData\NtiDvdCopy
O43 - CFD: 2014/12/17 13:33:03 - [] D -- C:\ProgramData\Nuance
O43 - CFD: 2013/12/17 15:52:08 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2009/08/24 17:38:35 - [] D -- C:\ProgramData\PC Suite
O43 - CFD: 2008/12/06 16:49:38 - [] D -- C:\ProgramData\Playrix Entertainment
O43 - CFD: 2014/12/13 10:40:37 - [] D -- C:\ProgramData\ScanSoft
O43 - CFD: 2008/01/10 00:44:45 - [] D -- C:\ProgramData\Sony Ericsson
O43 - CFD: 2006/11/02 15:02:03 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2010/05/08 12:00:58 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2008/11/05 12:42:53 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 2008/01/10 00:44:59 - [] D -- C:\ProgramData\Teleca
O43 - CFD: 2013/06/25 14:01:20 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2006/11/02 15:02:04 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2011/03/06 23:34:12 - [] D -- C:\ProgramData\UDL
O43 - CFD: 2010/08/03 12:32:11 - [] D -- C:\ProgramData\WindowsSearch
O43 - CFD: 2014/12/13 10:42:46 - [] D -- C:\ProgramData\zeon
O43 - CFD: 2010/11/30 21:25:32 - [] D -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 2015/01/19 13:47:02 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2015/04/28 20:21:10 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2009/03/16 17:59:08 - [] D -- C:\Program Files\Common Files\CANON
O43 - CFD: 2007/12/09 02:14:40 - [] D -- C:\Program Files\Common Files\GTK
O43 - CFD: 2007/07/20 13:29:25 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2013/12/17 15:51:42 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2007/03/28 13:20:46 - [] D -- C:\Program Files\Common Files\LightScribe
O43 - CFD: 2013/06/25 14:11:33 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2007/03/28 13:20:15 - [] D -- C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 2007/03/28 13:21:19 - [] D -- C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD: 2011/02/16 15:20:46 - [] D -- C:\Program Files\Common Files\PctelEapPeer Authentication
O43 - CFD: 2014/12/13 10:38:35 - [] D -- C:\Program Files\Common Files\ScanSoft Shared
O43 - CFD: 2006/11/02 13:18:33 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2008/01/10 00:44:33 - [] D -- C:\Program Files\Common Files\Sony Ericsson Shared
O43 - CFD: 2006/11/02 13:18:33 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2008/11/05 13:07:43 - [] D -- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 2011/11/10 04:03:25 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2008/01/10 00:44:41 - [] D -- C:\Program Files\Common Files\Teleca Shared
O43 - CFD: 2007/07/20 13:30:08 - [] D -- C:\Users\Goyallon\AppData\Roaming\Acer
O43 - CFD: 2015/01/19 13:17:53 - [] D -- C:\Users\Goyallon\AppData\Roaming\Adobe
O43 - CFD: 2007/08/15 20:30:25 - [0] D -- C:\Users\Goyallon\AppData\Roaming\AdobeUM
O43 - CFD: 2011/12/20 00:49:28 - [] D -- C:\Users\Goyallon\AppData\Roaming\Apple Computer
O43 - CFD: 2014/11/16 23:25:54 - [] D -- C:\Users\Goyallon\AppData\Roaming\AVAST Software
O43 - CFD: 2011/07/05 11:14:08 - [0] D -- C:\Users\Goyallon\AppData\Roaming\Canon
O43 - CFD: 2014/12/13 11:23:32 - [] D -- C:\Users\Goyallon\AppData\Roaming\ControlCenter4
O43 - CFD: 2011/07/28 20:12:37 - [] D -- C:\Users\Goyallon\AppData\Roaming\CyberLink
O43 - CFD: 2014/09/02 20:45:07 - [] D -- C:\Users\Goyallon\AppData\Roaming\Dropbox
O43 - CFD: 2014/09/02 20:45:05 - [] D -- C:\Users\Goyallon\AppData\Roaming\DropboxMaster
O43 - CFD: 2011/04/27 22:02:59 - [] D -- C:\Users\Goyallon\AppData\Roaming\dvdcss
O43 - CFD: 2011/03/12 21:05:30 - [] D -- C:\Users\Goyallon\AppData\Roaming\EPSON
O43 - CFD: 2014/12/13 11:22:51 - [] D -- C:\Users\Goyallon\AppData\Roaming\FLEXnet
O43 - CFD: 2013/04/21 18:06:24 - [] D -- C:\Users\Goyallon\AppData\Roaming\Google
O43 - CFD: 2008/10/16 18:11:43 - [] D -- C:\Users\Goyallon\AppData\Roaming\Icone
O43 - CFD: 2011/03/06 23:29:50 - [] D -- C:\Users\Goyallon\AppData\Roaming\InstallShield
O43 - CFD: 2013/09/07 09:05:06 - [] D -- C:\Users\Goyallon\AppData\Roaming\Leadertech
O43 - CFD: 2007/07/20 13:29:29 - [] D -- C:\Users\Goyallon\AppData\Roaming\Macromedia
O43 - CFD: 2006/11/02 14:37:34 - [0] D -- C:\Users\Goyallon\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/01/19 13:17:53 - [] SD -- C:\Users\Goyallon\AppData\Roaming\Microsoft
O43 - CFD: 2013/01/23 12:12:14 - [] D -- C:\Users\Goyallon\AppData\Roaming\Mozilla
O43 - CFD: 2014/12/13 10:40:52 - [] D -- C:\Users\Goyallon\AppData\Roaming\Nuance
O43 - CFD: 2015/06/23 11:21:18 - [] D -- C:\Users\Goyallon\AppData\Roaming\ObviousIdea
O43 - CFD: 2014/11/05 13:15:39 - [] D -- C:\Users\Goyallon\AppData\Roaming\OpenOffice
O43 - CFD: 2009/05/21 11:55:12 - [] D -- C:\Users\Goyallon\AppData\Roaming\OpenOffice.org
O43 - CFD: 2009/05/21 11:25:59 - [] D -- C:\Users\Goyallon\AppData\Roaming\OpenOffice.org2
O43 - CFD: 2012/09/01 15:20:56 - [0] D -- C:\Users\Goyallon\AppData\Roaming\PeerNetworking
O43 - CFD: 2010/09/23 11:33:15 - [] D -- C:\Users\Goyallon\AppData\Roaming\Sammsoft
O43 - CFD: 2008/01/10 00:45:50 - [] D -- C:\Users\Goyallon\AppData\Roaming\Sony Ericsson
O43 - CFD: 2010/12/19 17:46:23 - [] D -- C:\Users\Goyallon\AppData\Roaming\Teleca
O43 - CFD: 2013/01/23 12:12:14 - [] D -- C:\Users\Goyallon\AppData\Roaming\TuneUpMedia
O43 - CFD: 2014/06/19 04:59:06 - [] D -- C:\Users\Goyallon\AppData\Roaming\uTorrent
O43 - CFD: 2015/06/23 11:12:21 - [] D -- C:\Users\Goyallon\AppData\Roaming\vlc
O43 - CFD: 2012/08/28 10:47:17 - [] D -- C:\Users\Goyallon\AppData\Roaming\VSO
O43 - CFD: 2007/08/16 16:37:33 - [0] D -- C:\Users\Goyallon\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/10 14:54:27 - [] D -- C:\Users\Goyallon\AppData\Roaming\ZHP
O43 - CFD: 2007/07/20 13:31:19 - [] HD -- C:\Users\Goyallon\AppData\Local\acer eNM
O43 - CFD: 2015/01/19 13:15:54 - [] D -- C:\Users\Goyallon\AppData\Local\Adobe
O43 - CFD: 2012/09/01 22:12:55 - [] D -- C:\Users\Goyallon\AppData\Local\adslTV
O43 - CFD: 2009/12/25 01:59:30 - [] D -- C:\Users\Goyallon\AppData\Local\Apple
O43 - CFD: 2011/08/23 12:33:30 - [] D -- C:\Users\Goyallon\AppData\Local\Apple Computer
O43 - CFD: 2007/07/20 13:28:37 - [] SHD -- C:\Users\Goyallon\AppData\Local\Application Data
O43 - CFD: 2015/05/31 20:34:24 - [] D -- C:\Users\Goyallon\AppData\Local\BellePoule
O43 - CFD: 2011/02/16 14:13:05 - [] D -- C:\Users\Goyallon\AppData\Local\Bouygues Telecom
O43 - CFD: 2011/01/02 20:12:00 - [] D -- C:\Users\Goyallon\AppData\Local\Downloaded Installations
O43 - CFD: 2013/06/25 13:02:03 - [] D -- C:\Users\Goyallon\AppData\Local\Google
O43 - CFD: 2015/01/09 14:21:53 - [] D -- C:\Users\Goyallon\AppData\Local\gtk-2.0
O43 - CFD: 2007/07/20 13:28:37 - [] SHD -- C:\Users\Goyallon\AppData\Local\History
O43 - CFD: 2015/01/19 13:17:53 - [] D -- C:\Users\Goyallon\AppData\Local\Microsoft
O43 - CFD: 2007/07/27 00:27:36 - [] D -- C:\Users\Goyallon\AppData\Local\Microsoft Games
O43 - CFD: 2009/07/02 11:48:10 - [0] D -- C:\Users\Goyallon\AppData\Local\Microsoft Help
O43 - CFD: 2009/12/29 01:03:00 - [] D -- C:\Users\Goyallon\AppData\Local\Mozilla
O43 - CFD: 2013/01/27 18:48:12 - [] D -- C:\Users\Goyallon\AppData\Local\Nego
O43 - CFD: 2013/04/20 15:06:02 - [] D -- C:\Users\Goyallon\AppData\Local\Paint.NET
O43 - CFD: 2008/01/10 00:46:25 - [] D -- C:\Users\Goyallon\AppData\Local\Sony Ericsson
O43 - CFD: 2015/07/10 14:54:51 - [] D -- C:\Users\Goyallon\AppData\Local\Temp
O43 - CFD: 2012/02/13 17:33:31 - [] D -- C:\Users\Goyallon\AppData\Local\TempDIR
O43 - CFD: 2007/07/20 13:28:37 - [] SHD -- C:\Users\Goyallon\AppData\Local\Temporary Internet Files
O43 - CFD: 2010/08/03 01:58:13 - [] D -- C:\Users\Goyallon\AppData\Local\truc a jeter ou garder si plante
O43 - CFD: 2007/10/12 11:41:52 - [] D -- C:\Users\Goyallon\AppData\Local\VirtualStore
O43 - CFD: 2007/10/11 11:04:06 - [] D -- C:\Users\Goyallon\AppData\Local\WindowsUpdate
O43 - CFD: 2006/11/02 14:54:36 - [] RD -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2007/07/20 13:29:57 - [] RD -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/05/31 19:53:43 - [] D -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BellePoule
O43 - CFD: 2014/09/02 20:44:15 - [] D -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 2009/02/16 17:36:27 - [0] D -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2006/11/02 14:50:41 - [] RD -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2007/09/17 17:32:44 - [0] D -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek
O43 - CFD: 2013/06/25 13:44:27 - [] RD -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2008/11/04 01:58:04 - [] D -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WD Diagnostics
O43 - CFD: 2007/08/16 16:37:12 - [] D -- C:\Users\Goyallon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2007/07/20 14:43:38 - [] HD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED

---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (25) - 3s
O53 - SMSR:HKLM\...\startupreg\Acer Assist Launcher [Key] . (...) -- C:\Program Files\Acer Assist\launcher.exe
O53 - SMSR:HKLM\...\startupreg\Acer Product Registration [Key] . (.Leader Technologies - Acer Product Registration.) -- C:\Program Files\Acer Registration\ACE1.exe
O53 - SMSR:HKLM\...\startupreg\Acer Tour Reminder [Key] . (.Acer Inc. - Acer Tour Reminder.) -- C:\Acer\AcerTour\Reminder.exe
O53 - SMSR:HKLM\...\startupreg\ALaunch [Key] . (...) -- C:\Acer\ALaunch\AlaunchClient.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Bouygues Connection Manager [Key] . (...) -- C:\Program Files\Bouygues Telecom\Internet 3G+\Bouygues.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CANAL+ CANALSAT A LA DEMANDE [Key] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe
O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (...) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\eDataSecurity Loader [Key] . (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O53 - SMSR:HKLM\...\startupreg\eDSMSNfix [Key] . (.HiTRUST co. - eDSMSNFix Utility.) -- C:\Acer\Empowering Technology\eDSMSNfix.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\IS CfgWiz [Key] . (...) -- C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ISUSPM Startup [Key] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\LManager [Key] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\RegistryBooster [Key] . (...) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe (.not file.) =>PUP.Optional.UniblueSystem
O53 - SMSR:HKLM\...\startupreg\SetPanel [Key] . (...) -- C:\Acer\APanel\APanel.cmd (.not file.)
O53 - SMSR:HKLM\...\startupreg\Sony Ericsson PC Suite [Key] . (.Copyright (c) 2007 Teleca AB. All rights reserved. - Application Launcher.) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
O53 - SMSR:HKLM\...\startupreg\swg [Key] . (...) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Symantec PIF AlertEng [Key] . (.Symantec Corporation - LiveUpdate Notice Service.) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O53 - SMSR:HKLM\...\startupreg\Windows Mobile-based device management [Key] . (.Microsoft Corporation - Windows Mobile Device Center.) -- C:\Windows\WindowsMobile\wmdc.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Windows Media Player Network Sharing Servic.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe

---\\ System Drivers List (SDL) (O58) (120) - 61s
O58 - SDL:2006/11/02 11:51:38 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [420968]
O58 - SDL:2006/11/02 11:51:32 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297576]
O58 - SDL:2006/11/02 11:50:35 A . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\drivers\adpu160m.sys [98408]
O58 - SDL:2006/11/02 11:51:00 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [147048]
O58 - SDL:2006/10/05 05:39:40 A . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\System32\drivers\AGRSM.sys [1161152]
O58 - SDL:2006/11/02 11:49:20 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14952]
O58 - SDL:2006/11/02 11:50:09 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [67688]
O58 - SDL:2006/11/02 11:50:10 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [67688]
O58 - SDL:2015/04/22 13:45:17 A . (...) -- C:\Windows\System32\drivers\aswHwid.sys [24144]
O58 - SDL:2015/04/22 13:45:17 A . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [74976]
O58 - SDL:2015/04/22 13:45:17 A . (.Avast Software s.r.o. - avast! TDI Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [55200]
O58 - SDL:2015/04/22 13:45:18 A . (...) -- C:\Windows\System32\drivers\aswRvrt.sys [49904]
O58 - SDL:2015/04/22 13:43:45 A . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [787760]
O58 - SDL:2015/07/07 13:46:07 A . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\drivers\aswsp.sys [428120]
O58 - SDL:2015/04/22 13:45:19 A . (.Avast Software s.r.o. - avast! TDI Filter Driver.) -- C:\Windows\System32\drivers\aswTdi.sys [57888]
O58 - SDL:2015/04/22 13:45:19 A . (...) -- C:\Windows\System32\drivers\aswVmm.sys [209048]
O58 - SDL:2007/03/17 07:30:00 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athr.sys [698880]
O58 - SDL:2007/03/06 10:15:00 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL6.SYS [534016]
O58 - SDL:2006/11/02 10:24:45 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568]
O58 - SDL:2006/11/02 10:24:46 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248]
O58 - SDL:2009/11/03 05:06:11 A . (.Brother Industries Ltd. - Brother MFC Serial Interface Driver(WDM).) -- C:\Windows\System32\drivers\BrSerIb.sys [71424]
O58 - SDL:2006/11/02 10:25:24 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [71808]
O58 - SDL:2006/11/02 10:24:44 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336]
O58 - SDL:2006/11/02 10:24:44 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:2006/11/02 10:24:47 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904]
O58 - SDL:2009/11/03 05:06:12 A . (.Brother Industries Ltd. - Brother MFC Serial USB Driver(WDM).) -- C:\Windows\System32\drivers\BrUsbSib.sys [11520]
O58 - SDL:2006/10/05 04:42:42 N . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\Windows\System32\drivers\cdr4_xp.sys [2432]
O58 - SDL:2006/10/05 04:42:42 N . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\drivers\cdralw2k.sys [2560]
O58 - SDL:2006/11/02 11:49:28 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [16488]
O58 - SDL:2006/11/02 11:50:11 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [71272]
O58 - SDL:2007/01/11 09:47:00 A . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\System32\drivers\DKbFltr.sys [21264]
O58 - SDL:2006/11/02 09:30:54 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G60I32.sys [117760]
O58 - SDL:2006/11/02 11:51:34 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [316520]
O58 - SDL:2009/06/22 19:26:06 RA . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbdev.sys [100736]
O58 - SDL:2012/08/21 14:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26840]
O58 - SDL:2006/11/02 11:50:10 A . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\drivers\HpCISSs.sys [37480]
O58 - SDL:2006/11/02 11:51:25 A . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\drivers\iaStorV.sys [232040]
O58 - SDL:2008/02/11 20:36:10 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [2302976]
O58 - SDL:2006/11/02 11:50:17 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41576]
O58 - SDL:2007/04/25 04:15:20 A . (...) -- C:\Windows\System32\drivers\int15.sys [76584]
O58 - SDL:2007/04/25 04:15:18 A . (...) -- C:\Windows\System32\drivers\int15_64.sys [15656]
O58 - SDL:2006/11/02 11:50:07 A . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\drivers\iteatapi.sys [35944]
O58 - SDL:2006/11/02 11:50:09 A . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\drivers\iteraid.sys [35944]
O58 - SDL:2006/11/02 11:50:04 A . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [65640]
O58 - SDL:2006/11/02 11:50:05 A . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [65640]
O58 - SDL:2006/11/02 11:50:10 A . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [65640]
O58 - SDL:2006/11/02 11:49:53 A . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [28776]
O58 - SDL:2006/11/02 11:49:59 A . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\Mraid35x.sys [33384]
O58 - SDL:2011/08/02 18:38:44 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\drivers\netaapl.sys [18432]
O58 - SDL:2006/11/02 11:50:19 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [45160]
O58 - SDL:2007/03/28 13:19:42 A . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\drivers\NTIDrvr.sys [6144]
O58 - SDL:2006/11/02 09:36:50 A . (.N-trig Innovative Technologies - N-trig tablet digitizer in-box driver.) -- C:\Windows\System32\drivers\ntrigdigi.sys [20608]
O58 - SDL:2006/11/02 11:50:24 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [88680]
O58 - SDL:2006/11/02 11:50:13 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [40040]
O58 - SDL:2003/04/28 18:31:18 RA . (.OEM - OX16C95x Serial Device Driver.) -- C:\Windows\System32\drivers\OXSER.SYS [51169]
O58 - SDL:2007/02/07 09:04:48 A . (.HiTRUST - PSD Filter Driver.) -- C:\Windows\System32\drivers\psdfilter.sys [20264]
O58 - SDL:2007/02/07 09:04:54 A . (.HiTRUST - PSD Named Pipe Driver.) -- C:\Windows\System32\drivers\PSDNServ.sys [16680]
O58 - SDL:2007/02/07 09:04:50 A . (.HiTRUST - PSD Virtual Disk Driver.) -- C:\Windows\System32\drivers\psdvdisk.sys [60712]
O58 - SDL:2006/09/27 23:53:22 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\drivers\pxhelp20.sys [36560]
O58 - SDL:2006/11/02 11:51:45 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [900712]
O58 - SDL:2006/11/02 11:50:35 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106088]
O58 - SDL:2006/12/01 07:38:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [1655464]
O58 - SDL:2007/04/24 12:33:34 A . (.MCCI Corporation - Sony Ericsson Device 125 Driver.) -- C:\Windows\System32\drivers\s125bus.sys [83336]
O58 - SDL:2007/04/24 12:33:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s125cm.sys [12424]
O58 - SDL:2007/04/24 12:33:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s125cmnt.sys [12424]
O58 - SDL:2007/04/24 12:33:42 A . (.MCCI Corporation - Sony Ericsson Device 125 USB WMC Modem Filt.) -- C:\Windows\System32\drivers\s125mdfl.sys [15112]
O58 - SDL:2007/04/24 12:33:44 A . (.MCCI Corporation - Sony Ericsson Device 125 USB WMC Modem WDM.) -- C:\Windows\System32\drivers\s125mdm.sys [108680]
O58 - SDL:2007/04/24 12:33:46 A . (.MCCI Corporation - Sony Ericsson Device 125 USB WMC Device Man.) -- C:\Windows\System32\drivers\s125mgmt.sys [100488]
O58 - SDL:2007/04/24 12:33:46 A . (.MCCI Corporation - Sony Ericsson Device 125 USB WMC OBEX Inter.) -- C:\Windows\System32\drivers\s125obex.sys [98696]
O58 - SDL:2007/04/24 12:33:48 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s125wh.sys [12424]
O58 - SDL:2007/04/24 12:33:48 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s125whnt.sys [12424]
O58 - SDL:2006/11/02 08:37:21 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480]
O58 - SDL:2007/06/06 07:57:12 A . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\Windows\System32\drivers\ser2pl.sys [48640]
O58 - SDL:2004/02/11 06:29:34 RA . (.Socket Communications, Inc. - WDM serial port device driver.) -- C:\Windows\System32\drivers\Sio9502k.sys [48076]
O58 - SDL:2006/11/02 11:50:10 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [38504]
O58 - SDL:2006/11/02 11:50:16 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [71784]
O58 - SDL:2004/03/23 03:26:22 RA . (.Socket Communications, Inc. - WDM serial port device driver.) -- C:\Windows\System32\drivers\SktBt2k.sys [48556]
O58 - SDL:2008/10/24 13:07:45 A . (...) -- C:\Windows\System32\drivers\sptd.sys [716272]
O58 - SDL:2005/08/17 08:45:00 A . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\Windows\System32\drivers\sscdbus.sys [58352]
O58 - SDL:2005/08/17 08:47:42 A . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdcm.sys [6176]
O58 - SDL:2005/08/17 08:47:42 A . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdcmnt.sys [6176]
O58 - SDL:2005/08/17 08:46:20 A . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\Windows\System32\drivers\sscdmdfl.sys [8272]
O58 - SDL:2005/08/17 08:46:26 A . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\Windows\System32\drivers\sscdmdm.sys [93872]
O58 - SDL:2005/08/17 08:47:48 A . (.MCCI - SAMSUNG CDMA Modem Diagnostic Serial Port D.) -- C:\Windows\System32\drivers\sscdserd.sys [73696]
O58 - SDL:2005/08/17 08:44:56 A . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdwh.sys [5840]
O58 - SDL:2005/08/17 08:44:56 A . (.MCCI - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdwhnt.sys [5840]
O58 - SDL:2007/10/25 17:26:10 A . (...) -- C:\Windows\System32\drivers\StarOpen.sys [5632]
O58 - SDL:2006/11/02 11:50:05 A . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\drivers\symc8xx.sys [35944]
O58 - SDL:2006/11/02 11:49:56 A . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\drivers\sym_hi.sys [31848]
O58 - SDL:2006/11/02 11:50:03 A . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\drivers\sym_u3.sys [34920]
O58 - SDL:2006/11/16 08:45:28 A . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [179896]
O58 - SDL:2006/07/06 07:44:00 A . (.Texas Instruments - tifm21.sys.) -- C:\Windows\System32\drivers\tifm21.sys [168448]
O58 - SDL:2007/04/25 04:15:20 A . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\System32\drivers\TVicPort.sys [14544]
O58 - SDL:2007/04/25 04:15:18 A . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\System32\drivers\TVicPort64.sys [8704]
O58 - SDL:2006/11/02 11:51:25 A . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\drivers\uliahci.sys [235112]
O58 - SDL:2006/11/02 11:50:35 A . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) -- C:\Windows\System32\drivers\ulsata.sys [98408]
O58 - SDL:2006/11/02 11:50:45 A . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\drivers\ulsata2.sys [115816]
O58 - SDL:2014/08/15 22:35:00 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056]
O58 - SDL:2006/11/02 11:49:30 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17512]
O58 - SDL:2006/11/02 11:50:41 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\drivers\vsmraid.sys [112232]
O58 - SDL:2003/07/03 19:58:34 RA . (.National Semiconductor Sweden AB - wssbt.) -- C:\Windows\System32\drivers\wssbtr1f.sys [63488]
O58 - SDL:2007/07/31 08:22:00 A . (.Marvell - NDIS6.0 Miniport Driver for Marvell Yukon E.) -- C:\Windows\System32\drivers\yk60x86.sys [278528]
O58 - SDL:2007/04/25 04:15:20 A . (.Zeal SoftStudio - zntport.) -- C:\Windows\System32\drivers\zntport.sys [6080]
O58 - SDL:2007/04/25 04:15:20 A . (.Zeal SoftStudio - NTPort Library kernel driver.) -- C:\Windows\System32\drivers\zntport64.sys [6144]
O58 - SDL:2006/11/02 09:09:42 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2006/11/02 09:09:45 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/02/16 16:13:14 A . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36608]
O58 - SDL:2006/11/02 09:09:41 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2006/11/02 09:09:44 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2006/11/02 09:09:44 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2006/11/02 09:09:29 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2006/11/02 09:09:35 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2006/11/02 09:09:38 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2006/11/02 09:09:40 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2006/11/02 09:09:31 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2006/11/02 09:09:20 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2006/11/02 09:09:23 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2006/11/02 09:09:24 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2006/11/02 09:09:26 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2006/11/02 09:09:22 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]

---\\ Last modified or created user files (O61) (24) - 221s
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll [0]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdm.dll [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\EVWhitelist\6\_platform_specific\all\ev_hashes_whitelist.bin [0]
O61 - LFC: 2015/07/10 13:38:45 A . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\PepperFlash\16.0.0.305\pepflashplayer.dll [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\1033\StructuredQuerySchema.bin [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\nacl_validation_cache.bin [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Nego\Nego.exe [0]
O61 - LFC: // :: . (..) -- C:\Users\Goyallon\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Acrobat\10.0\UserCache.bin [0]

---\\ File Associations Shell Spawning (O67) (9) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (1) - 6s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (SSS) (O83) (31) - 3s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [444928]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [316928]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Terminal Server Remote Connections Manager.) -- C:\Windows\System32\termsrv.dll [449536]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153600]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Terminal Services Configuration service.) -- C:\Windows\System32\SessEnv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [68096]

---\\ Firewall Active Exception List (FirewallRules) (O87) (6) - 6s
O87 - FAEL: "TCP Query User{AE1B3532-20CB-4E82-88C5-F87C1DD1F4B0}C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P6-TRUE] .(...) -- C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.Optional.CacaoWeb
O87 - FAEL: "UDP Query User{8CDB2124-53CC-451D-B1CC-0DE0B2AD464A}C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P17-TRUE] .(...) -- C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.Optional.CacaoWeb
O87 - FAEL: "TCP Query User{83CDA14A-CE29-4C3B-9D43-3BA73153D969}C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P6-TRUE] .(...) -- C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.Optional.CacaoWeb
O87 - FAEL: "UDP Query User{0B0A57D9-7029-4DB1-8CF1-B8F02CDE72E8}C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P17-TRUE] .(...) -- C:\users\goyallon\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.Optional.CacaoWeb
O87 - FAEL: "{EE388803-9871-49B8-A326-7EEB27C44555}" [In-None-P6-TRUE] .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.Optional.SweetIM
O87 - FAEL: "{38118AAC-0239-43ED-8945-C1CE88ADE6FA}" [In-None-P17-TRUE] .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.Optional.SweetIM

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (27) - 115s
SR - Auto [2014/12/03 20:06:08] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Disabled [2006/10/05 07:10:12] [ 9216] Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems.) - C:\Windows\System32\agrsmsvc.exe
SS - Disabled [2007/01/26 23:24:42] [ 50688] ALaunch Service (ALaunchService) . (.Copyright (C) 2006.) - C:\Acer\ALaunch\ALaunchSvc.exe
SR - Auto [2015/01/19 23:30:38] [ 60744] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - Auto [2007/09/12 19:27:24] [ 554352] Automatic LiveUpdate Scheduler (Automatic LiveUpdate Scheduler) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
SR - Auto [2015/04/22 13:44:04] [ 343336] Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - Auto [2011/08/31 00:05:02] [ 390504] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - Demand [2010/01/25 09:22:56] [ 245760] BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files\Browny02\BrYNSvc.exe
SS - Disabled [2007/02/07 09:04:26] [ 457512] eDataSecurity Service (eDataSecurity Service) . (.HiTRSUT.) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
SS - Disabled [2006/12/22 23:43:18] [ 24576] eLock Service (eLockService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
SS - Disabled [2006/12/29 05:07:22] [ 126976] eNet Service (eNet Service) . (.Acer Inc..) - C:\Acer\Empowering Technology\eNet\eNet Service.exe
SR - Auto [2007/12/17 15:00:00] [ 143872] EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
SR - Auto [2007/01/11 15:02:00] [ 113664] EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
SS - Disabled [2007/02/01 03:18:42] [ 53248] eRecovery Service (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
SS - Disabled [2007/04/25 04:17:34] [ 24576] eSettings Service (eSettingsService) . (.Copyright © 2006.) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
SS - Disabled [2010/06/24 09:51:34] [ 30192] Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - Auto [2014/10/22 05:21:56] [ 107912] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2014/10/22 05:21:56] [ 107912] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - Demand [2015/04/07 00:29:36] [ 540968] Service de l’iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - Disabled [2006/12/15 02:49:10] [ 61440] LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - Demand [2007/09/12 19:27:24] [ 2999664] LiveUpdate (LiveUpdate) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
SR - Auto [2008/01/29 17:38:31] [ 583048] LiveUpdate Notice Service (LiveUpdate Notice Service) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
SS - Disabled [2006/11/24 21:57:54] [ 107008] MobilityService (MobilityService) . (...) - C:\Acer\Mobility Center\MobilityService.exe
SR - Auto [2010/03/09 01:40:36] [ 144672] PDFProFiltSrvPP (PDFProFiltSrvPP) . (.Nuance Communications, Inc..) - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
SS - Disabled [2006/07/19 20:36:58] [ 262247] Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Copyright 2004.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SS - Disabled [2007/05/28 18:57:54] [ 275968] StarWind AE Service (StarWindServiceAE) . (.Rocket Division Software.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
SS - Disabled [2007/01/02 18:33:24] [ 135168] ePower Service (WMIService) . (.acer.) - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

---\\ Additional Scan (O88) (1) - 0s
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced Registry Optimizer_is1 =>PUP.Optional.WinZipRegistry

---\\ Summary of the detections found on your workstation (4) - 0s
http://www.nicolascoolman.fr/blog =>PUP.Optional.WinZipRegistry
http://www.nicolascoolman.fr/blog =>PUP.Optional.UniblueSystem
http://www.nicolascoolman.fr/pup-cacaoweb/ =>PUP.Optional.CacaoWeb
http://www.nicolascoolman.fr/pup-sweetim/ =>PUP.Optional.SweetIM

~ End of the scan, 88514 items in 564 seconds (986)(0)()

Publicité


Signaler le contenu de ce document

Publicité