Je pense...
Fermé
hugod007
Messages postés
3
Date d'inscription
mardi 21 août 2012
Statut
Membre
Dernière intervention
21 août 2012
-
21 août 2012 à 15:52
cbauf Messages postés 4297 Date d'inscription lundi 31 mars 2008 Statut Contributeur Dernière intervention 22 juin 2022 - 21 août 2012 à 16:39
cbauf Messages postés 4297 Date d'inscription lundi 31 mars 2008 Statut Contributeur Dernière intervention 22 juin 2022 - 21 août 2012 à 16:39
3 réponses
cbauf
Messages postés
4297
Date d'inscription
lundi 31 mars 2008
Statut
Contributeur
Dernière intervention
22 juin 2022
783
21 août 2012 à 15:58
21 août 2012 à 15:58
Bonjour,
https://www.commentcamarche.net/faq/2490-supprimer-les-adwares-publicites-intempestives-pop-up-etc
Extrait :
Télécharger ZHPDiag (de Nicolas Coolman)
Se laisser guider lors de l'installation, le programme se lancera automatiquement à la fin.
/!\Utilisateur de Vista et Seven : une fois le logiciel ouvert, n'oubliez pas de cliquer sur le bouton "UAC"
Tout cocher au tournevis
Cliquer sur l'icône représentant une loupe (« Lancer le diagnostic »)
Une fois aux 100%, héberger le rapport ZHPDiag.txt sur un site tel que cjoint.com, puis copier/coller le lien fourni sur le forum Virus/Sécurité de CCM dans un nouveau sujet où vous expliquerez pourquoi vous pensez être infecté (plus d'explications ici pour voir comment demander l'avis d'un expert sur le forum)
https://www.commentcamarche.net/faq/2490-supprimer-les-adwares-publicites-intempestives-pop-up-etc
Extrait :
Télécharger ZHPDiag (de Nicolas Coolman)
Se laisser guider lors de l'installation, le programme se lancera automatiquement à la fin.
/!\Utilisateur de Vista et Seven : une fois le logiciel ouvert, n'oubliez pas de cliquer sur le bouton "UAC"
Tout cocher au tournevis
Cliquer sur l'icône représentant une loupe (« Lancer le diagnostic »)
Une fois aux 100%, héberger le rapport ZHPDiag.txt sur un site tel que cjoint.com, puis copier/coller le lien fourni sur le forum Virus/Sécurité de CCM dans un nouveau sujet où vous expliquerez pourquoi vous pensez être infecté (plus d'explications ici pour voir comment demander l'avis d'un expert sur le forum)
hugod007
Messages postés
3
Date d'inscription
mardi 21 août 2012
Statut
Membre
Dernière intervention
21 août 2012
21 août 2012 à 15:59
21 août 2012 à 15:59
Ok je vous le mettrez
hugod007
Messages postés
3
Date d'inscription
mardi 21 août 2012
Statut
Membre
Dernière intervention
21 août 2012
21 août 2012 à 16:03
21 août 2012 à 16:03
Rapport de ZHPDiag v1.31.13 par Nicolas Coolman, Update du 31/07/2012
Run by matylde at 21/08/2012 16:01:05
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2815 MB (43% free)
System Restore: Inconnu (Unknown)
System drive C: has 242 GB (85%) free of 283 GB
---\\ Logged in mode
~ Computer Name: MATYLDE-PC
~ User Name: matylde
~ All Users Names: matylde, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\matylde\AppData\Roaming\
~ %Desktop% : C:\Users\matylde\Desktop\
~ %Favorites% : C:\Users\matylde\Favorites\
~ %LocalAppData% : C:\Users\matylde\AppData\Local\
~ %StartMenu% : C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 242 Go of 283 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.8EA68FD3780DDDD5072F8CB830B3CB3D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.29/06/2012 - 04:49:11.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.28/10/2009 - 07:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:23:06.) -- C:\Windows\system32\Drivers\ntfs.sys [1657216]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2502
~ Mes musiques (My Musics) : 94/138
~ Mes Videos (My Videos) : 2/11
~ Mes Favoris (My Favorites) : 1/32
~ Mes Documents (My Documents) : 1/173
~ Mon Bureau (My Desktop) : 1/26
~ Menu demarrer (Programs) : 1/29
~ Scan Hidden Files in 00mn 06s
---\\ Processus lancés
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.3588AFA5623BB8844F71F271A7A96669] - (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [634368] [PID.2780]
[MD5.1F3A75FCFD42F8C4E3DEA7746AE821FA] - (.Orange - Executable Orange Inside.) -- C:\Users\matylde\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [861696] [PID.2592]
[MD5.D706A6F8532AA65F3B40C8749F57B79A] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [665424] [PID.2596]
[MD5.F90D5FFA020B693CB5A7115A5E07AA3F] - (.Bandoo Media, inc - Data Manager.) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1599376] [PID.2868]
[MD5.57657B09D386137C7501367985B9741E] - (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.0 c.) -- C:\Program Files (x86)\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [57344] [PID.820]
[MD5.15A4D1A8C15CB3C0C13C3F36899475E6] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [114992] [PID.3136]
[MD5.52A025AEDE99BFFF745A4CC0DBA5816F] - (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe [598320] [PID.3172]
[MD5.20C4535969F2006F6082CDF146CD95C4] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4273976] [PID.3180]
[MD5.93569D46D79F9756ED077156496AFE23] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748664] [PID.3060]
[MD5.D52F1D46D9C862BB8271734E1834BA5A] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe [250528] [PID.2644]
[MD5.FCB13D9E3D55075C8FACA9CA3C55B263] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3763200] [PID.4044]
~ Scan Processes Running in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON SX110 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKCU\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Users\matylde\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [dlmMgr] . (.Adobe Systems - AdobeDownloadManager.) -- C:\Program Files (x86)\Common Files\Adobe\ESD\AdobeDownloadManager.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Actualité Une - Le Républicain Lorrain.url . (...) -- C:\Users\matylde\Desktop\Actualité Une - Le Républicain Lorrain.url
O4 - Global Startup: C:\Users\matylde\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Camping Corse - camping france.tel.url . (.Auslogics.) -- C:\Users\matylde\Desktop\Camping Corse - camping france.tel.url
O4 - Global Startup: C:\Users\matylde\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\Desktop\JDownloader.lnk . (.AppWork GmbH.) -- C:\Program Files (x86)\JDownloader\JDownloaderPortable.exe
O4 - Global Startup: C:\Users\matylde\Desktop\My DSC.lnk . (...) -- C:\Program Files (x86)\JL2005D\go_twain.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Téléscol, service en ligne vie scolaire.url . (...) -- C:\Users\matylde\Desktop\Téléscol, service en ligne vie scolaire.url
O4 - Global Startup: C:\Users\matylde\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Zone Telechargement - Telechargement Gratuit RapidShare .url . (.Microsoft Corporation.) -- C:\Users\matylde\Desktop\Zone Telechargement - Telechargement Gratuit RapidShare .url
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk . (.AppWork GmbH.) -- C:\Program Files (x86)\JDownloader\JDownloaderPortable.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk . (.Apple Computer, Inc..) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Screen Recording Suite.lnk . (.Apowersoft.) -- C:\Program Files (x86)\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (...) -- C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe (.not file.)
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Télécharger avec NetTransport - (.not file.) - C:\Program Files (x86)\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - (.not file.) - C:\Users\matylde\AppData\Local\Temp\cce4395.html
O8 - Extra context menu item: E&xport to Microsoft Excel - (.not file.) - C:\Program Files (x86)\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - (.not file.) - C:\Program Files (x86)\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: traduire la page - (.not file.) - C:\Users\matylde\AppData\Local\Temp\cce4383.html
O8 - Extra context menu item: traduire le texte sélectionné - (.not file.) - C:\Users\matylde\AppData\Local\Temp\cce4394.html
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[MD5.13001914838576400EB9AFDE95AE71CE] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.00000000000000000000000000000000] [APT] [RealCreateProcessScheduledTask1471136S-1-5-21-3680165825-1942666620-3672123450-1000] (...) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RegistryBooster] (...) -- C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{014364A3-C6F7-430C-9D6B-107C965E89C2}] (...) -- D:\Sims2DoubleDeluxe_uninst.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{22E6AB11-E9FC-4703-BB2E-B03D3AB31032}] (...) -- D:\CK_Installer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{2350A5E7-2A1F-401D-B7CA-5CED16E370B6}] (...) -- C:\Users\matylde\Desktop\AutoRun\eauninstall.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{2671E03E-BF2D-4034-87AF-9D52A6722F58}] (...) -- D:\Support\The Sims 2 Bon Voyage_code.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{5D6D7958-EBC9-48C5-9328-5A0243C9E506}] (...) -- D:\CK_Installer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{627C9919-1858-4318-9557-096B509FB8EC}] (...) -- D:\eauninstall.exe (.not file.)
[MD5.62DA2C201BC09A55C97C46F0AD73C28A] [APT] [{6CD0894A-E621-4C37-81B7-960136B20C60}] (...) -- C:\Program Files (x86)\eMachines GameZone\Amazonia\Uninstall.exe
[MD5.00000000000000000000000000000000] [APT] [{766A842B-D898-4798-A437-BD774D183E3C}] (...) -- D:\Sims2EP6_Uninst.exe (.not file.)
[MD5.FC67DCFDAD59B533C955E249F79C32F4] [APT] [SwitchReminder] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Switch\Switch.exe
[MD5.FC67DCFDAD59B533C955E249F79C32F4] [APT] [SwitchSevenDays] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Switch\Switch.exe
~ Scan Scheduled Task in 00mn 04s
---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/12/2009 - 23:17:35 - [118,664] ----D C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
O43 - CFD: 13/04/2012 - 09:30:10 - [670,263] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/05/2012 - 18:14:15 - [72,881] ----D C:\Program Files (x86)\Apowersoft
O43 - CFD: 12/02/2010 - 11:52:25 - [34,513] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 09/08/2012 - 00:31:16 - [9,289] ----D C:\Program Files (x86)\Auslogics
O43 - CFD: 17/04/2011 - 10:42:57 - [102,461] ----D C:\Program Files (x86)\Barbie(TM)
O43 - CFD: 08/08/2012 - 22:28:23 - [1,179] ----D C:\Program Files (x86)\Boxore
O43 - CFD: 23/06/2012 - 08:45:59 - [441,866] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 08/04/2012 - 13:05:18 - [0] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 29/09/2009 - 07:17:38 - [37,129] ----D C:\Program Files (x86)\eMachines
O43 - CFD: 23/06/2012 - 08:42:41 - [596,389] ----D C:\Program Files (x86)\eMachines GameZone
O43 - CFD: 24/12/2009 - 23:18:29 - [12,703] ----D C:\Program Files (x86)\epson
O43 - CFD: 24/12/2009 - 23:20:10 - [114,298] ----D C:\Program Files (x86)\Epson Software
O43 - CFD: 22/01/2012 - 20:25:19 - [23,592] ----D C:\Program Files (x86)\Google
O43 - CFD: 23/06/2012 - 06:48:44 - [39,618] ----D C:\Program Files (x86)\iLivid
O43 - CFD: 03/08/2012 - 16:54:37 - [37,583] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/08/2012 - 19:32:16 - [6,001] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/05/2012 - 16:58:00 - [92,461] ----D C:\Program Files (x86)\Java
O43 - CFD: 08/08/2012 - 23:57:51 - [59,841] ----D C:\Program Files (x86)\JDownloader
O43 - CFD: 25/12/2010 - 12:00:31 - [2,680] ----D C:\Program Files (x86)\JL2005D
O43 - CFD: 25/12/2010 - 18:33:46 - [0] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 30/07/2012 - 08:12:57 - [19,806] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 23/06/2012 - 08:46:01 - [336,111] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25/08/2009 - 21:40:02 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 12/05/2012 - 12:50:25 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 29/09/2009 - 07:11:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 29/09/2009 - 07:15:41 - [0,627] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 23/06/2012 - 08:46:01 - [137,975] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 23/06/2012 - 08:46:03 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 03/08/2012 - 16:54:38 - [490,569] ----D C:\Program Files (x86)\Mindscape
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/12/2009 - 12:08:31 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 15/08/2012 - 20:42:08 - [2,969] ----D C:\Program Files (x86)\NCH Software
O43 - CFD: 25/08/2009 - 21:47:20 - [364,582] ----D C:\Program Files (x86)\Nero
O43 - CFD: 23/06/2012 - 10:08:04 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 31/05/2012 - 16:59:06 - [14,481] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 08/11/2011 - 20:38:56 - [102,660] ----D C:\Program Files (x86)\Orange
O43 - CFD: 17/12/2011 - 21:35:19 - [0] ----D C:\Program Files (x86)\PlayerPlus
O43 - CFD: 20/08/2012 - 21:57:35 - [3,364] ----D C:\Program Files (x86)\Project64 1.6
O43 - CFD: 17/04/2011 - 10:47:19 - [2,259] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 25/08/2009 - 21:21:26 - [3,202] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [36,809] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/08/2012 - 22:27:12 - [2,993] ----D C:\Program Files (x86)\Software
O43 - CFD: 18/04/2012 - 18:53:28 - [8,457] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 25/08/2009 - 21:54:11 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 25/08/2009 - 21:21:38 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 17/06/2012 - 21:26:09 - [0] ----D C:\Program Files (x86)\Uniblue
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/08/2012 - 10:34:10 - [92,145] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/09/2009 - 03:48:35 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 21/08/2011 - 20:02:23 - [13,638] ----D C:\Program Files (x86)\Windows iLivid Toolbar
O43 - CFD: 30/07/2012 - 08:18:28 - [144,300] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 16/12/2010 - 16:19:24 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 16/10/2010 - 09:47:16 - [4,896] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 04/09/2009 - 03:48:35 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 04/09/2009 - 03:48:35 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 17/08/2012 - 14:05:55 - [3,898] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 08/08/2012 - 23:01:13 - [0,756] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 21/08/2012 - 16:01:28 - [12,790] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 13/04/2012 - 09:30:42 - [14,895] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 25/08/2009 - 21:50:50 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 12/02/2010 - 11:52:14 - [6,547] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 31/05/2012 - 16:59:30 - [0,003] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 17/04/2011 - 10:42:56 - [1,018] ----D C:\Program Files (x86)\Common Files\Knowledge Adventure
O43 - CFD: 30/07/2012 - 08:14:22 - [215,825] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 25/08/2009 - 21:48:43 - [115,717] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 25/08/2009 - 21:28:00 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 12/02/2010 - 11:56:02 - [1,480] ----D C:\Program Files (x86)\Common Files\snpstd
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/04/2011 - 10:47:22 - [0] ----D C:\Program Files (x86)\Common Files\SWF Studio
O43 - CFD: 01/01/2010 - 12:48:01 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 11/07/2012 - 14:12:56 - [16,375] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 29/09/2009 - 07:09:09 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 13/04/2012 - 09:30:10 - [24,991] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 06/06/2010 - 10:17:54 - [0,971] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 20/08/2012 - 21:46:37 - [2,346] ----D C:\ProgramData\AVAST Software
O43 - CFD: 06/06/2010 - 10:08:15 - [0,047] ----D C:\ProgramData\AWEM
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 25/12/2009 - 12:30:17 - [0,000] ----D C:\ProgramData\EA Logs
O43 - CFD: 08/04/2012 - 13:05:18 - [0] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 25/08/2009 - 21:43:36 - [4,016] ----D C:\ProgramData\eMachines
O43 - CFD: 24/12/2009 - 23:13:56 - [8,668] ----D C:\ProgramData\EPSON
O43 - CFD: 13/11/2010 - 19:52:29 - [0,001] ----D C:\ProgramData\FarmFrenzy2
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 04/03/2011 - 20:14:09 - [0,000] ----D C:\ProgramData\Friends Games
O43 - CFD: 25/08/2009 - 21:44:41 - [0,514] ----D C:\ProgramData\Google
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 30/07/2012 - 08:15:08 - [33,890] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/07/2012 - 14:12:57 - [0,116] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 15/08/2012 - 20:42:16 - [0] ----D C:\ProgramData\NCH Software
O43 - CFD: 25/08/2009 - 21:46:33 - [10,851] ----D C:\ProgramData\Nero
O43 - CFD: 01/01/2010 - 12:48:12 - [0,014] ----D C:\ProgramData\Norton
O43 - CFD: 25/08/2009 - 21:51:15 - [6,640] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 23/06/2012 - 08:55:03 - [0] ----D C:\ProgramData\NVIDIA
O43 - CFD: 24/12/2009 - 22:12:09 - [0,000] ----D C:\ProgramData\OEM
O43 - CFD: 12/06/2012 - 16:44:39 - [12,276] ----D C:\ProgramData\Orange
O43 - CFD: 15/01/2010 - 21:55:58 - [0,002] ----D C:\ProgramData\Partner
O43 - CFD: 21/11/2010 - 18:51:17 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 17/04/2011 - 10:46:27 - [0,009] ----D C:\ProgramData\QuickTime
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 25/12/2010 - 18:21:40 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 18/04/2012 - 18:53:21 - [0,769] ----D C:\ProgramData\SweetIM
O43 - CFD: 25/12/2009 - 11:31:07 - [0,002] ----D C:\ProgramData\Symantec
O43 - CFD: 08/08/2012 - 23:01:12 - [1,767] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 08/05/2011 - 19:30:37 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 24/12/2009 - 23:20:43 - [0,003] ----D C:\ProgramData\UDL
O43 - CFD: 02/06/2012 - 07:28:43 - [3,146] --H-D C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
O43 - CFD: 23/06/2012 - 06:48:45 - [3,125] ----D C:\ProgramData\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
O43 - CFD: 23/06/2012 - 08:41:07 - [0,008] -SH-D C:\Users\matylde\AppData\Roaming\.#
O43 - CFD: 23/06/2012 - 14:29:26 - [5,870] ----D C:\Users\matylde\AppData\Roaming\.minecraft
O43 - CFD: 13/04/2012 - 09:33:02 - [3,303] ----D C:\Users\matylde\AppData\Roaming\Adobe
O43 - CFD: 13/04/2012 - 09:33:02 - [0] ----D C:\Users\matylde\AppData\Roaming\AdobeUM
O43 - CFD: 25/05/2012 - 18:14:22 - [0,086] ----D C:\Users\matylde\AppData\Roaming\Apowersoft
O43 - CFD: 09/08/2012 - 00:31:20 - [0,007] ----D C:\Users\matylde\AppData\Roaming\Auslogics
O43 - CFD: 02/01/2012 - 18:30:52 - [0,003] ----D C:\Users\matylde\AppData\Roaming\Epson
O43 - CFD: 25/12/2009 - 00:27:36 - [0,017] ----D C:\Users\matylde\AppData\Roaming\GameConsole
O43 - CFD: 24/12/2009 - 23:04:18 - [0] ----D C:\Users\matylde\AppData\Roaming\Google
O43 - CFD: 24/12/2009 - 22:12:12 - [0] ----D C:\Users\matylde\AppData\Roaming\Identities
O43 - CFD: 24/12/2009 - 23:14:48 - [0] ----D C:\Users\matylde\AppData\Roaming\InstallShield
O43 - CFD: 17/05/2012 - 18:13:47 - [0] ----D C:\Users\matylde\AppData\Roaming\Leadertech
O43 - CFD: 24/12/2009 - 22:13:09 - [0,006] ----D C:\Users\matylde\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\matylde\AppData\Roaming\Media Center Programs
O43 - CFD: 20/08/2012 - 21:57:37 - [9,841] -S--D C:\Users\matylde\AppData\Roaming\Microsoft
O43 - CFD: 25/12/2010 - 18:23:30 - [0] ----D C:\Users\matylde\AppData\Roaming\Mozilla
O43 - CFD: 15/08/2012 - 20:43:07 - [0,105] ----D C:\Users\matylde\AppData\Roaming\NCH Software
O43 - CFD: 16/04/2011 - 17:46:10 - [0,183] ----D C:\Users\matylde\AppData\Roaming\Nero
O43 - CFD: 23/06/2012 - 10:23:57 - [21,362] ----D C:\Users\matylde\AppData\Roaming\OpenOffice.org
O43 - CFD: 08/11/2011 - 20:39:03 - [2,209] ----D C:\Users\matylde\AppData\Roaming\Orange
O43 - CFD: 21/11/2010 - 18:51:17 - [0,001] ----D C:\Users\matylde\AppData\Roaming\PlayFirst
O43 - CFD: 24/06/2010 - 21:30:09 - [0] ----D C:\Users\matylde\AppData\Roaming\Real
O43 - CFD: 25/12/2009 - 12:25:08 - [0,016] R-H-D C:\Users\matylde\AppData\Roaming\SecuROM
O43 - CFD: 24/05/2011 - 12:27:22 - [0,013] ----D C:\Users\matylde\AppData\Roaming\Template
O43 - CFD: 18/08/2012 - 14:36:24 - [0,077] ----D C:\Users\matylde\AppData\Roaming\vlc
O43 - CFD: 15/08/2012 - 09:57:22 - [0] ----D C:\Users\matylde\AppData\Roaming\Windows Live Writer
O43 - CFD: 17/08/2012 - 14:06:06 - [0,000] ----D C:\Users\matylde\AppData\Roaming\WinRAR
O43 - CFD: 02/01/2012 - 18:27:51 - [0,008] ----D C:\Users\matylde\AppData\Local\ABBYY
O43 - CFD: 25/12/2009 - 12:23:14 - [22,471] ----D C:\Users\matylde\AppData\Local\Adobe
O43 - CFD: 24/12/2009 - 22:11:19 - [0] ----D C:\Users\matylde\AppData\Local\Application Data
O43 - CFD: 31/01/2012 - 19:59:03 - [0,528] ----D C:\Users\matylde\AppData\Local\Diagnostics
O43 - CFD: 02/01/2012 - 19:40:31 - [0] ----D C:\Users\matylde\AppData\Local\ElevatedDiagnostics
O43 - CFD: 25/03/2012 - 11:52:44 - [0,760] ----D C:\Users\matylde\AppData\Local\Google
O43 - CFD: 24/12/2009 - 22:11:19 - [0] ----D C:\Users\matylde\AppData\Local\Historique
O43 - CFD: 09/08/2012 - 22:31:08 - [1519,477] ----D C:\Users\matylde\AppData\Local\Microsoft
O43 - CFD: 15/06/2010 - 21:12:37 - [1,342] ----D C:\Users\matylde\AppData\Local\Microsoft Games
O43 - CFD: 28/11/2010 - 13:02:02 - [0,296] ----D C:\Users\matylde\AppData\Local\Microsoft Help
O43 - CFD: 13/11/2010 - 21:29:42 - [94,250] ----D C:\Users\matylde\AppData\Local\Oberon Games
O43 - CFD: 23/10/2010 - 18:50:00 - [0,000] ----D C:\Users\matylde\AppData\Local\Orange
O43 - CFD: 21/08/2011 - 19:59:49 - [0] ----D C:\Users\matylde\AppData\Local\PackageAware
O43 - CFD: 08/08/2012 - 22:27:12 - [0] ----D C:\Users\matylde\AppData\Local\Software
O43 - CFD: 21/08/2012 - 16:00:47 - [104,008] ----D C:\Users\matylde\AppData\Local\Temp
O43 - CFD: 24/12/2009 - 22:11:19 - [0] ----D C:\Users\matylde\AppData\Local\Temporary Internet Files
O43 - CFD: 05/07/2012 - 19:08:36 - [77,730] ----D C:\Users\matylde\AppData\Local\VirtualStore
O43 - CFD: 18/08/2012 - 10:40:44 - [0,082] ----D C:\Users\matylde\AppData\Local\Windows Live
O43 - CFD: 15/08/2012 - 09:57:30 - [0,618] ----D C:\Users\matylde\AppData\Local\Windows Live Writer
O43 - CFD: 20/08/2012 - 20:22:27 - [0] ----D C:\Users\matylde\AppData\Local\{001C7784-A3AB-45DC-B5D5-2376DF57364C}
O43 - CFD: 31/07/2012 - 12:02:56 - [0] ----D C:\Users\matylde\AppData\Local\{008AC2AB-901F-47A9-A8C5-40EA12BC5237}
O43 - CFD: 14/08/2012 - 16:55:42 - [0] ----D C:\Users\matylde\AppData\Local\{060538CE-EEDA-4716-8109-A2139EFB2DAB}
O43 - CFD: 03/08/2012 - 09:03:46 - [0] ----D C:\Users\matylde\AppData\Local\{0BCBF609-38D8-4138-9715-0CEF30478550}
O43 - CFD: 16/08/2012 - 19:40:24 - [0] ----D C:\Users\matylde\AppData\Local\{0C48CA88-CB02-4DDF-9DD7-106592D5128A}
O43 - CFD: 09/08/2012 - 21:42:16 - [0] ----D C:\Users\matylde\AppData\Local\{103A8B34-EA4B-4679-B1DB-911DE83B38DF}
O43 - CFD: 17/08/2012 - 22:10:48 - [0] ----D C:\Users\matylde\AppData\Local\{1903DA42-005C-4E11-B535-5134E70CF738}
O43 - CFD: 10/08/2012 - 21:43:55 - [0] ----D C:\Users\matylde\AppData\Local\{1BD69645-F5A8-44F5-862F-F86570A1BFCF}
O43 - CFD: 14/08/2012 - 16:55:31 - [0] ----D C:\Users\matylde\AppData\Local\{1D4A2537-51AB-47AD-B1C1-54ADEABC6578}
O43 - CFD: 13/08/2012 - 12:55:44 - [0] ----D C:\Users\matylde\AppData\Local\{1D51F31B-6589-45B3-A6E6-B91B0AEC11DD}
O43 - CFD: 30/07/2012 - 08:25:44 - [0] ----D C:\Users\matylde\AppData\Local\{24993189-B417-4A23-AE10-A479E47DE146}
O43 - CFD: 21/08/2012 - 09:00:56 - [0] ----D C:\Users\matylde\AppData\Local\{29EA8975-FB21-43DF-937F-3E650C038AA1}
O43 - CFD: 01/08/2012 - 12:35:27 - [0] ----D C:\Users\matylde\AppData\Local\{2B120903-A553-4BB5-A21E-E62D386F9954}
O43 - CFD: 08/08/2012 - 20:20:35 - [0] ----D C:\Users\matylde\AppData\Local\{31595E99-227A-41EB-8709-CD9CA7A9ECDC}
O43 - CFD: 17/08/2012 - 08:31:58 - [0] ----D C:\Users\matylde\AppData\Local\{31E52F9C-5111-4478-AC59-C93183BB8781}
O43 - CFD: 31/07/2012 - 12:03:08 - [0] ----D C:\Users\matylde\AppData\Local\{332E47F5-8523-44BE-A868-1213F863D331}
O43 - CFD: 05/08/2012 - 15:30:14 - [0] ----D C:\Users\matylde\AppData\Local\{39F37FAB-C660-4007-A5F5-AE1FD2D46ED5}
O43 - CFD: 07/08/2012 - 19:12:59 - [0] ----D C:\Users\matylde\AppData\Local\{3B38DADD-DC1D-4359-8590-3A75C0EAF2E5}
O43 - CFD: 08/08/2012 - 20:20:24 - [0] ----D C:\Users\matylde\AppData\Local\{45D4838A-BF61-4C0F-B2EE-A30B1891DA86}
O43 - CFD: 14/08/2012 - 01:36:18 - [0] ----D C:\Users\matylde\AppData\Local\{4EED06E4-5840-43F7-8B79-9035B0D519BA}
O43 - CFD: 30/07/2012 - 08:25:14 - [0] ----D C:\Users\matylde\AppData\Local\{4F6EB414-8AFE-4EBA-BF7C-BE36BFBFFCEE}
O43 - CFD: 04/08/2012 - 11:20:52 - [0] ----D C:\Users\matylde\AppData\Local\{53A0A377-823C-47AF-A144-ABCBA786D232}
O43 - CFD: 13/08/2012 - 12:55:34 - [0] ----D C:\Users\matylde\AppData\Local\{5B4632BD-00B7-402F-A3BE-95FF86720601}
O43 - CFD: 09/08/2012 - 09:41:23 - [0] ----D C:\Users\matylde\AppData\Local\{5E8AF5F0-8ED2-4FBD-BE93-A6B1F1D26C21}
O43 - CFD: 20/08/2012 - 08:16:16 - [0] ----D C:\Users\matylde\AppData\Local\{61E0D5BA-1A5D-4300-A91B-1513AA0E6320}
O43 - CFD: 16/08/2012 - 19:40:13 - [0] ----D C:\Users\matylde\AppData\Local\{6362A825-A1F3-4B76-8BB6-40D43104286C}
O43 - CFD: 05/08/2012 - 02:10:06 - [0] ----D C:\Users\matylde\AppData\Local\{681B139F-F84B-485E-A365-DB639212BE91}
O43 - CFD: 04/08/2012 - 11:21:03 - [0] ----D C:\Users\matylde\AppData\Local\{68501134-8F37-4E9A-AA8F-AA0F44E55CDA}
O43 - CFD: 02/08/2012 - 09:09:14 - [0] ----D C:\Users\matylde\AppData\Local\{69B2E159-1EF1-4C49-9CF4-9C2C1BD134E1}
O43 - CFD: 04/08/2012 - 09:28:18 - [0] ----D C:\Users\matylde\AppData\Local\{6F183D0E-DE1E-4F2F-A82C-528711E023E0}
O43 - CFD: 15/08/2012 - 09:44:19 - [0] ----D C:\Users\matylde\AppData\Local\{7B0FE497-9336-4165-9BAF-2F8E8ADFE8D7}
O43 - CFD: 09/08/2012 - 09:41:37 - [0] ----D C:\Users\matylde\AppData\Local\{7B6CF584-84C0-4ED8-BCE5-78D95684278F}
O43 - CFD: 06/08/2012 - 22:36:28 - [0] ----D C:\Users\matylde\AppData\Local\{7C2C2998-2B2E-4E28-B198-04A2B93DA926}
O43 - CFD: 08/08/2012 - 17:08:01 - [0] ----D C:\Users\matylde\AppData\Local\{82400241-F606-423B-B348-9475D9663799}
O43 - CFD: 09/08/2012 - 21:42:26 - [0] ----D C:\Users\matylde\AppData\Local\{87989544-E2F8-4263-9104-82FE310D5B7C}
O43 - CFD: 05/08/2012 - 15:30:24 - [0] ----D C:\Users\matylde\AppData\Local\{8C6DF378-C122-47DD-A59A-F256AD0E16A1}
O43 - CFD: 10/08/2012 - 09:43:16 - [0] ----D C:\Users\matylde\AppData\Local\{949B70A5-8EE8-434A-AACC-1BBBD47A7A8A}
O43 - CFD: 04/08/2012 - 09:28:16 - [0] ----D C:\Users\matylde\AppData\Local\{9698FC0B-BF38-4B20-95C6-7556EC593B63}
O43 - CFD: 11/08/2012 - 12:13:47 - [0] ----D C:\Users\matylde\AppData\Local\{9AE96E27-3B2B-4A06-AFEC-54CD55489918}
O43 - CFD: 17/08/2012 - 22:10:58 - [0] ----D C:\Users\matylde\AppData\Local\{9E81A088-BE9B-4E64-8F0E-0B9C2721A3D6}
O43 - CFD: 17/08/2012 - 08:31:47 - [0] ----D C:\Users\matylde\AppData\Local\{A00B782D-981C-422A-BC30-AAA4C4AB5993}
O43 - CFD: 05/08/2012 - 02:10:17 - [0] ----D C:\Users\matylde\AppData\Local\{A86BFCF6-57E4-4D9E-8AEF-26C8F295EAB8}
O43 - CFD: 30/07/2012 - 21:11:13 - [0] ----D C:\Users\matylde\AppData\Local\{A98E55DE-3B84-4A48-BF4D-014CF9375127}
O43 - CFD: 08/08/2012 - 17:08:03 - [0] ----D C:\Users\matylde\AppData\Local\{A9A3B77D-9ED7-4427-A8FB-F29E16A45AA4}
O43 - CFD: 19/08/2012 - 20:15:42 - [0] ----D C:\Users\matylde\AppData\Local\{AC2D96CB-5811-4CC3-8B08-30C7306C6A71}
O43 - CFD: 01/08/2012 - 12:35:16 - [0] ----D C:\Users\matylde\AppData\Local\{ACFB4369-93F0-4563-8239-493DE963BC77}
O43 - CFD: 30/07/2012 - 21:11:23 - [0] ----D C:\Users\matylde\AppData\Local\{B0122E64-C7FA-45FF-A18C-5D8282553EF0}
O43 - CFD: 07/08/2012 - 19:12:47 - [0] ----D C:\Users\matylde\AppData\Local\{B07B06C6-6578-49E0-94EE-92219657F794}
O43 - CFD: 06/08/2012 - 08:31:00 - [0] ----D C:\Users\matylde\AppData\Local\{B1E6B308-D974-4E37-A41B-549FAAE5132B}
O43 - CFD: 02/08/2012 - 09:09:01 - [0] ----D C:\Users\matylde\AppData\Local\{BC712455-8D8F-4E24-99FF-0D2DF4096A31}
O43 - CFD: 18/08/2012 - 10:11:49 - [0] ----D C:\Users\matylde\AppData\Local\{BECCA9CE-EAE2-4A59-99A3-E6A2BF4CBF6E}
O43 - CFD: 03/08/2012 - 09:03:35 - [0] ----D C:\Users\matylde\AppData\Local\{C163D71C-6F33-4EEC-B81C-E29A44E0D192}
O43 - CFD: 10/08/2012 - 21:44:06 - [0] ----D C:\Users\matylde\AppData\Local\{C85855A6-C514-4063-BBF1-10D133AE750E}
O43 - CFD: 14/08/2012 - 01:36:08 - [0] ----D C:\Users\matylde\AppData\Local\{CC7F83FD-BC7E-46F4-8353-F36B3B9DDE82}
O43 - CFD: 15/08/2012 - 09:44:09 - [0] ----D C:\Users\matylde\AppData\Local\{D4508897-FC1B-4028-A75D-40E05DD1C9B8}
O43 - CFD: 12/08/2012 - 10:11:59 - [0] ----D C:\Users\matylde\AppData\Local\{D59A095B-0CE5-441B-93DD-FC201DE4454D}
O43 - CFD: 10/08/2012 - 09:43:06 - [0] ----D C:\Users\matylde\AppData\Local\{D7370048-B75E-4C0C-A38F-8B3C127D9947}
O43 - CFD: 06/08/2012 - 08:31:11 - [0] ----D C:\Users\matylde\AppData\Local\{E69B283A-4DBD-4F5D-B991-322DC0A6B8DE}
O43 - CFD: 19/08/2012 - 08:15:07 - [0] ----D C:\Users\matylde\AppData\Local\{E7CF023D-F9A8-4A21-B7FF-9580FADAC1A1}
O43 - CFD: 11/08/2012 - 12:14:02 - [0] ----D C:\Users\matylde\AppData\Local\{EA2B9E60-7A1D-492A-8E68-5AFE11501A41}
O43 - CFD: 23/06/2012 - 21:41:31 - [0] ----D C:\Users\matylde\AppData\Local\{F08A648A-03FC-49A2-8759-AA4029324AA1}
O43 - CFD: 12/08/2012 - 10:11:47 - [0] ----D C:\Users\matylde\AppData\Local\{F0DFC6AA-520C-40BB-91C9-FC66CF832738}
O43 - CFD: 18/08/2012 - 10:11:39 - [0] ----D C:\Users\matylde\AppData\Local\{FBCA1E88-E524-487D-A335-7CBC69A0DBCE}
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/07/2012 - 16:21:49 - [0,000] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/08/2012 - 13:39:53 - [0,001] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/11/2011 - 20:38:56 - [0] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Application
O43 - CFD: 07/12/2011 - 17:24:56 - [0] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NATHAN Vacances CE1
O43 - CFD: 11/07/2012 - 16:21:49 - [0,000] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 17/08/2012 - 14:05:55 - [0,003] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 24/12/2009 - 23:17:35 - [118,664] ----D C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
O43 - CFD: 13/04/2012 - 09:30:10 - [670,263] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/05/2012 - 18:14:15 - [72,881] ----D C:\Program Files (x86)\Apowersoft
O43 - CFD: 12/02/2010 - 11:52:25 - [34,513] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 09/08/2012 - 00:31:16 - [9,289] ----D C:\Program Files (x86)\Auslogics
O43 - CFD: 17/04/2011 - 10:42:57 - [102,461] ----D C:\Program Files (x86)\Barbie(TM)
O43 - CFD: 08/08/2012 - 22:28:23 - [1,179] ----D C:\Program Files (x86)\Boxore
O43 - CFD: 23/06/2012 - 08:45:59 - [441,866] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 08/04/2012 - 13:05:18 - [0] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 29/09/2009 - 07:17:38 - [37,129] ----D C:\Program Files (x86)\eMachines
O43 - CFD: 23/06/2012 - 08:42:41 - [596,389] ----D C:\Program Files (x86)\eMachines GameZone
O43 - CFD: 24/12/2009 - 23:18:29 - [12,703] ----D C:\Program Files (x86)\epson
O43 - CFD: 24/12/2009 - 23:20:10 - [114,298] ----D C:\Program Files (x86)\Epson Software
O43 - CFD: 22/01/2012 - 20:25:19 - [23,592] ----D C:\Program Files (x86)\Google
O43 - CFD: 23/06/2012 - 06:48:44 - [39,618] ----D C:\Program Files (x86)\iLivid
O43 - CFD: 03/08/2012 - 16:54:37 - [37,583] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/08/2012 - 19:32:16 - [6,001] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/05/2012 - 16:58:00 - [92,461] ----D C:\Program Files (x86)\Java
O43 - CFD: 08/08/2012 - 23:57:51 - [59,841] ----D C:\Program Files (x86)\JDownloader
O43 - CFD: 25/12/2010 - 12:00:31 - [2,680] ----D C:\Program Files (x86)\JL2005D
O43 - CFD: 25/12/2010 - 18:33:46 - [0] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 30/07/2012 - 08:12:57 - [19,806] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 23/06/2012 - 08:46:01 - [336,111] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25/08/2009 - 21:40:02 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 12/05/2012 - 12:50:25 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 29/09/2009 - 07:11:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 29/09/2009 - 07:15:41 - [0,627] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 23/06/2012 - 08:46:01 - [137,975] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 23/06/2012 - 08:46:03 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 03/08/2012 - 16:54:38 - [490,569] ----D C:\Program Files (x86)\Mindscape
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/12/2009 - 12:08:31 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 15/08/2012 - 20:42:08 - [2,969] ----D C:\Program Files (x86)\NCH Software
O43 - CFD: 25/08/2009 - 21:47:20 - [364,582] ----D C:\Program Files (x86)\Nero
O43 - CFD: 23/06/2012 - 10:08:04 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 31/05/2012 - 16:59:06 - [14,481] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 08/11/2011 - 20:38:56 - [102,660] ----D C:\Program Files (x86)\Orange
O43 - CFD: 17/12/2011 - 21:35:19 - [0] ----D C:\Program Files (x86)\PlayerPlus
O43 - CFD: 20/08/2012 - 21:57:35 - [3,364] ----D C:\Program Files (x86)\Project64 1.6
O43 - CFD: 17/04/2011 - 10:47:19 - [2,259] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 25/08/2009 - 21:21:26 - [3,202] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [36,809] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/08/2012 - 22:27:12 - [2,993] ----D C:\Program Files (x86)\Software
O43 - CFD: 18/04/2012 - 18:53:28 - [8,457] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 25/08/2009 - 21:54:11 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 25/08/2009 - 21:21:38 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 17/06/2012 - 21:26:09 - [0] ----D C:\Program Files (x86)\Uniblue
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/08/2012 - 10:34:10 - [92,145] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/09/2009 - 03:48:35 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 21/08/2011 - 20:02:23 - [13,638] ----D C:\Program Files (x86)\Windows iLivid Toolbar
O43 - CFD: 30/07/2012 - 08:18:28 - [144,300] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 16/12/2010 - 16:19:24 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 16/10/2010 - 09:47:16 - [4,896] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 04/09/2009 - 03:48:35 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 04/09/2009 - 03:48:35 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 17/08/2012 - 14:05:55 - [3,898] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 08/08/2012 - 23:01:13 - [0,756] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 21/08/2012 - 16:01:28 - [12,790] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 13/04/2012 - 09:30:42 - [14,895] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 25/08/2009 - 21:50:50 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 12/02/2010 - 11:52:14 - [6,547] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 31/05/2012 - 16:59:30 - [0,003] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 17/04/2011 - 10:42:56 - [1,018] ----D C:\Program Files (x86)\Common Files\Knowledge Adventure
O43 - CFD: 30/07/2012 - 08:14:22 - [215,825] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 25/08/2009 - 21:48:43 - [115,717] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 25/08/2009 - 21:28:00 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 12/02/2010 - 11:56:02 - [1,480] ----D C:\Program Files (x86)\Common Files\snpstd
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/04/2011 - 10:47:22 - [0] ----D C:\Program Files (x86)\Common Files\SWF Studio
O43 - CFD: 01/01/2010 - 12:48:01 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 11/07/2012 - 14:12:56 - [16,375] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 29/09/2009 - 07:09:09 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 20s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.83D9829174AF59C2B1A043408A2ADFF9] - 21/08/2012 - 14:27:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1462500]
O44 - LFC:[MD5.E5B037B9572C17CB8E9D7D1486216DD9] - 21/08/2012 - 14:24:12 ---A- . (...) -- C:\Windows\setupact.log [3684]
O44 - LFC:[MD5.242B8DCFC47622844FEEAADF51EE6151] - 21/08/2012 - 14:24:11 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.0B75171CC085E0982A712DDDF93ECBBE] - 20/08/2012 - 20:48:14 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [285328]
O44 - LFC:[MD5.0B75171CC085E0982A712DDDF93ECBBE] - 20/08/2012 - 20:48:14 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [285328]
O44 - LFC:[MD5.7946D9F881715414B9F5D80D16752664] - 20/08/2012 - 20:46:52 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41224]
O44 - LFC:[MD5.546531498A6D846EFF970B2A39B31D8A] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549936]
O44 - LFC:[MD5.2DE02BEFC031B3C8D929B48F1297F9EC] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106412]
O44 - LFC:[MD5.1DB337E1485F94F67E4C25A7FD8EB900] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130770]
O44 - LFC:[MD5.7F491153E803C2B520A8E683643DFB65] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616032]
O44 - LFC:[MD5.E96349CDACF2F81AA0BB3A2F3F512AEC] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704464]
O44 - LFC:[MD5.B2E077C595A6A1710E54A874873BAC60] - 16/08/2012 - 18:34:05 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [371448]
O44 - LFC:[MD5.956E93EF3A86FA6FCD5849A8385F607F] - 14/08/2012 - 15:54:31 ---A- . (...) -- C:\Windows\PFRO.log [1216]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/08/2012 - 12:39:02 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.F80B2B68002ADB19673B086DA1EEDD4F] - 14/08/2012 - 12:36:03 ---A- . (...) -- C:\Windows\QTFont.for [1409]
O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 14/08/2012 - 12:36:03 --HA- . (...) -- C:\Windows\QTFont.qfn [54156]
O44 - LFC:[MD5.485503D90AB2591581D00458643B9956] - 08/08/2012 - 21:31:38 ---A- . (...) -- C:\ChromeHPLog.txt [198]
~ Scan Files in 00mn 28s
---\\ Contrôle du Safe Boot (CSB) (O49) (None)
---\\ MountPoints2 Shell Key (O51) (None)
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.5C10259426A1036338628EBED973C382] - 20/02/2004 - 17:40:56 ---A- . (.Pas de propriétaire - PC Camera driver.) -- C:\Windows\SysWOW64\drivers\snpstd.sys [301184]
~ Scan Drivers in 00mn 00s
---\\ Start Menu Internet (O68) (None)
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Web Search) - http://www.searchnu.com/
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - https://search.sweetim.com/
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83) (None)
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe [36136]
[MD5.ACDBC77DB21D76576C44AA133C0227AA] [SPRF][15/08/2012] (...) -- C:\Users\matylde\AppData\Local\Temp\aacenc.exe [122880]
[MD5.8108782EBC0385F3E1482B65AAB8FAD4] [SPRF][20/08/2012] (.ALWIL Software - avast! v5 upgrade support library.) -- C:\Users\matylde\AppData\Local\Temp\aswV5Hlp.dll [5120]
[MD5.8F3451D0C2A54314500F10394BECE6E6] [SPRF][26/06/2012] (...) -- C:\Users\matylde\AppData\Roaming\wklnhst.dat [354]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
~ Scan Files in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : 9183 - (31/07/2012)
Clés trouvées (Keys found) : 17
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 10
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847}] =>Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}] =>Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>Adware.BHO
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}] =>Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Agent
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\SweetIM] =>Toolbar.SweetIM
C:\Program Files (x86)\SweetIM =>Toolbar.SweetIM
C:\Program Files (x86)\Windows iLivid Toolbar =>Adware.Bandoo
C:\Program Files (x86)\yontoo =>Adware.OpenCandy
C:\ProgramData\SweetIM =>Toolbar.SweetIM
C:\Users\matylde\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\matylde\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Users\matylde\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\Users\matylde\AppData\Local\Temp\Iminent =>Adware.IMBooster
~ Scan Additionnel in 00mn 08s
End of the scan (637 lines in 01mn 28s)(0)
Run by matylde at 21/08/2012 16:01:05
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2815 MB (43% free)
System Restore: Inconnu (Unknown)
System drive C: has 242 GB (85%) free of 283 GB
---\\ Logged in mode
~ Computer Name: MATYLDE-PC
~ User Name: matylde
~ All Users Names: matylde, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\matylde\AppData\Roaming\
~ %Desktop% : C:\Users\matylde\Desktop\
~ %Favorites% : C:\Users\matylde\Favorites\
~ %LocalAppData% : C:\Users\matylde\AppData\Local\
~ %StartMenu% : C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 242 Go of 283 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.8EA68FD3780DDDD5072F8CB830B3CB3D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.29/06/2012 - 04:49:11.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.28/10/2009 - 07:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:23:06.) -- C:\Windows\system32\Drivers\ntfs.sys [1657216]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2502
~ Mes musiques (My Musics) : 94/138
~ Mes Videos (My Videos) : 2/11
~ Mes Favoris (My Favorites) : 1/32
~ Mes Documents (My Documents) : 1/173
~ Mon Bureau (My Desktop) : 1/26
~ Menu demarrer (Programs) : 1/29
~ Scan Hidden Files in 00mn 06s
---\\ Processus lancés
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.3588AFA5623BB8844F71F271A7A96669] - (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [634368] [PID.2780]
[MD5.1F3A75FCFD42F8C4E3DEA7746AE821FA] - (.Orange - Executable Orange Inside.) -- C:\Users\matylde\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [861696] [PID.2592]
[MD5.D706A6F8532AA65F3B40C8749F57B79A] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [665424] [PID.2596]
[MD5.F90D5FFA020B693CB5A7115A5E07AA3F] - (.Bandoo Media, inc - Data Manager.) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1599376] [PID.2868]
[MD5.57657B09D386137C7501367985B9741E] - (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.0 c.) -- C:\Program Files (x86)\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [57344] [PID.820]
[MD5.15A4D1A8C15CB3C0C13C3F36899475E6] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [114992] [PID.3136]
[MD5.52A025AEDE99BFFF745A4CC0DBA5816F] - (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe [598320] [PID.3172]
[MD5.20C4535969F2006F6082CDF146CD95C4] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4273976] [PID.3180]
[MD5.93569D46D79F9756ED077156496AFE23] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748664] [PID.3060]
[MD5.D52F1D46D9C862BB8271734E1834BA5A] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe [250528] [PID.2644]
[MD5.FCB13D9E3D55075C8FACA9CA3C55B263] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3763200] [PID.4044]
~ Scan Processes Running in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html
R3 - URLSearchHook: (no name) [64Bits] - {AEEC3B59-CA98-4EBA-A140-57B94E283583} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON SX110 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [MailNotifier] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKCU\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Users\matylde\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [dlmMgr] . (.Adobe Systems - AdobeDownloadManager.) -- C:\Program Files (x86)\Common Files\Adobe\ESD\AdobeDownloadManager.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Actualité Une - Le Républicain Lorrain.url . (...) -- C:\Users\matylde\Desktop\Actualité Une - Le Républicain Lorrain.url
O4 - Global Startup: C:\Users\matylde\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Camping Corse - camping france.tel.url . (.Auslogics.) -- C:\Users\matylde\Desktop\Camping Corse - camping france.tel.url
O4 - Global Startup: C:\Users\matylde\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\Desktop\JDownloader.lnk . (.AppWork GmbH.) -- C:\Program Files (x86)\JDownloader\JDownloaderPortable.exe
O4 - Global Startup: C:\Users\matylde\Desktop\My DSC.lnk . (...) -- C:\Program Files (x86)\JL2005D\go_twain.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Téléscol, service en ligne vie scolaire.url . (...) -- C:\Users\matylde\Desktop\Téléscol, service en ligne vie scolaire.url
O4 - Global Startup: C:\Users\matylde\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\matylde\Desktop\Zone Telechargement - Telechargement Gratuit RapidShare .url . (.Microsoft Corporation.) -- C:\Users\matylde\Desktop\Zone Telechargement - Telechargement Gratuit RapidShare .url
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk . (.AppWork GmbH.) -- C:\Program Files (x86)\JDownloader\JDownloaderPortable.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk . (.Apple Computer, Inc..) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Screen Recording Suite.lnk . (.Apowersoft.) -- C:\Program Files (x86)\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe
O4 - Global Startup: C:\Users\matylde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (...) -- C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe (.not file.)
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Télécharger avec NetTransport - (.not file.) - C:\Program Files (x86)\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - (.not file.) - C:\Users\matylde\AppData\Local\Temp\cce4395.html
O8 - Extra context menu item: E&xport to Microsoft Excel - (.not file.) - C:\Program Files (x86)\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Tout t&élécharger avec NetTransport - (.not file.) - C:\Program Files (x86)\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: traduire la page - (.not file.) - C:\Users\matylde\AppData\Local\Temp\cce4383.html
O8 - Extra context menu item: traduire le texte sélectionné - (.not file.) - C:\Users\matylde\AppData\Local\Temp\cce4394.html
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[MD5.13001914838576400EB9AFDE95AE71CE] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.00000000000000000000000000000000] [APT] [RealCreateProcessScheduledTask1471136S-1-5-21-3680165825-1942666620-3672123450-1000] (...) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RegistryBooster] (...) -- C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{014364A3-C6F7-430C-9D6B-107C965E89C2}] (...) -- D:\Sims2DoubleDeluxe_uninst.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{22E6AB11-E9FC-4703-BB2E-B03D3AB31032}] (...) -- D:\CK_Installer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{2350A5E7-2A1F-401D-B7CA-5CED16E370B6}] (...) -- C:\Users\matylde\Desktop\AutoRun\eauninstall.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{2671E03E-BF2D-4034-87AF-9D52A6722F58}] (...) -- D:\Support\The Sims 2 Bon Voyage_code.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{5D6D7958-EBC9-48C5-9328-5A0243C9E506}] (...) -- D:\CK_Installer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{627C9919-1858-4318-9557-096B509FB8EC}] (...) -- D:\eauninstall.exe (.not file.)
[MD5.62DA2C201BC09A55C97C46F0AD73C28A] [APT] [{6CD0894A-E621-4C37-81B7-960136B20C60}] (...) -- C:\Program Files (x86)\eMachines GameZone\Amazonia\Uninstall.exe
[MD5.00000000000000000000000000000000] [APT] [{766A842B-D898-4798-A437-BD774D183E3C}] (...) -- D:\Sims2EP6_Uninst.exe (.not file.)
[MD5.FC67DCFDAD59B533C955E249F79C32F4] [APT] [SwitchReminder] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Switch\Switch.exe
[MD5.FC67DCFDAD59B533C955E249F79C32F4] [APT] [SwitchSevenDays] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Switch\Switch.exe
~ Scan Scheduled Task in 00mn 04s
---\\ Composants installés (ActiveSetup Installed Components) (O40) (None)
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/12/2009 - 23:17:35 - [118,664] ----D C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
O43 - CFD: 13/04/2012 - 09:30:10 - [670,263] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/05/2012 - 18:14:15 - [72,881] ----D C:\Program Files (x86)\Apowersoft
O43 - CFD: 12/02/2010 - 11:52:25 - [34,513] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 09/08/2012 - 00:31:16 - [9,289] ----D C:\Program Files (x86)\Auslogics
O43 - CFD: 17/04/2011 - 10:42:57 - [102,461] ----D C:\Program Files (x86)\Barbie(TM)
O43 - CFD: 08/08/2012 - 22:28:23 - [1,179] ----D C:\Program Files (x86)\Boxore
O43 - CFD: 23/06/2012 - 08:45:59 - [441,866] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 08/04/2012 - 13:05:18 - [0] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 29/09/2009 - 07:17:38 - [37,129] ----D C:\Program Files (x86)\eMachines
O43 - CFD: 23/06/2012 - 08:42:41 - [596,389] ----D C:\Program Files (x86)\eMachines GameZone
O43 - CFD: 24/12/2009 - 23:18:29 - [12,703] ----D C:\Program Files (x86)\epson
O43 - CFD: 24/12/2009 - 23:20:10 - [114,298] ----D C:\Program Files (x86)\Epson Software
O43 - CFD: 22/01/2012 - 20:25:19 - [23,592] ----D C:\Program Files (x86)\Google
O43 - CFD: 23/06/2012 - 06:48:44 - [39,618] ----D C:\Program Files (x86)\iLivid
O43 - CFD: 03/08/2012 - 16:54:37 - [37,583] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/08/2012 - 19:32:16 - [6,001] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/05/2012 - 16:58:00 - [92,461] ----D C:\Program Files (x86)\Java
O43 - CFD: 08/08/2012 - 23:57:51 - [59,841] ----D C:\Program Files (x86)\JDownloader
O43 - CFD: 25/12/2010 - 12:00:31 - [2,680] ----D C:\Program Files (x86)\JL2005D
O43 - CFD: 25/12/2010 - 18:33:46 - [0] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 30/07/2012 - 08:12:57 - [19,806] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 23/06/2012 - 08:46:01 - [336,111] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25/08/2009 - 21:40:02 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 12/05/2012 - 12:50:25 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 29/09/2009 - 07:11:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 29/09/2009 - 07:15:41 - [0,627] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 23/06/2012 - 08:46:01 - [137,975] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 23/06/2012 - 08:46:03 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 03/08/2012 - 16:54:38 - [490,569] ----D C:\Program Files (x86)\Mindscape
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/12/2009 - 12:08:31 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 15/08/2012 - 20:42:08 - [2,969] ----D C:\Program Files (x86)\NCH Software
O43 - CFD: 25/08/2009 - 21:47:20 - [364,582] ----D C:\Program Files (x86)\Nero
O43 - CFD: 23/06/2012 - 10:08:04 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 31/05/2012 - 16:59:06 - [14,481] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 08/11/2011 - 20:38:56 - [102,660] ----D C:\Program Files (x86)\Orange
O43 - CFD: 17/12/2011 - 21:35:19 - [0] ----D C:\Program Files (x86)\PlayerPlus
O43 - CFD: 20/08/2012 - 21:57:35 - [3,364] ----D C:\Program Files (x86)\Project64 1.6
O43 - CFD: 17/04/2011 - 10:47:19 - [2,259] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 25/08/2009 - 21:21:26 - [3,202] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [36,809] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/08/2012 - 22:27:12 - [2,993] ----D C:\Program Files (x86)\Software
O43 - CFD: 18/04/2012 - 18:53:28 - [8,457] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 25/08/2009 - 21:54:11 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 25/08/2009 - 21:21:38 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 17/06/2012 - 21:26:09 - [0] ----D C:\Program Files (x86)\Uniblue
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/08/2012 - 10:34:10 - [92,145] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/09/2009 - 03:48:35 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 21/08/2011 - 20:02:23 - [13,638] ----D C:\Program Files (x86)\Windows iLivid Toolbar
O43 - CFD: 30/07/2012 - 08:18:28 - [144,300] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 16/12/2010 - 16:19:24 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 16/10/2010 - 09:47:16 - [4,896] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 04/09/2009 - 03:48:35 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 04/09/2009 - 03:48:35 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 17/08/2012 - 14:05:55 - [3,898] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 08/08/2012 - 23:01:13 - [0,756] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 21/08/2012 - 16:01:28 - [12,790] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 13/04/2012 - 09:30:42 - [14,895] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 25/08/2009 - 21:50:50 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 12/02/2010 - 11:52:14 - [6,547] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 31/05/2012 - 16:59:30 - [0,003] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 17/04/2011 - 10:42:56 - [1,018] ----D C:\Program Files (x86)\Common Files\Knowledge Adventure
O43 - CFD: 30/07/2012 - 08:14:22 - [215,825] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 25/08/2009 - 21:48:43 - [115,717] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 25/08/2009 - 21:28:00 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 12/02/2010 - 11:56:02 - [1,480] ----D C:\Program Files (x86)\Common Files\snpstd
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/04/2011 - 10:47:22 - [0] ----D C:\Program Files (x86)\Common Files\SWF Studio
O43 - CFD: 01/01/2010 - 12:48:01 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 11/07/2012 - 14:12:56 - [16,375] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 29/09/2009 - 07:09:09 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 13/04/2012 - 09:30:10 - [24,991] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 06/06/2010 - 10:17:54 - [0,971] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 20/08/2012 - 21:46:37 - [2,346] ----D C:\ProgramData\AVAST Software
O43 - CFD: 06/06/2010 - 10:08:15 - [0,047] ----D C:\ProgramData\AWEM
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 25/12/2009 - 12:30:17 - [0,000] ----D C:\ProgramData\EA Logs
O43 - CFD: 08/04/2012 - 13:05:18 - [0] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 25/08/2009 - 21:43:36 - [4,016] ----D C:\ProgramData\eMachines
O43 - CFD: 24/12/2009 - 23:13:56 - [8,668] ----D C:\ProgramData\EPSON
O43 - CFD: 13/11/2010 - 19:52:29 - [0,001] ----D C:\ProgramData\FarmFrenzy2
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 04/03/2011 - 20:14:09 - [0,000] ----D C:\ProgramData\Friends Games
O43 - CFD: 25/08/2009 - 21:44:41 - [0,514] ----D C:\ProgramData\Google
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 30/07/2012 - 08:15:08 - [33,890] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/07/2012 - 14:12:57 - [0,116] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 24/12/2009 - 22:11:13 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 15/08/2012 - 20:42:16 - [0] ----D C:\ProgramData\NCH Software
O43 - CFD: 25/08/2009 - 21:46:33 - [10,851] ----D C:\ProgramData\Nero
O43 - CFD: 01/01/2010 - 12:48:12 - [0,014] ----D C:\ProgramData\Norton
O43 - CFD: 25/08/2009 - 21:51:15 - [6,640] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 23/06/2012 - 08:55:03 - [0] ----D C:\ProgramData\NVIDIA
O43 - CFD: 24/12/2009 - 22:12:09 - [0,000] ----D C:\ProgramData\OEM
O43 - CFD: 12/06/2012 - 16:44:39 - [12,276] ----D C:\ProgramData\Orange
O43 - CFD: 15/01/2010 - 21:55:58 - [0,002] ----D C:\ProgramData\Partner
O43 - CFD: 21/11/2010 - 18:51:17 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 17/04/2011 - 10:46:27 - [0,009] ----D C:\ProgramData\QuickTime
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 25/12/2010 - 18:21:40 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 18/04/2012 - 18:53:21 - [0,769] ----D C:\ProgramData\SweetIM
O43 - CFD: 25/12/2009 - 11:31:07 - [0,002] ----D C:\ProgramData\Symantec
O43 - CFD: 08/08/2012 - 23:01:12 - [1,767] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 08/05/2011 - 19:30:37 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 24/12/2009 - 23:20:43 - [0,003] ----D C:\ProgramData\UDL
O43 - CFD: 02/06/2012 - 07:28:43 - [3,146] --H-D C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
O43 - CFD: 23/06/2012 - 06:48:45 - [3,125] ----D C:\ProgramData\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
O43 - CFD: 23/06/2012 - 08:41:07 - [0,008] -SH-D C:\Users\matylde\AppData\Roaming\.#
O43 - CFD: 23/06/2012 - 14:29:26 - [5,870] ----D C:\Users\matylde\AppData\Roaming\.minecraft
O43 - CFD: 13/04/2012 - 09:33:02 - [3,303] ----D C:\Users\matylde\AppData\Roaming\Adobe
O43 - CFD: 13/04/2012 - 09:33:02 - [0] ----D C:\Users\matylde\AppData\Roaming\AdobeUM
O43 - CFD: 25/05/2012 - 18:14:22 - [0,086] ----D C:\Users\matylde\AppData\Roaming\Apowersoft
O43 - CFD: 09/08/2012 - 00:31:20 - [0,007] ----D C:\Users\matylde\AppData\Roaming\Auslogics
O43 - CFD: 02/01/2012 - 18:30:52 - [0,003] ----D C:\Users\matylde\AppData\Roaming\Epson
O43 - CFD: 25/12/2009 - 00:27:36 - [0,017] ----D C:\Users\matylde\AppData\Roaming\GameConsole
O43 - CFD: 24/12/2009 - 23:04:18 - [0] ----D C:\Users\matylde\AppData\Roaming\Google
O43 - CFD: 24/12/2009 - 22:12:12 - [0] ----D C:\Users\matylde\AppData\Roaming\Identities
O43 - CFD: 24/12/2009 - 23:14:48 - [0] ----D C:\Users\matylde\AppData\Roaming\InstallShield
O43 - CFD: 17/05/2012 - 18:13:47 - [0] ----D C:\Users\matylde\AppData\Roaming\Leadertech
O43 - CFD: 24/12/2009 - 22:13:09 - [0,006] ----D C:\Users\matylde\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\matylde\AppData\Roaming\Media Center Programs
O43 - CFD: 20/08/2012 - 21:57:37 - [9,841] -S--D C:\Users\matylde\AppData\Roaming\Microsoft
O43 - CFD: 25/12/2010 - 18:23:30 - [0] ----D C:\Users\matylde\AppData\Roaming\Mozilla
O43 - CFD: 15/08/2012 - 20:43:07 - [0,105] ----D C:\Users\matylde\AppData\Roaming\NCH Software
O43 - CFD: 16/04/2011 - 17:46:10 - [0,183] ----D C:\Users\matylde\AppData\Roaming\Nero
O43 - CFD: 23/06/2012 - 10:23:57 - [21,362] ----D C:\Users\matylde\AppData\Roaming\OpenOffice.org
O43 - CFD: 08/11/2011 - 20:39:03 - [2,209] ----D C:\Users\matylde\AppData\Roaming\Orange
O43 - CFD: 21/11/2010 - 18:51:17 - [0,001] ----D C:\Users\matylde\AppData\Roaming\PlayFirst
O43 - CFD: 24/06/2010 - 21:30:09 - [0] ----D C:\Users\matylde\AppData\Roaming\Real
O43 - CFD: 25/12/2009 - 12:25:08 - [0,016] R-H-D C:\Users\matylde\AppData\Roaming\SecuROM
O43 - CFD: 24/05/2011 - 12:27:22 - [0,013] ----D C:\Users\matylde\AppData\Roaming\Template
O43 - CFD: 18/08/2012 - 14:36:24 - [0,077] ----D C:\Users\matylde\AppData\Roaming\vlc
O43 - CFD: 15/08/2012 - 09:57:22 - [0] ----D C:\Users\matylde\AppData\Roaming\Windows Live Writer
O43 - CFD: 17/08/2012 - 14:06:06 - [0,000] ----D C:\Users\matylde\AppData\Roaming\WinRAR
O43 - CFD: 02/01/2012 - 18:27:51 - [0,008] ----D C:\Users\matylde\AppData\Local\ABBYY
O43 - CFD: 25/12/2009 - 12:23:14 - [22,471] ----D C:\Users\matylde\AppData\Local\Adobe
O43 - CFD: 24/12/2009 - 22:11:19 - [0] ----D C:\Users\matylde\AppData\Local\Application Data
O43 - CFD: 31/01/2012 - 19:59:03 - [0,528] ----D C:\Users\matylde\AppData\Local\Diagnostics
O43 - CFD: 02/01/2012 - 19:40:31 - [0] ----D C:\Users\matylde\AppData\Local\ElevatedDiagnostics
O43 - CFD: 25/03/2012 - 11:52:44 - [0,760] ----D C:\Users\matylde\AppData\Local\Google
O43 - CFD: 24/12/2009 - 22:11:19 - [0] ----D C:\Users\matylde\AppData\Local\Historique
O43 - CFD: 09/08/2012 - 22:31:08 - [1519,477] ----D C:\Users\matylde\AppData\Local\Microsoft
O43 - CFD: 15/06/2010 - 21:12:37 - [1,342] ----D C:\Users\matylde\AppData\Local\Microsoft Games
O43 - CFD: 28/11/2010 - 13:02:02 - [0,296] ----D C:\Users\matylde\AppData\Local\Microsoft Help
O43 - CFD: 13/11/2010 - 21:29:42 - [94,250] ----D C:\Users\matylde\AppData\Local\Oberon Games
O43 - CFD: 23/10/2010 - 18:50:00 - [0,000] ----D C:\Users\matylde\AppData\Local\Orange
O43 - CFD: 21/08/2011 - 19:59:49 - [0] ----D C:\Users\matylde\AppData\Local\PackageAware
O43 - CFD: 08/08/2012 - 22:27:12 - [0] ----D C:\Users\matylde\AppData\Local\Software
O43 - CFD: 21/08/2012 - 16:00:47 - [104,008] ----D C:\Users\matylde\AppData\Local\Temp
O43 - CFD: 24/12/2009 - 22:11:19 - [0] ----D C:\Users\matylde\AppData\Local\Temporary Internet Files
O43 - CFD: 05/07/2012 - 19:08:36 - [77,730] ----D C:\Users\matylde\AppData\Local\VirtualStore
O43 - CFD: 18/08/2012 - 10:40:44 - [0,082] ----D C:\Users\matylde\AppData\Local\Windows Live
O43 - CFD: 15/08/2012 - 09:57:30 - [0,618] ----D C:\Users\matylde\AppData\Local\Windows Live Writer
O43 - CFD: 20/08/2012 - 20:22:27 - [0] ----D C:\Users\matylde\AppData\Local\{001C7784-A3AB-45DC-B5D5-2376DF57364C}
O43 - CFD: 31/07/2012 - 12:02:56 - [0] ----D C:\Users\matylde\AppData\Local\{008AC2AB-901F-47A9-A8C5-40EA12BC5237}
O43 - CFD: 14/08/2012 - 16:55:42 - [0] ----D C:\Users\matylde\AppData\Local\{060538CE-EEDA-4716-8109-A2139EFB2DAB}
O43 - CFD: 03/08/2012 - 09:03:46 - [0] ----D C:\Users\matylde\AppData\Local\{0BCBF609-38D8-4138-9715-0CEF30478550}
O43 - CFD: 16/08/2012 - 19:40:24 - [0] ----D C:\Users\matylde\AppData\Local\{0C48CA88-CB02-4DDF-9DD7-106592D5128A}
O43 - CFD: 09/08/2012 - 21:42:16 - [0] ----D C:\Users\matylde\AppData\Local\{103A8B34-EA4B-4679-B1DB-911DE83B38DF}
O43 - CFD: 17/08/2012 - 22:10:48 - [0] ----D C:\Users\matylde\AppData\Local\{1903DA42-005C-4E11-B535-5134E70CF738}
O43 - CFD: 10/08/2012 - 21:43:55 - [0] ----D C:\Users\matylde\AppData\Local\{1BD69645-F5A8-44F5-862F-F86570A1BFCF}
O43 - CFD: 14/08/2012 - 16:55:31 - [0] ----D C:\Users\matylde\AppData\Local\{1D4A2537-51AB-47AD-B1C1-54ADEABC6578}
O43 - CFD: 13/08/2012 - 12:55:44 - [0] ----D C:\Users\matylde\AppData\Local\{1D51F31B-6589-45B3-A6E6-B91B0AEC11DD}
O43 - CFD: 30/07/2012 - 08:25:44 - [0] ----D C:\Users\matylde\AppData\Local\{24993189-B417-4A23-AE10-A479E47DE146}
O43 - CFD: 21/08/2012 - 09:00:56 - [0] ----D C:\Users\matylde\AppData\Local\{29EA8975-FB21-43DF-937F-3E650C038AA1}
O43 - CFD: 01/08/2012 - 12:35:27 - [0] ----D C:\Users\matylde\AppData\Local\{2B120903-A553-4BB5-A21E-E62D386F9954}
O43 - CFD: 08/08/2012 - 20:20:35 - [0] ----D C:\Users\matylde\AppData\Local\{31595E99-227A-41EB-8709-CD9CA7A9ECDC}
O43 - CFD: 17/08/2012 - 08:31:58 - [0] ----D C:\Users\matylde\AppData\Local\{31E52F9C-5111-4478-AC59-C93183BB8781}
O43 - CFD: 31/07/2012 - 12:03:08 - [0] ----D C:\Users\matylde\AppData\Local\{332E47F5-8523-44BE-A868-1213F863D331}
O43 - CFD: 05/08/2012 - 15:30:14 - [0] ----D C:\Users\matylde\AppData\Local\{39F37FAB-C660-4007-A5F5-AE1FD2D46ED5}
O43 - CFD: 07/08/2012 - 19:12:59 - [0] ----D C:\Users\matylde\AppData\Local\{3B38DADD-DC1D-4359-8590-3A75C0EAF2E5}
O43 - CFD: 08/08/2012 - 20:20:24 - [0] ----D C:\Users\matylde\AppData\Local\{45D4838A-BF61-4C0F-B2EE-A30B1891DA86}
O43 - CFD: 14/08/2012 - 01:36:18 - [0] ----D C:\Users\matylde\AppData\Local\{4EED06E4-5840-43F7-8B79-9035B0D519BA}
O43 - CFD: 30/07/2012 - 08:25:14 - [0] ----D C:\Users\matylde\AppData\Local\{4F6EB414-8AFE-4EBA-BF7C-BE36BFBFFCEE}
O43 - CFD: 04/08/2012 - 11:20:52 - [0] ----D C:\Users\matylde\AppData\Local\{53A0A377-823C-47AF-A144-ABCBA786D232}
O43 - CFD: 13/08/2012 - 12:55:34 - [0] ----D C:\Users\matylde\AppData\Local\{5B4632BD-00B7-402F-A3BE-95FF86720601}
O43 - CFD: 09/08/2012 - 09:41:23 - [0] ----D C:\Users\matylde\AppData\Local\{5E8AF5F0-8ED2-4FBD-BE93-A6B1F1D26C21}
O43 - CFD: 20/08/2012 - 08:16:16 - [0] ----D C:\Users\matylde\AppData\Local\{61E0D5BA-1A5D-4300-A91B-1513AA0E6320}
O43 - CFD: 16/08/2012 - 19:40:13 - [0] ----D C:\Users\matylde\AppData\Local\{6362A825-A1F3-4B76-8BB6-40D43104286C}
O43 - CFD: 05/08/2012 - 02:10:06 - [0] ----D C:\Users\matylde\AppData\Local\{681B139F-F84B-485E-A365-DB639212BE91}
O43 - CFD: 04/08/2012 - 11:21:03 - [0] ----D C:\Users\matylde\AppData\Local\{68501134-8F37-4E9A-AA8F-AA0F44E55CDA}
O43 - CFD: 02/08/2012 - 09:09:14 - [0] ----D C:\Users\matylde\AppData\Local\{69B2E159-1EF1-4C49-9CF4-9C2C1BD134E1}
O43 - CFD: 04/08/2012 - 09:28:18 - [0] ----D C:\Users\matylde\AppData\Local\{6F183D0E-DE1E-4F2F-A82C-528711E023E0}
O43 - CFD: 15/08/2012 - 09:44:19 - [0] ----D C:\Users\matylde\AppData\Local\{7B0FE497-9336-4165-9BAF-2F8E8ADFE8D7}
O43 - CFD: 09/08/2012 - 09:41:37 - [0] ----D C:\Users\matylde\AppData\Local\{7B6CF584-84C0-4ED8-BCE5-78D95684278F}
O43 - CFD: 06/08/2012 - 22:36:28 - [0] ----D C:\Users\matylde\AppData\Local\{7C2C2998-2B2E-4E28-B198-04A2B93DA926}
O43 - CFD: 08/08/2012 - 17:08:01 - [0] ----D C:\Users\matylde\AppData\Local\{82400241-F606-423B-B348-9475D9663799}
O43 - CFD: 09/08/2012 - 21:42:26 - [0] ----D C:\Users\matylde\AppData\Local\{87989544-E2F8-4263-9104-82FE310D5B7C}
O43 - CFD: 05/08/2012 - 15:30:24 - [0] ----D C:\Users\matylde\AppData\Local\{8C6DF378-C122-47DD-A59A-F256AD0E16A1}
O43 - CFD: 10/08/2012 - 09:43:16 - [0] ----D C:\Users\matylde\AppData\Local\{949B70A5-8EE8-434A-AACC-1BBBD47A7A8A}
O43 - CFD: 04/08/2012 - 09:28:16 - [0] ----D C:\Users\matylde\AppData\Local\{9698FC0B-BF38-4B20-95C6-7556EC593B63}
O43 - CFD: 11/08/2012 - 12:13:47 - [0] ----D C:\Users\matylde\AppData\Local\{9AE96E27-3B2B-4A06-AFEC-54CD55489918}
O43 - CFD: 17/08/2012 - 22:10:58 - [0] ----D C:\Users\matylde\AppData\Local\{9E81A088-BE9B-4E64-8F0E-0B9C2721A3D6}
O43 - CFD: 17/08/2012 - 08:31:47 - [0] ----D C:\Users\matylde\AppData\Local\{A00B782D-981C-422A-BC30-AAA4C4AB5993}
O43 - CFD: 05/08/2012 - 02:10:17 - [0] ----D C:\Users\matylde\AppData\Local\{A86BFCF6-57E4-4D9E-8AEF-26C8F295EAB8}
O43 - CFD: 30/07/2012 - 21:11:13 - [0] ----D C:\Users\matylde\AppData\Local\{A98E55DE-3B84-4A48-BF4D-014CF9375127}
O43 - CFD: 08/08/2012 - 17:08:03 - [0] ----D C:\Users\matylde\AppData\Local\{A9A3B77D-9ED7-4427-A8FB-F29E16A45AA4}
O43 - CFD: 19/08/2012 - 20:15:42 - [0] ----D C:\Users\matylde\AppData\Local\{AC2D96CB-5811-4CC3-8B08-30C7306C6A71}
O43 - CFD: 01/08/2012 - 12:35:16 - [0] ----D C:\Users\matylde\AppData\Local\{ACFB4369-93F0-4563-8239-493DE963BC77}
O43 - CFD: 30/07/2012 - 21:11:23 - [0] ----D C:\Users\matylde\AppData\Local\{B0122E64-C7FA-45FF-A18C-5D8282553EF0}
O43 - CFD: 07/08/2012 - 19:12:47 - [0] ----D C:\Users\matylde\AppData\Local\{B07B06C6-6578-49E0-94EE-92219657F794}
O43 - CFD: 06/08/2012 - 08:31:00 - [0] ----D C:\Users\matylde\AppData\Local\{B1E6B308-D974-4E37-A41B-549FAAE5132B}
O43 - CFD: 02/08/2012 - 09:09:01 - [0] ----D C:\Users\matylde\AppData\Local\{BC712455-8D8F-4E24-99FF-0D2DF4096A31}
O43 - CFD: 18/08/2012 - 10:11:49 - [0] ----D C:\Users\matylde\AppData\Local\{BECCA9CE-EAE2-4A59-99A3-E6A2BF4CBF6E}
O43 - CFD: 03/08/2012 - 09:03:35 - [0] ----D C:\Users\matylde\AppData\Local\{C163D71C-6F33-4EEC-B81C-E29A44E0D192}
O43 - CFD: 10/08/2012 - 21:44:06 - [0] ----D C:\Users\matylde\AppData\Local\{C85855A6-C514-4063-BBF1-10D133AE750E}
O43 - CFD: 14/08/2012 - 01:36:08 - [0] ----D C:\Users\matylde\AppData\Local\{CC7F83FD-BC7E-46F4-8353-F36B3B9DDE82}
O43 - CFD: 15/08/2012 - 09:44:09 - [0] ----D C:\Users\matylde\AppData\Local\{D4508897-FC1B-4028-A75D-40E05DD1C9B8}
O43 - CFD: 12/08/2012 - 10:11:59 - [0] ----D C:\Users\matylde\AppData\Local\{D59A095B-0CE5-441B-93DD-FC201DE4454D}
O43 - CFD: 10/08/2012 - 09:43:06 - [0] ----D C:\Users\matylde\AppData\Local\{D7370048-B75E-4C0C-A38F-8B3C127D9947}
O43 - CFD: 06/08/2012 - 08:31:11 - [0] ----D C:\Users\matylde\AppData\Local\{E69B283A-4DBD-4F5D-B991-322DC0A6B8DE}
O43 - CFD: 19/08/2012 - 08:15:07 - [0] ----D C:\Users\matylde\AppData\Local\{E7CF023D-F9A8-4A21-B7FF-9580FADAC1A1}
O43 - CFD: 11/08/2012 - 12:14:02 - [0] ----D C:\Users\matylde\AppData\Local\{EA2B9E60-7A1D-492A-8E68-5AFE11501A41}
O43 - CFD: 23/06/2012 - 21:41:31 - [0] ----D C:\Users\matylde\AppData\Local\{F08A648A-03FC-49A2-8759-AA4029324AA1}
O43 - CFD: 12/08/2012 - 10:11:47 - [0] ----D C:\Users\matylde\AppData\Local\{F0DFC6AA-520C-40BB-91C9-FC66CF832738}
O43 - CFD: 18/08/2012 - 10:11:39 - [0] ----D C:\Users\matylde\AppData\Local\{FBCA1E88-E524-487D-A335-7CBC69A0DBCE}
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/07/2012 - 16:21:49 - [0,000] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/08/2012 - 13:39:53 - [0,001] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/11/2011 - 20:38:56 - [0] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Application
O43 - CFD: 07/12/2011 - 17:24:56 - [0] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NATHAN Vacances CE1
O43 - CFD: 11/07/2012 - 16:21:49 - [0,000] R---D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 17/08/2012 - 14:05:55 - [0,003] ----D C:\Users\matylde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 24/12/2009 - 23:17:35 - [118,664] ----D C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
O43 - CFD: 13/04/2012 - 09:30:10 - [670,263] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/05/2012 - 18:14:15 - [72,881] ----D C:\Program Files (x86)\Apowersoft
O43 - CFD: 12/02/2010 - 11:52:25 - [34,513] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 09/08/2012 - 00:31:16 - [9,289] ----D C:\Program Files (x86)\Auslogics
O43 - CFD: 17/04/2011 - 10:42:57 - [102,461] ----D C:\Program Files (x86)\Barbie(TM)
O43 - CFD: 08/08/2012 - 22:28:23 - [1,179] ----D C:\Program Files (x86)\Boxore
O43 - CFD: 23/06/2012 - 08:45:59 - [441,866] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 08/04/2012 - 13:05:18 - [0] ----D C:\Program Files (x86)\Electronic Arts
O43 - CFD: 29/09/2009 - 07:17:38 - [37,129] ----D C:\Program Files (x86)\eMachines
O43 - CFD: 23/06/2012 - 08:42:41 - [596,389] ----D C:\Program Files (x86)\eMachines GameZone
O43 - CFD: 24/12/2009 - 23:18:29 - [12,703] ----D C:\Program Files (x86)\epson
O43 - CFD: 24/12/2009 - 23:20:10 - [114,298] ----D C:\Program Files (x86)\Epson Software
O43 - CFD: 22/01/2012 - 20:25:19 - [23,592] ----D C:\Program Files (x86)\Google
O43 - CFD: 23/06/2012 - 06:48:44 - [39,618] ----D C:\Program Files (x86)\iLivid
O43 - CFD: 03/08/2012 - 16:54:37 - [37,583] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/08/2012 - 19:32:16 - [6,001] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 31/05/2012 - 16:58:00 - [92,461] ----D C:\Program Files (x86)\Java
O43 - CFD: 08/08/2012 - 23:57:51 - [59,841] ----D C:\Program Files (x86)\JDownloader
O43 - CFD: 25/12/2010 - 12:00:31 - [2,680] ----D C:\Program Files (x86)\JL2005D
O43 - CFD: 25/12/2010 - 18:33:46 - [0] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 30/07/2012 - 08:12:57 - [19,806] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 23/06/2012 - 08:46:01 - [336,111] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25/08/2009 - 21:40:02 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 12/05/2012 - 12:50:25 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 29/09/2009 - 07:11:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 29/09/2009 - 07:15:41 - [0,627] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 23/06/2012 - 08:46:01 - [137,975] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 23/06/2012 - 08:46:03 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 03/08/2012 - 16:54:38 - [490,569] ----D C:\Program Files (x86)\Mindscape
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/12/2009 - 12:08:31 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 15/08/2012 - 20:42:08 - [2,969] ----D C:\Program Files (x86)\NCH Software
O43 - CFD: 25/08/2009 - 21:47:20 - [364,582] ----D C:\Program Files (x86)\Nero
O43 - CFD: 23/06/2012 - 10:08:04 - [285,319] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 31/05/2012 - 16:59:06 - [14,481] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 08/11/2011 - 20:38:56 - [102,660] ----D C:\Program Files (x86)\Orange
O43 - CFD: 17/12/2011 - 21:35:19 - [0] ----D C:\Program Files (x86)\PlayerPlus
O43 - CFD: 20/08/2012 - 21:57:35 - [3,364] ----D C:\Program Files (x86)\Project64 1.6
O43 - CFD: 17/04/2011 - 10:47:19 - [2,259] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 25/08/2009 - 21:21:26 - [3,202] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [36,809] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/08/2012 - 22:27:12 - [2,993] ----D C:\Program Files (x86)\Software
O43 - CFD: 18/04/2012 - 18:53:28 - [8,457] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 25/08/2009 - 21:54:11 - [2,100] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 25/08/2009 - 21:21:38 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 17/06/2012 - 21:26:09 - [0] ----D C:\Program Files (x86)\Uniblue
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/08/2012 - 10:34:10 - [92,145] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/09/2009 - 03:48:35 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 21/08/2011 - 20:02:23 - [13,638] ----D C:\Program Files (x86)\Windows iLivid Toolbar
O43 - CFD: 30/07/2012 - 08:18:28 - [144,300] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 16/12/2010 - 16:19:24 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 16/10/2010 - 09:47:16 - [4,896] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 04/09/2009 - 03:48:35 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 04/09/2009 - 03:48:35 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 17/08/2012 - 14:05:55 - [3,898] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 08/08/2012 - 23:01:13 - [0,756] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 21/08/2012 - 16:01:28 - [12,790] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 13/04/2012 - 09:30:42 - [14,895] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 25/08/2009 - 21:50:50 - [30,315] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 12/02/2010 - 11:52:14 - [6,547] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 31/05/2012 - 16:59:30 - [0,003] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 17/04/2011 - 10:42:56 - [1,018] ----D C:\Program Files (x86)\Common Files\Knowledge Adventure
O43 - CFD: 30/07/2012 - 08:14:22 - [215,825] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 25/08/2009 - 21:48:43 - [115,717] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 25/08/2009 - 21:28:00 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 12/02/2010 - 11:56:02 - [1,480] ----D C:\Program Files (x86)\Common Files\snpstd
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/04/2011 - 10:47:22 - [0] ----D C:\Program Files (x86)\Common Files\SWF Studio
O43 - CFD: 01/01/2010 - 12:48:01 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 11/07/2012 - 14:12:56 - [16,375] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 29/09/2009 - 07:09:09 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 20s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.83D9829174AF59C2B1A043408A2ADFF9] - 21/08/2012 - 14:27:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1462500]
O44 - LFC:[MD5.E5B037B9572C17CB8E9D7D1486216DD9] - 21/08/2012 - 14:24:12 ---A- . (...) -- C:\Windows\setupact.log [3684]
O44 - LFC:[MD5.242B8DCFC47622844FEEAADF51EE6151] - 21/08/2012 - 14:24:11 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.0B75171CC085E0982A712DDDF93ECBBE] - 20/08/2012 - 20:48:14 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [285328]
O44 - LFC:[MD5.0B75171CC085E0982A712DDDF93ECBBE] - 20/08/2012 - 20:48:14 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [285328]
O44 - LFC:[MD5.7946D9F881715414B9F5D80D16752664] - 20/08/2012 - 20:46:52 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41224]
O44 - LFC:[MD5.546531498A6D846EFF970B2A39B31D8A] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549936]
O44 - LFC:[MD5.2DE02BEFC031B3C8D929B48F1297F9EC] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106412]
O44 - LFC:[MD5.1DB337E1485F94F67E4C25A7FD8EB900] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130770]
O44 - LFC:[MD5.7F491153E803C2B520A8E683643DFB65] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616032]
O44 - LFC:[MD5.E96349CDACF2F81AA0BB3A2F3F512AEC] - 18/08/2012 - 13:38:14 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704464]
O44 - LFC:[MD5.B2E077C595A6A1710E54A874873BAC60] - 16/08/2012 - 18:34:05 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [371448]
O44 - LFC:[MD5.956E93EF3A86FA6FCD5849A8385F607F] - 14/08/2012 - 15:54:31 ---A- . (...) -- C:\Windows\PFRO.log [1216]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/08/2012 - 12:39:02 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.F80B2B68002ADB19673B086DA1EEDD4F] - 14/08/2012 - 12:36:03 ---A- . (...) -- C:\Windows\QTFont.for [1409]
O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 14/08/2012 - 12:36:03 --HA- . (...) -- C:\Windows\QTFont.qfn [54156]
O44 - LFC:[MD5.485503D90AB2591581D00458643B9956] - 08/08/2012 - 21:31:38 ---A- . (...) -- C:\ChromeHPLog.txt [198]
~ Scan Files in 00mn 28s
---\\ Contrôle du Safe Boot (CSB) (O49) (None)
---\\ MountPoints2 Shell Key (O51) (None)
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.5C10259426A1036338628EBED973C382] - 20/02/2004 - 17:40:56 ---A- . (.Pas de propriétaire - PC Camera driver.) -- C:\Windows\SysWOW64\drivers\snpstd.sys [301184]
~ Scan Drivers in 00mn 00s
---\\ Start Menu Internet (O68) (None)
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Web Search) - http://www.searchnu.com/
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - https://search.sweetim.com/
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83) (None)
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe [36136]
[MD5.ACDBC77DB21D76576C44AA133C0227AA] [SPRF][15/08/2012] (...) -- C:\Users\matylde\AppData\Local\Temp\aacenc.exe [122880]
[MD5.8108782EBC0385F3E1482B65AAB8FAD4] [SPRF][20/08/2012] (.ALWIL Software - avast! v5 upgrade support library.) -- C:\Users\matylde\AppData\Local\Temp\aswV5Hlp.dll [5120]
[MD5.8F3451D0C2A54314500F10394BECE6E6] [SPRF][26/06/2012] (...) -- C:\Users\matylde\AppData\Roaming\wklnhst.dat [354]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
~ Scan Files in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : 9183 - (31/07/2012)
Clés trouvées (Keys found) : 17
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 10
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847}] =>Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}] =>Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>Adware.BHO
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}] =>Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Agent
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\SweetIM] =>Toolbar.SweetIM
C:\Program Files (x86)\SweetIM =>Toolbar.SweetIM
C:\Program Files (x86)\Windows iLivid Toolbar =>Adware.Bandoo
C:\Program Files (x86)\yontoo =>Adware.OpenCandy
C:\ProgramData\SweetIM =>Toolbar.SweetIM
C:\Users\matylde\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\matylde\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Users\matylde\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\Users\matylde\AppData\Local\Temp\Iminent =>Adware.IMBooster
~ Scan Additionnel in 00mn 08s
End of the scan (637 lines in 01mn 28s)(0)
cbauf
Messages postés
4297
Date d'inscription
lundi 31 mars 2008
Statut
Contributeur
Dernière intervention
22 juin 2022
783
21 août 2012 à 16:39
21 août 2012 à 16:39
Re
Bienvenue,
Tu devrais mieux lire les textes, il est marqué dans le poste #01 fichier que tu aurais du déposer sur cjoint et transmettre le lien donné.
Bon c'est fait, Attends qu'un "pro", voie et analyse ton log ... c'est encore les vacances, un peux de patience.
Et dans l'intervalle jète un coup d'oeil là ► : la Charte de CCM.
Bienvenue,
Tu devrais mieux lire les textes, il est marqué dans le poste #01 fichier que tu aurais du déposer sur cjoint et transmettre le lien donné.
Bon c'est fait, Attends qu'un "pro", voie et analyse ton log ... c'est encore les vacances, un peux de patience.
Et dans l'intervalle jète un coup d'oeil là ► : la Charte de CCM.
