~ Rapport de NCDiag v2014.4.28.49 - Copyright ©2014 - Nicolas Coolman, Tous droits réservés ~ Emplacement rapport : C:\Users\Nicolas\AppData\Roaming\ZHP\NCDiag.txt ~ Lancé par Nicolas (10/05/2014 - 14:51:22) ~ Adresse du Site Web : http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Etat de la version : OK ~ Liste blanche : Désactivée par le programme ~ User Account Control (UAC): Désactivé par l'utilisateur ~ Elévation des Privilèges : OK ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17105 GCIE: Google Chrome v34.0.1847.131 (Default) ---\\ Informations sur les produits Windows ~ Langage: Français Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601), 64-bit Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel Windows ID Activation : OK ~ Windows Partial Key : M8X2Q Windows License : OK ~ Windows Remaining Initializations Number : 1 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Informations sur le système ~ Operating System: 64 Bits ~ Boot Mode: Normal (Normal boot) System Restore: Activé (Enable) Total RAM: 3990 MB (56% free) ---\\ Mode de connexion au système ~ Nom d'Ordinateur: NIKO ~ Nom d'utilisateur: Nicolas ~ Nom des utilisateurs: Nicolas,Public, ~ Connecté en administrateur ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (System) ( Free 195 Go of 272 Go) D: Hard drive, Flash drive, Thumb drive ( Free 79 Go of 181 Go) ---\\ Logiciels de protection du système Windows Defender W7 avast! Free Antivirus v9.0.2018 Malwarebytes Anti-Malware version 2.0.1.1004 ---\\ Variables d'environnement ~ %SYSTEMDRIVE% = C: ~ %USERPROFILE% = C:\Users\Nicolas ~ %APPDATA% = C:\Users\Nicolas\AppData\Roaming ~ %DESKTOP% = C:\Users\Nicolas\Desktop ~ %FAVORITES% = C:\Users\Nicolas\Favorites ~ %LOCALAPPDATA% = C:\Users\Nicolas\AppData\Local ~ %STARTMENU% = C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu ~ %WINDIR% = C:\windows ~ %SYSTEM% = C:\windows\System32 ~ %PROGRAMFILES% = C:\Program Files (x86) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktop: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\Explorer.exe [2871808] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\windows\System32\rundll32.exe [44544] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\windows\System32\Wininit.exe [96256] [MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\windows\System32\wininet.dll [1789440] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\windows\System32\sppcomapi.dll [193536] [MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\windows\System32\fr-FR\user32.dll.mui [20480] ---\\ Processus lancés [MD5.AF3F84DE1D713CF4A7403DFCF5B226C7] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe [1268816] =>P2P.µTorrent [MD5.683C9DF0582D8EEFAA90CE1514019BC1] - (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352] [MD5.C9028150E059EF769B581E5EC6840FD1] - (.TomTom - MyDrive Connect.) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473464] [MD5.6522AA1BCFC503A2417B7358E31F4EB9] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400] [MD5.00000000000000000000000000000000] - (...) --C:\Program Files (x86)\Elantech\ETDCtrl.exe [0] [MD5.00000000000000000000000000000000] - (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe [0] [MD5.00000000000000000000000000000000] - (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe [0] [MD5.00000000000000000000000000000000] - (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe [0] [MD5.39CF316EB5842AE27CC0D3CC4E2840DE] - (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144] [MD5.766AE515B1749F2141E418CC6C08515B] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440] [MD5.4D241A6A8F6BA9FA32FF836551FFDCEA] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [MD5.15A69FE13459EF81FB2105CC986AF394] - (.CyberLink Corp. - YouCam.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [230696] [MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [MD5.AB6E5B9333101E414D8F04BC570064F1] - (.Intel Corporation - Intel® Centrino® Wireless Bluetooth® 3.0 + .) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [659968] [MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [MD5.3B5DA02DEA6910A709F19180746FF0CE] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [113704] [MD5.ACC9C8C560C567FAD6F79C977AB2EA09] - (.B.H.A Corporation - B's Recorder GOLD Service Library.) -- C:\Windows\SysWOW64\bgsvcgen.exe [145504] [MD5.05981C3E51D827ED6B8101A54B05E392] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [1014096] [MD5.41D8F56E6BBE0111244D87BE2FA90374] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1104208] [MD5.588762F716C2B7A2054AFBC3D58E5C21] - (.Intel(R) Corporation - Intel(R) BlueTooth(R) HS Security Manager S.) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [135952] =>.Intel Corporation [MD5.E87213F37A13E2B54391E40934F071D0] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144] [MD5.4AEDAB50F83580D0B4D6CF78191F92AA] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088] [MD5.64D25284A4E9D11CA0722AF3F30FD970] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [618256] =>.Intel Corporation [MD5.1355EBE184F9DAB1718BC587F8A7E05E] - (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.7D4B9A48430ED57ACA6373B71D5904CA] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] =>.Intel Corporation [MD5.832CE330DD987227B7DEA8C03F22AEFA] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [628448] =>.Intel Corporation [MD5.DBD76BC1D498FE368F2C8CB76C3E00A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] =>.Intel Corporation [MD5.86E4CC39C953D11EF57CF54C4DC78238] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] =>.Intel Corporation [MD5.71C6748EE8DE938532057EF10B4B7E44] - (.Micro-Star International Co., Ltd. - MSI SCM Service .) -- C:\Program Files (x86)\S-Bar\MSIService.exe [160768] [MD5.F3AF2B43F35DBB3A0EB9FEEEC7D62217] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [148752] =>.Intel Corporation [MD5.D80B1075B69B57A3AB78F750CE463ECE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] =>.Intel Corporation [MD5.74713CB32792F9C7632DAA7DA22CA974] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704] =>.Intel Corporation ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\windows\System32\systempropertiesperformance.exe ~ 3 Internet Explorer Management found in 0 second(s) ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] GoogleStore v.0.2 ( Désactivé ) G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 ( Activé ) =>.© G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] GoogleDrive v.6.3 ( Activé ) =>.© G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 ( Activé ) G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 ( Activé ) =>.© G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 ( Désactivé ) G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2018.95, ( Activé ) =>.© G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleWallet v.0.0.6.1 ( Activé ) =>.© G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 ( Activé ) =>.© ~ 16 Google Chrome Management found in 0 second(s) ---\\ Liste des dossiers d'extension Google Chrome G2 - EXT: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\aohghmighlieiainnegkcijnfilokake [Documents Google] G2 - EXT: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\apdfllckaahabafndbhieahigkjlhalf [GoogleDrive] G2 - EXT: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube] G2 - EXT: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google] G2 - EXT: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security] G2 - EXT: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\nmmhkkegccagdldgiimedpiccmgmieda [GoogleWallet] G2 - EXT: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\pjkljhegncpnkpknbcohdijeoejaedia [Gmail] ~ 7 Google Chrome Extension Folfers found in 0 second(s) ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (Ag Player) -- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization) -- C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL ~ 2 Mozilla Firefox Preference found in 0 second(s) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.© Google Inc. R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.© Google Inc. R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com =>.© Microsoft Corp. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com =>.© Google Inc. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) - C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0 ~ 25 Internet Explorer Management found in 0 second(s) ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local ~ 5 Proxy Management found in 0 second(s) ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File Scanned in 0 seconds ~ Nombre de lignes malwares (Malware Number Lines) : 0/21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll =>Toolbar.Avast O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll =>Toolbar.Avast O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL ~ 4 Browser Helper Objects found in 0 second(s) ---\\ Autres liens utilisateurs (O4) O4 - GS\Programs [Nicolas]: BetclicPoker.fr.lnk . (.Playtech - Playtech Client Engine Application.) -- C:\Poker\BetclicPoker.fr\casino.exe O4 - GS\Quick Launch [Nicolas]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - GS\Desktop [Nicolas]: BetclicPoker.fr.lnk . (.Playtech - Playtech Client Engine Application.) -- C:\Poker\BetclicPoker.fr\casino.exe O4 - GS\Desktop [Nicolas]: FZ45 Mode d'emploi.lnk . (...) -- C:\Program Files (x86)\Panasonic\Lumix\FZ45\guideFRE.pdf O4 - GS\Desktop [Nicolas]: malwere.lnk . (...) -- C:\Users\Nicolas\Desktop\Musique\malwere.txt O4 - GS\Desktop [Nicolas]: VirtualDJ PRO Full.lnk . (.Atomix Productions - VirtualDJ.) -- C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe O4 - GS\Desktop [Nicolas]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - GS\Programs [Public]: BetclicPoker.fr.lnk . (.Playtech - Playtech Client Engine Application.) -- C:\Poker\BetclicPoker.fr\casino.exe O4 - GS\Quick Launch [Public]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - GS\Desktop [Public]: BetclicPoker.fr.lnk . (.Playtech - Playtech Client Engine Application.) -- C:\Poker\BetclicPoker.fr\casino.exe O4 - GS\Desktop [Public]: FZ45 Mode d'emploi.lnk . (...) -- C:\Program Files (x86)\Panasonic\Lumix\FZ45\guideFRE.pdf O4 - GS\Desktop [Public]: malwere.lnk . (...) -- C:\Users\Nicolas\Desktop\Musique\malwere.txt O4 - GS\Desktop [Public]: VirtualDJ PRO Full.lnk . (.Atomix Productions - VirtualDJ.) -- C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - GS\Startup [Public]: PHOTOfunSTUDIO 5.0 HD Edition.lnk . (.Panasonic Corporation - AutoStartService.) -- C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe O4 - GS\Startup [Public]: SRS PC Sound.lnk . (...) -- C:\Program Files (x86)\SRS Labs\SRS Control Panel\SRSPanel_64.exe O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (...) -- C:\Windows\System32\fsquirt.exe O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\windows\system32\mspaint.exe ~ 19 Browser Shortcut Redirection found in 2 second(s) ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [MyDriveConnect.exe] . (.TomTom - MyDrive Connect.) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [ETDCtrl] . (...) -- C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.) O4 - HKLM\..\Run: [IgfxTray] . (...) -- C:\windows\system32\igfxtray.exe (.not file.) O4 - HKLM\..\Run: [HotKeysCmds] . (...) -- C:\windows\system32\hkcmd.exe (.not file.) O4 - HKLM\..\Run: [Persistence] . (...) -- C:\windows\system32\igfxpers.exe (.not file.) O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe O4 - HKLM\..\Wow6432Node\Run: [S-Bar] . (...) -- %PROGRAMFILES%\S-Bar\S-Bar.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirage] . (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - YouCam.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [mctadmin] . (...) -- C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [mctadmin] . (...) -- C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-21-2055724886-1454283372-1237832375-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent O4 - HKUS\S-1-5-21-2055724886-1454283372-1237832375-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-2055724886-1454283372-1237832375-1000\..\Run: [MyDriveConnect.exe] . (.TomTom - MyDrive Connect.) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe ~ 23 Running Process found in 0 second(s) ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de m.) -- C:\windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\windows\System32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\System32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provid.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provid.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ~ 9 Winsock hijacker scanned in 0 second(s) ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{CC7228F2-072D-4744-8413-BA82A4887BE5}: DhcpNameServer = 192.168.1.1 =>.Private Ip Address Lan O17 - HKLM\SYSTEM\CS1\Services\Tcpip\..\{CC7228F2-072D-4744-8413-BA82A4887BE5}: DhcpNameServer = 192.168.1.1 =>.Private Ip Address Lan O17 - HKLM\SYSTEM\CS2\Services\Tcpip\..\{CC7228F2-072D-4744-8413-BA82A4887BE5}: DhcpNameServer = 192.168.1.1 =>.Private Ip Address Lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 =>.Private Ip Address Lan ~ 4 DNS scanned in 0 second(s) ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll =>.© Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\System32\itss.dll =>.© Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.© Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\windows\system32\inetcomm.dll =>.© Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.© Microsoft Corporation O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\windows\System32\itss.dll =>.© Microsoft Corporation O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.© Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll =>.© Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.© Microsoft Corporation O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.© Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\windows\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\windows\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\windows\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.© Microsoft Corporation ~ 26 Protocols scanned in 0 second(s) ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.... -- Clé orphelineWebCheck Contrôleur de site Web =>.WebCheck Contrôleur de site Web O21 - SSO: Bluetooth Authentication Agent SSO - {F08C5AC2-E722-4116-ADB7-CE41B527994B} . (.Microsoft Corporation - Applet Panneau de configuration Bluetooth.) -- C:\Windows\System32\bthprops.cpl =>.Bluetooth Authentication O21 - SSO: HomeGroup SSO - {ff363bfe-4941-4179-a81c-f3f1ca72d820} . (.Microsoft Corporation - Panneau de configuration HomeGroup.) -- C:\windows\System32\hgcpl.dll =>.HomeGroup ShellServiceObject ~ 3 SSODL/SSO scanned in 0 second(s) ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) . (.Intel Corporation - Intel® Centrino® Wireless Bluetooth® 3.0 + .) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) . (.B.H.A Corporation - B's Recorder GOLD Service Library.) -- C:\Windows\SysWOW64\bgsvcgen.exe O23 - Service: Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) . (.Intel(R) Corporation - Intel(R) BlueTooth(R) HS Security Manager S.) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) . (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) . (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Micro Star SCM (Micro Star SCM) . (.Micro-Star International Co., Ltd. - MSI SCM Service .) -- C:\Program Files (x86)\S-Bar\MSIService.exe O23 - Service: (MSI Foundation Service) . (.MSI - MSI Foundation Service.) -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) . (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ~ 20 Services found in 0 second(s) ---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36) O36 - KnownDLLs: (clbcatq) . (.Microsoft Corporation - COM+ Configuration Catalog.) -- C:\windows\System32\clbcatq.dll =>.© Microsoft Corporation O36 - KnownDLLs: (ole32) . (.Microsoft Corporation - Microsoft OLE pour Windows.) -- C:\windows\System32\ole32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (advapi32) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\windows\System32\advapi32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (COMDLG32) . (.Microsoft Corporation - DLL commune de boîtes de dialogues.) -- C:\windows\System32\COMDLG32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (gdi32) . (.Microsoft Corporation - GDI Client DLL.) -- C:\windows\System32\gdi32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (IERTUTIL) . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\windows\System32\IERTUTIL.dll =>.© Microsoft Corporation O36 - KnownDLLs: (IMAGEHLP) . (.Microsoft Corporation - Windows NT Image Helper.) -- C:\windows\System32\IMAGEHLP.dll =>.© Microsoft Corporation O36 - KnownDLLs: (IMM32) . (.Microsoft Corporation - Multi-User Windows IMM32 API Client DLL.) -- C:\windows\System32\IMM32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (kernel32) . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\windows\System32\kernel32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (LPK) . (.Microsoft Corporation - Language Pack.) -- C:\windows\System32\LPK.dll =>.© Microsoft Corporation O36 - KnownDLLs: (MSCTF) . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\windows\System32\MSCTF.dll =>.© Microsoft Corporation O36 - KnownDLLs: (MSVCRT) . (.Microsoft Corporation - Windows NT CRT DLL.) -- C:\windows\System32\MSVCRT.dll =>.© Microsoft Corporation O36 - KnownDLLs: (NORMALIZ) . (.Microsoft Corporation - Unicode Normalization DLL.) -- C:\windows\System32\NORMALIZ.dll =>.© Microsoft Corporation O36 - KnownDLLs: (NSI) . (.Microsoft Corporation - NSI User-mode interface DLL.) -- C:\windows\System32\NSI.dll =>.© Microsoft Corporation O36 - KnownDLLs: (OLEAUT32) . (...) -- C:\windows\System32\OLEAUT32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (rpcrt4) . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\windows\System32\rpcrt4.dll =>.© Microsoft Corporation O36 - KnownDLLs: (sechost) . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\windows\System32\sechost.dll =>.© Microsoft Corporation O36 - KnownDLLs: (Setupapi) . (.Microsoft Corporation - Installation de L’API Windows.) -- C:\windows\System32\Setupapi.dll =>.© Microsoft Corporation O36 - KnownDLLs: (SHELL32) . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\windows\System32\SHELL32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (SHLWAPI) . (.Microsoft Corporation - Bibliothèque d’utilitaires légers du Shell.) -- C:\windows\System32\SHLWAPI.dll =>.© Microsoft Corporation O36 - KnownDLLs: (URLMON) . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\windows\System32\URLMON.dll =>.© Microsoft Corporation O36 - KnownDLLs: (user32) . (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\windows\System32\user32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (USP10) . (.Microsoft Corporation - Uniscribe Unicode script processor.) -- C:\windows\System32\USP10.dll =>.© Microsoft Corporation O36 - KnownDLLs: (WININET) . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\windows\System32\WININET.dll =>.© Microsoft Corporation O36 - KnownDLLs: (WLDAP32) . (.Microsoft Corporation - DLL API LDAP Win32.) -- C:\windows\System32\WLDAP32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (WS2_32) . (.Microsoft Corporation - Windows Socket 2.0 32-Bit DLL.) -- C:\windows\System32\WS2_32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (DifxApi) . (.Microsoft Corporation - Driver Install Frameworks for API library m.) -- C:\windows\System32\difxapi.dll =>.© Microsoft Corporation ~ 27 Session Manager Keys scanned in 1 second(s) ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [0] =>Trojan.Keygen [MD5.9E76CDD50C3DDDB739150D778EEC0B93] [APT] [avast! Emergency Update] (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [804304] [MD5.03E07421C99D99D2DB8F4E5CCB890B23] [APT] [CCleanerSkipUAC] (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [4524312] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] =>.Google Inc [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] =>.Google Inc [MD5.00000000000000000000000000000000] [APT] [{8B57CAD4-09FD-4B7F-B71A-FEAABA1BD8FC}] (.Microsoft Corporation - Assistant Compatibilité des programmes.) -- C:\windows\system32\pcalua.exe [0] [MD5.00000000000000000000000000000000] [APT] [{D776C52B-2229-4BAE-BCA0-6D514B897F3C}] (...) -- C:\Program Files (x86)\Surreal\Fellowship\Fellowship.exe [0] [MD5.00000000000000000000000000000000] [APT] [{F14BE4B9-0189-44A2-A9E7-4A0E1BC5BE5D}] (.Microsoft Corporation - Assistant Compatibilité des programmes.) -- C:\windows\system32\pcalua.exe [0] O39 - APT: AutoKMS - (...) -- C:\Windows\AutoKMS\AutoKMS.exe [0] =>Trojan.Keygen.) -- C:\windows\Tasks\AutoKMS.job [294] O39 - APT: AutoKMS - (...) -- C:\Windows\AutoKMS\AutoKMS.exe [0] =>Trojan.Keygen.) -- C:\windows\System32\Tasks\AutoKMS [294] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc. - Programme d'installation de Google.) -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc. - Programme d'installation de Google.) -- C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc. - Programme d'installation de Google.) -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc. - Programme d'installation de Google.) -- C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070] ~ 14 Scheduled Tasks found in 1 second(s) ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bit] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\windows\system32\wmploc.dll =>.© Microsoft Corporation O40 - ASIC: Themes Setup [64Bit] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\windows\system32\themeui.dll =>.© Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player [64Bit] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\windows\system32\wmploc.dll =>.© Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bit] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\windows\system32\shell32.dll =>.© Microsoft Corporation O40 - ASIC: Web Platform Customizations [64Bit] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.© Microsoft Corporation ~ 5 ActiveSetup scanned in 0 second(s) ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\windows\system32\drivers\afd.sys =>.© Microsoft O41 - Driver: avast! HardwareID (aswHwid) . (...) - C:\windows\system32\drivers\aswHwid.sys O41 - Driver: aswKbd (aswKbd) . (...) - C:\windows\system32\drivers\aswKbd.sys O41 - Driver: aswMonFlt (aswMonFlt) . (.AVAST Software - avast! File System Minifilter for Windows 2.) - C:\windows\system32\drivers\aswMonFlt.sys =>.© Avira Software =>.© AVAST Software O41 - Driver: Avast! Firewall Driver (aswNdisFlt) . (.AVAST Software - avast! Filtering NDIS driver.) - C:\windows\system32\DRIVERS\aswNdisFlt.sys O41 - Driver: aswRdr (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\windows\system32\drivers\aswRdr2.sys O41 - Driver: aswSnx (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\windows\system32\drivers\aswSnx.sys =>.© Avira Software =>.© AVAST Software O41 - Driver: aswSP (aswSP) . (.AVAST Software - avast! self protection module.) - C:\windows\system32\drivers\aswSP.sys =>.© Avira Software =>.© AVAST Software O41 - Driver: aswStm (aswStm) . (.AVAST Software - Stream Filter.) - C:\windows\system32\drivers\aswStm.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\windows\system32\drivers\blbdrive.sys =>.© Microsoft O41 - Driver: Pilote de CD-ROM (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\windows\system32\DRIVERS\cdrom.sys =>.© Microsoft O41 - Driver: C:\windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\windows\system32\Drivers\dfsc.sys =>.© Microsoft O41 - Driver: C:\windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\windows\system32\drivers\discache.sys =>.© Microsoft O41 - Driver: DAEMON Tools Virtual Bus Driver (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\windows\system32\DRIVERS\dtsoftbus01.sys O41 - Driver: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - C:\windows\system32\DRIVERS\lltdio.sys =>.© Microsoft O41 - Driver: C:\windows\system32\drivers\luafv.sys (luafv) . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - C:\windows\system32\drivers\luafv.sys =>.© Microsoft O41 - Driver: Microsoft System Management BIOS Driver (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\windows\system32\drivers\mssmbios.sys =>.© Microsoft O41 - Driver: NetBIOS Interface (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\windows\system32\DRIVERS\netbios.sys =>.© Microsoft O41 - Driver: C:\windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\windows\system32\DRIVERS\netbt.sys =>.© Microsoft O41 - Driver: C:\windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\windows\system32\drivers\nsiproxy.sys =>.© Microsoft O41 - Driver: PEAUTH (PEAUTH) . (.Microsoft Corporation - Protected Environment Authentication and Au.) - C:\windows\system32\drivers\peauth.sys =>.© Microsoft O41 - Driver: C:\windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\windows\system32\DRIVERS\pacer.sys =>.© Microsoft O41 - Driver: C:\windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\windows\system32\DRIVERS\rdbss.sys =>.© Microsoft O41 - Driver: C:\windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\windows\system32\DRIVERS\RDPCDD.sys =>.© Microsoft O41 - Driver: C:\windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\windows\system32\drivers\rdpencdd.sys =>.© Microsoft O41 - Driver: C:\windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\windows\system32\drivers\rdprefmp.sys =>.© Microsoft O41 - Driver: Link-Layer Topology Discovery Responder (rspndr) . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - C:\windows\system32\DRIVERS\rspndr.sys =>.© Microsoft O41 - Driver: TCP/IP Registry Compatibility (tcpipreg) . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - C:\windows\system32\drivers\tcpipreg.sys =>.© Microsoft O41 - Driver: C:\windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\windows\system32\DRIVERS\tdx.sys =>.© Microsoft O41 - Driver: Terminal Device Driver (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\windows\system32\drivers\termdd.sys =>.© Microsoft O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\windows\System32\drivers\vga.sys =>.© Microsoft O41 - Driver: Virtual WiFi Filter Driver (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\windows\system32\DRIVERS\wanarp.sys =>.© Microsoft O41 - Driver: WFP Lightweight Filter (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\windows\system32\DRIVERS\wfplwf.sys =>.© Microsoft ~ 34 Running Drivers scanned in 0 second(s) ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] [64Bits] -- Adobe Flash Player ActiveX =>.© Adobe Systems Incorporated O42 - Logiciel: avast! Free Antivirus - (.Avast Software.) [HKLM] [64Bits] -- avast =>.© Avast Software O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] [64Bits] -- DAEMON Tools Lite O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] [64Bits] -- Google Chrome =>.© Google Inc. O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] [64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.© CyberLink Corp. O42 - Logiciel: MAGIX Music Maker 16 Version à télécharger - (.MAGIX AG.) [HKLM] [64Bits] -- MAGIX Music Maker 16 Version à télécharger F O42 - Logiciel: MAGIX Photo Manager 9 - (.MAGIX AG.) [HKLM] [64Bits] -- MAGIX Photo Manager 9 F O42 - Logiciel: MAGIX Screenshare - (.MAGIX AG.) [HKLM] [64Bits] -- MAGIX Screenshare F O42 - Logiciel: MAGIX Speed burnR - (.MAGIX AG.) [HKLM] [64Bits] -- MAGIX Speed burnR F O42 - Logiciel: MAGIX Video easy SE - (.MAGIX AG.) [HKLM] [64Bits] -- MAGIX_MSI_Video_easy_SE O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.1.1004 - (.Malwarebytes Corporation.) [HKLM] [64Bits] -- Malwarebytes Anti-Malware_is1 =>.© Malwarebytes Corporation O42 - Logiciel: MyDriveConnect 3.3.0.1502 - (.TomTom.) [HKLM] [64Bits] -- MyDriveConnect =>.© TomTom O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM] [64Bits] -- VLC media player =>.© VideoLAN O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] [64Bits] -- WinLiveSuite =>.© Microsoft Corporation O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] [64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.© CyberLink Corp. O42 - Logiciel: Control ActiveX de Windows Live Mesh para conexiones remotas - (.Microsoft Corporation.) [HKLM] [64Bits] -- {04668DF2-D32F-4555-9C7E-35523DCD6544} =>.© Microsoft Corporation O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] [64Bits] -- {05E379CC-F626-4E7D-8354-463865B303BF} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] [64Bits] -- {062E4D94-8306-46D5-81B6-45E6AD09C799} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] [64Bits] -- {0D261C88-454B-46FE-B43B-640E621BDA11} =>.© Microsoft Corporation O42 - Logiciel: Galeria de Fotografias do Windows Live - (.Microsoft Corporation.) [HKLM] [64Bits] -- {0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {198EA334-8A3F-4CB2-9D61-6C10B8168A6F} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] [64Bits] -- {19BA08F7-C728-469C-8A35-BFBD3633BE08} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} =>.© Microsoft Corporation O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] [64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.© Microsoft Corporation O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] [64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} =>.© Microsoft Corporation O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM] [64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2} =>.© Intel Corporation O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] [64Bits] -- {25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E} =>.© Microsoft Corporation O42 - Logiciel: BurnRecovery - (.Micro-Star International Co., Ltd..) [HKLM] [64Bits] -- {2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F} O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] [64Bits] -- {2902F983-B4C1-44BA-B85D-5C6D52E2C441} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] [64Bits] -- {2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24} =>.© Microsoft Corporation O42 - Logiciel: La Bataille pour la Terre du Milieu™ II - (...) [HKLM] [64Bits] -- {2A9F95AB-65A3-432c-8631-B8BC5BF7477A} O42 - Logiciel: MSI Software Install - (.Micro-Star International Co., Ltd..) [HKLM] [64Bits] -- {332EBFE0-C39E-42D1-99B5-ABBBECAD71B6} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] [64Bits] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} =>.© Microsoft Corporation O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] [64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} =>.© Microsoft Corporation O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM] [64Bits] -- {34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] [64Bits] -- {34F4D9A4-42C2-4348-BEF4-E553C84549E7} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] [64Bits] -- {370F888E-42A7-4911-9E34-7D74632E17EB} =>.© Microsoft Corporation O42 - Logiciel: Microsoft SQL Server Compact 3.5 SP2 ENU - (.Microsoft Corporation.) [HKLM] [64Bits] -- {3A9FC03D-C685-4831-94CF-4EDFD3749497} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {3B9A92DA-6374-4872-B646-253F18624D5F} =>.© Microsoft Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] [64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} =>.© Intel Corporation O42 - Logiciel: La Bataille pour la Terre du Milieu(tm) - (...) [HKLM] [64Bits] -- {3F290582-3F4E-4B96-009C-E0BABAA40C42} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] [64Bits] -- {40BFD84C-64CD-42CC-9909-8734C50429C6} =>.© Microsoft Corporation O42 - Logiciel: Visual Studio C++ 10.0 Runtime - (.TomTom International B.V..) [HKLM] [64Bits] -- {4412F224-3849-4461-A3E9-DEEF8D252790} =>.© TomTom International B.V. O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] [64Bits] -- {46872828-6453-4138-BE1C-CE35FBF67978} =>.© Microsoft Corporation O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] [64Bits] -- {488F0347-C4A7-4374-91A7-30818BEDA710} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {48C0DC5E-820A-44F2-890E-29B68EDD3C78} =>.© Microsoft Corporation O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] [64Bits] -- {506FC723-8E6C-4417-9CFF-351F99130425} =>.© Microsoft Corporation O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] [64Bits] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} =>.© Microsoft Corporation O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] [64Bits] -- {579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] [64Bits] -- {5D273F60-0525-48BA-A5FB-D0CAA4A952AE} =>.© Microsoft Corporation O42 - Logiciel: MSI Battery Calibration - (.Micro-Star International Co., Ltd..) [HKLM] [64Bits] -- {619FA785-489B-4D22-911F-82D6EDF5BDB0} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] [64Bits] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} =>.© Microsoft Corporation O42 - Logiciel: MAGIX Video easy SE - (.MAGIX AG.) [HKLM] [64Bits] -- {63C88E0C-3C77-4F8E-8AC8-0BCD43E8FCED} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] [64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.© Intel Corporation O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] [64Bits] -- {677AAD91-1790-4FC5-B285-0E6A9D65F7DC} =>.© Microsoft Corporation O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] [64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] [64Bits] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] [64Bits] -- {6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] [64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] [64Bits] -- {73FC3510-6421-40F7-9503-EDAE4D0CF70D} =>.© Microsoft Corporation O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] [64Bits] -- {77477AEA-5757-47D8-8B33-939F43D82218} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] [64Bits] -- {78DAE910-CA72-450E-AD22-772CB1A00678} =>.© Microsoft Corporation O42 - Logiciel: Text-To-Speech-Runtime - (.Magix Development GmbH.) [HKLM] [64Bits] -- {7B3F0113-E63C-4D6D-AF19-111A3165CCA2} O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] [64Bits] -- {7D1C7B9F-2744-4388-B128-5C75B8BCCC84} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] [64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} =>.© Microsoft Corporation O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] [64Bits] -- {83C292B7-38A5-440B-A731-07070E81A64F} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] [64Bits] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} =>.© Microsoft Corporation O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] [64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.© Realtek O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] [64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.© Microsoft Corporation O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] [64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.© Microsoft O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] [64Bits] -- {8FF3891F-01B5-4A71-BFCD-20761890471C} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] [64Bits] -- {92EA4134-10D1-418A-91E1-5A0453131A38} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] [64Bits] -- {93E464B3-D075-4989-87FD-A828B5C308B1} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {95140000-0070-0000-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: PHOTOfunSTUDIO 5.0 HD Edition - (.Panasonic Corporation.) [HKLM] [64Bits] -- {959282E3-55A9-49D8-B885-D27CF8A2FD82} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] [64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} =>.© Realtek Semiconductor Corp. O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] [64Bits] -- {9D56775A-93F3-44A3-8092-840E3826DE30} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] [64Bits] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} =>.© Microsoft Corporation O42 - Logiciel: S-Bar - (. .) [HKLM] [64Bits] -- {A034A12D-D9B0-4BA1-9BBB-49A2E5224A6A} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] [64Bits] -- {A0C91188-C88F-4E86-93E6-CD7C9A266649} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] [64Bits] -- {A41A708E-3BE6-4561-855D-44027C1CF0F8} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} =>.© Microsoft Corporation O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] [64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.© Google Inc. O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] [64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {AAF454FC-82CA-4F29-AB31-6A109485E76E} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] [64Bits] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A} =>.© Microsoft Corporation O42 - Logiciel: Adobe Reader X (10.1.9) - Français - (.Adobe Systems Incorporated.) [HKLM] [64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} =>.© Adobe Systems Incorporated O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] [64Bits] -- {B618C3BF-5142-4630-81DD-F96864F97C7E} =>.© Microsoft Corporation O42 - Logiciel: VirtualDJ PRO Full - (.Atomix Productions.) [HKLM] [64Bits] -- {C515E2A3-4878-4C85-A519-52630C7AB08B} O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] [64Bits] -- {C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] [64Bits] -- {C66824E4-CBB3-4851-BB3F-E8CFD6350923} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] [64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} =>.© Microsoft Corporation O42 - Logiciel: WinZip 15.0 - (.WinZip Computing, S.L. .) [HKLM] [64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240C1} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] [64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} =>.© Microsoft Corporation O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] [64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.© Microsoft O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] [64Bits] -- {D436F577-1695-4D2F-8B44-AC76C99E0002} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] [64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} =>.© Microsoft Corporation O42 - Logiciel: MSI HOUSE - (.MSI.) [HKLM] [64Bits] -- {DA5597C9-9216-44FF-9670-D1E48817B998} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] [64Bits] -- {DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] [64Bits] -- {DDC8BDEE-DCAC-404D-8257-3E8D4B782467} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] [64Bits] -- {DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] [64Bits] -- {DE8F99FD-2FC7-4C98-AA67-2729FDE1F040} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] [64Bits] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] [64Bits] -- {DEF91E0F-D266-453D-B6F2-1BA002B40CB6} =>.© Microsoft Corporation O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] [64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.© Microsoft O42 - Logiciel: Controlo ActiveX do Windows Live Mesh para Ligações Remotas - (.Microsoft Corporation.) [HKLM] [64Bits] -- {E54EEB5D-41ED-40FE-B4A8-8565DB81469B} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] [64Bits] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] [64Bits] -- {E727A662-AF9F-4DEE-81C5-F4A1686F3DFC} =>.© Microsoft Corporation O42 - Logiciel: Galería fotográfica de Windows Live - (.Microsoft Corporation.) [HKLM] [64Bits] -- {E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66} =>.© Microsoft Corporation O42 - Logiciel: Raccolta foto di Windows Live - (.Microsoft Corporation.) [HKLM] [64Bits] -- {ED16B700-D91F-44B0-867C-7EB5253CA38D} =>.© Microsoft Corporation O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] [64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} =>.© Microsoft Corporation O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] [64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.© Intel Corporation O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] [64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.© Realtek Semiconductor Corp. O42 - Logiciel: Intel(R) OpenCL CPU Runtime - (.Intel Corporation.) [HKLM] [64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} =>.© Intel Corporation O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] [64Bits] -- {FCDE76CB-989D-4E32-9739-6A272D2B0ED7} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] [64Bits] -- {FE044230-9CA5-43F7-9B58-5AC5A28A1F33} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] [64Bits] -- {FF3DFA01-1E98-46B4-A065-DA8AD47C9598} =>.© Microsoft Corporation O42 - Logiciel: CCleaner - (.Piriform.) [HKLM]-- CCleaner =>.© Piriform O42 - Logiciel: ETDWare PS/2-X64 8.0.5.7_WHQL - (.ELAN Microelectronic Corp..) [HKLM]-- Elantech =>.© ELAN Microelectronic Corp. O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM]-- Office14.PROPLUS =>.© Microsoft Corporation O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM]-- ProInst O42 - Logiciel: PC Sound - (.SRS Labs, Inc..) [HKLM]-- {07A1EBCD-719C-4FEC-98B7-DB535254F292} =>.© SRS Labs, Inc. O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM]-- {09536BA1-E498-4CC3-B834-D884A67D7E34} =>.© Intel Corporation O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM]-- {180C8888-50F1-426B-A9DC-AB83A1989C65} =>.© Microsoft Corporation O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM]-- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM]-- {1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67} =>.© Microsoft Corporation O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM]-- {23170F69-40C1-2702-0920-000001000000} O42 - Logiciel: Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed - (.Intel Corporation.) [HKLM]-- {2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C} =>.© Intel Corporation O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM]-- {5E2CD4FB-4538-4831-8176-05D653C3E6D4} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM]-- {5FEAD3E5-A158-4B66-B92B-0C959D7CF838} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM]-- {656DEEDE-F6AC-47CA-A568-A1B4E34B5760} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM]-- {692CCE55-9EAE-4F57-A834-092882E7FE0B} =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4.5.1 - (.Microsoft Corporation.) [HKLM]-- {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM]-- {847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM]-- {8970AE69-40BE-4058-9916-0ACB1B974A3D} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM]-- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM]-- {8EB588BD-D398-40D0-ADF7-BE1CEEF7C116} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0011-0000-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0015-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0016-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0018-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0019-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001A-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001B-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001F-0401-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001F-0407-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001F-0409-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001F-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001F-0413-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-001F-0C0A-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-002C-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Office 32-bit Components 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0043-0000-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Shared 32-bit MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0043-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-0044-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-006E-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-00A1-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM]-- {90140000-00BA-040C-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4.5.1 - (.Microsoft Corporation.) [HKLM]-- {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 =>.© Microsoft Corporation O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM]-- {95120000-00B9-0409-1000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM]-- {A679FBE4-BA2D-4514-8834-030982C8B31A} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM]-- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F} =>.© Microsoft Corporation O42 - Logiciel: Microsoft SQL Server Compact 3.5 SP2 x64 ENU - (.Microsoft Corporation.) [HKLM]-- {D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3} =>.© Microsoft Corporation O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM]-- {DA54F80E-261C-41A2-A855-549A144F2F59} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM]-- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E} =>.© Microsoft Corporation O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM]-- {DF6D988A-EEA0-4277-AAB8-158E086E439B} =>.© Microsoft Corporation O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM]-- {DF7756DD-656A-45C3-BA71-74673E8259A9} =>.© Intel Corporation O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM]-- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F} =>.© Microsoft Corporation O42 - Logiciel: Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology - (.Intel Corporation.) [HKLM]-- {F0932859-AA60-459E-B843-0BDECA34E2C7} =>.© Intel Corporation ~ 172 Softwares scanned in 0 second(s) ---\\ Clés de registre software HKCU & HKLM HKLM\SOFTWARE\7-Zip HKLM\SOFTWARE\ATI Technologies =>.© ATI Technologies HKLM\SOFTWARE\CBSTEST HKLM\SOFTWARE\CoreSecurity HKLM\SOFTWARE\Intel =>.© Intel HKLM\SOFTWARE\Khronos HKLM\SOFTWARE\Microsoft =>.© Microsoft HKLM\SOFTWARE\MozillaPlugins =>.© MozillaPlugins HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Piriform =>.© Piriform HKLM\SOFTWARE\Realtek =>.© Realtek HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.© Realtek Semiconductor Corp. HKLM\SOFTWARE\RTLSetup HKLM\SOFTWARE\Sonic HKLM\SOFTWARE\SRS Labs =>.© SRS Labs HKLM\SOFTWARE\Wow6432Node\ HKLM\SOFTWARE\Wow6432Node\Adobe =>.© Adobe HKLM\SOFTWARE\Wow6432Node\Bunndle HKLM\SOFTWARE\Wow6432Node\CyberLink =>.© CyberLink HKLM\SOFTWARE\Wow6432Node\Disc Soft HKLM\SOFTWARE\Wow6432Node\DT Soft HKLM\SOFTWARE\Wow6432Node\EA GAMES HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\Google =>.© Google HKLM\SOFTWARE\Wow6432Node\InstallShield =>.© InstallShield HKLM\SOFTWARE\Wow6432Node\Intel =>.© Intel HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\lameme HKLM\SOFTWARE\Wow6432Node\Macromedia =>.© Macromedia HKLM\SOFTWARE\Wow6432Node\Magix HKLM\SOFTWARE\Wow6432Node\Magix Development HKLM\SOFTWARE\Wow6432Node\Micro-Star International Co., Ltd. HKLM\SOFTWARE\Wow6432Node\Microsoft =>.© Microsoft HKLM\SOFTWARE\Wow6432Node\Mozilla =>.© Mozilla HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.© MozillaPlugins HKLM\SOFTWARE\Wow6432Node\MSI HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Panasonic HKLM\SOFTWARE\Wow6432Node\Realtek =>.© Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.© Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Shortcut_Module HKLM\SOFTWARE\Wow6432Node\TomTom =>.© TomTom HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.© VideoLAN HKLM\SOFTWARE\Wow6432Node\VirtualDJ HKCU\Software\7-Zip HKCU\Software\Adobe =>.© Adobe HKCU\Software\BetclicPoker.fr HKCU\Software\BitTorrent =>P2P.BitTorrent HKCU\Software\Condut HKCU\Software\CyberLink =>.© CyberLink HKCU\Software\Disc Soft HKCU\Software\DT Soft HKCU\Software\Elantech HKCU\Software\Google =>.© Google HKCU\Software\Intel =>.© Intel HKCU\Software\Ligos HKCU\Software\MAGIX HKCU\Software\Magix Development HKCU\Software\Microsoft =>.© Microsoft HKCU\Software\Mozilla =>.© Mozilla HKCU\Software\MozillaPlugins =>.© MozillaPlugins HKCU\Software\Netscape =>.© Netscape HKCU\Software\Nico Mak Computing HKCU\Software\ODBC HKCU\Software\Piriform =>.© Piriform HKCU\Software\PTECH HKCU\Software\Realtek =>.© Realtek HKCU\Software\SecuROM =>.© SecuROM HKCU\Software\SRS Labs =>.© SRS Labs HKCU\Software\TomTom =>.© TomTom HKCU\Software\VirtualDJ HKCU\Software\WinZip Computing HKCU\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8} HKCU\Software\ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ ƒEƒBƒU[ƒh‚Ŷ¬‚³‚ꂽƒ[ƒJƒ‹ ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ HKCU\Software\AppDataLow\Software\Microsoft =>.© Microsoft ~ 76 Software Keys scanned in 0 second(s) ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 08/10/2013 - 11:56:45 - [] ----D- C:\Program Files (x86)\Adobe =>.© O43 - CFD: 03/07/2012 - 18:33:04 - [] ----D- C:\Program Files (x86)\Cisco =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 03/07/2012 - 19:04:34 - [] ----D- C:\Program Files (x86)\CyberLink =>.© O43 - CFD: 04/11/2013 - 15:22:18 - [] ----D- C:\Program Files (x86)\DAEMON Tools Lite =>.© O43 - CFD: 04/11/2013 - 22:21:32 - [] ----D- C:\Program Files (x86)\EA GAMES O43 - CFD: 14/12/2013 - 17:56:07 - [] ----D- C:\Program Files (x86)\Electronic Arts =>.© O43 - CFD: 08/10/2013 - 12:41:07 - [] ----D- C:\Program Files (x86)\Google O43 - CFD: 03/07/2012 - 18:25:03 - [] --H-D- C:\Program Files (x86)\InstallShield Installation Information =>.© O43 - CFD: 03/07/2012 - 18:03:35 - [] ----D- C:\Program Files (x86)\Intel O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Internet Explorer =>.© O43 - CFD: 08/10/2013 - 11:53:55 - [] ----D- C:\Program Files (x86)\MAGIX =>.© O43 - CFD: 05/05/2014 - 18:17:18 - [] ----D- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.© O43 - CFD: 09/10/2013 - 18:58:03 - [] ----D- C:\Program Files (x86)\Microsoft Analysis Services =>.© Microsoft O43 - CFD: 03/07/2012 - 19:19:25 - [] ----D- C:\Program Files (x86)\Microsoft Office =>.© Microsoft O43 - CFD: 21/10/2013 - 22:54:12 - [] ----D- C:\Program Files (x86)\Microsoft Silverlight =>.© Microsoft O43 - CFD: 03/07/2012 - 19:26:21 - [] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition =>.© Microsoft O43 - CFD: 21/04/2014 - 10:44:37 - [] ----D- C:\Program Files (x86)\Microsoft Synchronization Services =>.© Microsoft O43 - CFD: 09/10/2013 - 19:00:05 - [] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8 =>.© Microsoft O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\MSBuild =>.© O43 - CFD: 03/07/2012 - 19:09:49 - [] ----D- C:\Program Files (x86)\MSI O43 - CFD: 12/04/2014 - 17:51:07 - [] ----D- C:\Program Files (x86)\MyDrive Connect =>.© O43 - CFD: 21/04/2014 - 10:44:53 - [] ----D- C:\Program Files (x86)\Panasonic =>.© O43 - CFD: 03/07/2012 - 18:37:32 - [] ----D- C:\Program Files (x86)\Realtek =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Reference Assemblies =>.© O43 - CFD: 03/07/2012 - 19:03:42 - [] ----D- C:\Program Files (x86)\S-Bar O43 - CFD: 03/07/2012 - 18:38:36 - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 08/10/2013 - 15:51:56 - [] ----D- C:\Program Files (x86)\VideoLAN =>.© O43 - CFD: 31/10/2013 - 11:27:07 - [] ----D- C:\Program Files (x86)\VirtualDJ O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Defender =>.© O43 - CFD: 03/07/2012 - 19:25:41 - [] ----D- C:\Program Files (x86)\Windows Live =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Windows Mail =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Media Player =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Photo Viewer =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Portable Devices =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Sidebar =>.© O43 - CFD: 03/07/2012 - 19:16:00 - [] ----D- C:\Program Files (x86)\WinZip =>.© O43 - CFD: 08/10/2013 - 11:56:45 - [] ----D- C:\Program Files (x86)\Common Files\Adobe =>.© O43 - CFD: 03/07/2012 - 18:38:35 - [] ----D- C:\Program Files (x86)\Common Files\InstallShield =>.© O43 - CFD: 03/07/2012 - 18:18:49 - [] ----D- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 03/07/2012 - 18:30:21 - [] ----D- C:\Program Files (x86)\Common Files\Intel Corporation =>.© O43 - CFD: 08/10/2013 - 11:53:54 - [] ----D- C:\Program Files (x86)\Common Files\MAGIX Services =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\microsoft shared =>.© O43 - CFD: 21/04/2014 - 10:45:04 - [] ----D- C:\Program Files (x86)\Common Files\Panasonic =>.© O43 - CFD: 03/07/2012 - 18:23:43 - [] ----D- C:\Program Files (x86)\Common Files\postureAgent =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\SpeechEngines =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 03/07/2012 - 19:24:52 - [] ----D- C:\Program Files (x86)\Common Files\Windows Live =>.© O43 - CFD: 19/10/2013 - 19:58:31 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/07/2009 - 07:32:38 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.© O43 - CFD: 25/01/2014 - 17:09:30 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast =>.© O43 - CFD: 25/04/2014 - 20:14:11 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 03/07/2012 - 19:05:01 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam =>.© O43 - CFD: 04/11/2013 - 22:26:07 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES O43 - CFD: 14/12/2013 - 18:05:53 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 08/10/2013 - 12:43:37 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome =>.© O43 - CFD: 03/07/2012 - 18:25:21 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 03/07/2012 - 18:33:07 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless O43 - CFD: 04/11/2013 - 16:45:10 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\La Communauté de L'Anneau O43 - CFD: 08/10/2013 - 11:54:13 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 05/05/2014 - 18:17:21 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.© O43 - CFD: 09/10/2013 - 19:08:01 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.© Microsoft O43 - CFD: 21/10/2013 - 22:55:30 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.© Microsoft O43 - CFD: 03/07/2012 - 19:10:01 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI O43 - CFD: 21/04/2014 - 10:45:50 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic =>.© O43 - CFD: 03/07/2012 - 19:03:43 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S-Bar O43 - CFD: 09/10/2013 - 19:08:01 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 25/04/2014 - 21:42:02 - [0] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft-Now bundle =>PUP.SoftNow O43 - CFD: 03/07/2012 - 19:10:35 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 03/07/2012 - 02:52:24 - [0] R-H-D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 12/04/2014 - 17:51:19 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom =>.© O43 - CFD: 04/01/2014 - 14:15:20 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.© O43 - CFD: 03/07/2012 - 19:26:39 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live =>.© O43 - CFD: 03/07/2012 - 19:16:11 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.© O43 - CFD: 08/10/2013 - 11:56:32 - [] ----D- C:\ProgramData\Adobe =>.© O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Application Data =>.© O43 - CFD: 08/10/2013 - 18:55:21 - [] ----D- C:\ProgramData\AVAST Software =>.© O43 - CFD: 08/10/2013 - 12:41:45 - [] ----D- C:\ProgramData\CyberLink =>.© O43 - CFD: 31/10/2013 - 14:57:42 - [] ----D- C:\ProgramData\DAEMON Tools Lite =>.© O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Desktop =>.© O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Documents =>.© O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Favorites =>.© O43 - CFD: 03/07/2012 - 18:24:20 - [] ----D- C:\ProgramData\Intel O43 - CFD: 08/10/2013 - 11:54:02 - [] ----D- C:\ProgramData\MAGIX =>.© O43 - CFD: 05/05/2014 - 18:17:18 - [] ----D- C:\ProgramData\Malwarebytes =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] -S--D- C:\ProgramData\Microsoft =>.© Microsoft O43 - CFD: 09/10/2013 - 18:56:40 - [] ----D- C:\ProgramData\Microsoft Help =>.© Microsoft O43 - CFD: 03/07/2012 - 18:33:27 - [] ----D- C:\ProgramData\Roaming O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 03/07/2012 - 19:03:56 - [] ----D- C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Templates =>.© O43 - CFD: 03/07/2012 - 19:23:50 - [] ----D- C:\ProgramData\Trend Micro O43 - CFD: 03/07/2012 - 19:16:03 - [] ----D- C:\ProgramData\WinZip =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs =>.© O43 - CFD: 14/10/2013 - 16:25:19 - [] ----D- C:\Users\Nicolas\AppData\Local\Adobe =>.© O43 - CFD: 08/10/2013 - 11:50:58 - [?] -SH-D- C:\Users\Nicolas\AppData\Local\Application Data =>.© O43 - CFD: 08/10/2013 - 12:40:51 - [] ----D- C:\Users\Nicolas\AppData\Local\Apps O43 - CFD: 08/10/2013 - 12:41:38 - [] ----D- C:\Users\Nicolas\AppData\Local\CyberLink =>.© O43 - CFD: 08/10/2013 - 12:40:51 - [0] ----D- C:\Users\Nicolas\AppData\Local\Deployment O43 - CFD: 08/10/2013 - 12:12:26 - [0] ----D- C:\Users\Nicolas\AppData\Local\Diagnostics O43 - CFD: 08/10/2013 - 12:41:04 - [] ----D- C:\Users\Nicolas\AppData\Local\Google O43 - CFD: 08/10/2013 - 11:50:58 - [?] -SH-D- C:\Users\Nicolas\AppData\Local\Historique =>.© O43 - CFD: 08/10/2013 - 11:58:14 - [] ----D- C:\Users\Nicolas\AppData\Local\Micro-Star_International_ O43 - CFD: 08/10/2013 - 11:50:58 - [] ----D- C:\Users\Nicolas\AppData\Local\Microsoft =>.© Microsoft O43 - CFD: 08/10/2013 - 14:23:00 - [] ----D- C:\Users\Nicolas\AppData\Local\Microsoft Games =>.© Microsoft O43 - CFD: 09/10/2013 - 18:57:07 - [0] ----D- C:\Users\Nicolas\AppData\Local\Microsoft Help =>.© Microsoft O43 - CFD: 21/04/2014 - 10:48:00 - [] ----D- C:\Users\Nicolas\AppData\Local\Panasonic =>.© O43 - CFD: 04/11/2013 - 16:03:36 - [] ----D- C:\Users\Nicolas\AppData\Local\Programs =>.© O43 - CFD: 08/10/2013 - 11:57:48 - [] ----D- C:\Users\Nicolas\AppData\Local\SRS Labs =>.© O43 - CFD: 08/10/2013 - 11:50:58 - [] ----D- C:\Users\Nicolas\AppData\Local\Temp O43 - CFD: 08/10/2013 - 11:50:58 - [?] -SH-D- C:\Users\Nicolas\AppData\Local\Temporary Internet Files =>.© O43 - CFD: 12/04/2014 - 17:51:20 - [] ----D- C:\Users\Nicolas\AppData\Local\TomTom =>.© O43 - CFD: 08/10/2013 - 11:51:27 - [] ----D- C:\Users\Nicolas\AppData\Local\VirtualStore =>.© O43 - CFD: 04/11/2013 - 22:29:14 - [] ----D- C:\Users\Nicolas\AppData\Local\WinZip =>.© ~ 121 Folders found in 1 second(s) ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.5869FBC754578A59C8C8635B99DB79DE] - 04/05/2014 - 03:00:53 ---A-- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\windows\System32\mshtml.dll [17384448] =>.© Microsoft O44 - LFC:[MD5.2518D1922371892ADEF1F07147DBD72A] - 04/05/2014 - 03:00:51 ---A-- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\windows\System32\mshtml.tlb [2724864] =>.© Microsoft O44 - LFC:[MD5.0B5A0005C0BDF4A05174576AF80DEA04] - 02/05/2014 - 17:31:10 ---A-- . (.AVAST Software - avast! Screen Saver stub.) -- C:\windows\avastSS.scr [43152] O44 - LFC:[MD5.00000000000000000000000000000000] - ----D- . (...) -- C:\windows\ERUNT [0] ~ 4 Last Acceded System File scanned in 2 second(s) ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP: 06/11/2013 - 18:07:10 ---A-- - C:\windows\Prefetch\DEALPLYLIVE.EXE-EC78F127.pf =>PUP.DealPly ~ 1 Malware Prefetcher Files found in 0 second(s) ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O46 - SEH: Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL ~ 2 ShellExecuteHooks Files found in 0 second(s) ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\windows\System32\msv1_0.dll =>.© Microsoft O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configurat.) -- C:\windows\System32\scecli.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\windows\System32\kerberos.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\windows\System32\msv1_0.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\windows\System32\schannel.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\windows\System32\wdigest.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\windows\System32\tspkg.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\windows\System32\pku2u.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\windows\System32\livessp.dll =>.© Microsoft ~ 9 Local Security Authority found in 0 second(s) ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\windows\System32\drivers\sermouse.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\windows\System32\drivers\vga.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\windows\System32\drivers\vgasave.sys (.not file.) =>.© O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\windows\System32\drivers\volmgr.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) -- C:\windows\System32\drivers\volmgrx.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\windows\System32\drivers\ipnat.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\windows\System32\drivers\nsiproxy.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\windows\System32\drivers\rdpencdd.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\windows\System32\drivers\sermouse.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\windows\System32\drivers\vga.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\windows\System32\drivers\vgasave.sys (.not file.) =>.© O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\windows\System32\drivers\volmgr.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) -- C:\windows\System32\drivers\volmgrx.sys =>.© Microsoft ~ 13 Safe Boot Control scanned in 0 second(s) ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\System32\credssp.dll =>.© Microsoft ~ 1 Control Security Providers scanned in 0 second(s) ---\\ Liste des pilotes démarrés par le système (SDL) (O58) O58 - SDL:[MD5.79059559E89D06E8B80CE2944BE20228] - 13/11/2013-06:14:36 . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\windows\system32\drivers\afd.sys [497152] =>.© Microsoft O58 - SDL:[MD5.340B0467E98A8C92697D73034DB4BCB7] - (aswHwid) . (...) -- C:\windows\system32\drivers\aswHwid.sys [29208] O58 - SDL:[MD5.00000000000000000000000000000000] - (aswKbd) . (...) -- C:\windows\system32\drivers\aswKbd.sys [0] O58 - SDL:[MD5.ED5B09937D559FFA53FC988D20031E98] - 08/10/2013-18:56:47 . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\windows\system32\drivers\aswMonFlt.sys [79184] =>.© O58 - SDL:[MD5.7F6904FC2E5EDD0F3B944EAB4AFE073C] - 21/02/2014-19:49:55 . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\windows\system32\DRIVERS\aswNdisFlt.sys [440672] =>.© O58 - SDL:[MD5.33C77DCB0AEC76E26BD6352A1A5281BB] - 08/10/2013-18:56:49 . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\windows\system32\drivers\aswRdr2.sys [93568] =>.© O58 - SDL:[MD5.1C159A357210CAB8974D5FBA068DC38F] - 08/10/2013-18:56:48 . (.AVAST Software - avast! Virtualization Driver.) -- C:\windows\system32\drivers\aswSnx.sys [1039096] =>.© O58 - SDL:[MD5.5545FB5B49268C903F311849DB1942ED] - 08/10/2013-18:56:49 . (.AVAST Software - avast! self protection module.) -- C:\windows\system32\drivers\aswSP.sys [423240] =>.© O58 - SDL:[MD5.708689376A3FD6C6897C69D272E19F4B] - 25/01/2014-17:09:00 . (.AVAST Software - Stream Filter.) -- C:\windows\system32\drivers\aswStm.sys [85328] =>.© O58 - SDL:[MD5.61583EE3C3A17003C4ACD0475646B4D3] - 14/07/2009-01:35:59 . (.Microsoft Corporation - BLB Drive Driver.) -- C:\windows\system32\drivers\blbdrive.sys [45056] =>.© Microsoft O58 - SDL:[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010-05:23:47 . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\windows\system32\DRIVERS\cdrom.sys [147456] =>.© Microsoft O58 - SDL:[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010-05:24:32 . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\windows\system32\Drivers\dfsc.sys [102400] =>.© Microsoft O58 - SDL:[MD5.13096B05847EC78F0977F2C0F79E9AB3] - 14/07/2009-01:37:18 . (.Microsoft Corporation - System Indexer/Cache Driver.) -- C:\windows\system32\drivers\discache.sys [40448] =>.© Microsoft O58 - SDL:[MD5.6A0E850DDCB136AA3D2FB7234382DF12] - 04/11/2013-15:22:39 . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\windows\system32\DRIVERS\dtsoftbus01.sys [283064] O58 - SDL:[MD5.1538831CF8AD2979A04C423779465827] - 14/07/2009-02:08:51 . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\windows\system32\DRIVERS\lltdio.sys [60928] =>.© Microsoft O58 - SDL:[MD5.43D0F98E1D56CCDDB0D5254CFF7B356E] - 14/07/2009-01:26:13 . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) -- C:\windows\system32\drivers\luafv.sys [113152] =>.© Microsoft O58 - SDL:[MD5.0EED230E37515A0EAEE3C2E1BC97B288] - 14/07/2009-01:31:10 . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\windows\system32\drivers\mssmbios.sys [32320] =>.© Microsoft O58 - SDL:[MD5.86743D9F5D2B1048062B14B1D84501C4] - 14/07/2009-02:09:26 . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\windows\system32\DRIVERS\netbios.sys [44544] =>.© Microsoft O58 - SDL:[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010-05:23:51 . (.Microsoft Corporation - MBT Transport driver.) -- C:\windows\system32\DRIVERS\netbt.sys [261632] =>.© Microsoft O58 - SDL:[MD5.E7F5AE18AF4168178A642A9247C63001] - 14/07/2009-01:21:03 . (.Microsoft Corporation - NSI Proxy.) -- C:\windows\system32\drivers\nsiproxy.sys [24576] =>.© Microsoft O58 - SDL:[MD5.68769C3356B3BE5D1C732C97B9A80D6E] - 14/07/2009-01:51:01 . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\windows\system32\drivers\peauth.sys [651264] =>.© Microsoft O58 - SDL:[MD5.0557CF5A2556BD58E26384169D72438D] - 21/11/2010-05:24:08 . (.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\windows\system32\DRIVERS\pacer.sys [131584] =>.© Microsoft O58 - SDL:[MD5.77F665941019A1594D887A74F301FA2F] - 21/11/2010-05:24:08 . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) -- C:\windows\system32\DRIVERS\rdbss.sys [309248] =>.© Microsoft O58 - SDL:[MD5.CEA6CC257FC9B7715F1C2B4849286D24] - 14/07/2009-02:16:34 . (.Microsoft Corporation - RDP Miniport.) -- C:\windows\system32\DRIVERS\RDPCDD.sys [7680] =>.© Microsoft O58 - SDL:[MD5.BB5971A4F00659529A5C44831AF22365] - 14/07/2009-02:16:34 . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\windows\system32\drivers\rdpencdd.sys [7680] =>.© Microsoft O58 - SDL:[MD5.216F3FA57533D98E1F74DED70113177A] - 14/07/2009-02:16:35 . (.Microsoft Corporation - RDP Reflector Driver Miniport.) -- C:\windows\system32\drivers\rdprefmp.sys [8192] =>.© Microsoft O58 - SDL:[MD5.DDC86E4F8E7456261E637E3552E804FF] - 14/07/2009-02:08:51 . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\windows\system32\DRIVERS\rspndr.sys [76800] =>.© Microsoft O58 - SDL:[MD5.1B16D0BD9841794A6E0CDE0CEF744ABC] - 09/10/2013-23:47:55 . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\windows\system32\drivers\tcpipreg.sys [45568] =>.© Microsoft O58 - SDL:[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010-05:24:32 . (.Microsoft Corporation - TDI Translation Driver.) -- C:\windows\system32\DRIVERS\tdx.sys [119296] =>.© Microsoft O58 - SDL:[MD5.561E7E1F06895D78DE991E01DD0FB6E5] - 21/11/2010-05:23:47 . (.Microsoft Corporation - Remote Desktop Server Driver.) -- C:\windows\system32\drivers\termdd.sys [63360] =>.© Microsoft O58 - SDL:[MD5.53E92A310193CB3C03BEA963DE7D9CFC] - 14/07/2009-01:38:48 . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\windows\System32\drivers\vga.sys [29184] =>.© Microsoft O58 - SDL:[MD5.6A3D66263414FF0D6FA754C646612F3F] - 14/07/2009-02:07:22 . (.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\windows\system32\DRIVERS\vwififlt.sys [59904] =>.© Microsoft O58 - SDL:[MD5.356AFD78A6ED4457169241AC3965230C] - 21/11/2010-05:24:11 . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\windows\system32\DRIVERS\wanarp.sys [88576] =>.© Microsoft O58 - SDL:[MD5.611B23304BF067451A9FDEE01FBDD725] - 14/07/2009-02:09:26 . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) -- C:\windows\system32\DRIVERS\wfplwf.sys [12800] =>.© Microsoft ~ 34 System Drivers scanned in 1 second(s) ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 07/05/2014 - 18:32:31 ---A-- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware .) -- C:\Users\Nicolas\Downloads\mbam-setup-2.0.1.1004 (1).exe [17305616] O61 - LFC: 05/05/2014 - 18:13:20 ---A-- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware .) -- C:\Users\Nicolas\Downloads\mbam-setup-2.0.1.1004.exe [17305616] O61 - LFC: 04/05/2014 - 13:24:54 ---A-- . (...) -- C:\Users\Nicolas\Downloads\RogueKillerX64.exe [4527616] O61 - LFC: 10/05/2014 - 14:16:52 ---A-- . (...) -- C:\Users\Nicolas\Downloads\Shortcut_Module.exe [2560000] O61 - LFC: 03/05/2014 - 13:53:43 ---A-- . (...) -- C:\Users\Nicolas\Downloads\VOTRE FORMULAIRE CAST.pdf [164380] ~ 5 Last File Acceded scanned in 0 second(s) ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - C:\windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID O64 - Services: CurCS - C:\windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) -- LEGACY_ASWMONFLT O64 - Services: CurCS - C:\windows\system32\DRIVERS\aswNdisFlt.sys (aswNdisFlt) .(.AVAST Software - avast! Filtering NDIS driver.) -- LEGACY_ASWNDISFLT O64 - Services: CurCS - C:\windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) -- LEGACY_ASWRDR O64 - Services: CurCS - avast! Revert (aswRvrt) .(...) - LEGACY_ASWRVRT O64 - Services: CurCS - C:\windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) -- LEGACY_ASWSNX O64 - Services: CurCS - C:\windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) -- LEGACY_ASWSP O64 - Services: CurCS - C:\windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) -- LEGACY_ASWSTM O64 - Services: CurCS - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - avast! VM Monitor (aswVmm) .(...) - LEGACY_ASWVMM O64 - Services: CurCS - Beep (Beep) .(.Microsoft Corporation - Beep Driver.) -- LEGACY_BEEP =>.© Microsoft Corporation O64 - Services: CurCS - exFAT File System Driver (exfat) .(...) - LEGACY_EXFAT O64 - Services: CurCS - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR ~ 15 Legacy Keys found in 0 second(s) ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\windows\System32\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ~ 10 File Association Shell Spawning scanned in 0 second(s) ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.© Google Inc. O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.© Microsoft O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ~ 8 Start Menu Internet found in 1 second(s) ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{5DA6733A-8097-4635-8797-D97B4CD9E968}" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{03C9BF14-0D60-4D2C-8533-CEBD02552C71}" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{90A3AB56-E11E-42A4-A16F-B4EA32338DA1}" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{745481A6-6322-4327-BD52-363A7D59A5C1}" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ 4 Firewall Active Exception Files found in 1.39973e+009 second(s) ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 16/01/2014-10:00:55 65432 || Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 03/07/2012-18:33:57 659968 || Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe SR - | Auto 02/05/2014-17:31:07 50344 || avast! Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Auto 25/01/2014-17:08:26 113704 || avast! Firewall (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe SR - | Auto 21/04/2014-10:45:38 145504 || B's Recorder GOLD Library General Service (bgsvcgen) . (.B.H.A Corporation.) - C:\Windows\SysWOW64\bgsvcgen.exe SR - | Auto 03/07/2012-18:51:50 1014096 || Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe SR - | Demand 03/07/2012-18:51:50 1304912 || Bluetooth Media Service (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe SR - | Auto 03/07/2012-18:51:50 1104208 || Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe SR - | Auto 03/07/2012-18:33:57 135952 || Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe SS - | Demand 03/07/2012-03:55:50 276248 || Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\windows\SysWow64\IntelCpHeciSvc.exe SS - | Demand 01/01/1601-02:07:09 0 || @%SystemRoot%\system32\efssvc.dll,-100 (EFS) . (...) - C:\windows\System32\lsass.exe (.not file.) SR - | Auto 03/07/2012-18:33:05 618256 || Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe SR - | Auto 08/10/2013-11:54:51 1253376 || FABS - Helping agent for MAGIX media database (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe SS - | Demand 01/01/1601-02:07:09 0 || @%systemroot%\system32\fxsresm.dll,-118 (Fax) . (...) - C:\windows\system32\fxssvc.exe (.not file.) SS - | Demand 08/10/2013-11:54:51 3276800 || Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe SS - | Auto 08/10/2013-12:41:07 116648 || Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 08/10/2013-12:41:07 116648 || Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 03/07/2012-18:25:11 13592 || Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 03/07/2012-18:24:19 628448 || Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 03/07/2012-18:24:24 161560 || Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe SR - | Auto 03/07/2012-19:03:43 160768 || Micro Star SCM (Micro Star SCM) . (.Micro-Star International Co., Ltd..) - C:\Program Files (x86)\S-Bar\MSIService.exe SS - | Auto 03/07/2012-19:09:49 12800 || (MSI Foundation Service) . (.MSI.) - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe SS - | Demand 03/07/2012-18:33:06 273168 || Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe SR - | Auto 03/07/2012-18:33:06 148752 || Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe SR - | Auto 03/07/2012-18:24:16 363800 || Intel(R) Management and Security Application User Notification Service (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SS - | Demand 01/01/1601-02:07:09 0 || @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) . (...) - C:\windows\system32\Wat\WatAdminSvc.exe (.not file.) SR - | Auto 03/07/2012-18:33:06 594704 || Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ~ 27 Services scanned in 0 second(s) ---\\ Recherche de clés de registre tracing (O100) HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\LinkSwift_8162019_RASAPI32 =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\LinkSwift_8162019_RASMANCS =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\updateLinkSwift_RASAPI32 =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\updateLinkSwift_RASMANCS =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utilLinkSwift_RASAPI32 =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utilLinkSwift_RASMANCS =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent ~ 8 Search Tracing Keys scanned in 0 second(s) ---\\ Recherche de clés de registre CLSID (O101) [HKCR\CLSID\{373726E8-463C-4B97-9178-17A119F31C05}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore [HKCR\CLSID\{37B05236-FFB5-4D42-B0C8-4A36CBF1BE62}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore [HKCR\CLSID\{572D5281-4E8C-4F82-A8E1-26E786B6B5B3}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore [HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch [HKCR\CLSID\{D63377CC-5B83-4213-BCA8-1E6CD0462F2A}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore ~ 5 Search CLSID Keys scanned in 2 second(s) ---\\ Scan Additionnel (O88 ) Database Version : 13036 (30/03/2014) Clés trouvées (Keys found) : 1 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 5 HKCU\Software\BitTorrent =>P2P.BitTorrent C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft-Now bundle =>PUP.SoftNow C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent C:\Windows\AutoKMS\AutoKMS.exe =>Trojan.Keygen C:\Windows\AutoKMS\AutoKMS.exe =>Trojan.Keygen C:\windows\Prefetch\DEALPLYLIVE.EXE-EC78F127.pf =>PUP.DealPly ~ Additionnal Scan: 139661 Items scanned in 4 seconds ---\\ Script de nettoyage avec ZHPFix Script ZHPFix FirewallRaz EmptyPrefetch EmptyTemp EmptyFlash [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.µTorrent C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk =>P2P.µTorrent C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe = >P2P.µTorrent =>P2P.µTorrent C:\Users\Nicolas\Desktop\µTorrent.lnk =>P2P.µTorrent [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.µTorrent [HKUS\S-1-5-21-2055724886-1454283372-1237832375-1000\S-1-5-21-2055724886-1454283372-1237832375-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.µTorrent C:\Windows\AutoKMS\AutoKMS.exe =>Trojan.Keygen HKCU\Software\BitTorrent =>P2P.BitTorrent C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft-Now bundle =>PUP.SoftNow C:\Users\Nicolas\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\LinkSwift_8162019_RASAPI32 =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\LinkSwift_8162019_RASMANCS =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\updateLinkSwift_RASAPI32 =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\updateLinkSwift_RASMANCS =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utilLinkSwift_RASAPI32 =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utilLinkSwift_RASMANCS =>PUP.LinkSwift HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent HKLM\SOFTWARE\WOW6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent [HKCR\CLSID\{373726E8-463C-4B97-9178-17A119F31C05}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore [HKCR\CLSID\{37B05236-FFB5-4D42-B0C8-4A36CBF1BE62}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore [HKCR\CLSID\{572D5281-4E8C-4F82-A8E1-26E786B6B5B3}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore [HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] (Groove GFS Browser Helper) =>Trojan.FindFDSearch [HKCR\CLSID\{D63377CC-5B83-4213-BCA8-1E6CD0462F2A}] (Office 14 Microsoft Update Opt-In) =>Adware.Boxore C:\windows\Prefetch\DEALPLYLIVE.EXE-EC78F127.pf =>PUP.DealPly ~ ATTENTION, ce script est donné à titre indicatif, il doit étre validé par un expert diplômé en désinfection. ~ 31 ZHPFix Script Files found in 0 second(s) ---\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly ~ http://nicolascoolman.webs.com/apps/blog/show/32756514-pup-linkswift =>PUP.LinkSwift ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/34817643-trojan-findfdsearch =>Trojan.FindFDSearch ~ MSI: 4 link(s) detected ~ End of the scan (0/1042 lines) in 17 seconds)