Jump to content

Pc portable qui rame


Recommended Posts

Bonjour,

Mon portable Toshiba rame tellement que je ne parviens meme pas a me connecter à internet même en mode sans échec ! La seule chose que j'ai réussi à faire est de passer par une clé USB pour le scanner avec malwaremalbytes, j'ai supprimé les fichiers cacaoweb signalés mais cela n'a rien changé, il rame toujours autant . que puis-je faire d'autre en passant par ma clé USB ? Je vous écris depuis mon Pc fixe.

L'UC fonctionne bien à 1 %, et j'ai windows 7 family édition. Kaspersky Pure n'a rien trouvé non plus.

Merci pour votre aide .

Link to comment
Share on other sites

Bonjour,

Il s'agit d'un Satellite L505-10N acheté en novembre 2009.

Le problème actuellement c'est que je parviens plus à redémarrer en mode sans échec même en sélectionnant ce mode. le PC a voulu installer des mises à jours windows et au bout d'1 heure, il moulinait toujours sur la màj 1 ; j'ai forcé l'extinction et essayé de redémarrer en mode sans echec mais impossible ; voyez-vous une solution ?

Link to comment
Share on other sites

Habituellement sur tosh les disques durs claquent... Et ta description laisse à penser qu'on est en plein dedant ;)

Donc +1 pour la sauvegarde et le formattage.

On devrait vite avoir la réponse ;)

Sinon : dans le menu de démarrage tu peux choisir "réparer le démarrage" (windows n'a pas démarré normalmment etc.), il fera un chkdsk

Link to comment
Share on other sites

Habituellement sur tosh les disques durs claquent... Et ta description laisse à penser qu'on est en plein dedant ;)

Donc +1 pour la sauvegarde et le formattage.

On devrait vite avoir la réponse ;)

Sinon : dans le menu de démarrage tu peux choisir "réparer le démarrage" (windows n'a pas démarré normalmment etc.), il fera un chkdsk

Le disque dur a toujours été le point faible des portables... A moins de mettre un SSD ca continuera ainsi (mais on est face au soucis de stockage limité)

Donc vérifier l’état de santé du DD. Avec un livecd de préférence ça ira plus vite :)

Link to comment
Share on other sites

Merci pour vos conseils mais j'ai déjà essayé tout cela sans résultat !

L'ordi rame tellement que je ne peux faire aucun rapport (highjackthis ou autre) ni accéder à internet, etc

J'ai suivi les conseils sur un autre forum de créer un cd de démarrage avec OTLP. Malheureusement, impossible d'ouvrir OTLP pour faire un scann .. Quelqu'un peut-il m'aider ?

Link to comment
Share on other sites

OUi :

Va sur : http://www.pendrivelinux.com/yumi-multiboot-usb-creator/ et télécharge YUMI.

Tu lance le logiciel, tu choisis dans la liste UBCD (ultimate boot cd) => Tu met une clef, en haut tu coche format.

Tu dis oui à tout, ça te fais ta clef.

Tu redémarre, il y'a une touche (pas fichu de me rappeler laquelle) à appuyer qui fera booter sur l'USB de l'ordi (essaie F10, suppr, F11 F12).

Si tu atteri dans le BIOS tu devrais trouver dans les menu "boot sequence", tu choisi en premier USB HDD ou USB Key (un truc du genre) et tu réessaie.

Une fois dans yumi tu lance UBCD, tu auras tout les beaux petits utilitaires qui vont bien pour vérifier ton disque :)

Link to comment
Share on other sites

merci mais le problème c'est que je ne peux créer de clé de démarrage qu'à partir de mon pc fixe qui fonctionne sous xp..

depuis le portable c'est impossible, et quand je choisis "ultimate boot cd", il me demande un fichier ubcd5.iso ...

A partir de là, je ne suis plus...

Link to comment
Share on other sites

J,ai enfin reussi à démarrer en mode sans éches, voici mes rapports ZHPDiag et GSI :

Rapport de ZHPDiag v1.31.11 par Nicolas Coolman, Update du 21/07/2012

Run by Chloé at 25/07/2012 18:49:17

Web site : http://www.premiumor...ss/zhpdiag.html

Web site : http://nicolascoolman.skyrock.com/

State : Problème connexion internet

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 10.0.2 v10.0.2 (Defaut)

GCIE: Google Chrome v20.0.1132.57

OBIE: Safari v5.34.55.3

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : KO

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)

Total RAM: 4060 MB (86% free)

System Restore: Activé (Enable)

System drive C: has 123 GB (66%) free of 186 GB

---\\ Logged in mode

~ Computer Name: TOSHIBA

~ User Name: Chloé

~ All Users Names: HomeGroupUser$, Chloé, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Chloé\AppData\Roaming\

~ %Desktop% : C:\Users\Chloé\Desktop\

~ %Favorites% : C:\Users\Chloé\Favorites\

~ %LocalAppData% : C:\Users\Chloé\AppData\Local\

~ %StartMenu% : C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 123 Go of 186 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 115 Go of 186 Go)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.870ECFEBD41C7B8F9C6777748368D51F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/05/2012 - 02:59:14.) -- C:\Windows\System32\wininet.dll [1392128]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 2/36

~ Mes musiques (My Musics) : 1/652

~ Mes Favoris (My Favorites) : 1/53

~ Mes Documents (My Documents) : 1/45

~ Mon Bureau (My Desktop) : 1/736

~ Menu demarrer (Programs) : 1/24

~ Scan Hidden Files in 00mn 08s

---\\ Processus lancés

[MD5.72AE847EB2B526CC0551C88B9A2970C1] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3763200] [PID.1272]

~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Chloé\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] http://fr.search.yahoo.com

~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\Chloé\AppData\Roaming\Mozilla\Firefox\Profiles\gaq1j2k0.default\prefs.js

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\MyHeritage.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo.xml

M2 - MFEP: prefs.js [Chloé - gaq1j2k0.default\{113c2360-15a3-11de-8c30-0800200c9a66}] [] Vfox3 v (.htsbai.)

M2 - MFEP: prefs.js [Chloé - gaq1j2k0.default\{285da7e0-729d-11db-9fe1-0800200c9a66}] [] Tinseltown v2.121408 (.Thomas McMahon.)

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java™ Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFFICE.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.2.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: MHURLSearchHook Class [64Bits] - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} . (.Pas de propriétaire - IE Toolbar Helper Module.) (4, 1, 0, 59) -- C:\Program Files (x86)\Celebrity Toolbar\tbhelper.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: MHTBPos00 [64Bits] - {0C37B053-FD68-456a-82E1-D788EE342E6F} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab - IE Virtual Keyboard.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll

O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Click to Call with Skype for Internet Explo.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)

O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)

O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)

O4 - HKLM\..\Run: [Teco] C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe (.not file.)

O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKLM\..\Wow6432Node\Run: [sVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe

O4 - HKLM\..\Wow6432Node\Run: [HWSetup] . (.TOSHIBA Electronics, Inc. - HWSetup.) -- C:\Program Files\TOSHIBA\Utilities\HWSetup.exe

O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-2491144196-3758007457-4122145582-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Chloé\Desktop\Mes documents.lnk . (...) -- D:\Mes documents

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{6D172D0A-B9F1-4046-AFAB-8599288545BF}\SafariIco.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: Ajouter à l'Anti-bannière . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\Program Files (x86)\MICROS~2\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Mon Clavier &virtuel [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\kbrd.ico

O9 - Extra button: Mon Clavier &virtuel [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\logo.ico

~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{DCE8A7BD-604A-4A4A-910F-7818CE73012B}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CCS\Services\Tcpip\..\{DCEFBE3E-D361-4F37-AB2A-16DF9978E7ED}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{DCE8A7BD-604A-4A4A-910F-7818CE73012B}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{DCEFBE3E-D361-4F37-AB2A-16DF9978E7ED}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS2\Services\Tcpip\..\{DCE8A7BD-604A-4A4A-910F-7818CE73012B}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS2\Services\Tcpip\..\{DCEFBE3E-D361-4F37-AB2A-16DF9978E7ED}: DhcpNameServer = 89.2.0.1 89.2.0.2

~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: dvd [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: its [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mhtml [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ms-its [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: mso-offdap [64Bits] - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.dll

O18 - Handler: mso-offdap11 [64Bits] - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Click to Call with Skype for Internet Explo.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\Windows\System32\klogon.dll

~ Scan Winlogon in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.Kaspersky Lab - Kaspersky OE plugin loader.) - C:\Program Files (x86)\KASPER~1\KASPER~1\x64\kloehk.dll

~ Scan AppInit DLL in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Kaspersky PURE (AVP) . (.Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active - CanalPlus.VOD.Service.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe

O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

O23 - Service: ConfigFree Gadget Service (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION - ConfigFree Gadget Process Service.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Service de gestion du système CryproStor (CSObjectsSrv) . (.Infowatch - InfoWatch CryptoStorage Protected objects c.) - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Notebook Performance Tuning Service (TEM (TemproMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe

O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

~ Scan Services in 00mn 01s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

~ Scan Scheduled Task in 00mn 00s

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: (CSVirtualDiskDrv) . (.Infowatch - Virtual Volume Container Driver (wnet).) - C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys

O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (kl1) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl1.sys

O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\System32\DRIVERS\klif.sys

O41 - Driver: (KLIM6) . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 27s

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Reader X (10.1.2) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EB879750-CCBD-4013-BFD5-0294D4DA5BD0}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {B4089055-D468-45A4-A6BA-5A138DD715FC}

O42 - Logiciel: CANAL+ CANALSAT A LA DEMANDE - (.CanalPlus.) [HKLM] -- {04DA096D-6236-4A5D-8FB6-3081E67009BA}

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}

O42 - Logiciel: Celebrity Toolbar - (.MyHeritage.com.) [HKLM] -- Celebrity Toolbar

O42 - Logiciel: Click to Call with Skype - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Java™ 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216021FF}

O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM] -- WildTangent toshiba Master Uninstall

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: Kaspersky PURE - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}

O42 - Logiciel: Kaspersky PURE - (.Kaspersky Lab.) [HKLM] -- {1A59064A-12A9-469F-99F6-04BF118DBCFF}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: Malwarebytes Anti-Malware version 1.62.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Mozilla Firefox 10.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 10.0.2 (x86 fr)

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C}

O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Realtek WLAN Driver - (.Realtek.) [HKLM] -- {0FB630AB-7BD8-40AE-B223-60397D57C3C9}

O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {6D172D0A-B9F1-4046-AFAB-8599288545BF}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827

O42 - Logiciel: Skype™ Launcher - (.Skype Technologies S.A..) [HKLM] -- {26D8DF7E-DBF8-43A6-8D42-F37497CE603D}

O42 - Logiciel: Skype™ 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}

O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}

O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {F3529665-D75E-4D6D-98F0-745C78C68E9B}

O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}

O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Pas de propriétaire.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}

O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}

O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM] -- {620BBA5E-F848-4D56-8BDA-584E44584C5E}

O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}

O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}

O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM] -- {5279374D-87FE-4879-9385-F17278EBB9D3}

O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}

O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}

O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}

O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM] -- {AC6569FA-6919-442A-8552-073BE69E247A}

O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA CORPORATION.) [HKLM] -- {51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}

O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}

O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}

O42 - Logiciel: TRORMCLauncher - (.Pas de propriétaire.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}

O42 - Logiciel: Toshiba Assist - (.TOSHIBA.) [HKLM] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978}

O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}

O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1

O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- {0823A2E3-69DD-A37A-7CD9-1CBEB037545C}

O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {9E4FF410-471F-49E3-9358-74FF0D5E9901}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217

O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: WebPlayer - (.Kreapixel.) [HKLM] -- {582E705F-1D5C-46E1-8FB7-DBE7BBDBA5CA}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: eBay - (.eBay Inc..) [HKLM] -- {E83BA61A-5D77-4DD5-9C92-A3447F11E27D}

O42 - Logiciel: pdfforge Toolbar v5.9 - (.Spigot, Inc..) [HKLM] -- {37918F52-75C8-47F8-AEFB-389B8E62B5DA}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Adobe]

[HKLM\Software\AdwCleaner]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\COMPAL]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Cyberlink]

[HKLM\Software\Digital River]

[HKLM\Software\DivXNetworks]

[HKLM\Software\Google]

[HKLM\Software\InfoWatch]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KasperskyLab]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfeeInstaller]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\MyHeritage.com]

[HKLM\Software\ODBC]

[HKLM\Software\PDFCreator]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLan]

[HKLM\Software\SimplyGen]

[HKLM\Software\Skype]

[HKLM\Software\TOSHIBA Corporation]

[HKLM\Software\TOSHIBA]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WildTangent]

[HKLM\Software\Windows]

[HKLM\Software\mcafeeupdater]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 11/12/2011 - 19:31:06 - [113,259] ----D C:\Program Files (x86)\Adobe

O43 - CFD: 27/08/2011 - 19:31:23 - [2,316] ----D C:\Program Files (x86)\Apple Software Update

O43 - CFD: 26/10/2009 - 18:52:45 - [76,853] ----D C:\Program Files (x86)\ATI Technologies

O43 - CFD: 18/02/2012 - 16:49:22 - [0,602] ----D C:\Program Files (x86)\Bonjour

O43 - CFD: 24/02/2012 - 22:14:46 - [2,557] ----D C:\Program Files (x86)\Canal+

O43 - CFD: 06/02/2010 - 20:43:13 - [5,384] ----D C:\Program Files (x86)\Celebrity Toolbar

O43 - CFD: 24/07/2012 - 03:13:23 - [616,367] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 04/09/2009 - 15:37:37 - [0,211] ----D C:\Program Files (x86)\eBay

O43 - CFD: 22/11/2011 - 23:40:45 - [521,536] ----D C:\Program Files (x86)\Google

O43 - CFD: 26/10/2009 - 19:10:09 - [128,350] --H-D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 04/09/2009 - 15:25:38 - [58,970] ----D C:\Program Files (x86)\Intel

O43 - CFD: 21/07/2012 - 15:53:19 - [6,583] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 31/03/2012 - 22:48:05 - [120,831] ----D C:\Program Files (x86)\iTunes

O43 - CFD: 07/11/2011 - 22:29:54 - [87,517] ----D C:\Program Files (x86)\Java

O43 - CFD: 27/08/2011 - 14:08:36 - [123,035] ----D C:\Program Files (x86)\Kaspersky Lab

O43 - CFD: 21/07/2012 - 23:17:48 - [11,720] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 03/01/2012 - 00:58:39 - [21,738] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 06/12/2009 - 19:12:11 - [403,173] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 30/05/2012 - 20:33:30 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 04/09/2009 - 15:54:01 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 29/11/2009 - 20:21:37 - [2,087] ----D C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 29/11/2009 - 19:20:30 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 16/12/2010 - 23:28:03 - [140,112] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 28/06/2010 - 00:22:05 - [0,316] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 24/02/2012 - 21:58:06 - [43,531] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 07/01/2010 - 10:52:54 - [20,771] ----D C:\Program Files (x86)\PDFCreator

O43 - CFD: 04/09/2009 - 15:39:21 - [7,696] ----D C:\Program Files (x86)\Photo-Service

O43 - CFD: 18/02/2012 - 16:51:50 - [72,431] ----D C:\Program Files (x86)\QuickTime

O43 - CFD: 26/10/2009 - 19:02:45 - [13,562] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 26/10/2009 - 19:00:34 - [3,987] ----D C:\Program Files (x86)\Realtek WLAN Driver

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 31/03/2012 - 22:50:28 - [102,601] ----D C:\Program Files (x86)\Safari

O43 - CFD: 27/08/2011 - 19:35:47 - [33,426] R---D C:\Program Files (x86)\Skype

O43 - CFD: 26/10/2009 - 18:59:57 - [0] --H-D C:\Program Files (x86)\Temp

O43 - CFD: 29/11/2009 - 19:35:14 - [287,427] ----D C:\Program Files (x86)\TOSHIBA

O43 - CFD: 04/09/2009 - 15:43:10 - [123,276] ----D C:\Program Files (x86)\TOSHIBA Games

O43 - CFD: 04/09/2009 - 15:39:39 - [10,201] ----D C:\Program Files (x86)\Toshiba TEMPRO

O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 29/11/2009 - 19:43:09 - [71,675] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 03/01/2012 - 20:53:50 - [127,315] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 04/09/2009 - 15:53:05 - [0,234] ----D C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 28/08/2011 - 11:46:03 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 28/08/2011 - 11:46:03 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 28/08/2011 - 11:46:03 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 28/08/2011 - 11:46:03 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 28/08/2011 - 11:46:03 - [6,780] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 25/07/2012 - 18:49:29 - [12,788] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 11/12/2011 - 19:31:09 - [28,616] ----D C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 04/09/2009 - 15:39:20 - [30,652] ----D C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 31/03/2012 - 22:47:09 - [142,033] ----D C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 04/09/2009 - 15:50:54 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 27/08/2011 - 14:08:37 - [3,416] ----D C:\Program Files (x86)\Common Files\InfoWatch

O43 - CFD: 26/10/2009 - 18:59:32 - [3,638] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 27/08/2011 - 19:30:26 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 03/09/2010 - 00:09:55 - [334,212] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 13/11/2011 - 21:35:17 - [23,867] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 26/10/2009 - 19:10:15 - [0,759] ----D C:\Program Files (x86)\Common Files\Toshiba Shared

O43 - CFD: 04/09/2009 - 15:51:59 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 04/09/2009 - 15:39:35 - [8,682] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

O43 - CFD: 11/12/2011 - 19:34:41 - [317,400] ----D C:\ProgramData\Adobe

O43 - CFD: 30/11/2010 - 20:55:00 - [158,462] ----D C:\ProgramData\Apple

O43 - CFD: 30/11/2010 - 20:56:06 - [181,034] ----D C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data

O43 - CFD: 26/10/2009 - 18:52:54 - [0,000] ----D C:\ProgramData\ATI

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Bureau

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites

O43 - CFD: 27/08/2011 - 14:28:54 - [0,001] ----D C:\ProgramData\FLEXnet

O43 - CFD: 04/09/2009 - 15:37:50 - [0,511] ----D C:\ProgramData\Google

O43 - CFD: 04/09/2009 - 15:40:52 - [0,001] ----D C:\ProgramData\IsolatedStorage

O43 - CFD: 25/07/2012 - 11:45:27 - [1181,901] ----D C:\ProgramData\Kaspersky Lab

O43 - CFD: 27/08/2011 - 13:58:11 - [122,704] ----D C:\ProgramData\Kaspersky Lab Setup Files

O43 - CFD: 21/07/2012 - 23:14:52 - [6,398] ----D C:\ProgramData\Malwarebytes

O43 - CFD: 11/12/2011 - 19:24:23 - [0,308] ----D C:\ProgramData\McAfee

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Menu Démarrer

O43 - CFD: 03/01/2012 - 00:58:48 - [275,954] -S--D C:\ProgramData\Microsoft

O43 - CFD: 06/12/2009 - 19:12:30 - [0,055] ----D C:\ProgramData\Microsoft Help

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Modèles

O43 - CFD: 22/01/2010 - 19:16:15 - [0,001] ----D C:\ProgramData\Partner

O43 - CFD: 27/08/2011 - 19:35:14 - [53,760] ----D C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu

O43 - CFD: 05/09/2010 - 16:18:16 - [0,000] ----D C:\ProgramData\Sun

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates

O43 - CFD: 26/10/2009 - 19:10:17 - [5,019] ----D C:\ProgramData\TOSHIBA

O43 - CFD: 29/11/2009 - 17:39:31 - [0,001] ----D C:\ProgramData\ToshibaEurope

O43 - CFD: 04/09/2009 - 15:27:31 - [2,158] ----D C:\ProgramData\Vista32

O43 - CFD: 04/09/2009 - 15:27:31 - [3,146] ----D C:\ProgramData\Vista64

O43 - CFD: 04/09/2009 - 15:43:09 - [822,582] ----D C:\ProgramData\WildTangent

O43 - CFD: 04/09/2009 - 15:31:28 - [2,117] ----D C:\ProgramData\win7_32

O43 - CFD: 04/09/2009 - 15:31:28 - [3,069] ----D C:\ProgramData\win7_64

O43 - CFD: 04/09/2009 - 15:27:31 - [0,055] ----D C:\ProgramData\XP

O43 - CFD: 30/11/2010 - 20:56:25 - [0,852] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 11/12/2011 - 19:33:53 - [15,339] ----D C:\Users\Chloé\AppData\Roaming\Adobe

O43 - CFD: 18/03/2012 - 15:07:29 - [501,407] ----D C:\Users\Chloé\AppData\Roaming\Apple Computer

O43 - CFD: 29/11/2009 - 17:43:28 - [0] ----D C:\Users\Chloé\AppData\Roaming\ATI

O43 - CFD: 04/12/2011 - 22:23:12 - [0,000] ----D C:\Users\Chloé\AppData\Roaming\dvdcss

O43 - CFD: 29/11/2009 - 20:22:16 - [0,000] ----D C:\Users\Chloé\AppData\Roaming\Google

O43 - CFD: 29/11/2009 - 17:42:52 - [0] ----D C:\Users\Chloé\AppData\Roaming\Identities

O43 - CFD: 04/09/2009 - 15:39:21 - [0,123] ----D C:\Users\Chloé\AppData\Roaming\Macromedia

O43 - CFD: 21/07/2012 - 23:22:55 - [1,210] ----D C:\Users\Chloé\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 17:35:05 - [0] ----D C:\Users\Chloé\AppData\Roaming\Media Center Programs

O43 - CFD: 21/07/2012 - 15:52:54 - [7,533] -S--D C:\Users\Chloé\AppData\Roaming\Microsoft

O43 - CFD: 29/11/2009 - 19:44:11 - [675,259] ----D C:\Users\Chloé\AppData\Roaming\Mozilla

O43 - CFD: 21/03/2012 - 23:44:22 - [4,996] ----D C:\Users\Chloé\AppData\Roaming\Skype

O43 - CFD: 24/07/2011 - 16:16:28 - [0,037] ----D C:\Users\Chloé\AppData\Roaming\skypePM

O43 - CFD: 27/08/2011 - 14:25:22 - [11,934] ----D C:\Users\Chloé\AppData\Roaming\Toshiba

O43 - CFD: 04/12/2011 - 23:45:38 - [0,777] ----D C:\Users\Chloé\AppData\Roaming\vlc

O43 - CFD: 11/12/2011 - 19:30:53 - [60,697] ----D C:\Users\Chloé\AppData\Local\Adobe

O43 - CFD: 30/11/2010 - 20:55:05 - [0] ----D C:\Users\Chloé\AppData\Local\Apple

O43 - CFD: 12/05/2012 - 11:59:53 - [16,721] ----D C:\Users\Chloé\AppData\Local\Apple Computer

O43 - CFD: 29/11/2009 - 17:39:23 - [0] ----D C:\Users\Chloé\AppData\Local\Application Data

O43 - CFD: 29/11/2009 - 17:43:28 - [0,058] ----D C:\Users\Chloé\AppData\Local\ATI

O43 - CFD: 25/06/2012 - 08:19:32 - [2,423] ----D C:\Users\Chloé\AppData\Local\Diagnostics

O43 - CFD: 07/11/2011 - 22:48:49 - [2,476] ----D C:\Users\Chloé\AppData\Local\Downloaded Installations

O43 - CFD: 06/06/2010 - 20:36:37 - [0] ----D C:\Users\Chloé\AppData\Local\ElevatedDiagnostics

O43 - CFD: 21/07/2012 - 15:52:54 - [64,669] ----D C:\Users\Chloé\AppData\Local\Google

O43 - CFD: 29/11/2009 - 17:39:23 - [0] ----D C:\Users\Chloé\AppData\Local\Historique

O43 - CFD: 21/07/2012 - 15:52:54 - [506,027] ----D C:\Users\Chloé\AppData\Local\Microsoft

O43 - CFD: 01/12/2009 - 21:56:56 - [0] ----D C:\Users\Chloé\AppData\Local\Microsoft Help

O43 - CFD: 29/11/2009 - 20:02:59 - [0,170] ----D C:\Users\Chloé\AppData\Local\MigWiz

O43 - CFD: 29/11/2009 - 19:44:04 - [608,246] ----D C:\Users\Chloé\AppData\Local\Mozilla

O43 - CFD: 05/02/2012 - 17:16:30 - [1,071] ----D C:\Users\Chloé\AppData\Local\Solid State Networks

O43 - CFD: 25/07/2012 - 17:11:37 - [97,384] ----D C:\Users\Chloé\AppData\Local\Temp

O43 - CFD: 29/11/2009 - 17:39:23 - [0] ----D C:\Users\Chloé\AppData\Local\Temporary Internet Files

O43 - CFD: 29/11/2009 - 20:02:17 - [0,001] ----D C:\Users\Chloé\AppData\Local\Toshiba

O43 - CFD: 29/11/2009 - 19:57:54 - [0,000] ----D C:\Users\Chloé\AppData\Local\TOSHIBA_Corporation

O43 - CFD: 25/09/2011 - 19:27:50 - [0,000] ----D C:\Users\Chloé\AppData\Local\VirtualStore

O43 - CFD: 30/11/2010 - 21:05:26 - [0] ----D C:\Users\Chloé\AppData\Local\Windows Live

O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 17/02/2012 - 19:15:11 - [0,000] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 26/01/2012 - 21:40:55 - [0,003] ----D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kreapixel

O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 17/02/2012 - 19:15:11 - [0,000] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 11/12/2011 - 19:31:06 - [113,259] ----D C:\Program Files (x86)\Adobe

O43 - CFD: 27/08/2011 - 19:31:23 - [2,316] ----D C:\Program Files (x86)\Apple Software Update

O43 - CFD: 26/10/2009 - 18:52:45 - [76,853] ----D C:\Program Files (x86)\ATI Technologies

O43 - CFD: 18/02/2012 - 16:49:22 - [0,602] ----D C:\Program Files (x86)\Bonjour

O43 - CFD: 24/02/2012 - 22:14:46 - [2,557] ----D C:\Program Files (x86)\Canal+

O43 - CFD: 06/02/2010 - 20:43:13 - [5,384] ----D C:\Program Files (x86)\Celebrity Toolbar

O43 - CFD: 24/07/2012 - 03:13:23 - [616,367] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 04/09/2009 - 15:37:37 - [0,211] ----D C:\Program Files (x86)\eBay

O43 - CFD: 22/11/2011 - 23:40:45 - [521,536] ----D C:\Program Files (x86)\Google

O43 - CFD: 26/10/2009 - 19:10:09 - [128,350] --H-D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 04/09/2009 - 15:25:38 - [58,970] ----D C:\Program Files (x86)\Intel

O43 - CFD: 21/07/2012 - 15:53:19 - [6,583] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 31/03/2012 - 22:48:05 - [120,831] ----D C:\Program Files (x86)\iTunes

O43 - CFD: 07/11/2011 - 22:29:54 - [87,517] ----D C:\Program Files (x86)\Java

O43 - CFD: 27/08/2011 - 14:08:36 - [123,035] ----D C:\Program Files (x86)\Kaspersky Lab

O43 - CFD: 21/07/2012 - 23:17:48 - [11,720] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 03/01/2012 - 00:58:39 - [21,738] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 06/12/2009 - 19:12:11 - [403,173] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 30/05/2012 - 20:33:30 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 04/09/2009 - 15:54:01 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 29/11/2009 - 20:21:37 - [2,087] ----D C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 29/11/2009 - 19:20:30 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 16/12/2010 - 23:28:03 - [140,112] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 28/06/2010 - 00:22:05 - [0,316] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 24/02/2012 - 21:58:06 - [43,531] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 07/01/2010 - 10:52:54 - [20,771] ----D C:\Program Files (x86)\PDFCreator

O43 - CFD: 04/09/2009 - 15:39:21 - [7,696] ----D C:\Program Files (x86)\Photo-Service

O43 - CFD: 18/02/2012 - 16:51:50 - [72,431] ----D C:\Program Files (x86)\QuickTime

O43 - CFD: 26/10/2009 - 19:02:45 - [13,562] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 26/10/2009 - 19:00:34 - [3,987] ----D C:\Program Files (x86)\Realtek WLAN Driver

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 31/03/2012 - 22:50:28 - [102,601] ----D C:\Program Files (x86)\Safari

O43 - CFD: 27/08/2011 - 19:35:47 - [33,426] R---D C:\Program Files (x86)\Skype

O43 - CFD: 26/10/2009 - 18:59:57 - [0] --H-D C:\Program Files (x86)\Temp

O43 - CFD: 29/11/2009 - 19:35:14 - [287,427] ----D C:\Program Files (x86)\TOSHIBA

O43 - CFD: 04/09/2009 - 15:43:10 - [123,276] ----D C:\Program Files (x86)\TOSHIBA Games

O43 - CFD: 04/09/2009 - 15:39:39 - [10,201] ----D C:\Program Files (x86)\Toshiba TEMPRO

O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 29/11/2009 - 19:43:09 - [71,675] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 03/01/2012 - 20:53:50 - [127,315] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 04/09/2009 - 15:53:05 - [0,234] ----D C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 28/08/2011 - 11:46:03 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 28/08/2011 - 11:46:03 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 28/08/2011 - 11:46:03 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 28/08/2011 - 11:46:03 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 28/08/2011 - 11:46:03 - [6,780] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 25/07/2012 - 18:49:29 - [12,788] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 11/12/2011 - 19:31:09 - [28,616] ----D C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 04/09/2009 - 15:39:20 - [30,652] ----D C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 31/03/2012 - 22:47:09 - [142,033] ----D C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 04/09/2009 - 15:50:54 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 27/08/2011 - 14:08:37 - [3,416] ----D C:\Program Files (x86)\Common Files\InfoWatch

O43 - CFD: 26/10/2009 - 18:59:32 - [3,638] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 27/08/2011 - 19:30:26 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 03/09/2010 - 00:09:55 - [334,212] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 13/11/2011 - 21:35:17 - [23,867] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 26/10/2009 - 19:10:15 - [0,759] ----D C:\Program Files (x86)\Common Files\Toshiba Shared

O43 - CFD: 04/09/2009 - 15:51:59 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 04/09/2009 - 15:39:35 - [8,682] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 01mn 55s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.5CCD524F25E6112AB171F9D78907F377] - 25/07/2012 - 16:11:10 ---A- . (...) -- C:\Windows\ntbtlog.txt [1358358]

O44 - LFC:[MD5.AA494F41ADF14A7A6C650AAEF9E4DC98] - 25/07/2012 - 16:11:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.7A2E93B15CF26BA02FDE3C4215E734FE] - 25/07/2012 - 13:52:52 ---A- . (...) -- C:\Windows\setupact.log [15786]

O44 - LFC:[MD5.C1D8FD543FD19062DFEE36B8F5AA56C4] - 25/07/2012 - 11:22:42 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1340590]

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:14:03 . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 []]

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:14:03 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19248]

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:13:59 . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 []

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:13:59 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19248]

O44 - LFC:[MD5.941EEB6ECA075E3A21693F065F633C5E] - 24/07/2012 - 01:44:49 ---A- . (...) -- C:\AdwCleaner[R2].txt [18870]

O44 - LFC:[MD5.BCD1CB503B5DBBC0DEB197F21E849A0F] - 23/07/2012 - 22:54:14 ---A- . (...) -- C:\AdwCleaner[R1].txt [18781]

O44 - LFC:[MD5.EF5C64FF49DDE756603EB79120E55F9B] - 22/07/2012 - 19:27:07 . (...) -- C:\Windows\System32\umstartup000.etl []]]]]]]]

O44 - LFC:[MD5.EF5C64FF49DDE756603EB79120E55F9B] - 22/07/2012 - 19:27:07 ---A- . (...) -- C:\Windows\SysNative\umstartup000.etl [24576]

O44 - LFC:[MD5.2DCD6DD348615C8CFCCD44FF76364949] - 22/07/2012 - 17:05:35 ---A- . (...) -- C:\Windows\PFRO.log [565222]

O44 - LFC:[MD5.9C2D638973E0C2C3074D305A969B6595] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\PerfStringBackup.INI []]]]]]]

O44 - LFC:[MD5.DF50A75BF172E785E074163EE8A0FC85] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfc009.dat []]]

O44 - LFC:[MD5.ED3DCFC102F69CD344B00BF599B9AB6B] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfc00C.dat []]]]

O44 - LFC:[MD5.E2836EDEDF49E2730DBF22D474E09C43] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfh009.dat []]]]]

O44 - LFC:[MD5.ABAAF6820FFF62D08EDC35C94BBA5C18] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfh00C.dat []]]]]]

O44 - LFC:[MD5.9C2D638973E0C2C3074D305A969B6595] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549936]

O44 - LFC:[MD5.DF50A75BF172E785E074163EE8A0FC85] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106622]

O44 - LFC:[MD5.ED3DCFC102F69CD344B00BF599B9AB6B] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130988]

O44 - LFC:[MD5.E2836EDEDF49E2730DBF22D474E09C43] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616242]

O44 - LFC:[MD5.ABAAF6820FFF62D08EDC35C94BBA5C18] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704714]

O44 - LFC:[MD5.DC8490812A3B72811AE534F423B4C206] - 03/07/2012 - 12:46:44 . (...) -- C:\Windows\System32\Drivers\mbam.sys []

~ Scan Files in 00mn 08s

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\00TCrdMain [Key] . (...) -- C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

O53 - SMSR:HKLM\...\startupreg\CANAL+ CANALSAT A LA DEMANDE [Key] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe

O53 - SMSR:HKLM\...\startupreg\HSON [Key] . (...) -- C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\KeNotify [Key] . (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

O53 - SMSR:HKLM\...\startupreg\MobileDocuments [Key] . (.Apple Inc. - ubd.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (...) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\SmartFaceVWatcher [Key] . (...) -- C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\SmoothView [Key] . (...) -- C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java™ Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O53 - SMSR:HKLM\...\startupreg\Toshiba Registration [Key] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe

O53 - SMSR:HKLM\...\startupreg\Toshiba TEMPRO [Key] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

O53 - SMSR:HKLM\...\startupreg\TosReelTimeMonitor [Key] . (...) -- C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\TosSENotify [Key] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

O53 - SMSR:HKLM\...\startupreg\TWebCamera [Key] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=60

~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]

~ Scan Drivers in 00mn 00s

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Safari\Safari.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Safari\Safari.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Safari\Safari.exe (.not file.)

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {AC0AC21A-FAB7-4A0C-93C7-3F94ECC5ACE9} - (eBay) - http://rover.ebay.com

O69 - SBI: SearchScopes [HKCU] {BB6F2FBB-8222-4BC7-95AE-A64BC128922A} - (Yahoo! Search) - http://fr.search.yahoo.com

O69 - SBI: SearchScopes [HKCU] {BE28C22E-F666-424d-B5FD-125C4AFEE34E} - (Chercher) - http://search.myheritage.com

~ Scan Keys in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows™.) -- C:\Windows\System32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

~ Scan Services in 00mn 01s

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.F48A506E8030A98F6D947A143DE5D1C3] [sPRF][30/11/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]

[MD5.D41D8CD98F00B204E9800998ECF8427E] [sPRF][08/01/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\20cyrech.dll [0]

[MD5.42BADC1D2F03A8B1E4875740D3D49336] [sPRF][29/06/2011] (.Igor Pavlov - 7-Zip Standalone Console.) -- C:\Users\Chloé\AppData\Local\Temp\7za.exe [587776]

[MD5.70BC62A9277DFAC84CF184E7D1DFA1C4] [sPRF][25/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\buw-7fwh.dll [8192]

[MD5.09ADE88E9328E45B3373A81CA3668153] [sPRF][21/07/2012] (.McAfee, Inc. - McAfee Scanner Content Installer.) -- C:\Users\Chloé\AppData\Local\Temp\contentDATs.exe [957312]

[MD5.BF619EAC0CDF3F68D496EA9344137E8B] [sPRF][22/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\de1cocob.dll [512]

[MD5.9495FF73014B8A17BD4798911AD097FA] [sPRF][20/09/2011] (...) -- C:\Users\Chloé\AppData\Local\Temp\Extract.bat [87]

[MD5.90D1CC091C02AE4AF743ABCEABE5AD58] [sPRF][05/02/2012] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Chloé\AppData\Local\Temp\install_reader10_fr_mssa_aih(2).exe [765544]

[MD5.6003979F750C68C4925BB4267BBE6DB5] [sPRF][11/12/2011] (...) -- C:\Users\Chloé\AppData\Local\Temp\install_reader10_fr_mssa_aih.bat [465]

[MD5.D8D04241B5C165FA769EEE376D530E25] [sPRF][11/12/2011] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Chloé\AppData\Local\Temp\install_reader10_fr_mssa_aih.exe [748648]

[MD5.0E2281AEC56203CA6A9E1848F7DBDF5A] [sPRF][19/10/2011] (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Users\Chloé\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe [909088]

[MD5.14013815CDFEF90E541DD662E44FD27B] [sPRF][26/01/2012] (.Complitly - Complitly Setup.) -- C:\Users\Chloé\AppData\Local\Temp\Kreapixel_addonAcPro.exe [887696]

[MD5.7C90F77D368CABEA7B726A3758D6D761] [sPRF][07/12/2011] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\Chloé\AppData\Local\Temp\MyBabylonTB.exe [919664]

[MD5.72CF064E0B2F7EB666FBB25BE2D5DFD6] [sPRF][01/12/2011] (.Macromedia, Inc. - Macromedia Flash Player 8.0 r22.) -- C:\Users\Chloé\AppData\Local\Temp\push.exe [2561093]

[MD5.B2C46C7064C867F4722A0F51CF18FB62] [sPRF][15/12/2011] (.McAfee, Inc. - McAfee Security Scan Plus Installer.) -- C:\Users\Chloé\AppData\Local\Temp\SecurityScan_Release.exe [3598224]

[MD5.F3E13D8D6CE02C8EEEE8B8EC77676706] [sPRF][21/03/2012] (.Skype Technologies S.A. - Skype.) -- C:\Users\Chloé\AppData\Local\Temp\SkypeSetup.exe [18763400]

[MD5.706EDDBFF314F4A1B473E71463D3EC9B] [sPRF][23/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\svzgsczo.dll [8192]

[MD5.7173AAB669C3B8909285C54A6955014D] [sPRF][24/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\Uninst.bat [625]

[MD5.07DA6C9C3547C38BBA12E63F54FD9B00] [sPRF][22/07/2012] (...) -- C:\Users\Chloé\Desktop\adwcleaner.exe [632049]

[MD5.2F5A438D23DFD21EBA32306C64EBE992] [sPRF][22/07/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Chloé\Desktop\ZHPDiag2.exe [4598607]

~ Scan Files in 00mn 01s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{26BA882B-0632-4B44-A178-0C9EF76749F4}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.)

O87 - FAEL: "{311D4CB8-F019-4276-A236-27437DD43D63}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.)

O87 - FAEL: "{765A81A0-39FD-49BD-97B2-1C3DFCB7EAA9}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{AC16CEC5-BA98-41B8-B294-BA442EA22CE8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{3D4B1C0C-1EF0-4286-BDA1-E15B8FC7FF2B}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{F1BDD88A-D45C-4798-BE2C-F7EF47AD891D}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{15B270EE-E426-4C31-BD4C-53FA057D1D27}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{A5564A97-92D1-4647-B2AB-CDFE760A6D9A}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{9EB1A7A8-B400-496B-8767-B81A3C4134F4}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{57112CC4-2638-4801-8A2A-3DFFD30DF047}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "{ECDAC038-E26F-47D1-808B-37AA33AB2BE1}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{1ED85E34-AF8F-48A4-B262-F479D7C4829B}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{D5243DAA-3CE2-4827-9162-BE3CEECEBD36}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{310279DC-214A-4579-B9F8-8D0519D9862B}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{F9397EA5-0CA0-4305-A776-493FF6F8B96A}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

~ Scan Firewall in 00mn 00s

---\\ Scan Additionnel (O88)

Database Version : 9170 - (21/07/2012)

Clés trouvées (Keys found) : 0

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 1

C:\Users\Chloé\AppData\Roaming\Mozilla\Firefox\Profiles\gaq1j2k0.default\Extensions\pdfforge@mybrowserbar.com =>PUP.Dealio

~ Scan Additionnel in 00mn 06s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Auto 03/01/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SS - | Auto 30/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe

SS - | Auto 27/02/2012 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SS - | Auto 01/10/2010 348760 | (AVP) . (.Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

SS - | Auto 21/10/2011 196176 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe

SS - | Auto 13/10/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe

SS - | Auto 31/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Auto 06/07/2010 188416 | (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe

SS - | Auto 10/08/2009 248688 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

SS - | Auto 14/07/2009 42368 | (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

SS - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

SS - | Auto 21/12/2009 743992 | (CSObjectsSrv) . (.Infowatch.) - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

SS - | Demand 22/05/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

SS - | Auto 15/12/2009 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 15/12/2009 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 04/09/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 27/03/2012 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Auto 03/07/2012 655944 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

SS - | Auto 06/08/2009 116104 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

SS - | Demand 17/08/2009 51512 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

SS - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SS - | Auto 05/08/2009 488800 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SS - | Auto 27/08/2009 251760 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe

SS - | Demand 03/08/2009 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

SS - | Demand 04/08/2009 826224 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

SS - | Demand 04/08/2009 826224 | (TrkWks) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

SS - | Demand 04/08/2009 826224 | (TrustedInstaller) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SS - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe

SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 08s

End of the scan (1124 lines in 03mn 05s)(0)

Rapport GSI:

Rapport de ZHPDiag v1.31.11 par Nicolas Coolman, Update du 21/07/2012

Run by Chloé at 25/07/2012 18:49:17

Web site : http://www.premiumor...ss/zhpdiag.html

Web site : http://nicolascoolman.skyrock.com/

State : Problème connexion internet

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 10.0.2 v10.0.2 (Defaut)

GCIE: Google Chrome v20.0.1132.57

OBIE: Safari v5.34.55.3

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : KO

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)

Total RAM: 4060 MB (86% free)

System Restore: Activé (Enable)

System drive C: has 123 GB (66%) free of 186 GB

---\\ Logged in mode

~ Computer Name: TOSHIBA

~ User Name: Chloé

~ All Users Names: HomeGroupUser$, Chloé, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Chloé\AppData\Roaming\

~ %Desktop% : C:\Users\Chloé\Desktop\

~ %Favorites% : C:\Users\Chloé\Favorites\

~ %LocalAppData% : C:\Users\Chloé\AppData\Local\

~ %StartMenu% : C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 123 Go of 186 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 115 Go of 186 Go)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.870ECFEBD41C7B8F9C6777748368D51F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/05/2012 - 02:59:14.) -- C:\Windows\System32\wininet.dll [1392128]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 2/36

~ Mes musiques (My Musics) : 1/652

~ Mes Favoris (My Favorites) : 1/53

~ Mes Documents (My Documents) : 1/45

~ Mon Bureau (My Desktop) : 1/736

~ Menu demarrer (Programs) : 1/24

~ Scan Hidden Files in 00mn 08s

---\\ Processus lancés

[MD5.72AE847EB2B526CC0551C88B9A2970C1] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3763200] [PID.1272]

~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Chloé\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] http://fr.search.yahoo.com

~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\Chloé\AppData\Roaming\Mozilla\Firefox\Profiles\gaq1j2k0.default\prefs.js

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\MyHeritage.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml

M3 - MFPP: Plugins - [Chloé] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo.xml

M2 - MFEP: prefs.js [Chloé - gaq1j2k0.default\{113c2360-15a3-11de-8c30-0800200c9a66}] [] Vfox3 v (.htsbai.)

M2 - MFEP: prefs.js [Chloé - gaq1j2k0.default\{285da7e0-729d-11db-9fe1-0800200c9a66}] [] Tinseltown v2.121408 (.Thomas McMahon.)

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java™ Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFFICE.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.2.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: MHURLSearchHook Class [64Bits] - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} . (.Pas de propriétaire - IE Toolbar Helper Module.) (4, 1, 0, 59) -- C:\Program Files (x86)\Celebrity Toolbar\tbhelper.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: MHTBPos00 [64Bits] - {0C37B053-FD68-456a-82E1-D788EE342E6F} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab - IE Virtual Keyboard.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll

O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Click to Call with Skype for Internet Explo.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)

O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)

O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)

O4 - HKLM\..\Run: [Teco] C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe (.not file.)

O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKLM\..\Wow6432Node\Run: [sVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe

O4 - HKLM\..\Wow6432Node\Run: [HWSetup] . (.TOSHIBA Electronics, Inc. - HWSetup.) -- C:\Program Files\TOSHIBA\Utilities\HWSetup.exe

O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-2491144196-3758007457-4122145582-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Chloé\Desktop\Mes documents.lnk . (...) -- D:\Mes documents

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{6D172D0A-B9F1-4046-AFAB-8599288545BF}\SafariIco.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Chloé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: Ajouter à l'Anti-bannière . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\Program Files (x86)\MICROS~2\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Mon Clavier &virtuel [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\kbrd.ico

O9 - Extra button: Mon Clavier &virtuel [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\logo.ico

~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{DCE8A7BD-604A-4A4A-910F-7818CE73012B}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CCS\Services\Tcpip\..\{DCEFBE3E-D361-4F37-AB2A-16DF9978E7ED}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{DCE8A7BD-604A-4A4A-910F-7818CE73012B}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{DCEFBE3E-D361-4F37-AB2A-16DF9978E7ED}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS2\Services\Tcpip\..\{DCE8A7BD-604A-4A4A-910F-7818CE73012B}: DhcpNameServer = 89.2.0.1 89.2.0.2

O17 - HKLM\System\CS2\Services\Tcpip\..\{DCEFBE3E-D361-4F37-AB2A-16DF9978E7ED}: DhcpNameServer = 89.2.0.1 89.2.0.2

~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: dvd [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: its [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mhtml [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ms-its [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: mso-offdap [64Bits] - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.dll

O18 - Handler: mso-offdap11 [64Bits] - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Click to Call with Skype for Internet Explo.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\Windows\System32\klogon.dll

~ Scan Winlogon in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.Kaspersky Lab - Kaspersky OE plugin loader.) - C:\Program Files (x86)\KASPER~1\KASPER~1\x64\kloehk.dll

~ Scan AppInit DLL in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Kaspersky PURE (AVP) . (.Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active - CanalPlus.VOD.Service.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe

O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

O23 - Service: ConfigFree Gadget Service (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION - ConfigFree Gadget Process Service.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Service de gestion du système CryproStor (CSObjectsSrv) . (.Infowatch - InfoWatch CryptoStorage Protected objects c.) - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Notebook Performance Tuning Service (TEM (TemproMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe

O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

~ Scan Services in 00mn 01s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

~ Scan Scheduled Task in 00mn 00s

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: (CSVirtualDiskDrv) . (.Infowatch - Virtual Volume Container Driver (wnet).) - C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys

O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (kl1) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl1.sys

O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\System32\DRIVERS\klif.sys

O41 - Driver: (KLIM6) . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 27s

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Reader X (10.1.2) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EB879750-CCBD-4013-BFD5-0294D4DA5BD0}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {B4089055-D468-45A4-A6BA-5A138DD715FC}

O42 - Logiciel: CANAL+ CANALSAT A LA DEMANDE - (.CanalPlus.) [HKLM] -- {04DA096D-6236-4A5D-8FB6-3081E67009BA}

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}

O42 - Logiciel: Celebrity Toolbar - (.MyHeritage.com.) [HKLM] -- Celebrity Toolbar

O42 - Logiciel: Click to Call with Skype - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Java™ 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216021FF}

O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM] -- WildTangent toshiba Master Uninstall

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: Kaspersky PURE - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}

O42 - Logiciel: Kaspersky PURE - (.Kaspersky Lab.) [HKLM] -- {1A59064A-12A9-469F-99F6-04BF118DBCFF}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: Malwarebytes Anti-Malware version 1.62.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Mozilla Firefox 10.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 10.0.2 (x86 fr)

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C}

O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Realtek WLAN Driver - (.Realtek.) [HKLM] -- {0FB630AB-7BD8-40AE-B223-60397D57C3C9}

O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {6D172D0A-B9F1-4046-AFAB-8599288545BF}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827

O42 - Logiciel: Skype™ Launcher - (.Skype Technologies S.A..) [HKLM] -- {26D8DF7E-DBF8-43A6-8D42-F37497CE603D}

O42 - Logiciel: Skype™ 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}

O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}

O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {F3529665-D75E-4D6D-98F0-745C78C68E9B}

O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31}

O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Pas de propriétaire.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}

O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}

O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.TOSHIBA CORPORATION.) [HKLM] -- {620BBA5E-F848-4D56-8BDA-584E44584C5E}

O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}

O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}

O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM] -- {5279374D-87FE-4879-9385-F17278EBB9D3}

O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA CORPORATION.) [HKLM] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}

O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}

O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}

O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM] -- {AC6569FA-6919-442A-8552-073BE69E247A}

O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA CORPORATION.) [HKLM] -- {51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}

O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}

O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}

O42 - Logiciel: TRORMCLauncher - (.Pas de propriétaire.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}

O42 - Logiciel: Toshiba Assist - (.TOSHIBA.) [HKLM] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978}

O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}

O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1

O42 - Logiciel: Toshiba Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM] -- {0823A2E3-69DD-A37A-7CD9-1CBEB037545C}

O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM] -- {9E4FF410-471F-49E3-9358-74FF0D5E9901}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217

O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: WebPlayer - (.Kreapixel.) [HKLM] -- {582E705F-1D5C-46E1-8FB7-DBE7BBDBA5CA}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: eBay - (.eBay Inc..) [HKLM] -- {E83BA61A-5D77-4DD5-9C92-A3447F11E27D}

O42 - Logiciel: pdfforge Toolbar v5.9 - (.Spigot, Inc..) [HKLM] -- {37918F52-75C8-47F8-AEFB-389B8E62B5DA}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Adobe]

[HKLM\Software\AdwCleaner]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\COMPAL]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Cyberlink]

[HKLM\Software\Digital River]

[HKLM\Software\DivXNetworks]

[HKLM\Software\Google]

[HKLM\Software\InfoWatch]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KasperskyLab]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfeeInstaller]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\MyHeritage.com]

[HKLM\Software\ODBC]

[HKLM\Software\PDFCreator]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLan]

[HKLM\Software\SimplyGen]

[HKLM\Software\Skype]

[HKLM\Software\TOSHIBA Corporation]

[HKLM\Software\TOSHIBA]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WildTangent]

[HKLM\Software\Windows]

[HKLM\Software\mcafeeupdater]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 11/12/2011 - 19:31:06 - [113,259] ----D C:\Program Files (x86)\Adobe

O43 - CFD: 27/08/2011 - 19:31:23 - [2,316] ----D C:\Program Files (x86)\Apple Software Update

O43 - CFD: 26/10/2009 - 18:52:45 - [76,853] ----D C:\Program Files (x86)\ATI Technologies

O43 - CFD: 18/02/2012 - 16:49:22 - [0,602] ----D C:\Program Files (x86)\Bonjour

O43 - CFD: 24/02/2012 - 22:14:46 - [2,557] ----D C:\Program Files (x86)\Canal+

O43 - CFD: 06/02/2010 - 20:43:13 - [5,384] ----D C:\Program Files (x86)\Celebrity Toolbar

O43 - CFD: 24/07/2012 - 03:13:23 - [616,367] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 04/09/2009 - 15:37:37 - [0,211] ----D C:\Program Files (x86)\eBay

O43 - CFD: 22/11/2011 - 23:40:45 - [521,536] ----D C:\Program Files (x86)\Google

O43 - CFD: 26/10/2009 - 19:10:09 - [128,350] --H-D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 04/09/2009 - 15:25:38 - [58,970] ----D C:\Program Files (x86)\Intel

O43 - CFD: 21/07/2012 - 15:53:19 - [6,583] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 31/03/2012 - 22:48:05 - [120,831] ----D C:\Program Files (x86)\iTunes

O43 - CFD: 07/11/2011 - 22:29:54 - [87,517] ----D C:\Program Files (x86)\Java

O43 - CFD: 27/08/2011 - 14:08:36 - [123,035] ----D C:\Program Files (x86)\Kaspersky Lab

O43 - CFD: 21/07/2012 - 23:17:48 - [11,720] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 03/01/2012 - 00:58:39 - [21,738] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 06/12/2009 - 19:12:11 - [403,173] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 30/05/2012 - 20:33:30 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 04/09/2009 - 15:54:01 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 29/11/2009 - 20:21:37 - [2,087] ----D C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 29/11/2009 - 19:20:30 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 16/12/2010 - 23:28:03 - [140,112] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 28/06/2010 - 00:22:05 - [0,316] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 24/02/2012 - 21:58:06 - [43,531] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 07/01/2010 - 10:52:54 - [20,771] ----D C:\Program Files (x86)\PDFCreator

O43 - CFD: 04/09/2009 - 15:39:21 - [7,696] ----D C:\Program Files (x86)\Photo-Service

O43 - CFD: 18/02/2012 - 16:51:50 - [72,431] ----D C:\Program Files (x86)\QuickTime

O43 - CFD: 26/10/2009 - 19:02:45 - [13,562] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 26/10/2009 - 19:00:34 - [3,987] ----D C:\Program Files (x86)\Realtek WLAN Driver

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 31/03/2012 - 22:50:28 - [102,601] ----D C:\Program Files (x86)\Safari

O43 - CFD: 27/08/2011 - 19:35:47 - [33,426] R---D C:\Program Files (x86)\Skype

O43 - CFD: 26/10/2009 - 18:59:57 - [0] --H-D C:\Program Files (x86)\Temp

O43 - CFD: 29/11/2009 - 19:35:14 - [287,427] ----D C:\Program Files (x86)\TOSHIBA

O43 - CFD: 04/09/2009 - 15:43:10 - [123,276] ----D C:\Program Files (x86)\TOSHIBA Games

O43 - CFD: 04/09/2009 - 15:39:39 - [10,201] ----D C:\Program Files (x86)\Toshiba TEMPRO

O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 29/11/2009 - 19:43:09 - [71,675] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 03/01/2012 - 20:53:50 - [127,315] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 04/09/2009 - 15:53:05 - [0,234] ----D C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 28/08/2011 - 11:46:03 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 28/08/2011 - 11:46:03 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 28/08/2011 - 11:46:03 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 28/08/2011 - 11:46:03 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 28/08/2011 - 11:46:03 - [6,780] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 25/07/2012 - 18:49:29 - [12,788] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 11/12/2011 - 19:31:09 - [28,616] ----D C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 04/09/2009 - 15:39:20 - [30,652] ----D C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 31/03/2012 - 22:47:09 - [142,033] ----D C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 04/09/2009 - 15:50:54 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 27/08/2011 - 14:08:37 - [3,416] ----D C:\Program Files (x86)\Common Files\InfoWatch

O43 - CFD: 26/10/2009 - 18:59:32 - [3,638] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 27/08/2011 - 19:30:26 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 03/09/2010 - 00:09:55 - [334,212] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 13/11/2011 - 21:35:17 - [23,867] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 26/10/2009 - 19:10:15 - [0,759] ----D C:\Program Files (x86)\Common Files\Toshiba Shared

O43 - CFD: 04/09/2009 - 15:51:59 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 04/09/2009 - 15:39:35 - [8,682] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

O43 - CFD: 11/12/2011 - 19:34:41 - [317,400] ----D C:\ProgramData\Adobe

O43 - CFD: 30/11/2010 - 20:55:00 - [158,462] ----D C:\ProgramData\Apple

O43 - CFD: 30/11/2010 - 20:56:06 - [181,034] ----D C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data

O43 - CFD: 26/10/2009 - 18:52:54 - [0,000] ----D C:\ProgramData\ATI

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Bureau

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites

O43 - CFD: 27/08/2011 - 14:28:54 - [0,001] ----D C:\ProgramData\FLEXnet

O43 - CFD: 04/09/2009 - 15:37:50 - [0,511] ----D C:\ProgramData\Google

O43 - CFD: 04/09/2009 - 15:40:52 - [0,001] ----D C:\ProgramData\IsolatedStorage

O43 - CFD: 25/07/2012 - 11:45:27 - [1181,901] ----D C:\ProgramData\Kaspersky Lab

O43 - CFD: 27/08/2011 - 13:58:11 - [122,704] ----D C:\ProgramData\Kaspersky Lab Setup Files

O43 - CFD: 21/07/2012 - 23:14:52 - [6,398] ----D C:\ProgramData\Malwarebytes

O43 - CFD: 11/12/2011 - 19:24:23 - [0,308] ----D C:\ProgramData\McAfee

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Menu Démarrer

O43 - CFD: 03/01/2012 - 00:58:48 - [275,954] -S--D C:\ProgramData\Microsoft

O43 - CFD: 06/12/2009 - 19:12:30 - [0,055] ----D C:\ProgramData\Microsoft Help

O43 - CFD: 29/11/2009 - 17:39:18 - [0] --H-D C:\ProgramData\Modèles

O43 - CFD: 22/01/2010 - 19:16:15 - [0,001] ----D C:\ProgramData\Partner

O43 - CFD: 27/08/2011 - 19:35:14 - [53,760] ----D C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu

O43 - CFD: 05/09/2010 - 16:18:16 - [0,000] ----D C:\ProgramData\Sun

O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates

O43 - CFD: 26/10/2009 - 19:10:17 - [5,019] ----D C:\ProgramData\TOSHIBA

O43 - CFD: 29/11/2009 - 17:39:31 - [0,001] ----D C:\ProgramData\ToshibaEurope

O43 - CFD: 04/09/2009 - 15:27:31 - [2,158] ----D C:\ProgramData\Vista32

O43 - CFD: 04/09/2009 - 15:27:31 - [3,146] ----D C:\ProgramData\Vista64

O43 - CFD: 04/09/2009 - 15:43:09 - [822,582] ----D C:\ProgramData\WildTangent

O43 - CFD: 04/09/2009 - 15:31:28 - [2,117] ----D C:\ProgramData\win7_32

O43 - CFD: 04/09/2009 - 15:31:28 - [3,069] ----D C:\ProgramData\win7_64

O43 - CFD: 04/09/2009 - 15:27:31 - [0,055] ----D C:\ProgramData\XP

O43 - CFD: 30/11/2010 - 20:56:25 - [0,852] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 11/12/2011 - 19:33:53 - [15,339] ----D C:\Users\Chloé\AppData\Roaming\Adobe

O43 - CFD: 18/03/2012 - 15:07:29 - [501,407] ----D C:\Users\Chloé\AppData\Roaming\Apple Computer

O43 - CFD: 29/11/2009 - 17:43:28 - [0] ----D C:\Users\Chloé\AppData\Roaming\ATI

O43 - CFD: 04/12/2011 - 22:23:12 - [0,000] ----D C:\Users\Chloé\AppData\Roaming\dvdcss

O43 - CFD: 29/11/2009 - 20:22:16 - [0,000] ----D C:\Users\Chloé\AppData\Roaming\Google

O43 - CFD: 29/11/2009 - 17:42:52 - [0] ----D C:\Users\Chloé\AppData\Roaming\Identities

O43 - CFD: 04/09/2009 - 15:39:21 - [0,123] ----D C:\Users\Chloé\AppData\Roaming\Macromedia

O43 - CFD: 21/07/2012 - 23:22:55 - [1,210] ----D C:\Users\Chloé\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 17:35:05 - [0] ----D C:\Users\Chloé\AppData\Roaming\Media Center Programs

O43 - CFD: 21/07/2012 - 15:52:54 - [7,533] -S--D C:\Users\Chloé\AppData\Roaming\Microsoft

O43 - CFD: 29/11/2009 - 19:44:11 - [675,259] ----D C:\Users\Chloé\AppData\Roaming\Mozilla

O43 - CFD: 21/03/2012 - 23:44:22 - [4,996] ----D C:\Users\Chloé\AppData\Roaming\Skype

O43 - CFD: 24/07/2011 - 16:16:28 - [0,037] ----D C:\Users\Chloé\AppData\Roaming\skypePM

O43 - CFD: 27/08/2011 - 14:25:22 - [11,934] ----D C:\Users\Chloé\AppData\Roaming\Toshiba

O43 - CFD: 04/12/2011 - 23:45:38 - [0,777] ----D C:\Users\Chloé\AppData\Roaming\vlc

O43 - CFD: 11/12/2011 - 19:30:53 - [60,697] ----D C:\Users\Chloé\AppData\Local\Adobe

O43 - CFD: 30/11/2010 - 20:55:05 - [0] ----D C:\Users\Chloé\AppData\Local\Apple

O43 - CFD: 12/05/2012 - 11:59:53 - [16,721] ----D C:\Users\Chloé\AppData\Local\Apple Computer

O43 - CFD: 29/11/2009 - 17:39:23 - [0] ----D C:\Users\Chloé\AppData\Local\Application Data

O43 - CFD: 29/11/2009 - 17:43:28 - [0,058] ----D C:\Users\Chloé\AppData\Local\ATI

O43 - CFD: 25/06/2012 - 08:19:32 - [2,423] ----D C:\Users\Chloé\AppData\Local\Diagnostics

O43 - CFD: 07/11/2011 - 22:48:49 - [2,476] ----D C:\Users\Chloé\AppData\Local\Downloaded Installations

O43 - CFD: 06/06/2010 - 20:36:37 - [0] ----D C:\Users\Chloé\AppData\Local\ElevatedDiagnostics

O43 - CFD: 21/07/2012 - 15:52:54 - [64,669] ----D C:\Users\Chloé\AppData\Local\Google

O43 - CFD: 29/11/2009 - 17:39:23 - [0] ----D C:\Users\Chloé\AppData\Local\Historique

O43 - CFD: 21/07/2012 - 15:52:54 - [506,027] ----D C:\Users\Chloé\AppData\Local\Microsoft

O43 - CFD: 01/12/2009 - 21:56:56 - [0] ----D C:\Users\Chloé\AppData\Local\Microsoft Help

O43 - CFD: 29/11/2009 - 20:02:59 - [0,170] ----D C:\Users\Chloé\AppData\Local\MigWiz

O43 - CFD: 29/11/2009 - 19:44:04 - [608,246] ----D C:\Users\Chloé\AppData\Local\Mozilla

O43 - CFD: 05/02/2012 - 17:16:30 - [1,071] ----D C:\Users\Chloé\AppData\Local\Solid State Networks

O43 - CFD: 25/07/2012 - 17:11:37 - [97,384] ----D C:\Users\Chloé\AppData\Local\Temp

O43 - CFD: 29/11/2009 - 17:39:23 - [0] ----D C:\Users\Chloé\AppData\Local\Temporary Internet Files

O43 - CFD: 29/11/2009 - 20:02:17 - [0,001] ----D C:\Users\Chloé\AppData\Local\Toshiba

O43 - CFD: 29/11/2009 - 19:57:54 - [0,000] ----D C:\Users\Chloé\AppData\Local\TOSHIBA_Corporation

O43 - CFD: 25/09/2011 - 19:27:50 - [0,000] ----D C:\Users\Chloé\AppData\Local\VirtualStore

O43 - CFD: 30/11/2010 - 21:05:26 - [0] ----D C:\Users\Chloé\AppData\Local\Windows Live

O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 17/02/2012 - 19:15:11 - [0,000] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 26/01/2012 - 21:40:55 - [0,003] ----D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kreapixel

O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 17/02/2012 - 19:15:11 - [0,000] R---D C:\Users\Chloé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 11/12/2011 - 19:31:06 - [113,259] ----D C:\Program Files (x86)\Adobe

O43 - CFD: 27/08/2011 - 19:31:23 - [2,316] ----D C:\Program Files (x86)\Apple Software Update

O43 - CFD: 26/10/2009 - 18:52:45 - [76,853] ----D C:\Program Files (x86)\ATI Technologies

O43 - CFD: 18/02/2012 - 16:49:22 - [0,602] ----D C:\Program Files (x86)\Bonjour

O43 - CFD: 24/02/2012 - 22:14:46 - [2,557] ----D C:\Program Files (x86)\Canal+

O43 - CFD: 06/02/2010 - 20:43:13 - [5,384] ----D C:\Program Files (x86)\Celebrity Toolbar

O43 - CFD: 24/07/2012 - 03:13:23 - [616,367] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 04/09/2009 - 15:37:37 - [0,211] ----D C:\Program Files (x86)\eBay

O43 - CFD: 22/11/2011 - 23:40:45 - [521,536] ----D C:\Program Files (x86)\Google

O43 - CFD: 26/10/2009 - 19:10:09 - [128,350] --H-D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 04/09/2009 - 15:25:38 - [58,970] ----D C:\Program Files (x86)\Intel

O43 - CFD: 21/07/2012 - 15:53:19 - [6,583] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 31/03/2012 - 22:48:05 - [120,831] ----D C:\Program Files (x86)\iTunes

O43 - CFD: 07/11/2011 - 22:29:54 - [87,517] ----D C:\Program Files (x86)\Java

O43 - CFD: 27/08/2011 - 14:08:36 - [123,035] ----D C:\Program Files (x86)\Kaspersky Lab

O43 - CFD: 21/07/2012 - 23:17:48 - [11,720] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 03/01/2012 - 00:58:39 - [21,738] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 06/12/2009 - 19:12:11 - [403,173] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 30/05/2012 - 20:33:30 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 04/09/2009 - 15:54:01 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 29/11/2009 - 20:21:37 - [2,087] ----D C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 29/11/2009 - 19:20:30 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 16/12/2010 - 23:28:03 - [140,112] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 28/06/2010 - 00:22:05 - [0,316] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 24/02/2012 - 21:58:06 - [43,531] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 07/01/2010 - 10:52:54 - [20,771] ----D C:\Program Files (x86)\PDFCreator

O43 - CFD: 04/09/2009 - 15:39:21 - [7,696] ----D C:\Program Files (x86)\Photo-Service

O43 - CFD: 18/02/2012 - 16:51:50 - [72,431] ----D C:\Program Files (x86)\QuickTime

O43 - CFD: 26/10/2009 - 19:02:45 - [13,562] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 26/10/2009 - 19:00:34 - [3,987] ----D C:\Program Files (x86)\Realtek WLAN Driver

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 31/03/2012 - 22:50:28 - [102,601] ----D C:\Program Files (x86)\Safari

O43 - CFD: 27/08/2011 - 19:35:47 - [33,426] R---D C:\Program Files (x86)\Skype

O43 - CFD: 26/10/2009 - 18:59:57 - [0] --H-D C:\Program Files (x86)\Temp

O43 - CFD: 29/11/2009 - 19:35:14 - [287,427] ----D C:\Program Files (x86)\TOSHIBA

O43 - CFD: 04/09/2009 - 15:43:10 - [123,276] ----D C:\Program Files (x86)\TOSHIBA Games

O43 - CFD: 04/09/2009 - 15:39:39 - [10,201] ----D C:\Program Files (x86)\Toshiba TEMPRO

O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 29/11/2009 - 19:43:09 - [71,675] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 03/01/2012 - 20:53:50 - [127,315] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 04/09/2009 - 15:53:05 - [0,234] ----D C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 28/08/2011 - 11:46:03 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 28/08/2011 - 11:46:03 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 28/08/2011 - 11:46:03 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 28/08/2011 - 11:46:03 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 28/08/2011 - 11:46:03 - [6,780] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 25/07/2012 - 18:49:29 - [12,788] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 11/12/2011 - 19:31:09 - [28,616] ----D C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 04/09/2009 - 15:39:20 - [30,652] ----D C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 31/03/2012 - 22:47:09 - [142,033] ----D C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 04/09/2009 - 15:50:54 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 27/08/2011 - 14:08:37 - [3,416] ----D C:\Program Files (x86)\Common Files\InfoWatch

O43 - CFD: 26/10/2009 - 18:59:32 - [3,638] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 27/08/2011 - 19:30:26 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 03/09/2010 - 00:09:55 - [334,212] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 13/11/2011 - 21:35:17 - [23,867] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 26/10/2009 - 19:10:15 - [0,759] ----D C:\Program Files (x86)\Common Files\Toshiba Shared

O43 - CFD: 04/09/2009 - 15:51:59 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 04/09/2009 - 15:39:35 - [8,682] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 01mn 55s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.5CCD524F25E6112AB171F9D78907F377] - 25/07/2012 - 16:11:10 ---A- . (...) -- C:\Windows\ntbtlog.txt [1358358]

O44 - LFC:[MD5.AA494F41ADF14A7A6C650AAEF9E4DC98] - 25/07/2012 - 16:11:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.7A2E93B15CF26BA02FDE3C4215E734FE] - 25/07/2012 - 13:52:52 ---A- . (...) -- C:\Windows\setupact.log [15786]

O44 - LFC:[MD5.C1D8FD543FD19062DFEE36B8F5AA56C4] - 25/07/2012 - 11:22:42 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1340590]

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:14:03 . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 []]

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:14:03 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19248]

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:13:59 . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 []

O44 - LFC:[MD5.D74E46CA01E4BAB9EC483CB3FD6C3738] - 25/07/2012 - 11:13:59 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19248]

O44 - LFC:[MD5.941EEB6ECA075E3A21693F065F633C5E] - 24/07/2012 - 01:44:49 ---A- . (...) -- C:\AdwCleaner[R2].txt [18870]

O44 - LFC:[MD5.BCD1CB503B5DBBC0DEB197F21E849A0F] - 23/07/2012 - 22:54:14 ---A- . (...) -- C:\AdwCleaner[R1].txt [18781]

O44 - LFC:[MD5.EF5C64FF49DDE756603EB79120E55F9B] - 22/07/2012 - 19:27:07 . (...) -- C:\Windows\System32\umstartup000.etl []]]]]]]]

O44 - LFC:[MD5.EF5C64FF49DDE756603EB79120E55F9B] - 22/07/2012 - 19:27:07 ---A- . (...) -- C:\Windows\SysNative\umstartup000.etl [24576]

O44 - LFC:[MD5.2DCD6DD348615C8CFCCD44FF76364949] - 22/07/2012 - 17:05:35 ---A- . (...) -- C:\Windows\PFRO.log [565222]

O44 - LFC:[MD5.9C2D638973E0C2C3074D305A969B6595] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\PerfStringBackup.INI []]]]]]]

O44 - LFC:[MD5.DF50A75BF172E785E074163EE8A0FC85] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfc009.dat []]]

O44 - LFC:[MD5.ED3DCFC102F69CD344B00BF599B9AB6B] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfc00C.dat []]]]

O44 - LFC:[MD5.E2836EDEDF49E2730DBF22D474E09C43] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfh009.dat []]]]]

O44 - LFC:[MD5.ABAAF6820FFF62D08EDC35C94BBA5C18] - 21/07/2012 - 18:22:01 . (...) -- C:\Windows\System32\perfh00C.dat []]]]]]

O44 - LFC:[MD5.9C2D638973E0C2C3074D305A969B6595] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549936]

O44 - LFC:[MD5.DF50A75BF172E785E074163EE8A0FC85] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106622]

O44 - LFC:[MD5.ED3DCFC102F69CD344B00BF599B9AB6B] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130988]

O44 - LFC:[MD5.E2836EDEDF49E2730DBF22D474E09C43] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616242]

O44 - LFC:[MD5.ABAAF6820FFF62D08EDC35C94BBA5C18] - 21/07/2012 - 18:22:01 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704714]

O44 - LFC:[MD5.DC8490812A3B72811AE534F423B4C206] - 03/07/2012 - 12:46:44 . (...) -- C:\Windows\System32\Drivers\mbam.sys []

~ Scan Files in 00mn 08s

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\00TCrdMain [Key] . (...) -- C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

O53 - SMSR:HKLM\...\startupreg\CANAL+ CANALSAT A LA DEMANDE [Key] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe

O53 - SMSR:HKLM\...\startupreg\HSON [Key] . (...) -- C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\KeNotify [Key] . (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

O53 - SMSR:HKLM\...\startupreg\MobileDocuments [Key] . (.Apple Inc. - ubd.exe.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (...) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\SmartFaceVWatcher [Key] . (...) -- C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\SmoothView [Key] . (...) -- C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java™ Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O53 - SMSR:HKLM\...\startupreg\Toshiba Registration [Key] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe

O53 - SMSR:HKLM\...\startupreg\Toshiba TEMPRO [Key] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

O53 - SMSR:HKLM\...\startupreg\TosReelTimeMonitor [Key] . (...) -- C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\TosSENotify [Key] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

O53 - SMSR:HKLM\...\startupreg\TWebCamera [Key] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=60

~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]

~ Scan Drivers in 00mn 00s

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Safari\Safari.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Safari\Safari.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Safari\Safari.exe (.not file.)

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {AC0AC21A-FAB7-4A0C-93C7-3F94ECC5ACE9} - (eBay) - http://rover.ebay.com

O69 - SBI: SearchScopes [HKCU] {BB6F2FBB-8222-4BC7-95AE-A64BC128922A} - (Yahoo! Search) - http://fr.search.yahoo.com

O69 - SBI: SearchScopes [HKCU] {BE28C22E-F666-424d-B5FD-125C4AFEE34E} - (Chercher) - http://search.myheritage.com

~ Scan Keys in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows™.) -- C:\Windows\System32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

~ Scan Services in 00mn 01s

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.F48A506E8030A98F6D947A143DE5D1C3] [sPRF][30/11/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]

[MD5.D41D8CD98F00B204E9800998ECF8427E] [sPRF][08/01/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\20cyrech.dll [0]

[MD5.42BADC1D2F03A8B1E4875740D3D49336] [sPRF][29/06/2011] (.Igor Pavlov - 7-Zip Standalone Console.) -- C:\Users\Chloé\AppData\Local\Temp\7za.exe [587776]

[MD5.70BC62A9277DFAC84CF184E7D1DFA1C4] [sPRF][25/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\buw-7fwh.dll [8192]

[MD5.09ADE88E9328E45B3373A81CA3668153] [sPRF][21/07/2012] (.McAfee, Inc. - McAfee Scanner Content Installer.) -- C:\Users\Chloé\AppData\Local\Temp\contentDATs.exe [957312]

[MD5.BF619EAC0CDF3F68D496EA9344137E8B] [sPRF][22/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\de1cocob.dll [512]

[MD5.9495FF73014B8A17BD4798911AD097FA] [sPRF][20/09/2011] (...) -- C:\Users\Chloé\AppData\Local\Temp\Extract.bat [87]

[MD5.90D1CC091C02AE4AF743ABCEABE5AD58] [sPRF][05/02/2012] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Chloé\AppData\Local\Temp\install_reader10_fr_mssa_aih(2).exe [765544]

[MD5.6003979F750C68C4925BB4267BBE6DB5] [sPRF][11/12/2011] (...) -- C:\Users\Chloé\AppData\Local\Temp\install_reader10_fr_mssa_aih.bat [465]

[MD5.D8D04241B5C165FA769EEE376D530E25] [sPRF][11/12/2011] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Chloé\AppData\Local\Temp\install_reader10_fr_mssa_aih.exe [748648]

[MD5.0E2281AEC56203CA6A9E1848F7DBDF5A] [sPRF][19/10/2011] (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Users\Chloé\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe [909088]

[MD5.14013815CDFEF90E541DD662E44FD27B] [sPRF][26/01/2012] (.Complitly - Complitly Setup.) -- C:\Users\Chloé\AppData\Local\Temp\Kreapixel_addonAcPro.exe [887696]

[MD5.7C90F77D368CABEA7B726A3758D6D761] [sPRF][07/12/2011] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\Chloé\AppData\Local\Temp\MyBabylonTB.exe [919664]

[MD5.72CF064E0B2F7EB666FBB25BE2D5DFD6] [sPRF][01/12/2011] (.Macromedia, Inc. - Macromedia Flash Player 8.0 r22.) -- C:\Users\Chloé\AppData\Local\Temp\push.exe [2561093]

[MD5.B2C46C7064C867F4722A0F51CF18FB62] [sPRF][15/12/2011] (.McAfee, Inc. - McAfee Security Scan Plus Installer.) -- C:\Users\Chloé\AppData\Local\Temp\SecurityScan_Release.exe [3598224]

[MD5.F3E13D8D6CE02C8EEEE8B8EC77676706] [sPRF][21/03/2012] (.Skype Technologies S.A. - Skype.) -- C:\Users\Chloé\AppData\Local\Temp\SkypeSetup.exe [18763400]

[MD5.706EDDBFF314F4A1B473E71463D3EC9B] [sPRF][23/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\svzgsczo.dll [8192]

[MD5.7173AAB669C3B8909285C54A6955014D] [sPRF][24/07/2012] (...) -- C:\Users\Chloé\AppData\Local\Temp\Uninst.bat [625]

[MD5.07DA6C9C3547C38BBA12E63F54FD9B00] [sPRF][22/07/2012] (...) -- C:\Users\Chloé\Desktop\adwcleaner.exe [632049]

[MD5.2F5A438D23DFD21EBA32306C64EBE992] [sPRF][22/07/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Chloé\Desktop\ZHPDiag2.exe [4598607]

~ Scan Files in 00mn 01s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{26BA882B-0632-4B44-A178-0C9EF76749F4}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.)

O87 - FAEL: "{311D4CB8-F019-4276-A236-27437DD43D63}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.)

O87 - FAEL: "{765A81A0-39FD-49BD-97B2-1C3DFCB7EAA9}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{AC16CEC5-BA98-41B8-B294-BA442EA22CE8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{3D4B1C0C-1EF0-4286-BDA1-E15B8FC7FF2B}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{F1BDD88A-D45C-4798-BE2C-F7EF47AD891D}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{15B270EE-E426-4C31-BD4C-53FA057D1D27}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{A5564A97-92D1-4647-B2AB-CDFE760A6D9A}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{9EB1A7A8-B400-496B-8767-B81A3C4134F4}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{57112CC4-2638-4801-8A2A-3DFFD30DF047}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "{ECDAC038-E26F-47D1-808B-37AA33AB2BE1}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{1ED85E34-AF8F-48A4-B262-F479D7C4829B}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{D5243DAA-3CE2-4827-9162-BE3CEECEBD36}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{310279DC-214A-4579-B9F8-8D0519D9862B}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{F9397EA5-0CA0-4305-A776-493FF6F8B96A}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

~ Scan Firewall in 00mn 00s

---\\ Scan Additionnel (O88)

Database Version : 9170 - (21/07/2012)

Clés trouvées (Keys found) : 0

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 1

C:\Users\Chloé\AppData\Roaming\Mozilla\Firefox\Profiles\gaq1j2k0.default\Extensions\pdfforge@mybrowserbar.com =>PUP.Dealio

~ Scan Additionnel in 00mn 06s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Auto 03/01/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SS - | Auto 30/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe

SS - | Auto 27/02/2012 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SS - | Auto 01/10/2010 348760 | (AVP) . (.Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe

SS - | Auto 21/10/2011 196176 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe

SS - | Auto 13/10/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe

SS - | Auto 31/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Auto 06/07/2010 188416 | (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe

SS - | Auto 10/08/2009 248688 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

SS - | Auto 14/07/2009 42368 | (ConfigFree Gadget Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

SS - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

SS - | Auto 21/12/2009 743992 | (CSObjectsSrv) . (.Infowatch.) - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

SS - | Demand 22/05/2009 250616 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

SS - | Auto 15/12/2009 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 15/12/2009 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 04/09/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 27/03/2012 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Auto 03/07/2012 655944 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

SS - | Auto 06/08/2009 116104 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

SS - | Demand 17/08/2009 51512 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

SS - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SS - | Auto 05/08/2009 488800 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SS - | Auto 27/08/2009 251760 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe

SS - | Demand 03/08/2009 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

SS - | Demand 04/08/2009 826224 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

SS - | Demand 04/08/2009 826224 | (TrkWks) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

SS - | Demand 04/08/2009 826224 | (TrustedInstaller) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SS - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe

SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 08s

End of the scan (1124 lines in 03mn 05s)(0)

Link to comment
Share on other sites

Quand tu fais le scan GSI tu as soit un fichier zip, soir une url (perso je préfère l'url). Sinon tu nous envoie le fichier zip parce que ça n'est pas exploitable.

pour ZHP il ne couvre rien de ce qui nou sintéresse dans le cadre de ton ordi.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...