Répondre à : Fichier clés usb transformé en raccourcis 2016-09-08T13:42:28+00:00
marinezer
Participant
Nombre d'articles : 15

—\ Composants installés (ActiveSetup Installed Components) (O40)
O40 – ASIC: Microsoft Windows Media Player – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Internet Explorer – >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Explorer par utilisateur.) — C:Windowssystem32ie4uinit.exe
O40 – ASIC: Browser Customizations – >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation – Personnalisation d’IEAK.) — C:Windowssystem32iedkcs32.dll
O40 – ASIC: Microsoft Windows Media Player 11.0 – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSystem32wmpdxm.dll =>.Microsoft Corporation
O40 – ASIC: Themes Setup – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
O40 – ASIC: Microsoft Windows Mail 7 – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program FilesWindows MailWinMail.exe =>.Microsoft Corporation
O40 – ASIC: Browsing Enhancements – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
O40 – ASIC: Microsoft Windows Media Player – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Windows Desktop Update – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
O40 – ASIC: Internet Explorer – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Explorer par utilisateur.) — C:Windowssystem32ie4uinit.exe
O40 – ASIC: (no name) – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
O40 – ASIC: Google Chrome – {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplication34.0.1847.137Installerchrmstp.exe
O40 – ASIC: Shockwave Flash Object – {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. – Adobe Flash Player 13.0 r0.) — C:Windowssystem32MacromedFlashFlash32_13_0_0_214.ocx
~ Active Setup: 13 Scanned in 00mn 00s

—\ Pilotes lancés au démarrage du système (O41)
O41 – Driver: (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
O41 – Driver: (AswRdr) . (.AVAST Software – avast! TDI Redirect Driver.) – C:Windowssystem32driversaswRdr.sys
O41 – Driver: (aswSnx) . (.AVAST Software – avast! Virtualization Driver.) – C:Windowssystem32driversaswSnx.sys
O41 – Driver: (aswSP) . (.AVAST Software – avast! self protection module.) – C:Windowssystem32driversaswSP.sys
O41 – Driver: (aswTdi) . (.AVAST Software – avast! TDI Filter Driver.) – C:Windowssystem32driversaswTdi.sys
O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
O41 – Driver: (DritekPortIO) . (.Dritek System Inc. – General Port I/O.) – C:Program FilesLAUNCH~1DPortIO.sys
O41 – Driver: (i8042prt) . (.Microsoft Corporation – Pilote de port i8042.) – C:WindowsSystem32DRIVERSi8042prt.sys
O41 – Driver: (kbdclass) . (.Microsoft Corporation – Pilote de la classe Clavier.) – C:WindowsSystem32DRIVERSkbdclass.sys
O41 – Driver: (mouclass) . (.Microsoft Corporation – Pilote de la classe Souris.) – C:WindowsSystem32DRIVERSmouclass.sys
O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
O41 – Driver: (netbt) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
O41 – Driver: (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
O41 – Driver: C:WindowsSystem32driverspacer.sys (PSched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
O41 – Driver: (RasAcd) . (.Microsoft Corporation – RAS Automatic Connection Driver.) – C:WindowsSystem32DRIVERSrasacd.sys
O41 – Driver: (rdbss) . (.Microsoft Corporation – Redirected Drive Buffering SubSystem Driver.) – C:WindowsSystem32DRIVERSrdbss.sys
O41 – Driver: (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
O41 – Driver: (RDPENCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32driversrdpencdd.sys
O41 – Driver: C:WindowsSystem32tcpipcfg.dll (Smb) . (.Microsoft Corporation – SMB Transport driver.) – C:WindowsSystem32DRIVERSsmb.sys
O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
O41 – Driver: (TermDD) . (.Microsoft Corporation – Terminal Server Driver.) – C:WindowsSystem32DRIVERStermdd.sys
O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
O41 – Driver: (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
~ Drivers: 48 Scanned in 00mn 00s

—\ Logiciels installés (O42)
O42 – Logiciel: 32 Bit HP CIO Components Installer – (.Hewlett-Packard.) [HKLM] — {F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
O42 – Logiciel: Adobe Flash Player 13 ActiveX – (.Adobe Systems Incorporated.) [HKLM] — Adobe Flash Player ActiveX
O42 – Logiciel: Adobe Flash Player 13 Plugin – (.Adobe Systems Incorporated.) [HKLM] — Adobe Flash Player Plugin
O42 – Logiciel: Adobe Reader 9.5.5 – Français – (.Adobe Systems Incorporated.) [HKLM] — {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 – Logiciel: Adobe Shockwave Player 11.5 – (.Adobe Systems, Inc..) [HKLM] — Adobe Shockwave Player
O42 – Logiciel: Apple Software Update – (.Apple Inc..) [HKLM] — {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 – Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver – (.Atheros Communications Inc..) [HKLM] — {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 – Logiciel: CCleaner – (.Piriform.) [HKLM] — CCleaner
O42 – Logiciel: Canon Easy-WebPrint EX – (…) [HKLM] — Easy-WebPrint EX
O42 – Logiciel: Canon IJ Scan Utility – (.‪Canon Inc.‬.) [HKLM] — Canon_IJ_Scan_Utility
O42 – Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program – (.Canon Inc..) [HKLM] — CANONIJPLM100
O42 – Logiciel: Canon MG2200 series MP Drivers – (.Canon Inc..) [HKLM] — {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series
O42 – Logiciel: Canon MG2200 series On-screen Manual – (.Canon Inc..) [HKLM] — Canon MG2200 series On-screen Manual
O42 – Logiciel: Canon My Image Garden – (.Canon Inc..) [HKLM] — Canon My Image Garden
O42 – Logiciel: Canon My Image Garden Design Files – (.Canon Inc..) [HKLM] — Canon My Image Garden Design Files
O42 – Logiciel: Canon My Printer – (.Canon Inc..) [HKLM] — CanonMyPrinter
O42 – Logiciel: Canon Quick Menu – (.Canon Inc..) [HKLM] — CanonQuickMenu
O42 – Logiciel: Enregistrement utilisateur de Canon MG2200 series – (.Canon Inc.‎.) [HKLM] — Enregistrement utilisateur de Canon MG2200 series =>.Canon Inc
O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM] — Google Chrome
O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 – Logiciel: InterActual Player – (…) [HKLM] — InterActual Player
O42 – Logiciel: InterVideo WinDVD 8 – (.InterVideo Inc..) [HKLM] — InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 – Logiciel: JDownloader 0.9 – (.AppWork GmbH.) [HKLM] — 5513-1208-7298-9440
O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM] — {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 – Logiciel: Launch Manager – (.eMachines.) [HKLM] — LManager
O42 – Logiciel: LauncherMA – (.Micro Application.) [HKLM] — {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM] — {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 – Logiciel: MSXML 4.0 SP2 (KB954430) – (.Microsoft Corporation.) [HKLM] — {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 – Logiciel: MSXML 4.0 SP2 (KB973688) – (.Microsoft Corporation.) [HKLM] — {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 – Logiciel: Microsoft Choice Guard – (.Microsoft Corporation.) [HKLM] — {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 – Logiciel: Microsoft WSE 3.0 Runtime – (.Microsoft Corp..) [HKLM] — {E3E71D07-CD27-46CB-8448-16D4FB29AA13}
O42 – Logiciel: Microsoft Works – (.Microsoft Corporation.) [HKLM] — {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 – Logiciel: MyTomTom 3.2.0.802 – (.TomTom.) [HKLM] — MyTomTom
O42 – Logiciel: NTI Backup Now 5 – (.NewTech Infosystems.) [HKLM] — InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 – Logiciel: NTI Media Maker 8 – (.NewTech Infosystems.) [HKLM] — InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 – Logiciel: OpenOffice.org 3.3 – (.OpenOffice.org.) [HKLM] — {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 – Logiciel: QuickTime – (.Apple Inc..) [HKLM] — {EB900AF8-CC61-4E15-871B-98D1EA3E8025}
O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 – Logiciel: Realtek USB 2.0 Card Reader – (.Realtek Semiconductor Corp..) [HKLM] — {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 – Logiciel: Synaptics Pointing Device Driver – (.Synaptics.) [HKLM] — SynTPDeinstKey
O42 – Logiciel: VLC media player 0.9.9 – (.VideoLAN Team.) [HKLM] — VLC media player =>.VideoLAN
O42 – Logiciel: Video Web Camera – (.SuYin.) [HKLM] — {A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}
O42 – Logiciel: Visual Studio C++ 10.0 Runtime – (.TomTom International B.V..) [HKLM] — {4412F224-3849-4461-A3E9-DEEF8D252790}
O42 – Logiciel: Windows Media Player Firefox Plugin – (.Microsoft Corp.) [HKLM] — {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 – Logiciel: avast! Free Antivirus v9.0.2013 – (.Avast Software.) [HKLM] — avast
O42 – Logiciel: eMachines Power Management – (.eMachines.) [HKLM] — {3DB0448D-AD82-4923-B305-D001E521A964}
O42 – Logiciel: eMachines Recovery Management – (.Acer Incorporated.) [HKLM] — {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 – Logiciel: eMachines ScreenSaver – (.eMachines.) [HKLM] — eMachines Screensaver
~ Logic: 33 Scanned in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKCUSoftware5353dc8bb339e544] =>Hijacker.Eazel
[HKCUSoftwareALWIL Software]
[HKCUSoftwareATI Technologies Inc.]
[HKCUSoftwareATI]
[HKCUSoftwareAVAST Software]
[HKCUSoftwareAdobe]
[HKCUSoftwareAppDataLowSoftwareAdobe]
[HKCUSoftwareAppDataLowSoftwareCanon]
[HKCUSoftwareAppDataLowSoftwareConduitSearchScopes]
[HKCUSoftwareAppDataLowSoftwareConduit] =>Toolbar.Conduit
[HKCUSoftwareAppDataLowSoftwareDivX]
[HKCUSoftwareAppDataLowSoftwareJavaSoft]
[HKCUSoftwareAppDataLowSoftwareSimplytech]
[HKCUSoftwareAppDataLowSoftwareSmartbar] =>Hijacker.SmartBar
[HKCUSoftwareAppDataLow]
[HKCUSoftwareApple Computer, Inc.]
[HKCUSoftwareApple Inc.]
[HKCUSoftwareAudacity]
[HKCUSoftwareBabSolution] =>Hijacker.BabSolution
[HKCUSoftwareBrother]
[HKCUSoftwareCanonBJ]
[HKCUSoftwareCanon]
[HKCUSoftwareClasses]
[HKCUSoftwareClients]
[HKCUSoftwareConduit] =>Toolbar.Conduit
[HKCUSoftwareDataMngr] =>PUP.Datamngr
[HKCUSoftwareDataPulse Singapore]
[HKCUSoftwareDevNet]
[HKCUSoftwareDivXNetworks]
[HKCUSoftwareElectronic Arts]
[HKCUSoftwareFarm Mania 2]
[HKCUSoftwareFissaSearch] =>PUP.OfferBox
[HKCUSoftwareFreeCompressor]
[HKCUSoftwareGoogle]
[HKCUSoftwareHewlett-Packard]
[HKCUSoftwareIADirectShow]
[HKCUSoftwareIM Providers]
[HKCUSoftwareInstallCore] =>Adware.InstallCore
[HKCUSoftwareIntel]
[HKCUSoftwareInterActual Technologies]
[HKCUSoftwareInterVideo]
[HKCUSoftwareJEDI-VCL]
[HKCUSoftwareLocal AppWizard-Generated Applications]
[HKCUSoftwareMacromedia]
[HKCUSoftwareMacrovision]
[HKCUSoftwareMozillaPlugins]
[HKCUSoftwareNero]
[HKCUSoftwareNetscape]
[HKCUSoftwareNewTech Infosystems]
[HKCUSoftwareNosibay]
[HKCUSoftwareODBC]
[HKCUSoftwareOberon]
[HKCUSoftwareOfferBox] =>PUP.OfferBox
[HKCUSoftwareOpenOffice.org]
[HKCUSoftwarePiriform]
[HKCUSoftwarePolicies]
[HKCUSoftwarePopCap]
[HKCUSoftwareRealtek]
[HKCUSoftwareSFR]
[HKCUSoftwareSandlot Games]
[HKCUSoftwareSkypeRS]
[HKCUSoftwareSkype]
[HKCUSoftwareSoftware]
[HKCUSoftwareSonix]
[HKCUSoftwareSony Corporation]
[HKCUSoftwareSynaptics]
[HKCUSoftwareTeam17SoftwareLTD]
[HKCUSoftwareTeamViewer]
[HKCUSoftwareTeleCharger]
[HKCUSoftwareTomTom]
[HKCUSoftwareTrolltech]
[HKCUSoftwareTuneUp]
[HKCUSoftwareUsbFix]
[HKCUSoftwareVB and VBA Program Settings]
[HKCUSoftwareVSO]
[HKCUSoftwareWildTangent]
[HKCUSoftwareWindows Live Writer]
[HKCUSoftwareZebHelpProcess Helper]
[HKCUSoftwareacer]
[HKCUSoftwareej-technologies]
[HKCUSoftwarelollipop] =>Adware.Lollipop
[HKCUSoftwaremozilla]
[HKLMSoftwareALWIL Software]
[HKLMSoftwareAMD]
[HKLMSoftwareATI Technologies]
[HKLMSoftwareATI]
[HKLMSoftwareAVAST Software]
[HKLMSoftwareAcer Incorporated]
[HKLMSoftwareAcer]
[HKLMSoftwareAdobe]
[HKLMSoftwareAppDataLow]
[HKLMSoftwareApple Computer, Inc.]
[HKLMSoftwareApple Inc.]
[HKLMSoftwareAtheros Communications Inc.]
[HKLMSoftwareBabylon] =>PUP.Babylon
[HKLMSoftwareBig Fish Games]
[HKLMSoftwareBoonty]
[HKLMSoftwareBoxore] =>Adware.Boxore
[HKLMSoftwareBroadCom]
[HKLMSoftwareBrowserChoice]
[HKLMSoftwareCanon]
[HKLMSoftwareClasses]
[HKLMSoftwareClients]
[HKLMSoftwareCompal]
[HKLMSoftwareConduit] =>Toolbar.Conduit
[HKLMSoftwareCyberlink]
[HKLMSoftwareDataMngr] =>PUP.Datamngr
[HKLMSoftwareDigital River]
[HKLMSoftwareDivXNetworks]
[HKLMSoftwareDivX]
[HKLMSoftwareDomaIQ] =>Adware.DomaIQ
[HKLMSoftwareElectronic Arts]
[HKLMSoftwareGEAR Software]
[HKLMSoftwareGamesBarSetup] =>Adware.GamesBar
[HKLMSoftwareGateway]
[HKLMSoftwareGoogle]
[HKLMSoftwareHP]
[HKLMSoftwareHewlett-Packard]
[HKLMSoftwareId]
[HKLMSoftwareInstalledOptions]
[HKLMSoftwareIntel]
[HKLMSoftwareInterActual Technologies]
[HKLMSoftwareInterVideo]
[HKLMSoftwareJavaSoft]
[HKLMSoftwareJreMetrics]
[HKLMSoftwareLicenses]
[HKLMSoftwareMacromedia]
[HKLMSoftwareMaxis]
[HKLMSoftwareMozillaPlugins]
[HKLMSoftwareMozilla]
[HKLMSoftwareMpath]
[HKLMSoftwareNero]
[HKLMSoftwareNewTech Infosystems]
[HKLMSoftwareODBC]
[HKLMSoftwareOemSetup]
[HKLMSoftwareOfferBox] =>PUP.OfferBox
[HKLMSoftwareOpenOffice.org]
[HKLMSoftwarePiriform]
[HKLMSoftwarePolicies]
[HKLMSoftwareRealtek Semiconductor Corp.]
[HKLMSoftwareRealtek]
[HKLMSoftwareRegisteredApplications]
[HKLMSoftwareSFR]
[HKLMSoftwareSRS Labs]
[HKLMSoftwareSecureDigitalServices]
[HKLMSoftwareSkype]
[HKLMSoftwareSuYin]
[HKLMSoftwareSynaptics]
[HKLMSoftwareTarma Installer] =>PUP.Tarma
[HKLMSoftwareTeamViewer]
[HKLMSoftwareTomTom]
[HKLMSoftwareTrymedia Systems] =>Adware.Trymedia
[HKLMSoftwareTuneUp]
[HKLMSoftwareVSO]
[HKLMSoftwareVideoLAN]
[HKLMSoftwareWOW6432Node]
[HKLMSoftwareWaves Audio]
[HKLMSoftwareWise Solutions]
[HKLMSoftwareeMachines]
[HKLMSoftwareej-technologies]
[HKLMSoftwaremozilla.org]
~ Key Software: 245 Scanned in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 10/03/2014 – 12:08:15 – [] —-D C:Program FilesAdobe
O43 – CFD: 28/02/2010 – 21:40:55 – [] —-D C:Program FilesAlwil Software
O43 – CFD: 05/01/2012 – 20:34:40 – [] —-D C:Program FilesApple Software Update =>.Apple Inc
O43 – CFD: 18/06/2009 – 07:34:15 – [] —-D C:Program FilesATI
O43 – CFD: 18/06/2009 – 07:35:31 – [] —-D C:Program FilesATI Technologies
O43 – CFD: 25/10/2009 – 15:17:59 – [] —-D C:Program FilesAudacity
O43 – CFD: 24/03/2013 – 17:22:44 – [] —-D C:Program FilesAVAST Software
O43 – CFD: 07/12/2010 – 16:59:49 – [] —-D C:Program FilesBoontyGames
O43 – CFD: 06/01/2013 – 16:29:28 – [] —-D C:Program FilesCanon
O43 – CFD: 06/01/2013 – 16:02:39 – [] –H-D C:Program FilesCanonBJ
O43 – CFD: 30/08/2012 – 01:02:22 – [] —-D C:Program FilesCCleaner
O43 – CFD: 15/05/2014 – 21:16:12 – [] —-D C:Program FilesCommon Files
O43 – CFD: 07/04/2013 – 12:35:27 – [] —-D C:Program FilesConduit
O43 – CFD: 24/03/2011 – 20:52:47 – [] —-D C:Program FilesDivX
O43 – CFD: 30/08/2012 – 01:00:46 – [] —-D C:Program FilesElectronic Arts
O43 – CFD: 06/10/2009 – 22:40:19 – [] —-D C:Program FileseMachines
O43 – CFD: 06/10/2009 – 22:38:54 – [] -SH-D C:Program FilesFichiers communs
O43 – CFD: 24/03/2011 – 20:49:27 – [] —-D C:Program FilesFreeCompressor
O43 – CFD: 18/02/2013 – 21:13:21 – [] —-D C:Program FilesGoogle
O43 – CFD: 02/01/2013 – 16:04:59 – [] —-D C:Program FilesHP
O43 – CFD: 08/12/2013 – 19:35:07 – [] –H-D C:Program FilesInstallShield Installation Information
O43 – CFD: 18/01/2010 – 20:55:06 – [] —-D C:Program FilesInterActual
O43 – CFD: 18/09/2011 – 20:40:10 – [] —-D C:Program FilesInternet Explorer
O43 – CFD: 18/06/2009 – 07:47:26 – [] —-D C:Program FilesInterVideo
O43 – CFD: 11/09/2011 – 16:56:52 – [] —-D C:Program FilesJDownloader
O43 – CFD: 18/06/2009 – 07:42:57 – [] —-D C:Program FilesLaunch Manager
O43 – CFD: 08/08/2011 – 18:45:08 – [] —-D C:Program FilesMicro Application
O43 – CFD: 01/03/2010 – 00:48:37 – [] —-D C:Program FilesMicrosoft
O43 – CFD: 29/03/2013 – 10:08:23 – [] —-D C:Program FilesMicrosoft Games
O43 – CFD: 27/03/2013 – 19:37:41 – [] —-D C:Program FilesMicrosoft Office
O43 – CFD: 03/03/2009 – 15:41:41 – [] —-D C:Program FilesMicrosoft Office Suite Activation Assistant
O43 – CFD: 13/03/2014 – 20:01:07 – [] —-D C:Program FilesMicrosoft Silverlight
O43 – CFD: 03/03/2009 – 15:40:06 – [] —-D C:Program FilesMicrosoft SQL Server Compact Edition
O43 – CFD: 27/03/2013 – 19:38:37 – [] —-D C:Program FilesMicrosoft Visual Studio
O43 – CFD: 27/03/2013 – 19:32:36 – [] —-D C:Program FilesMicrosoft Visual Studio 8
O43 – CFD: 10/10/2012 – 20:17:53 – [] —-D C:Program FilesMicrosoft Works
O43 – CFD: 19/01/2011 – 12:34:38 – [] —-D C:Program FilesMicrosoft WSE
O43 – CFD: 30/11/2010 – 17:35:41 – [] —-D C:Program FilesMicrosoft.NET
O43 – CFD: 11/09/2010 – 06:26:51 – [] —-D C:Program FilesMovie Maker
O43 – CFD: 07/04/2013 – 12:34:31 – [] —-D C:Program FilesMozilla Firefox
O43 – CFD: 26/05/2010 – 14:49:38 – [] —-D C:Program FilesMplayer
O43 – CFD: 27/03/2013 – 19:39:14 – [] —-D C:Program FilesMSBuild
O43 – CFD: 31/01/2013 – 21:38:25 – [] —-D C:Program FilesMSECache
O43 – CFD: 03/03/2009 – 14:51:26 – [0] —-D C:Program FilesMSXML 4.0
O43 – CFD: 27/12/2012 – 20:27:00 – [] —-D C:Program FilesMyTomTom 3
O43 – CFD: 30/05/2012 – 06:39:13 – [] —-D C:Program FilesNero
O43 – CFD: 08/12/2013 – 19:35:09 – [] —-D C:Program FilesNETGEAR
O43 – CFD: 03/03/2009 – 15:44:06 – [] —-D C:Program FilesNewTech Infosystems
O43 – CFD: 28/05/2013 – 19:20:55 – [] —-D C:Program FilesNosibay
O43 – CFD: 01/03/2011 – 10:08:46 – [] —-D C:Program FilesOberon Media
O43 – CFD: 28/09/2011 – 20:08:37 – [] —-D C:Program FilesOfferBox =>PUP.OfferBox
O43 – CFD: 30/01/2012 – 18:38:24 – [] —-D C:Program FilesOpenOffice.org 3
O43 – CFD: 15/11/2010 – 16:31:11 – [] —-D C:Program Filesorange
O43 – CFD: 02/01/2013 – 16:07:03 – [0] —-D C:Program FilesProtected Search =>Spyware.ProtectedSearch
O43 – CFD: 11/09/2010 – 07:36:33 – [] —-D C:Program FilesQuickTime
O43 – CFD: 03/03/2009 – 15:15:42 – [] —-D C:Program FilesRealtek
O43 – CFD: 02/11/2006 – 14:35:51 – [] —-D C:Program FilesReference Assemblies
O43 – CFD: 04/02/2013 – 18:59:54 – [] —-D C:Program FilesSFR
O43 – CFD: 04/06/2013 – 20:20:11 – [] —-D C:Program FilesSoftware
O43 – CFD: 18/06/2009 – 07:43:54 – [] —-D C:Program FilesSynaptics
O43 – CFD: 03/03/2009 – 15:16:33 – [0] –H-D C:Program FilesTemp
O43 – CFD: 27/12/2012 – 20:27:04 – [] —-D C:Program FilesTomTom International B.V
O43 – CFD: 02/11/2006 – 14:58:18 – [0] –H-D C:Program FilesUninstall Information
O43 – CFD: 28/05/2013 – 19:37:47 – [] —-D C:Program FilesUninstaller
O43 – CFD: 08/10/2009 – 09:44:18 – [] —-D C:Program FilesVideoLAN
O43 – CFD: 10/09/2012 – 06:23:42 – [] —-D C:Program FilesVSO
O43 – CFD: 17/06/2013 – 04:56:56 – [] —-D C:Program FilesWebgameplay setup
O43 – CFD: 21/01/2008 – 04:47:45 – [] —-D C:Program FilesWindows Calendar
O43 – CFD: 21/01/2008 – 04:47:42 – [] —-D C:Program FilesWindows Collaboration
O43 – CFD: 21/01/2008 – 04:47:37 – [] —-D C:Program FilesWindows Defender
O43 – CFD: 02/05/2013 – 10:16:06 – [] —-D C:Program FilesWindows Live
O43 – CFD: 03/03/2009 – 15:38:14 – [] —-D C:Program FilesWindows Live SkyDrive
O43 – CFD: 11/09/2011 – 17:50:37 – [] —-D C:Program FilesWindows Mail =>.Microsoft Corporation
O43 – CFD: 19/10/2010 – 12:36:04 – [] —-D C:Program FilesWindows Media Player =>.Microsoft Corporation
O43 – CFD: 06/10/2009 – 22:38:54 – [] —-D C:Program FilesWindows NT
O43 – CFD: 21/01/2008 – 04:47:42 – [] —-D C:Program FilesWindows Photo Gallery
O43 – CFD: 21/01/2008 – 04:47:44 – [] —-D C:Program FilesWindows Sidebar
O43 – CFD: 23/05/2014 – 14:36:17 – [] —-D C:Program FilesZHPDiag =>.Nicolas Coolman
O43 – CFD: 10/03/2014 – 12:08:30 – [] —-D C:Program FilesCommon FilesAdobe
O43 – CFD: 06/01/2013 – 16:15:15 – [] —-D C:Program FilesCommon FilesCANON
O43 – CFD: 15/05/2014 – 21:16:12 – [] —-D C:Program FilesCommon FilesDESIGNER
O43 – CFD: 02/09/2012 – 22:58:45 – [] —-D C:Program FilesCommon FilesHewlett-Packard
O43 – CFD: 02/09/2012 – 23:01:24 – [] —-D C:Program FilesCommon FilesHP
O43 – CFD: 11/09/2011 – 16:54:25 – [] —-D C:Program FilesCommon Filesi4j_jres
O43 – CFD: 30/10/2009 – 14:58:52 – [] —-D C:Program FilesCommon FilesInstallShield
O43 – CFD: 18/06/2009 – 07:47:25 – [] —-D C:Program FilesCommon FilesInterVideo
O43 – CFD: 29/03/2013 – 21:05:36 – [] —-D C:Program FilesCommon Filesmicrosoft shared
O43 – CFD: 24/03/2011 – 20:52:43 – [] —-D C:Program FilesCommon FilesPX Storage Engine
O43 – CFD: 02/11/2006 – 13:18:33 – [] —-D C:Program FilesCommon FilesServices
O43 – CFD: 02/11/2006 – 13:18:33 – [] —-D C:Program FilesCommon FilesSpeechEngines
O43 – CFD: 30/12/2009 – 11:52:59 – [0] —-D C:Program FilesCommon FilesSWF Studio
O43 – CFD: 30/03/2013 – 21:03:57 – [] —-D C:Program FilesCommon FilesSystem
O43 – CFD: 03/03/2009 – 15:36:44 – [] —-D C:Program FilesCommon FilesWindows Live
O43 – CFD: 11/06/2013 – 09:29:15 – [] —-D C:ProgramData188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 – CFD: 10/03/2014 – 12:08:46 – [] —-D C:ProgramDataAdobe
O43 – CFD: 05/01/2012 – 20:34:12 – [] —-D C:ProgramDataApple
O43 – CFD: 05/01/2012 – 20:36:21 – [] —-D C:ProgramDataApple Computer
O43 – CFD: 02/11/2006 – 14:59:44 – [] -SH-D C:ProgramDataApplication Data
O43 – CFD: 18/06/2009 – 07:40:20 – [] —-D C:ProgramDataATI
O43 – CFD: 17/11/2013 – 22:30:21 – [] —-D C:ProgramDataAVAST Software
O43 – CFD: 06/03/2013 – 12:06:27 – [0] —-D C:ProgramDataBabylon =>PUP.Babylon
O43 – CFD: 02/01/2013 – 15:59:12 – [0] —-D C:ProgramDataBig Fish Games
O43 – CFD: 06/10/2009 – 22:38:54 – [] -SH-D C:ProgramDataBureau
O43 – CFD: 06/01/2013 – 16:06:01 – [] –H-D C:ProgramDataCanonBJ
O43 – CFD: 06/01/2013 – 16:33:30 – [] –H-D C:ProgramDataCanonIJEGV
O43 – CFD: 13/06/2013 – 23:00:13 – [] –H-D C:ProgramDataCanonIJMIG
O43 – CFD: 09/04/2013 – 15:48:09 – [] –H-D C:ProgramDataCanonIJMyPrinter
O43 – CFD: 04/05/2014 – 14:22:31 – [] —-D C:ProgramDataCanonIJPLM
O43 – CFD: 06/01/2013 – 16:33:51 – [] –H-D C:ProgramDataCanonIJQuickMenu
O43 – CFD: 06/01/2013 – 20:27:32 – [] –H-D C:ProgramDataCanonIJScan
O43 – CFD: 06/01/2013 – 16:15:04 – [] —-D C:ProgramDataCanonIJWSpt
O43 – CFD: 02/11/2006 – 14:59:44 – [] -SH-D C:ProgramDataDesktop
O43 – CFD: 24/03/2011 – 20:52:51 – [] —-D C:ProgramDataDivX
O43 – CFD: 02/11/2006 – 14:59:44 – [] -SH-D C:ProgramDataDocuments
O43 – CFD: 25/02/2012 – 11:45:30 – [] —-D C:ProgramDataEA Core
O43 – CFD: 25/02/2012 – 11:42:51 – [] —-D C:ProgramDataElectronic Arts
O43 – CFD: 06/10/2009 – 22:38:54 – [] -SH-D C:ProgramDataFavoris
O43 – CFD: 02/11/2006 – 14:59:44 – [] -SH-D C:ProgramDataFavorites
O43 – CFD: 02/08/2013 – 15:46:05 – [] —-D C:ProgramDataGogii
O43 – CFD: 30/12/2009 – 21:23:30 – [] —-D C:ProgramDataGoogle
O43 – CFD: 02/09/2012 – 22:54:31 – [] —-D C:ProgramDataHewlett-Packard
O43 – CFD: 26/12/2012 – 18:44:02 – [] —-D C:ProgramDataHP
O43 – CFD: 16/10/2009 – 18:56:58 – [] —-D C:ProgramDataInterAction studios
O43 – CFD: 09/10/2009 – 21:12:23 – [] —-D C:ProgramDataInterVideo
O43 – CFD: 06/10/2009 – 22:38:54 – [] -SH-D C:ProgramDataMenu Démarrer
O43 – CFD: 30/10/2009 – 14:58:05 – [] —-D C:ProgramDataMicro Application
O43 – CFD: 07/04/2013 – 12:02:10 – [] -S–D C:ProgramDataMicrosoft
O43 – CFD: 15/05/2014 – 21:22:33 – [] —-D C:ProgramDataMicrosoft Help
O43 – CFD: 06/10/2009 – 22:38:54 – [] -SH-D C:ProgramDataModèles
O43 – CFD: 29/01/2011 – 15:37:18 – [] —-D C:ProgramDataMumboJumbo
O43 – CFD: 13/04/2012 – 21:40:06 – [] —-D C:ProgramDataNero
O43 – CFD: 30/12/2009 – 21:25:33 – [] —-D C:ProgramDataNorton
O43 – CFD: 03/03/2009 – 15:45:56 – [] —-D C:ProgramDataNortonInstaller
O43 – CFD: 15/01/2011 – 12:18:57 – [] —-D C:ProgramDataOberon Media
O43 – CFD: 27/02/2012 – 17:20:37 – [0] —-D C:ProgramDataOrigin
O43 – CFD: 03/01/2013 – 18:43:16 – [] —-D C:ProgramDataPlayrix Entertainment
O43 – CFD: 01/03/2011 – 10:09:23 – [] —-D C:ProgramDataPopCap Games
O43 – CFD: 01/08/2013 – 16:17:00 – [] —-D C:ProgramDataregid.1986-12.com.adobe
O43 – CFD: 10/01/2011 – 15:15:31 – [] —-D C:ProgramDataSandlot Games
O43 – CFD: 15/06/2013 – 11:04:04 – [] —-D C:ProgramDataSkype
O43 – CFD: 02/11/2006 – 14:59:44 – [] -SH-D C:ProgramDataStart Menu
O43 – CFD: 01/04/2013 – 23:49:49 – [] —-D C:ProgramDataSun
O43 – CFD: 24/03/2013 – 16:01:06 – [] —-D C:ProgramDataTarma Installer =>PUP.Tarma
O43 – CFD: 28/12/2012 – 17:10:01 – [0] —AD C:ProgramDataTEMP
O43 – CFD: 02/11/2006 – 14:59:44 – [] -SH-D C:ProgramDataTemplates
O43 – CFD: 24/08/2013 – 12:28:07 – [] —-D C:ProgramDataTrymedia =>Adware.Trymedia
O43 – CFD: 05/10/2011 – 21:17:16 – [] —-D C:ProgramDataTuneUp Software
O43 – CFD: 23/10/2009 – 21:43:53 – [] —-D C:ProgramDataValusoft
O43 – CFD: 31/05/2012 – 21:50:57 – [] —-D C:ProgramDataVSO
O43 – CFD: 02/09/2012 – 23:12:33 – [] —-D C:ProgramDataWEBREG
O43 – CFD: 06/04/2013 – 16:06:39 – [] —-D C:ProgramDataWildTangent
O43 – CFD: 11/09/2011 – 22:06:09 – [] —-D C:ProgramDataWindowsSearch
O43 – CFD: 15/06/2013 – 10:34:12 – [0] —-D C:ProgramDataWinZip
O43 – CFD: 05/10/2011 – 20:52:30 – [] -SH-D C:ProgramData{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
O43 – CFD: 05/01/2012 – 20:38:34 – [] —-D C:ProgramData{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 – CFD: 03/08/2013 – 22:26:57 – [] —-D C:UsersmarineAppDataRoamingAdobe
O43 – CFD: 05/01/2012 – 20:44:05 – [] —-D C:UsersmarineAppDataRoamingApple Computer
O43 – CFD: 06/10/2009 – 22:42:19 – [] —-D C:UsersmarineAppDataRoamingATI
O43 – CFD: 17/11/2013 – 23:27:02 – [] —-D C:UsersmarineAppDataRoamingAVAST Software
O43 – CFD: 06/03/2013 – 12:06:25 – [] —-D C:UsersmarineAppDataRoamingBabylon =>PUP.Babylon
O43 – CFD: 29/05/2012 – 19:03:32 – [] R—D C:UsersmarineAppDataRoamingBrother
O43 – CFD: 13/01/2013 – 16:33:55 – [] —-D C:UsersmarineAppDataRoamingCanon
O43 – CFD: 24/03/2013 – 16:55:31 – [] —-D C:UsersmarineAppDataRoamingDealPly =>PUP.DealPly
O43 – CFD: 24/03/2011 – 00:59:05 – [] —-D C:UsersmarineAppDataRoamingDivX
O43 – CFD: 12/10/2012 – 10:36:32 – [] —-D C:UsersmarineAppDataRoamingdvdcss
O43 – CFD: 16/11/2010 – 15:42:06 – [] —-D C:UsersmarineAppDataRoamingFarm Mania 2
O43 – CFD: 24/03/2011 – 18:47:56 – [] —-D C:UsersmarineAppDataRoamingfreeCompressor
O43 – CFD: 18/11/2009 – 09:12:01 – [] —-D C:UsersmarineAppDataRoamingGoogle
O43 – CFD: 24/10/2009 – 14:36:43 – [] —-D C:UsersmarineAppDataRoaminggtk-2.0
O43 – CFD: 08/01/2011 – 17:11:06 – [] —-D C:UsersmarineAppDataRoamingHotdogHotshot
O43 – CFD: 06/10/2009 – 22:41:45 – [] —-D C:UsersmarineAppDataRoamingIdentities
O43 – CFD: 19/07/2013 – 16:21:38 – [] —-D C:UsersmarineAppDataRoamingImageFix_656408
O43 – CFD: 08/12/2013 – 13:56:51 – [] —-D C:UsersmarineAppDataRoamingInstallShield
O43 – CFD: 06/10/2009 – 23:18:35 – [] —-D C:UsersmarineAppDataRoamingInterVideo
O43 – CFD: 16/10/2009 – 13:19:26 – [] —-D C:UsersmarineAppDataRoamingMacromedia
O43 – CFD: 30/10/2009 – 17:28:30 – [] —-D C:UsersmarineAppDataRoamingMagic Academy
O43 – CFD: 01/09/2013 – 14:35:05 – [] -S–D C:UsersmarineAppDataRoamingMicrosoft
O43 – CFD: 23/09/2010 – 18:56:46 – [] —-D C:UsersmarineAppDataRoamingMozilla
O43 – CFD: 13/04/2012 – 21:36:54 – [] —-D C:UsersmarineAppDataRoamingNero
O43 – CFD: 29/05/2013 – 06:00:57 – [0] —-D C:UsersmarineAppDataRoamingNosibay =>PUP.BubbleDock
O43 – CFD: 29/05/2011 – 10:46:18 – [] —-D C:UsersmarineAppDataRoamingOfferBox =>PUP.OfferBox
O43 – CFD: 30/01/2012 – 18:42:43 – [] —-D C:UsersmarineAppDataRoamingOpenOffice.org
O43 – CFD: 25/02/2012 – 11:43:11 – [] —-D C:UsersmarineAppDataRoamingOrigin
O43 – CFD: 07/09/2011 – 21:41:59 – [0] —-D C:UsersmarineAppDataRoamingPeerNetworking
O43 – CFD: 16/10/2009 – 13:19:26 – [] —-D C:UsersmarineAppDataRoamingPlayFirst
O43 – CFD: 15/06/2013 – 11:03:48 – [] —-D C:UsersmarineAppDataRoamingSkype
O43 – CFD: 20/11/2010 – 19:17:16 – [] —-D C:UsersmarineAppDataRoamingTeamViewer
O43 – CFD: 21/10/2009 – 09:46:36 – [] —-D C:UsersmarineAppDataRoamingTemplate
O43 – CFD: 22/02/2010 – 12:44:58 – [] —-D C:UsersmarineAppDataRoamingTMInc
O43 – CFD: 21/10/2011 – 23:23:08 – [] —-D C:UsersmarineAppDataRoamingTuneUp Software
O43 – CFD: 23/10/2009 – 21:43:53 – [] —-D C:UsersmarineAppDataRoamingValusoft
O43 – CFD: 07/09/2011 – 04:18:05 – [] —-D C:UsersmarineAppDataRoamingvlc
O43 – CFD: 31/05/2012 – 21:50:57 – [] —-D C:UsersmarineAppDataRoamingVSO
O43 – CFD: 24/10/2009 – 15:09:31 – [0] —-D C:UsersmarineAppDataRoamingWindows Live Writer
O43 – CFD: 03/01/2013 – 18:38:47 – [0] —-D C:UsersmarineAppDataRoamingWinRAR
O43 – CFD: 15/11/2010 – 16:32:06 – [] —-D C:UsersmarineAppDataRoamingYoudaGames
O43 – CFD: 23/05/2014 – 14:37:40 – [] —-D C:UsersmarineAppDataRoamingZHP =>.Nicolas Coolman
O43 – CFD: 06/10/2009 – 22:42:28 – [0] —-D C:UsersmarineAppDataLocalAcer ePower Management V4
O43 – CFD: 10/03/2014 – 12:05:52 – [] —-D C:UsersmarineAppDataLocalAdobe
O43 – CFD: 11/09/2010 – 07:33:44 – [] —-D C:UsersmarineAppDataLocalApple
O43 – CFD: 05/01/2012 – 20:42:06 – [] —-D C:UsersmarineAppDataLocalApple Computer
O43 – CFD: 06/10/2009 – 22:39:14 – [] -SH-D C:UsersmarineAppDataLocalApplication Data
O43 – CFD: 06/10/2009 – 22:42:19 – [] —-D C:UsersmarineAppDataLocalATI
O43 – CFD: 07/04/2013 – 19:49:40 – [0] —-D C:UsersmarineAppDataLocalConduit
O43 – CFD: 07/04/2013 – 12:35:05 – [] —-D C:UsersmarineAppDataLocalCRE
O43 – CFD: 17/11/2013 – 10:27:23 – [] —-D C:UsersmarineAppDataLocalFacebook
O43 – CFD: 24/03/2011 – 20:51:01 – [] —-D C:UsersmarineAppDataLocalfreecompressor Air
O43 – CFD: 18/02/2013 – 21:11:03 – [] —-D C:UsersmarineAppDataLocalGoogle
O43 – CFD: 06/10/2009 – 22:39:14 – [] -SH-D C:UsersmarineAppDataLocalHistorique
O43 – CFD: 02/01/2013 – 16:05:23 – [0] —-D C:UsersmarineAppDataLocalLollipop =>Adware.Lollipop
O43 – CFD: 13/05/2013 – 14:01:03 – [] —-D C:UsersmarineAppDataLocalMicrosoft
O43 – CFD: 24/10/2009 – 13:18:38 – [] —-D C:UsersmarineAppDataLocalMicrosoft Games
O43 – CFD: 30/01/2012 – 18:27:36 – [] —-D C:UsersmarineAppDataLocalMicrosoft Help
O43 – CFD: 23/09/2010 – 18:56:23 – [] —-D C:UsersmarineAppDataLocalMozilla
O43 – CFD: 18/01/2010 – 19:28:58 – [] —-D C:UsersmarineAppDataLocalNewTech Infosystems
O43 – CFD: 28/12/2012 – 16:09:52 – [] —-D C:UsersmarineAppDataLocalOberon Games
O43 – CFD: 04/02/2013 – 19:07:32 – [] —-D C:UsersmarineAppDataLocalSFR
O43 – CFD: 28/05/2013 – 19:14:20 – [] —-D C:UsersmarineAppDataLocalSoftware
O43 – CFD: 23/05/2014 – 14:37:24 – [] —-D C:UsersmarineAppDataLocalTemp
O43 – CFD: 06/10/2009 – 22:39:14 – [] -SH-D C:UsersmarineAppDataLocalTemporary Internet Files
O43 – CFD: 27/12/2012 – 20:27:50 – [] —-D C:UsersmarineAppDataLocalTomTom
O43 – CFD: 05/10/2011 – 21:42:34 – [] —-D C:UsersmarineAppDataLocalVirtualStore
O43 – CFD: 24/10/2009 – 15:09:32 – [] —-D C:UsersmarineAppDataLocalWindows Live Writer
O43 – CFD: 21/01/2008 – 04:56:27 – [] R—D C:UsersmarineAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
O43 – CFD: 06/10/2009 – 22:41:54 – [] R—D C:UsersmarineAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
O43 – CFD: 24/03/2011 – 20:50:48 – [0] —-D C:UsersmarineAppDataRoamingMicrosoftWindowsStart MenuProgramsJeux sur Orange.fr
O43 – CFD: 21/01/2008 – 04:56:27 – [] R—D C:UsersmarineAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
O43 – CFD: 30/04/2010 – 08:52:30 – [] —-D C:UsersmarineAppDataRoamingMicrosoftWindowsStart MenuProgramsMaxis
O43 – CFD: 22/10/2013 – 20:57:20 – [] R—D C:UsersmarineAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
~ Program Folder: 229 Scanned in 00mn 00s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.545C16DA74C51050F80A8C18BABF130F] – 15/05/2014 – 08:45:23 —A- . (.Adobe Systems Incorporated – Adobe Flash Player Control Panel Applet.) — C:WindowsSystem32FlashPlayerApp.exe [692400]
O44 – LFC:[MD5.23B9EB53778D5EE128E4803039099A1D] – 15/05/2014 – 08:45:23 —A- . (.Adobe Systems Incorporated – Adobe Flash Player Control Panel Applet.) — C:WindowsSystem32FlashPlayerCPLApp.cpl [70832]
O44 – LFC:[MD5.F541298E463FA96F128629E799352E60] – 15/05/2014 – 20:17:44 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32mrt.exe [90547776]
O44 – LFC:[MD5.7297C5CEF41C23E3D740198CC1EC2E6F] – 20/05/2014 – 08:24:55


. (…) — C:UsbFix [Scan 2] PC-DE-MARINE.txt [7671]
O44 – LFC:[MD5.651C79C4F298DB210D3A5E4C728203E0] – 20/05/2014 – 09:14:59


. (…) — C:UsbFix [Scan 3] PC-DE-MARINE.txt [7591]
O44 – LFC:[MD5.A85E1AAAB5DF4653EF896315F68B6FE1] – 20/05/2014 – 10:16:55 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1495948]
O44 – LFC:[MD5.A215E8D2402FBAB093A99ED7FC7A36B1] – 20/05/2014 – 10:16:55 —A- . (…) — C:WindowsSystem32perfc009.dat [104070]
O44 – LFC:[MD5.518CE8FB8D306FC76B8208D8FE0F0AB2] – 20/05/2014 – 10:16:55 —A- . (…) — C:WindowsSystem32perfc00C.dat [126626]
O44 – LFC:[MD5.995EBE80EB9372F7044485DCAB0C88CE] – 20/05/2014 – 10:16:55 —A- . (…) — C:WindowsSystem32perfh009.dat [595996]
O44 – LFC:[MD5.5BBCB122FE957C7AB042B23B4837FBDA] – 20/05/2014 – 10:16:55 —A- . (…) — C:WindowsSystem32perfh00C.dat [679042]
O44 – LFC:[MD5.3E1FC05AF921B61530E27FC3F57ED4D1] – 23/05/2014 – 11:53:36 -S-A- . (…) — C:Windowsbootstat.dat [67584]
O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 23/05/2014 – 11:55:15 —A- . (…) — C:Windowssetupact.log [0]
O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 23/05/2014 – 11:55:15 —A- . (…) — C:Windowssetuperr.log [0]
O44 – LFC:[MD5.0112A534E1F47CF9B76DC3351B3BFE0F] – 23/05/2014 – 13:37:35 —A- . (…) — C:WindowsWindowsUpdate.log [1969451]
~ Files: 14 Scanned in 00mn 08s

—\ Déni du service (Local Security Authority) (O48)
O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
~ LSA: 7 Scanned in 00mn 00s

—\ Contrôle du Safe Boot (CSB) (O49)
O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Volume Manager Extension Driver.) — C:WindowsSystem32Driversvolmgrx.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (.Microsoft Corporation – RDP Miniport.) — C:WindowsSystem32Driversrdpencdd.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Volume Manager Extension Driver.) — C:WindowsSystem32Driversvolmgrx.sys
~ CSB: 13 Scanned in 00mn 00s

—\ Recherche d’infection sur les pilotes (HKLM)(TDSD) (O52)
O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
O52 – TDSD: Drivers32″vidc.cvid”=”iccvid.dll” . (.Radius Inc. – Codec Cinepak®.) — C:WindowsSystem32iccvid.dll
O52 – TDSD: Drivers32″vidc.VP60″=”C:Windowssystem32vp6vfw.dll” . (.On2.com – VP6 VIDEO FOR WINDOWS CODEC.) — C:Windowssystem32vp6vfw.dll
O52 – TDSD: Drivers32″vidc.VP61″=”C:Windowssystem32vp6vfw.dll” . (.On2.com – VP6 VIDEO FOR WINDOWS CODEC.) — C:Windowssystem32vp6vfw.dll
O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
O52 – TDSD: drivers.desc”vp6vfw.dll”=”EA VP6 Codec” . (.On2.com – VP6 VIDEO FOR WINDOWS CODEC.) — C:WindowsSystem32vp6vfw.dll
~ TDSD: 6 Scanned in 00mn 00s

—\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 – SMSR:HKLM…startupregAcer ePower Management [Key] . (.Acer Incorporated – ePowerTray.) — C:Program FileseMachineseMachines Power ManagementePowerTray.exe
O53 – SMSR:HKLM…startupregAdobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program FilesAdobeReader 9.0ReaderReader_sl.exe
O53 – SMSR:HKLM…startupregGoogle Desktop Search [Key] . (…) — C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe (.not file.)
O53 – SMSR:HKLM…startupregiTunesHelper [Key] . (…) — C:Program FilesiTunesiTunesHelper.exe (.not file.)
O53 – SMSR:HKLM…startupregMyTomTomSA.exe [Key] . (.TomTom – MyTomTom.) — C:Program FilesMyTomTom 3MyTomTomSA.exe
O53 – SMSR:HKLM…startupreguTorrent [Key] . (…) — C:Program FilesuTorrentuTorrent.exe (.not file.) =>P2P.µTorrent
O53 – SMSR:HKLM…startupregWarReg_PopUp [Key] . (.eMachines – WR_PopUp.) — C:Program FileseMachinesWR_PopUpWarReg_PopUp.exe
~ SMSR Keys: 7 Scanned in 00mn 00s