cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.3.23.32 - Nicolas Coolman (23/03/2015)
~ Lancé par Faustinot.MALALOU (24/03/2015 18:34:01)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox 36.0.4

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 733WD
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.1.4.1018
Trend Micro OfficeScan Client
ESET Online Scanner v3
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v4.04

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 16 NPAPI

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 26 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3069 MB (34% free)
System Restore: Activé (Enable)
System drive C: has 109 GB (48%) free of 222 GB

---\\ Mode de connexion au système
~ Computer Name: FRIV1PC015
~ User Name: Faustinot.MALALOU
~ All Users Names: Administrateur,
~ Unselected Option: None
Logged in as User

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\faustinot.malalou\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\faustinot.malalou\AppData\Roaming\
~ %Desktop% : C:\Users\faustinot.malalou\Desktop\
~ %Favorites% : C:\Users\faustinot.malalou\Favorites\
~ %LocalAppData% : C:\Users\faustinot.malalou\AppData\Local\
~ %StartMenu% : C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 109 Go of 222 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 50 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.6293D025E82071B9424877E30B6AC1C8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2015 - 18:21:58.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.0C1B2CC3733A4A5B8D6258E7B26EAD1A] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.07/01/2015 - 02:34:24.) -- C:\Windows\system32\Drivers\DfsC.sys [81408]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.FFD09089BBBD94546821FD7F093F7427] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.07/01/2015 - 02:34:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [124416]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/204
~ Mes musiques (My Musics) : 1/30
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/86
~ Mes Documents (My Documents) : 6/10563
~ Mon Bureau (My Desktop) : 1/499
~ Menu demarrer (Programs) : 1/45
~ Hidden Files: Scanned in 00mn 29s



---\\ Processus lancés
[MD5.E8EF46E036A0A01F175B013DA4537E15] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.4564]
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.4584]
[MD5.79B6690186CCC8F4B078BB7F55B873A9] - (.Wave Systems Corp. - WavX Document Manager Application.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe [147840] [PID.4592]
[MD5.C973C36D057A121A8BB940CB74AFF53F] - (.Broadcom Corporation - Dell Security Device and Task Status.) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232] [PID.4604]
[MD5.CF1324C9E7B56819FA3DB86597ABE2D8] - (.Trend Micro Inc. - Trend Micro OfficeScan Monitor.) -- C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe [746792] [PID.4812]
[MD5.8C5B4A20100F09B856B38C9059251919] - (.SuperCopier team - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier\SuperCopier2.exe [296960] [PID.4828]
[MD5.5E0AA46849481EEA9A1AECE21ED5F821] - (.ultracopier.first-world.info - Supercopier under GPL3.) -- C:\Program Files\SuperCopier\supercopier.exe [174080] [PID.4836]
[MD5.168531BB1255C1B45DF47694409F9DE1] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe [720064] [PID.4848]
[MD5.2F0EAAF91FC7A5C70D1F4BE9B18A1CF5] - (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe [354304] [PID.4880]
[MD5.DB29E1B4551088A997321BB104C6C791] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [1116376] [PID.4896]
[MD5.04F505C0AE3F39EBF0252B57CA694070] - (.Dell Inc. - Dell System Manager.) -- C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe [1458032] [PID.4904]
[MD5.3736E6A2F2A5F27A3DB0763FB69F1394] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files\OCS Inventory Agent\OcsSystray.exe [57344] [PID.4988]
[MD5.AFFA7AFBA2F3D91DBA91B74E5589A193] - (.Wave Systems Corp. - TdmNotify Module.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [132456] [PID.5004]
[MD5.85F9466A6A73693858A5D34CD8EED744] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\faustinot.malalou\AppData\Roaming\Dropbox\bin\Dropbox.exe [42560368] [PID.5060]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe [228552] [PID.5204]
[MD5.4A21B7B4F19F3C7FB7F9304319B77106] - (.NesterSoft Inc. - TimeLeft.) -- C:\Program Files\TimeLeft3\TimeLeft.exe [2013880] [PID.5304]
[MD5.916DFAAC1D6719A3950D04C6248BBCD4] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [3751640] [PID.5988]
[MD5.6AAF3BECE2C3D17091BCEF37C5A82AC0] - (.Microsoft Corporation - Microsoft Management Console.) -- C:\Windows\system32\mmc.exe [1401344] [PID.4668]
[MD5.D1E35B84269869E5AA36A65BA5811EED] - (.Microsoft Corporation - SSMS - SQL Server Management Studio.) -- C:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe [1294176] [PID.6000]
[MD5.680A8AD13D728DE9ADC1676A8C4578CF] - (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files\Microsoft Office\Office14\EXCEL.exe [20400288] [PID.4316]
[MD5.ACAD0683F183CA0FCD0621D7659E161C] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [376944] [PID.4092]
[MD5.22E7CFD42AE73F0D3DE0570D98D78C64] - (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.exe [15948960] [PID.7948]
[MD5.99CA5EBAC887277CC340F2271AF61D10] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757968] [PID.6704]
[MD5.EF6B4B38332C4EB7B74C0A1CB7094E83] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8188928] [PID.5572]
~ Processes Running: Scanned in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Faustinot.MALALOU - hn676cca.default] http://www.google.com
M2 - MFEP: Extension [Faustinot.MALALOU - hn676cca.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp] - (...) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf] - (...) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.55.2] - (...) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (.not file.)
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.55.2] - (...) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (.not file.)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30214.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
~ Firefox Browser: 24 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://coin-portal.phoenix.loc/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - NPWLPG.) (No version) -- (.not file.)
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (1)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
~ BHO: 6 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [WavXMgr] . (.Wave Systems Corp. - WavX Document Manager Application.) -- C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [USCService] . (.Broadcom Corporation - Dell Security Device and Task Status.) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] . (.Trend Micro Inc. - Trend Micro OfficeScan Monitor.) -- C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SuperCopier team - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier\SuperCopier2.exe
O4 - HKCU\..\Run: [ultracopier] . (.ultracopier.first-world.info - Supercopier under GPL3.) -- C:\Program Files\SuperCopier\supercopier.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2900989286-3332510324-955108322-72926\..\Run: [SuperCopier2.exe] . (.SuperCopier team - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier\SuperCopier2.exe
O4 - HKUS\S-1-5-21-2900989286-3332510324-955108322-72926\..\Run: [ultracopier] . (.ultracopier.first-world.info - Supercopier under GPL3.) -- C:\Program Files\SuperCopier\supercopier.exe
O4 - HKUS\S-1-5-21-2900989286-3332510324-955108322-72926\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-2900989286-3332510324-955108322-72926\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2900989286-3332510324-955108322-72926\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: Add to TimeLeft Auction Watch - {21196042-830F-419f-A594-F9D456A6C29A} . (...) -- C:\Program Files\TimeLeft3\tl_auction.ico
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000010\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 10 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{863CD779-0900-450F-B614-EB3CD3A5FCB0}: NameServer = 10.232.1.3,10.232.1.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{863CD779-0900-450F-B614-EB3CD3A5FCB0}: NameServer = 10.232.1.3,10.232.1.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{863CD779-0900-450F-B614-EB3CD3A5FCB0}: NameServer = 10.232.1.3,10.232.1.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{863CD779-0900-450F-B614-EB3CD3A5FCB0}: NameServer = 10.232.1.3,10.232.1.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = phoenix.loc
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = phoenix.loc
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {1984DD45-52CF-49cd-AB77-18F378FEA264} . (.Stardock - Stardock Fences Shell Extension.) -- C:\Program Files\Stardock\Fences\FencesMenu.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) . (.Dell Inc. - Dell - System Manager Service.) - c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: MySQL (MySQL) . (...) - C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt" "--defaults-file=C:\Program Files\MySQL\MySQL Server 4.1\my.ini (.not file.)
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) . (.Trend Micro Inc. - Trend Micro Common Client Real-time Scan Se.) - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: NVIDIA Performance Driver Service (NVIDIA Performance Driver Service) . (.Pas de propriétaire - NVIDIA Performance Driver Service.) - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.7.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: OCS Inventory Service (OCS Inventory Service) . (.OCS Inventory NG - OCS Inventory NG Service.) - C:\Program Files\OCS Inventory Agent\OcsService.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) . (...) - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService (TdmService) . (.Wave Systems Corp. - TDM Service.) - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: OfficeScan NT Listener (tmlisten) . (.Trend Micro Inc. - Trend Micro Common Client Communication Ser.) - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: uvnc_service (uvnc_service) . (.UltraVNC - VNC server for X64/win32.) - C:\Program Files\UltraVNC\WinVNC.exe
~ Services: 14 Scanned in 00mn 05s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.080255CDCB878813B481B8C348D47D8E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.E62ED5A7A2F21C5F377F924A33E12792] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3643160]
[MD5.00000000000000000000000000000000] [APT] [TechSmith Updater] (...) -- C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe (.not file.) [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{3097C7ED-5E72-4F5B-A478-33A9AD50A346}] (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe [1917440]
[MD5.41BEEBF43771A8BD91F4D691B90B743E] [APT] [{43BC9C2C-D6EF-444B-B2F0-D1FBA019CE5F}] (.Nicolas Coolman.) -- C:\Users\Faustinot.MALALOU\MAKUTUX\Software\Antivirus-Desinfection\ZHPDiag2.exe [6877803]
[MD5.00000000000000000000000000000000] [APT] [{44DBFCBF-5219-41C6-B38D-3CA78C8EA264}] (...) -- C:\Users\Faustinot.MALALOU\MAKUTUX\Up&down\Clipbrd_add.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{76A75E5A-6D9F-4B6B-8DF1-3C037445263C}] (...) -- C:\_WORK\jdk-8u31-windows-i586(1).exe (.not file.) [0]
[MD5.115FEDFF42A56BDA0B5DD531D276DFCB] [APT] [{7944DC55-1D6C-4A84-8E39-851C5B7A4604}] (...) -- C:\Apps\HoffmanUtilitySpotlight\setup.exe [383488]
[MD5.00000000000000000000000000000000] [APT] [{8EE1263C-6D94-4889-9F78-79C7FE6D9FDE}] (...) -- E:\Software\Securit‚ & Reseau\TeamViewer\TeamViewer6_Setup.sfx.exe (.not file.) [0]
[MD5.5E07D3CF2B3C8AE5ED93A361B51637BB] [APT] [{A6B0B6C8-6416-4AFB-B1B7-9BFDC042FF3D}] (.InstallShield Software Corporation.) -- C:\Windows\IsUn040c.exe [306688]
[MD5.00000000000000000000000000000000] [APT] [{DDAB8D90-DD0F-4CA0-8411-C2F2877B4698}] (...) -- C:\Users\Faustinot.MALALOU\MAKUTUX\Up&down\7-Zip_SFX_Maker_v3.3.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F68E3E3B-DB44-4443-A1C4-402E494249FD}] (...) -- F:\Lecteur Xiring\Xiring\Auto-instal\Installeur XIRING 2008.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
~ Scheduled Task: 14 Scanned in 00mn 07s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (...) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_16_0_0_305.ocx
~ Active Setup: 13 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (tmtdi) . (.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) - C:\Windows\System32\DRIVERS\tmtdi.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vpcnfltr) . (.Microsoft Corporation - Virtual PC Network Filter Driver.) - C:\Windows\System32\DRIVERS\vpcnfltr.sys
O41 - Driver: C:\Windows\System32\drivers\vpcvmm.sys (vpcvmm) . (.Microsoft Corporation - Moniteur d'ordinateur virtuel Virtual PC.) - C:\Windows\System32\drivers\vpcvmm.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 96 Scanned in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM] -- 7-Zip
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Ant Renamer - (.Ant Software.) [HKLM] -- Ant Renamer 2_is1
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Attribute Changer 7.10e - (.Romain Petges.) [HKLM] -- {27263813-8BDE-4CD2-84D3-02536743428A}_is1
O42 - Logiciel: Auslogics Duplicate File Finder - (.Auslogics Labs Pty Ltd.) [HKLM] -- {6845255F-15CC-4DD1-94D5-D38F370118B3}_is1
O42 - Logiciel: BioAPI Framework - (.Dell Inc..) [HKLM] -- {AF7E4468-E364-4991-BC2A-6E8293E1055B}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Broadcom NetXtreme-I Netlink Driver and Management Installer - (.Broadcom Corporation.) [HKLM] -- {982E1601-0DFC-4FD3-A427-AC6570697858}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Composants Cryptographiques CPS PC/SC - (.ASIP Santé.) [HKLM] -- {6022009C-D18F-4506-AC69-9DB90C9AEBEF}
O42 - Logiciel: Convert AVI to MP4 - (.convertavitomp4.com.) [HKLM] -- {9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: Dell Backup and Recovery Manager - (.Dell Inc..) [HKLM] -- {4688EB75-28E2-4731-9BCB-55E624F7CD45}
O42 - Logiciel: Dell Control Point - (.Broadcom Corporation.) [HKLM] -- {A9C61491-EF2F-4ED8-8E10-FB33E3C6B55A}
O42 - Logiciel: Dell ControlPoint Security Manager - (.Dell Inc..) [HKLM] -- {F4487649-7368-4217-AEA3-1E04DB3E2C5C}
O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM] -- {3138EAD3-700B-4A10-B617-B3F8096EE30D}
O42 - Logiciel: Dell Embassy Trust Suite by Wave Systems - (.Wave Systems Corp.) [HKLM] -- {ABBA2EA4-740E-4052-902B-9CA70B081E3F}
O42 - Logiciel: Dell Security Device Driver Pack - (.Dell Inc..) [HKLM] -- {FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}
O42 - Logiciel: Dell System Manager - (.Dell Inc..) [HKLM] -- {C8B8C745-D288-41B4-9512-01E397F77449}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: EMBASSY Security Center - (.Nom de votre société.) [HKLM] -- InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}
O42 - Logiciel: EMBASSY Security Setup - (.Nom de votre société.) [HKLM] -- InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}
O42 - Logiciel: ESC Home Page Plugin - (.Nom de votre société.) [HKLM] -- InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}
O42 - Logiciel: ESET Online Scanner v3 - (...) [HKLM] -- ESET Online Scanner
O42 - Logiciel: Fences - (.Stardock Corporation.) [HKLM] -- Fences
O42 - Logiciel: Fences - (.Stardock Corporation.) [HKLM] -- {10CD364B-FFCC-48BE-B469-B9622A033075}
O42 - Logiciel: GDR 1617 pour SQL Server 2008 R2 (KB2494088) - (.Microsoft Corporation.) [HKLM] -- KB2494088
O42 - Logiciel: Gemalto - (.Wave Systems Corp.) [HKLM] -- {BC52E419-B185-488F-9973-049A88E5DCBE}
O42 - Logiciel: HorairesPharmacie - (.Microsoft.) [HKCU] -- 2350478935a2fa01
O42 - Logiciel: Inkscape 0.48.5 - (...) [HKLM] -- Inkscape
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.4.1018 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Report Viewer Redistributable 2008 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft Report Viewer Redistributable 2008 (KB971119)
O42 - Logiciel: Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - FRA
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime v1.0 (x86) fr - (.Microsoft Corporation.) [HKLM] -- {7BD69968-EDD9-4898-B5B7-23C17689A779}
O42 - Logiciel: Microsoft Sync Services for ADO.NET v2.0 (x86) fr - (.Microsoft Corporation.) [HKLM] -- {FBFB7C7A-534B-4D39-9D18-F77017CDEDCB}
O42 - Logiciel: Mozilla Firefox 36.0.4 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 36.0.4 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: MyODBC - (.MySQL.) [HKLM] -- {29042B1C-0713-4575-B7CA-5C8E7B0899D4}
O42 - Logiciel: MySQL Server 4.1 - (.MySQL AB.) [HKLM] -- {F96DA403-B7F3-4D83-8725-C93954F32A54}
O42 - Logiciel: NTRU TCG Software Stack - (.NTRU Cryptosystems.) [HKLM] -- {BB93D30B-B395-44BB-A9ED-A0E057F07E53}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Performance Drivers - (.NVIDIA Corporation.) [HKLM] -- {4C0A8D65-4286-4B58-87FE-18AD24289285}
O42 - Logiciel: NVIDIA nView Desktop Manager - (.NVIDIA Corporation.) [HKLM] -- NVIDIA nView Desktop Manager
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++
O42 - Logiciel: OCS Inventory NG Agent 2.0.3.0 - (.OCS Inventory NG Team.) [HKLM] -- OCS Inventory NG Agent
O42 - Logiciel: OpenOffice 4.1.0 - (.Apache Software Foundation.) [HKLM] -- {B3B009FC-6909-4E00-9F43-FFB5CA93D606}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PMPCde - (.PMP S.A..) [HKLM] -- PMPCde
O42 - Logiciel: Package de pilotes Windows - Broadcom Corporation (bcbtums) Bluetooth (03/ - (.Broadcom Corporation.) [HKLM] -- 813EA266E806F300A8DAF30E5D823E268290B5D6
O42 - Logiciel: Package de pilotes Windows - Broadcom Corporation Bluetooth (03/16/2012 6. - (.Broadcom Corporation.) [HKLM] -- 13729598EDD1F263DD26E8584C5F347C88091A2E
O42 - Logiciel: Package de pilotes Windows - Broadcom Corporation Bluetooth (03/16/2012 6. - (.Broadcom Corporation.) [HKLM] -- 2A46B60EC8D844CB8197312FE2B88EF0F6B7E935
O42 - Logiciel: Package de pilotes Windows - Broadcom Corporation Bluetooth (03/16/2012 6. - (.Broadcom Corporation.) [HKLM] -- ECAD4CB7FB923B839B29420FF9DFC73C3D3D28FE
O42 - Logiciel: Package de pilotes Windows - Broadcom HIDClass (09/11/2009 6.3.0.1500) - (.Broadcom.) [HKLM] -- CA3B55EAB525669DA92EC19475AF574597822688
O42 - Logiciel: Package de pilotes Windows - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) - (.Dell Inc..) [HKLM] -- 9512AA21B791B05A54E27065C45BBC417AB282DF
O42 - Logiciel: Perfect Uninstaller v6.3.3.9 - (.www.PerfectUninstaller.com.) [HKLM] -- Perfect Uninstaller_is1
O42 - Logiciel: PowerDesk 6 - (.Avanquest Publishing USA, Inc..) [HKLM] -- {B93251B5-9209-4DAB-867C-AA98D91584CD}
O42 - Logiciel: Preboot Manager - (.Wave Systems Corp..) [HKLM] -- {3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}
O42 - Logiciel: Private Information Manager - (.Nom de votre société.) [HKLM] -- InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: SFR Outlook AddOn 3.1.8.1 - (.SFR.) [HKLM] -- SFR Outlook AddOn_is1
O42 - Logiciel: SQL Server 2008 R2 Analysis Services - (.Microsoft Corporation.) [HKLM] -- {1A871155-1884-4BB3-AE79-BB85AD25B68A}
O42 - Logiciel: SQL Server 2008 R2 Analysis Services - (.Microsoft Corporation.) [HKLM] -- {DAA8590D-D93E-4697-9CBE-D96A7590A8E3}
O42 - Logiciel: SQL Server 2008 R2 BI Development Studio - (.Microsoft Corporation.) [HKLM] -- {143203CB-9E09-4D9D-91F1-D000EC6E1F87}
O42 - Logiciel: SQL Server 2008 R2 BI Development Studio - (.Microsoft Corporation.) [HKLM] -- {B301522B-8F82-4113-9BFF-CBAC6D518789}
O42 - Logiciel: SQL Server 2008 R2 Client Tools - (.Microsoft Corporation.) [HKLM] -- {4E8E61A0-A2FC-4BE0-9C2D-C0277C28098B}
O42 - Logiciel: SQL Server 2008 R2 Client Tools - (.Microsoft Corporation.) [HKLM] -- {9ACDACC7-0095-40F1-8033-0DB95C920678}
O42 - Logiciel: SQL Server 2008 R2 Common Files - (.Microsoft Corporation.) [HKLM] -- {062A0D4A-75F6-4E9C-8A38-DFE95662D81B}
O42 - Logiciel: SQL Server 2008 R2 Common Files - (.Microsoft Corporation.) [HKLM] -- {CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}
O42 - Logiciel: SQL Server 2008 R2 Database Engine Services - (.Microsoft Corporation.) [HKLM] -- {23D448C7-7DC7-4C15-B47D-C99364501F07}
O42 - Logiciel: SQL Server 2008 R2 Database Engine Services - (.Microsoft Corporation.) [HKLM] -- {B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
O42 - Logiciel: SQL Server 2008 R2 Database Engine Shared - (.Microsoft Corporation.) [HKLM] -- {4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}
O42 - Logiciel: SQL Server 2008 R2 Database Engine Shared - (.Microsoft Corporation.) [HKLM] -- {F0494EE7-650A-4AC2-8B50-0968FC47EFA6}
O42 - Logiciel: SQL Server 2008 R2 Integration Services - (.Microsoft Corporation.) [HKLM] -- {04D1DF8F-2D00-44F8-8094-5A8822354B89}
O42 - Logiciel: SQL Server 2008 R2 Integration Services - (.Microsoft Corporation.) [HKLM] -- {178E5E85-9598-4D71-B4D2-F0AE4B8B4153}
O42 - Logiciel: SQL Server 2008 R2 Management Studio - (.Microsoft Corporation.) [HKLM] -- {020617D7-2F72-4D02-BF59-A5CBC1761177}
O42 - Logiciel: SQL Server 2008 R2 Management Studio - (.Microsoft Corporation.) [HKLM] -- {0F20CD1D-98BA-4C40-BA10-C2341AE94E38}
O42 - Logiciel: SQL Server 2008 R2 Reporting Services - (.Microsoft Corporation.) [HKLM] -- {23F70562-02F4-4805-ACF5-6E52BAD167C2}
O42 - Logiciel: SQL Server 2008 R2 Reporting Services - (.Microsoft Corporation.) [HKLM] -- {490905EC-D966-48A5-B075-8B9AAB33FEAF}
O42 - Logiciel: Security Wizards - (.Nom de votre société.) [HKLM] -- InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}
O42 - Logiciel: Sib Icon Editor - (.SibCode.) [HKLM] -- Sib Icon Editor
O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM] -- {93998800-1608-403F-9A51-420A77D23C25}
O42 - Logiciel: Supercopier 4.0.1.5 - (.Supercopier.) [HKLM] -- Supercopier
O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM] -- TeamViewer 8
O42 - Logiciel: TextPad 5 - (.Helios.) [HKLM] -- {B6EC7388-E277-4A5B-8C8F-71067A41BA64}
O42 - Logiciel: TimeLeft - (.NesterSoft Inc..) [HKLM] -- TIMELEFT3_is1
O42 - Logiciel: Trend Micro OfficeScan Client - (.Trend Micro.) [HKLM] -- OfficeScanNT
O42 - Logiciel: Trusted Drive Manager - (.Wave Systems Corp..) [HKLM] -- {DDD6BE8C-9AFA-48F1-A6AE-3BD596E2EB0B}
O42 - Logiciel: UPEK TouchChip Fingerprint Reader - (.Dell Inc..) [HKLM] -- {0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}
O42 - Logiciel: UltraVNC 1.0.8.2 - (.1.0.8.2.) [HKLM] -- Ultravnc2_is1
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {A1439D4F-FD46-47F2-A1D3-FEE097C29A09}
O42 - Logiciel: Wave Infrastructure Installer - (.Wave Systems Corp.) [HKLM] -- {5FDA8F6A-E87C-484B-BDE2-12C1BE199149}
O42 - Logiciel: Wave Support Software - (.Nom de votre société.) [HKLM] -- InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}
O42 - Logiciel: WinMerge 2.12.4 - (.Thingamahoochie Software.) [HKLM] -- WinMerge_is1
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: Windows XP Mode - (.Microsoft Corporation.) [HKLM] -- {1374CC63-B520-4f3f-98E8-E9020BF01CFF}
O42 - Logiciel: Wise Registry Cleaner 8.11 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Registry Cleaner_is1
O42 - Logiciel: WordBiz 1.8.6 - (...) [HKLM] -- WordBiz_0
~ Logic: 46 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-ZIP]
[HKCU\Software\Adobe]
[HKCU\Software\Analog Devices]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Arkadin]
[HKCU\Software\Avanquest]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dell]
[HKCU\Software\Disc Soft]
[HKCU\Software\ESET]
[HKCU\Software\Foxit Software]
[HKCU\Software\Google]
[HKCU\Software\Helios]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Internet Scrabble Club]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\MaxPlugs]
[HKCU\Software\McAfee]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\ORL]
[HKCU\Software\OpenOffice]
[HKCU\Software\PDF Architect 2]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PrestoSoft]
[HKCU\Software\QtProject]
[HKCU\Software\RICOH]
[HKCU\Software\Romain's Software]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Skype]
[HKCU\Software\Stardock]
[HKCU\Software\TeamViewer]
[HKCU\Software\Thingamahoochie]
[HKCU\Software\Trolltech]
[HKCU\Software\Ultracopier]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VCOM]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wintertree]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acronis]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Analog Devices]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Arkadin]
[HKLM\Software\Auslogics]
[HKLM\Software\Axalto]
[HKLM\Software\BioAPI]
[HKLM\Software\Broadcom]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Dell]
[HKLM\Software\Disc Soft]
[HKLM\Software\Eset]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Helios]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MaxPlugs]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MySQL AB]
[HKLM\Software\NTRU Cryptosystems]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Network Associates]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice]
[HKLM\Software\PDFCreator]
[HKLM\Software\Perfect Uninstaller]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Stardock]
[HKLM\Software\TeamViewer]
[HKLM\Software\Thingamahoochie]
[HKLM\Software\TrendMicro]
[HKLM\Software\VCOM]
[HKLM\Software\VideoLAN]
[HKLM\Software\Wave Systems Corp.]
[HKLM\Software\Wave Systems Corp]
[HKLM\Software\WidCommUpdate]
[HKLM\Software\Widcomm]
[HKLM\Software\Wise Solutions]
[HKLM\Software\WiseCleaner]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
[HKLM\Software\vtapi]
~ Key Software: 281 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/01/2011 - 10:57:31 - [] ----D C:\Program Files\7-Zip
O43 - CFD: 08/03/2014 - 10:46:14 - [] ---AD C:\Program Files\7-Zip SFX Maker
O43 - CFD: 17/12/2010 - 14:49:40 - [] ----D C:\Program Files\Analog Devices
O43 - CFD: 29/04/2014 - 22:19:33 - [] ----D C:\Program Files\Ant Renamer
O43 - CFD: 09/12/2013 - 07:55:09 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 26/02/2015 - 10:53:56 - [0] ----D C:\Program Files\Astonsoft
O43 - CFD: 08/09/2013 - 11:06:04 - [] ----D C:\Program Files\Attribute Changer
O43 - CFD: 17/01/2015 - 01:13:31 - [] ----D C:\Program Files\Auslogics
O43 - CFD: 17/09/2014 - 21:44:02 - [0] ----D C:\Program Files\Avanquest
O43 - CFD: 08/03/2014 - 10:31:04 - [] ----D C:\Program Files\BETA
O43 - CFD: 28/02/2015 - 10:40:29 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 17/12/2010 - 15:03:38 - [] ----D C:\Program Files\Broadcom
O43 - CFD: 15/08/2013 - 22:29:15 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 19/08/2014 - 19:22:52 - [] ----D C:\Program Files\Common Files
O43 - CFD: 20/05/2014 - 00:46:59 - [] ----D C:\Program Files\Convert AVI to MP4
O43 - CFD: 12/01/2014 - 21:15:10 - [] ----D C:\Program Files\CyberGhost 5
O43 - CFD: 01/05/2014 - 11:57:01 - [0] ----D C:\Program Files\CyberLink
O43 - CFD: 18/12/2014 - 17:28:52 - [] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 17/12/2010 - 15:08:25 - [] ----D C:\Program Files\Dell
O43 - CFD: 17/12/2010 - 14:57:45 - [] ----D C:\Program Files\Dell Inc
O43 - CFD: 17/12/2010 - 15:00:21 - [] ----D C:\Program Files\DIFX
O43 - CFD: 28/10/2011 - 17:37:15 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 30/03/2014 - 20:40:50 - [0] ----D C:\Program Files\Emoticons Mail
O43 - CFD: 28/02/2015 - 16:30:28 - [] ----D C:\Program Files\ESET
O43 - CFD: 05/01/2011 - 16:23:47 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 21/03/2014 - 09:55:44 - [] ----D C:\Program Files\FOXIT SOFTWARE
O43 - CFD: 24/02/2015 - 13:42:14 - [] ----D C:\Program Files\Google
O43 - CFD: 21/10/2014 - 17:13:27 - [] ----D C:\Program Files\Inkscape
O43 - CFD: 13/11/2014 - 23:46:02 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/12/2010 - 15:03:13 - [] ----D C:\Program Files\Intel
O43 - CFD: 21/03/2015 - 22:35:08 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 26/02/2015 - 08:52:38 - [] ----D C:\Program Files\Java
O43 - CFD: 08/03/2014 - 10:35:11 - [] ----D C:\Program Files\Maker
O43 - CFD: 23/03/2015 - 17:08:27 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 25/03/2014 - 18:46:16 - [] ----D C:\Program Files\McAfee
O43 - CFD: 28/11/2012 - 15:30:57 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 07/01/2011 - 11:14:26 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 04/09/2013 - 12:04:33 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 04/09/2013 - 11:56:19 - [] ----D C:\Program Files\Microsoft SDKs
O43 - CFD: 15/03/2014 - 20:18:11 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 10/01/2014 - 08:45:09 - [] ----D C:\Program Files\Microsoft SQL Server
O43 - CFD: 04/09/2013 - 11:54:05 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 04/09/2013 - 11:55:49 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 04/09/2013 - 11:56:02 - [] ----D C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 04/09/2013 - 11:58:46 - [] ----D C:\Program Files\Microsoft Visual Studio 9.0
O43 - CFD: 25/01/2013 - 16:32:36 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 22/03/2015 - 09:57:07 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 23/03/2015 - 17:03:38 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 07/01/2011 - 17:23:41 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 18/04/2014 - 15:54:25 - [] ----D C:\Program Files\MySQL
O43 - CFD: 14/12/2013 - 17:38:48 - [] ----D C:\Program Files\Notepad++
O43 - CFD: 17/12/2010 - 15:04:59 - [] ----D C:\Program Files\NTRU Cryptosystems
O43 - CFD: 17/12/2010 - 14:49:06 - [] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 28/02/2015 - 10:40:29 - [] ----D C:\Program Files\OCS Inventory Agent
O43 - CFD: 12/05/2014 - 21:05:06 - [] ----D C:\Program Files\Open Office
O43 - CFD: 12/05/2014 - 21:08:22 - [] ----D C:\Program Files\OpenOffice 4
O43 - CFD: 06/10/2014 - 14:30:27 - [] ----D C:\Program Files\paint.net
O43 - CFD: 11/10/2014 - 17:01:15 - [] ----D C:\Program Files\PDFCreator
O43 - CFD: 13/05/2014 - 17:36:16 - [] ----D C:\Program Files\Perfect Uninstaller
O43 - CFD: 18/04/2014 - 15:55:57 - [] ----D C:\Program Files\PMP
O43 - CFD: 07/01/2011 - 11:02:22 - [0] ----D C:\Program Files\QS
O43 - CFD: 06/03/2014 - 14:43:33 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 13/05/2014 - 17:33:55 - [] ----D C:\Program Files\RegCleaner
O43 - CFD: 22/01/2014 - 16:46:44 - [] ----D C:\Program Files\santesocial
O43 - CFD: 20/01/2015 - 16:55:30 - [] ----D C:\Program Files\SFR
O43 - CFD: 06/10/2014 - 13:35:13 - [] ----D C:\Program Files\Sib Icon Editor
O43 - CFD: 27/03/2014 - 10:37:02 - [] ----D C:\Program Files\Stardock
O43 - CFD: 26/06/2013 - 10:49:05 - [] ----D C:\Program Files\SuperCopier
O43 - CFD: 07/02/2015 - 10:22:08 - [] ----D C:\Program Files\TeamViewer
O43 - CFD: 15/11/2014 - 09:01:34 - [0] ----D C:\Program Files\TechSmith
O43 - CFD: 31/01/2013 - 12:03:46 - [] ----D C:\Program Files\TextPad 5
O43 - CFD: 06/07/2013 - 21:02:41 - [] ----D C:\Program Files\TimeLeft3
O43 - CFD: 26/02/2015 - 10:49:09 - [0] ----D C:\Program Files\ToniArts
O43 - CFD: 26/03/2014 - 06:22:45 - [] ----D C:\Program Files\Trend Micro
O43 - CFD: 21/03/2015 - 22:35:07 - [] ----D C:\Program Files\UltraVNC
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 13/05/2013 - 14:20:17 - [] ----D C:\Program Files\VCOM
O43 - CFD: 07/01/2011 - 11:00:47 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 26/03/2014 - 23:18:04 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 17/12/2010 - 15:07:47 - [] ----D C:\Program Files\Wave Systems Corp
O43 - CFD: 03/04/2014 - 16:18:51 - [] ----D C:\Program Files\WIDCOMM
O43 - CFD: 10/01/2014 - 10:04:47 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 22/11/2014 - 23:42:18 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 31/03/2011 - 17:00:18 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 28/10/2011 - 17:37:15 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/03/2015 - 22:35:07 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 05/01/2011 - 16:23:47 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 28/10/2011 - 17:37:14 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 28/10/2011 - 17:37:14 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 28/10/2011 - 17:37:15 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 25/02/2011 - 14:21:57 - [] ----D C:\Program Files\Windows Virtual PC
O43 - CFD: 25/02/2011 - 14:27:00 - [] ----D C:\Program Files\Windows XP Mode
O43 - CFD: 12/09/2013 - 08:23:29 - [] ----D C:\Program Files\WinMerge
O43 - CFD: 13/05/2014 - 16:40:53 - [] ----D C:\Program Files\Wise
O43 - CFD: 28/12/2012 - 19:08:38 - [] ----D C:\Program Files\WordBiz
O43 - CFD: 27/03/2014 - 09:19:35 - [0] ----D C:\Program Files\xiring
O43 - CFD: 23/03/2015 - 22:38:52 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 06/06/2014 - 21:18:02 - [] ----D C:\Program Files\Common Files\Avanquest Software
O43 - CFD: 07/01/2011 - 10:52:36 - [] ----D C:\Program Files\Common Files\Cisco Systems
O43 - CFD: 19/08/2014 - 19:22:52 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 17/12/2010 - 15:09:01 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 10/01/2014 - 11:11:27 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 04/09/2013 - 11:58:32 - [0] ----D C:\Program Files\Common Files\Merge Modules
O43 - CFD: 21/03/2015 - 22:35:08 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 20/02/2013 - 22:45:21 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 17/12/2010 - 15:10:27 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 13/05/2013 - 14:19:07 - [] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 07/03/2014 - 12:30:43 - [] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 01/03/2015 - 00:24:23 - [] ----D C:\ProgramData\Acronis
O43 - CFD: 24/09/2013 - 21:42:16 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 01/05/2014 - 11:42:33 - [] ----D C:\ProgramData\Apple
O43 - CFD: 06/03/2014 - 14:49:47 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 17/01/2015 - 01:13:56 - [] ----D C:\ProgramData\Auslogics
O43 - CFD: 13/11/2014 - 23:51:44 - [0] ----D C:\ProgramData\BtCrashDumps
O43 - CFD: 05/01/2011 - 16:23:47 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 13/02/2014 - 00:41:35 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 01/04/2014 - 23:30:10 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 18/12/2014 - 17:47:18 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 17/12/2010 - 15:09:12 - [] ----D C:\ProgramData\Dell
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 05/01/2011 - 16:23:47 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 22/02/2015 - 12:16:40 - [] ----D C:\ProgramData\GroupPolicy
O43 - CFD: 28/11/2012 - 10:44:08 - [] ----D C:\ProgramData\IM
O43 - CFD: 28/11/2012 - 10:43:15 - [] ----D C:\ProgramData\IncrediMail
O43 - CFD: 01/05/2014 - 11:54:11 - [0] ----D C:\ProgramData\LogMeIn
O43 - CFD: 28/02/2015 - 09:29:20 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 25/03/2014 - 18:49:12 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 05/01/2011 - 16:23:47 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 23/03/2015 - 23:33:49 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 21/03/2015 - 22:35:07 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 05/01/2011 - 16:23:47 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 04/01/2013 - 11:49:21 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 17/12/2010 - 15:04:59 - [] ----D C:\ProgramData\NTRU Cryptosystems
O43 - CFD: 17/12/2010 - 15:01:08 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 17/12/2010 - 14:49:03 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 08/02/2012 - 14:53:41 - [] ----D C:\ProgramData\OCS Inventory NG
O43 - CFD: 26/02/2015 - 09:29:32 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 04/03/2015 - 18:47:55 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 26/09/2014 - 12:00:06 - [] ----D C:\ProgramData\PDF Architect 2
O43 - CFD: 22/08/2011 - 14:12:05 - [] ----D C:\ProgramData\RICOH
O43 - CFD: 23/05/2011 - 15:40:36 - [] ----D C:\ProgramData\Roaming
O43 - CFD: 22/01/2014 - 16:46:45 - [] ----D C:\ProgramData\santesocial
O43 - CFD: 28/06/2014 - 22:55:13 - [] ----D C:\ProgramData\Skype
O43 - CFD: 17/12/2010 - 14:49:41 - [] ----D C:\ProgramData\SonicFocus
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 17/12/2010 - 14:59:13 - [] ----D C:\ProgramData\Sun
O43 - CFD: 15/11/2014 - 09:01:35 - [0] ----D C:\ProgramData\TechSmith
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 07/09/2013 - 23:18:25 - [] ----D C:\ProgramData\Wave Systems Corp
O43 - CFD: 27/03/2014 - 10:37:04 - [] --H-D C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
O43 - CFD: 07/01/2011 - 10:57:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 06/11/2014 - 01:23:00 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 07/02/2015 - 10:18:04 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 29/04/2014 - 22:19:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ant Renamer
O43 - CFD: 08/09/2013 - 11:06:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Attribute Soft
O43 - CFD: 17/01/2015 - 01:13:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
O43 - CFD: 17/12/2010 - 15:03:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom
O43 - CFD: 15/08/2013 - 22:29:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 07/02/2015 - 10:18:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClikaDoc
O43 - CFD: 20/05/2014 - 00:46:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert AVI to MP4
O43 - CFD: 18/12/2014 - 17:30:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 17/12/2010 - 14:59:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
O43 - CFD: 17/12/2010 - 15:08:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell ControlPoint
O43 - CFD: 17/12/2010 - 15:04:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell System Manager
O43 - CFD: 28/11/2012 - 15:29:10 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 17/12/2010 - 15:03:14 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 26/02/2015 - 08:49:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 14/07/2009 - 05:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 23/03/2015 - 17:08:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 07/01/2011 - 17:23:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 15/03/2014 - 19:52:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 13/08/2013 - 08:42:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
O43 - CFD: 10/01/2014 - 08:45:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
O43 - CFD: 10/01/2014 - 09:26:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
O43 - CFD: 18/04/2014 - 15:54:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
O43 - CFD: 31/01/2013 - 11:57:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 17/12/2010 - 14:49:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 12/05/2014 - 21:09:45 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
O43 - CFD: 26/09/2014 - 11:59:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
O43 - CFD: 13/05/2014 - 17:36:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller
O43 - CFD: 13/05/2013 - 14:20:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDesk 6
O43 - CFD: 06/03/2014 - 14:43:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 22/01/2014 - 16:46:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Santé Social
O43 - CFD: 27/03/2014 - 10:37:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
O43 - CFD: 15/11/2014 - 09:01:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 14/07/2009 - 10:00:41 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 06/07/2013 - 21:02:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeLeft 3
O43 - CFD: 26/03/2014 - 06:22:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro OfficeScan Client
O43 - CFD: 03/04/2013 - 11:38:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC
O43 - CFD: 07/01/2011 - 11:00:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 31/03/2011 - 17:00:28 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 25/02/2011 - 14:23:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
O43 - CFD: 12/09/2013 - 08:13:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
O43 - CFD: 13/05/2014 - 16:40:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
O43 - CFD: 23/03/2015 - 22:32:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 19/12/2012 - 10:57:12 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Adobe
O43 - CFD: 07/03/2014 - 02:12:54 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Apple Computer
O43 - CFD: 20/01/2015 - 17:35:31 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Arkadin
O43 - CFD: 19/12/2012 - 10:36:18 - [0] ----D C:\Users\faustinot.malalou\AppData\Roaming\Broadcom
O43 - CFD: 07/02/2015 - 10:12:18 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 01/03/2014 - 09:21:38 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\DeepBurner
O43 - CFD: 24/03/2015 - 16:53:39 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Dropbox
O43 - CFD: 23/03/2015 - 13:28:55 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Foxit Software
O43 - CFD: 31/01/2013 - 12:03:57 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Helios
O43 - CFD: 19/12/2012 - 10:35:37 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Identities
O43 - CFD: 13/11/2014 - 23:42:26 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\inkscape
O43 - CFD: 26/03/2014 - 06:00:13 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\InstallShield
O43 - CFD: 19/12/2012 - 10:36:19 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Intel Corporation
O43 - CFD: 30/12/2014 - 10:27:04 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\IsolatedStorage
O43 - CFD: 27/03/2014 - 07:52:04 - [0] ----D C:\Users\faustinot.malalou\AppData\Roaming\jEdit
O43 - CFD: 19/12/2012 - 12:39:31 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Macromedia
O43 - CFD: 19/12/2012 - 10:54:20 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\McAfee
O43 - CFD: 14/07/2009 - 10:00:41 - [0] ----D C:\Users\faustinot.malalou\AppData\Roaming\Media Center Programs
O43 - CFD: 30/12/2014 - 10:26:36 - [] -S--D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft
O43 - CFD: 06/05/2013 - 12:12:42 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Mozilla
O43 - CFD: 06/07/2013 - 21:02:39 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\NesterSoft
O43 - CFD: 21/03/2015 - 22:35:06 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Notepad++
O43 - CFD: 13/05/2014 - 06:01:39 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\OpenOffice
O43 - CFD: 06/10/2014 - 13:35:51 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\SibCode
O43 - CFD: 22/02/2014 - 00:51:11 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Skype
O43 - CFD: 27/03/2014 - 10:37:06 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Stardock
O43 - CFD: 21/03/2015 - 22:35:06 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\TeamViewer
O43 - CFD: 03/04/2013 - 11:40:13 - [0] ----D C:\Users\faustinot.malalou\AppData\Roaming\UltraVNC
O43 - CFD: 13/05/2013 - 14:20:43 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\VCOM
O43 - CFD: 16/05/2014 - 15:55:53 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\vlc
O43 - CFD: 19/12/2012 - 10:36:19 - [0] ----D C:\Users\faustinot.malalou\AppData\Roaming\Wave Systems Corp
O43 - CFD: 13/05/2014 - 16:47:21 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Wise Registry Cleaner
O43 - CFD: 24/03/2015 - 18:35:05 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 10/02/2015 - 23:11:09 - [0] ----D C:\Users\faustinot.malalou\AppData\Local\Adobe
O43 - CFD: 09/12/2013 - 07:55:14 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Apple
O43 - CFD: 06/03/2014 - 14:53:45 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Apple Computer
O43 - CFD: 19/12/2012 - 10:35:25 - [] -SH-D C:\Users\faustinot.malalou\AppData\Local\Application Data
O43 - CFD: 24/12/2012 - 17:35:51 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Apps
O43 - CFD: 27/03/2014 - 02:39:04 - [] ----D C:\Users\faustinot.malalou\AppData\Local\assembly
O43 - CFD: 03/04/2014 - 16:24:40 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Broadcom
O43 - CFD: 24/03/2015 - 09:01:15 - [] ----D C:\Users\faustinot.malalou\AppData\Local\CrashDumps
O43 - CFD: 01/03/2014 - 09:20:39 - [0] ----D C:\Users\faustinot.malalou\AppData\Local\Deployment
O43 - CFD: 06/10/2014 - 14:31:08 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Downloaded Installations
O43 - CFD: 24/03/2015 - 06:02:05 - [] ----D C:\Users\faustinot.malalou\AppData\Local\ElevatedDiagnostics
O43 - CFD: 09/08/2014 - 08:48:57 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Foxit Reader
O43 - CFD: 01/05/2014 - 11:55:08 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Google
O43 - CFD: 19/12/2012 - 10:35:25 - [] -SH-D C:\Users\faustinot.malalou\AppData\Local\Historique
O43 - CFD: 19/12/2012 - 19:00:28 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Macromedia
O43 - CFD: 26/01/2015 - 01:06:48 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Microsoft
O43 - CFD: 29/11/2011 - 18:01:41 - [0] ----D C:\Users\faustinot.malalou\AppData\Local\Microsoft Help
O43 - CFD: 25/01/2013 - 16:46:19 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Microsoft_Corporation
O43 - CFD: 07/01/2014 - 06:25:57 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Mozilla
O43 - CFD: 06/10/2014 - 14:29:11 - [] ----D C:\Users\faustinot.malalou\AppData\Local\paint.net
O43 - CFD: 11/12/2013 - 23:47:16 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Programs
O43 - CFD: 13/12/2014 - 22:38:59 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Remove_Empty_Directories
O43 - CFD: 13/05/2014 - 17:56:51 - [] ----D C:\Users\faustinot.malalou\AppData\Local\TechSmith
O43 - CFD: 24/03/2015 - 18:34:32 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Temp
O43 - CFD: 19/12/2012 - 10:35:25 - [] -SH-D C:\Users\faustinot.malalou\AppData\Local\Temporary Internet Files
O43 - CFD: 29/03/2013 - 18:50:29 - [] ----D C:\Users\faustinot.malalou\AppData\Local\Wave Systems Corp
O43 - CFD: 28/12/2012 - 19:08:25 - [] R---D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 21/03/2015 - 22:35:06 - [] R---D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/03/2015 - 22:35:06 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 14/07/2009 - 05:37:42 - [] R---D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/02/2014 - 19:56:19 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft
O43 - CFD: 18/04/2014 - 15:56:09 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PMP
O43 - CFD: 21/03/2015 - 22:35:06 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Périphériques Bluetooth
O43 - CFD: 26/03/2014 - 23:18:05 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 06/10/2014 - 13:35:13 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sib Icon Editor
O43 - CFD: 21/03/2015 - 22:35:06 - [] R---D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/06/2013 - 10:49:05 - [] ----D C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier
~ Program Folder: 272 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0FD501E633BF038908FAA6045B4694E2] - 15/03/2015 - 22:56:09 ---A- . (...) -- C:\LISTE1.CSV [123]
O44 - LFC:[MD5.26F94E8E22ED609D8518C500ECF445C3] - 15/03/2015 - 23:10:38 ---A- . (...) -- C:\liste3.txt [9860]
O44 - LFC:[MD5.25C652D93870A392347B909997FBDC37] - 15/03/2015 - 23:15:34 ---A- . (...) -- C:\liste.1.txt [29640]
O44 - LFC:[MD5.C5FD8CDD3E2DBD318BD4E3756CA2B1CB] - 16/03/2015 - 09:12:52 ---A- . (...) -- C:\liste2.txt [2923]
O44 - LFC:[MD5.921C318BB84A00D33602308076957CB7] - 16/03/2015 - 09:14:43 ---A- . (...) -- C:\LISTE8A8RELANCER.xlsx [10746]
O44 - LFC:[MD5.6C2D4DC5D2E271F4AE4016FD4587B0B2] - 16/03/2015 - 12:01:15 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntkrnlpa.exe [3973048]
O44 - LFC:[MD5.2CFE69A0A8AFDA8DB9A773D728000BB7] - 16/03/2015 - 12:01:15 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [3917760]
O44 - LFC:[MD5.7C1CADCA0E674212412559B0EAD0919A] - 16/03/2015 - 12:01:17 ---A- . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.DLL [12625408]
O44 - LFC:[MD5.003C51B9FE38287BA4E0E58D3AE080BD] - 16/03/2015 - 12:01:19 ---A- . (.Microsoft Corporation - BlackBox DLL.) -- C:\Windows\System32\blackbox.dll [744960]
O44 - LFC:[MD5.5B0C6247027FCF5A2E2F150E298D2FFA] - 16/03/2015 - 12:01:19 ---A- . (.Microsoft Corporation - DLL Media Foundation.) -- C:\Windows\System32\mf.dll [3209728]
O44 - LFC:[MD5.DCC148408770F2D55B201F8FC26438A1] - 16/03/2015 - 12:01:19 ---A- . (.Microsoft Corporation - DRMv2 Client DLL.) -- C:\Windows\System32\drmv2clt.dll [988160]
O44 - LFC:[MD5.833FCABCB5D95B1911BA6E62FC82AC04] - 16/03/2015 - 12:01:19 ---A- . (.Microsoft Corporation - Windows Media DRM SDK DLL.) -- C:\Windows\System32\wmdrmsdk.dll [617984]
O44 - LFC:[MD5.3051724F223EA48968B19567DE2A81F4] - 16/03/2015 - 12:01:21 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [370488]
O44 - LFC:[MD5.B378B6A865C28CE5C1E23C35760A1199] - 16/03/2015 - 12:01:21 ---A- . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll [11411968]
O44 - LFC:[MD5.6EBC44F464A00EF4E4F0DBBB6BD3FF14] - 16/03/2015 - 12:01:23 ---A- . (.Microsoft Corporation - Media Foundation Crash Dump Encryption DLL.) -- C:\Windows\System32\EncDump.dll [275968]
O44 - LFC:[MD5.C1619A13B10CAC5038BF7129F57D8DE3] - 16/03/2015 - 12:01:23 ---A- . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [475136]
O44 - LFC:[MD5.74264B7F57A16D25CB581C07964D324A] - 16/03/2015 - 12:01:24 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1174528]
O44 - LFC:[MD5.BB73C907D1BD437B6C30F2C23BB089FC] - 16/03/2015 - 12:01:24 ---A- . (.Microsoft Corporation - DRM Migration DLL.) -- C:\Windows\System32\drmmgrtn.dll [406016]
O44 - LFC:[MD5.CFE8B425822E478B530A590896ECF091] - 16/03/2015 - 12:01:24 ---A- . (.Microsoft Corporation - Isolation graphique de périphérique audio W.) -- C:\Windows\System32\audiodg.exe [100864]
O44 - LFC:[MD5.D5EC42139D6A6158CF188975C50B6A60] - 16/03/2015 - 12:01:24 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\System32\wintrust.dll [179200]
O44 - LFC:[MD5.50B8937A81360D16A5C772302BD32CFE] - 16/03/2015 - 12:01:24 ---A- . (.Microsoft Corporation - Session audio.) -- C:\Windows\System32\AudioSes.dll [195584]
O44 - LFC:[MD5.2D4814D567E5A85C473228BA772A7AFB] - 16/03/2015 - 12:01:25 ---A- . (.Microsoft Corporation - DLL de rendu vidéo amélioré.) -- C:\Windows\System32\evr.dll [489984]
O44 - LFC:[MD5.96DB6A923DEDB58FC7CBBF5CFF73314D] - 16/03/2015 - 12:01:25 ---A- . (.Microsoft Corporation - Module d’exécution DirectShow..) -- C:\Windows\System32\quartz.dll [1329664]
O44 - LFC:[MD5.FCD5137A10C8943B34C9BE891C50159F] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656]
O44 - LFC:[MD5.69B4CE000298A9253EB206C3AC1360F5] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - AppID Certificate Store Verification Task.) -- C:\Windows\System32\appidcertstorecheck.exe [16896]
O44 - LFC:[MD5.81F97D8F8B3FB94A451CC6F7CF8B2965] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\Drivers\appid.sys [50176]
O44 - LFC:[MD5.3245B3D9A1F36C8A80900003B22F9FA4] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - AppID Policy Converter Task.) -- C:\Windows\System32\appidpolicyconverter.exe [96768]
O44 - LFC:[MD5.A56F4029FDCF4F817E78953CDA953E28] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Audio Ks Endpoint.) -- C:\Windows\System32\AUDIOKSE.dll [442880]
O44 - LFC:[MD5.FFCFCDFD8D17DC62F168B50E92143EFA] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Bibliothèque principale de Restauration du.) -- C:\Windows\System32\srcore.dll [400896]
O44 - LFC:[MD5.E0AB9CA912398BE1AAD14FF7AD75C397] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - DLL des API d’identité de l’application.) -- C:\Windows\System32\appidapi.dll [50688]
O44 - LFC:[MD5.6C620B9DDB9EB0F0D92E9607D76B3D3D] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - MUI Callback for Bcd.) -- C:\Windows\System32\setbcdlocale.dll [50176]
O44 - LFC:[MD5.AF47EAA4ADDA9AA221FB7647EE22BF53] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Media Foundation Proxy DLL.) -- C:\Windows\System32\mfps.dll [103424]
O44 - LFC:[MD5.D3916F83AC8F2314262387A2E16C6578] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\dxmasf.dll [4096]
O44 - LFC:[MD5.D3916F83AC8F2314262387A2E16C6578] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\msdxm.ocx [4096]
O44 - LFC:[MD5.6B1EB62B8DD3F439F972BE14D7A34FC8] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Mount Point Manger Sysprep Utility Library.) -- C:\Windows\System32\msmmsp.dll [10752]
O44 - LFC:[MD5.7DD3B3971D45197FA059C7CF55387BE8] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\System32\winload.exe [521384]
O44 - LFC:[MD5.F5090F8FA6757C58E17BAEAA86093636] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Service d’identité de l’application.) -- C:\Windows\System32\appidsvc.dll [27648]
O44 - LFC:[MD5.49474B3E37969AF4B5C076F42B623AFF] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Services de chiffrement.) -- C:\Windows\System32\cryptsvc.dll [143872]
O44 - LFC:[MD5.320A8699369C43CF53B2DB4538D17C52] - 16/03/2015 - 12:01:27 ---A- . (.Microsoft Corporation - Windows Media Secure Content Provider.) -- C:\Windows\System32\msscp.dll [504320]
O44 - LFC:[MD5.18F1BBB37F1BC76332B5C1B5FA5ED310] - 16/03/2015 - 12:01:28 ---A- . (.Microsoft Corporation - Application de démarrage Reprise à partir d.) -- C:\Windows\System32\winresume.exe [455752]
O44 - LFC:[MD5.98C1191C862B44567FCF3C18BAEE859E] - 16/03/2015 - 12:01:28 ---A- . (.Microsoft Corporation - DirectShow DVD PlayBack Runtime..) -- C:\Windows\System32\qdvd.dll [519680]
O44 - LFC:[MD5.D31FB78F37F075FA9605D7ED9B2070D2] - 16/03/2015 - 12:01:28 ---A- . (.Microsoft Corporation - Module d’intégrité du code.) -- C:\Windows\System32\ci.dll [409272]
O44 - LFC:[MD5.AEBC369F7DC72AB3F5B9BDF34FA0D43F] - 16/03/2015 - 12:01:28 ---A- . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\Windows\System32\Drivers\PEAuth.sys [593920]
O44 - LFC:[MD5.C5667EE72D7364BE81516C0707FEF724] - 16/03/2015 - 12:01:31 ---A- . (.Microsoft Corporation - DLL de la plateforme Media Foundation.) -- C:\Windows\System32\mfplat.dll [354816]
O44 - LFC:[MD5.49F4EE8DF752CFA159B99046CD1FDD2B] - 16/03/2015 - 12:01:31 ---A- . (.Microsoft Corporation - EXE de pipeline protégé par Media Foundatio.) -- C:\Windows\System32\mfpmp.exe [23040]
O44 - LFC:[MD5.A4A2EFB40015B76467F09E6DC388BC26] - 16/03/2015 - 12:01:31 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [43008]
O44 - LFC:[MD5.08FF727297A97907AADED4BA86CF44E9] - 16/03/2015 - 12:01:31 ---A- . (.Microsoft Corporation - Programme d’installation R&R.) -- C:\Windows\System32\rrinstaller.exe [50176]
O44 - LFC:[MD5.2D21189858856316D55EAD55DF4964C2] - 16/03/2015 - 12:01:32 ---A- . (.Microsoft Corporation - Audio Engine.) -- C:\Windows\System32\AudioEng.dll [374784]
O44 - LFC:[MD5.B54FD1991E659FD61EF1D34EC27AAECD] - 16/03/2015 - 12:01:32 ---A- . (.Microsoft Corporation - Cryptographic Service Provider API.) -- C:\Windows\System32\cryptsp.dll [81408]
O44 - LFC:[MD5.01C6C743FE49D0FB3F0A1391FEF1DEB3] - 16/03/2015 - 12:01:32 ---A- . (.Microsoft Corporation - Gestionnaire de sessions Windows.) -- C:\Windows\System32\smss.exe [69632]
O44 - LFC:[MD5.7847865A78B7FB9221D9DFB35A7B8ECD] - 16/03/2015 - 12:01:32 ---A- . (.Microsoft Corporation - Processus d'exécution client-serveur.) -- C:\Windows\System32\csrsrv.dll [38912]
O44 - LFC:[MD5.055C6BD2B4216C69302807A44A2C2B46] - 16/03/2015 - 12:01:32 ---A- . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe [262656]
O44 - LFC:[MD5.A6AEADE370FFE3F37554D8AAA3E4B873] - 16/03/2015 - 12:01:33 ---A- . (.Microsoft Corporation - Assistant Compatibilité des programmes.) -- C:\Windows\System32\pcalua.exe [8192]
O44 - LFC:[MD5.10495B2681F3E271CB93608D853A0CF0] - 16/03/2015 - 12:01:33 ---A- . (.Microsoft Corporation - Program Compatibility Assistant Helper.) -- C:\Windows\System32\pcawrk.exe [9728]
O44 - LFC:[MD5.3BAA4BAE71460C5CEB40D5E9339A61BC] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll [103936]
O44 - LFC:[MD5.2F3CE58D8C276570EEB69C99CFBAFD58] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - DLL d’erreur Media Foundation.) -- C:\Windows\System32\mferror.dll [2048]
O44 - LFC:[MD5.70E96EBE87A38857619671FCB9C8EC7B] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - DRM ActiveX Network Object.) -- C:\Windows\System32\msnetobj.dll [265216]
O44 - LFC:[MD5.B7D2BB84C590F0AE9DA51DBB065A780E] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - Fournisseur de l’interface Microsoft Trust.) -- C:\Windows\System32\cryptui.dll [1005056]
O44 - LFC:[MD5.644905A19D0F37F2233DFCE53BC4BC19] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - Gestionnaire des points de montage.) -- C:\Windows\System32\Drivers\mountmgr.sys [78784]
O44 - LFC:[MD5.F0C8038C9336EE6C3244CF431AB362BE] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - Ressources d’événement de l’Assistant Compa.) -- C:\Windows\System32\pcaevts.dll [8704]
O44 - LFC:[MD5.52954BE460EC6C54C0ACB2B3B126FFC6] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - Service de l’Assistant Compatibilité des pr.) -- C:\Windows\System32\pcasvc.dll [157184]
O44 - LFC:[MD5.8B07DBA0D77346545C6359AC67DCB980] - 16/03/2015 - 12:01:35 ---A- . (.Microsoft Corporation - Windows Media Player System Preparation DLL.) -- C:\Windows\System32\spwmp.dll [8192]
O44 - LFC:[MD5.C45E651DD6C0D7C1D92B338CE9331EF3] - 16/03/2015 - 12:01:37 ---A- . (.Microsoft Corporation - Program Compatibility Assistant Diagnostic.) -- C:\Windows\System32\pcadm.dll [28160]
O44 - LFC:[MD5.9566C8BBD2271A7962D4432A624762AD] - 16/03/2015 - 12:03:46 ---A- . (.Microsoft Corporation - Codec pour photographie Windows Media Photo.) -- C:\Windows\System32\WMPhoto.dll [417792]
O44 - LFC:[MD5.55273844B66D77A2F1A2213C17A9EA4A] - 16/03/2015 - 12:05:09 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.965D6A2B30A95A9F7EF13653988D3D9F] - 16/03/2015 - 12:05:09 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [299008]
O44 - LFC:[MD5.274F0540FD4C88FC845C94CA1569688A] - 16/03/2015 - 12:05:09 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\System32\dciman32.dll [10240]
O44 - LFC:[MD5.ABB358777FDF4AF51B2FE26137D2B8D4] - 16/03/2015 - 12:05:09 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\System32\fontsub.dll [70656]
O44 - LFC:[MD5.DD16C06B79DA2FBD422E87923C6C0C9D] - 16/03/2015 - 12:05:09 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\lpk.dll [26624]
O44 - LFC:[MD5.7A71DA6D6F75AB73475128F787DD8EAD] - 16/03/2015 - 12:05:16 ---A- . (.Microsoft Corporation - Bibliothèque de chiffrement Windows.) -- C:\Windows\System32\ncrypt.dll [221184]
O44 - LFC:[MD5.D9FAD47AFADE210921EF0991307DAD6D] - 16/03/2015 - 12:05:16 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1061376]
O44 - LFC:[MD5.30F5B3E28636009A0B194057AAE4392A] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [17408]
O44 - LFC:[MD5.ACD0CA819E279E1C17BE5C8A077EF448] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - DLL des événements d’audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [146432]
O44 - LFC:[MD5.0485899A035E02C53014C0545D912405] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [686080]
O44 - LFC:[MD5.4DAC97CF81FAE4B2988AEF0DF40D04AE] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [67512]
O44 - LFC:[MD5.9EED5E0B7BF784C491C2289A09920BDA] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [137656]
O44 - LFC:[MD5.887C8C0BF3FF4C74E76714375AE9B1D8] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [15872]
O44 - LFC:[MD5.C7D334A01C66BF07B92D04CD7A981B7F] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [259584]
O44 - LFC:[MD5.4E15E2D20AE755FDEACD96F359F732DB] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [172032]
O44 - LFC:[MD5.7407DDA27838C393DE67A0BDCDD044D0] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Nom d’audit des objets système.) -- C:\Windows\System32\msobjs.dll [60416]
O44 - LFC:[MD5.69925A266D265DAD96C6FCBB861FA5CD] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [550912]
O44 - LFC:[MD5.5E76C26CAE2810EA71C161ED9A2CF0D1] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Programme de stratégie d’audit.) -- C:\Windows\System32\auditpol.exe [50176]
O44 - LFC:[MD5.84974782ED5D108DA2EFAF3C6534A760] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [22016]
O44 - LFC:[MD5.49144A633AB640E34A0FFDE26CB31EB5] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [100352]
O44 - LFC:[MD5.D5063B86DC3F85B93D02AF68099F4C9A] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [248832]
O44 - LFC:[MD5.B06A4105DD22E91A1D922D7310803140] - 16/03/2015 - 12:05:17 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [65536]
O44 - LFC:[MD5.F65F365AC0D1657917EFDB52445C848B] - 16/03/2015 - 12:05:18 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [22528]
O44 - LFC:[MD5.B804EAA9E037580F96C22537C2ECB62A] - 16/03/2015 - 12:05:41 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll [171520]
O44 - LFC:[MD5.E118F7CFD80C1346BDC37B64E1270DD6] - 16/03/2015 - 12:06:28 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [12375040]
O44 - LFC:[MD5.32B8D8E88379691236C00A752138809F] - 16/03/2015 - 12:06:29 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [9747968]
O44 - LFC:[MD5.58C6BC3102CB0E8E90C90C1637BACB50] - 16/03/2015 - 12:06:30 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1139200]
O44 - LFC:[MD5.36A4E86EFE3FBF965062F6D187895758] - 16/03/2015 - 12:06:30 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\mshta.exe [11776]
O44 - LFC:[MD5.1FFF4BAE92A623FEC04CF450D6BF0DF7] - 16/03/2015 - 12:06:30 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [231936]
O44 - LFC:[MD5.1AA9636013318C07C97B5FCE6E54211E] - 16/03/2015 - 12:06:30 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1427968]
O44 - LFC:[MD5.0E7D03201E0FBA5313D7FEACB49CE178] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [367104]
O44 - LFC:[MD5.6293D025E82071B9424877E30B6AC1C8] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1129472]
O44 - LFC:[MD5.01A53348FDC2BFA3075CB6B6E054415C] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [717824]
O44 - LFC:[MD5.4C206711ACACE1505C0291EDD493E623] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [1810944]
O44 - LFC:[MD5.0486EB0A27DACB23CB69F3DBA2B8C2E7] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [10752]
O44 - LFC:[MD5.850C6A2F616874923D7E77680F9A87CE] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [176640]
O44 - LFC:[MD5.39D90322A16E5417BF7B12F03BB9BD8F] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [142848]
O44 - LFC:[MD5.E5315746C4E4851BCB256F15C16D5F91] - 16/03/2015 - 12:06:31 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [1803264]
O44 - LFC:[MD5.C9E5A3FF121596B51A9F72870CFB1D39] - 16/03/2015 - 12:06:32 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [65536]
O44 - LFC:[MD5.F335C46A9450BE16CF0F97D710F9129C] - 16/03/2015 - 12:06:32 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [607744]
O44 - LFC:[MD5.6C25D51EAAF0D4198230645E47C7991C] - 16/03/2015 - 12:06:32 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [421376]
O44 - LFC:[MD5.969C5266346FA804ADF9106672622D1D] - 16/03/2015 - 12:06:32 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [73216]
O44 - LFC:[MD5.E3B153191510A97D65A60C4C05CFEF50] - 16/03/2015 - 12:06:32 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll [41472]
O44 - LFC:[MD5.B21F322A78BD865BEC55286DCAA24657] - 16/03/2015 - 12:06:33 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2382848]
O44 - LFC:[MD5.BA3CB7D5C1DCF17E6FFFB28DB950841A] - 16/03/2015 - 12:06:56 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2381312]
O44 - LFC:[MD5.340EECB781E6C06A6171B3068DA208AD] - 16/03/2015 - 12:07:14 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll [12875264]
O44 - LFC:[MD5.84B460BB65567ED42DD605FA044DB370] - 16/03/2015 - 12:07:39 ---A- . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\Windows\System32\msctf.dll [828928]
O44 - LFC:[MD5.6BF8843C99352B8A600794DE740C2566] - 16/03/2015 - 12:09:55 ---A- . (.Microsoft Corporation - DLL RDPCore TS.) -- C:\Windows\System32\rdpcorets.dll [2744320]
O44 - LFC:[MD5.06E6DEABDA3A27DDA054BE46207420E4] - 16/03/2015 - 12:09:56 ---A- . (.Microsoft Corporation - Remote Desktop Protocol Group Policy Extens.) -- C:\Windows\System32\RdpGroupPolicyExtension.dll [13824]
O44 - LFC:[MD5.1B430766C544BEF1D8BE2305FF7F8D9C] - 16/03/2015 - 12:09:56 ---A- . (.Microsoft Corporation - UMRDP Display Driver.) -- C:\Windows\System32\rdpudd.dll [221184]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 16/03/2015 - 12:12:07 ---A- . (...) -- C:\Windows\win.ini [478]
O44 - LFC:[MD5.5F3628DCF926C4499BE1DC74431DFBC8] - 16/03/2015 - 12:12:10 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1230848]
O44 - LFC:[MD5.F4D9C5C11FC806C06C8168CE7987DFBB] - 16/03/2015 - 22:17:34 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [427912]
O44 - LFC:[MD5.AB73A39A5E45F465B02C11C500BB0278] - 17/03/2015 - 06:15:22 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [23256]
O44 - LFC:[MD5.C2730E796F3A84DE3D4FCFF899028838] - 17/03/2015 - 06:15:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [92888]
O44 - LFC:[MD5.2A1B51A1FE8DC4DC0D52EC700CB02CEF] - 17/03/2015 - 06:15:36 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [51928]
O44 - LFC:[MD5.4362E3673000C63629273ED7152757AF] - 17/03/2015 - 07:59:42 ---A- . (...) -- C:\C_liste.txt [14200]
O44 - LFC:[MD5.C5ACA8D5EDA3AD83590D4F1DA4FC1D5A] - 17/03/2015 - 10:06:13 ---A- . (...) -- C:\A_liste.txt [1500]
O44 - LFC:[MD5.B193CCB4BA3AC31B418317367FCA2E68] - 17/03/2015 - 15:27:31 ---A- . (...) -- C:\b_liste.txt [6866]
O44 - LFC:[MD5.71CE94394D14D56686566CEF365AA24A] - 23/03/2015 - 14:45:28 ---A- . (...) -- C:\Windows\ricdb.ini [1252]
O44 - LFC:[MD5.603E0D7D294C13A1E142DDAF04B50D97] - 23/03/2015 - 21:55:58 ---A- . (...) -- C:\DelFix.txt [969]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/03/2015 - 22:07:27 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.81FA54B39EE697F25CCE7855841BE05C] - 23/03/2015 - 22:38:54 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.04B309A1A653177994630C2773E659F1] - 24/03/2015 - 07:18:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O44 - LFC:[MD5.430126919DE03FB6B348A0BF64060A95] - 24/03/2015 - 08:52:04 ---A- . (...) -- C:\Windows\ntbtlog.txt [608496]
O44 - LFC:[MD5.4F3BB5CA906CDFED4CBEE14065A561F2] - 24/03/2015 - 16:51:53 ---A- . (...) -- C:\Windows\setupact.log [336]
O44 - LFC:[MD5.931E0CECB5DD569EB6CED359BAE60550] - 24/03/2015 - 16:51:53 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.8F133A09B4F8AE762B150AAF6B0D7DCD] - 24/03/2015 - 16:57:55 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [2072924]
O44 - LFC:[MD5.8027ABD88678E46046E125DAD61E95AE] - 24/03/2015 - 16:57:55 ---A- . (...) -- C:\Windows\System32\perfc009.dat [176456]
O44 - LFC:[MD5.ABC62DDA8C143F1B2B9073C673179E9B] - 24/03/2015 - 16:57:55 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [209814]
O44 - LFC:[MD5.5B2DF33772079A1F34878D77EBCA9C16] - 24/03/2015 - 16:57:55 ---A- . (...) -- C:\Windows\System32\perfh009.dat [784850]
O44 - LFC:[MD5.6CDDACEB39A796BF5E2C1BDFB4DFD505] - 24/03/2015 - 16:57:55 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [900522]
O44 - LFC:[MD5.9AB31D69F738FDA11BDD63936BCF3ECD] - 24/03/2015 - 18:31:37 ---A- . (...) -- C:\Windows\WindowsUpdate.log [178227]
~ Files: 139 Scanned in 02mn 13s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Authentication Packages . (.Wave Systems Corp. - Authentication Package.) -- C:\Windows\System32\wvauth.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Notification Packages . (.Broadcom Corporation. - BtwProximityCP DLL.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 11 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (...) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Anywhere [Key] . (.Pas de propriétaire - Anywhere Application Sharing ActiveX.) -- C:\Windows\system32\ANWShare25.dll
O53 - SMSR:HKLM\...\startupreg\CPS Certificate Manager [Key] . (.ASIP SANTE - Application de sychronisation des certifica.) -- C:\Program Files\santesocial\cps\cps_ccm_pcsc.exe
O53 - SMSR:HKLM\...\startupreg\PDVDDXSrv [Key] . (...) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (.not file.)
~ SMSR Keys: 5 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 21 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=221
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 2 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:23/04/2009 - 20:42:06 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [381440]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:09/02/2010 - 14:06:30 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60x.sys [325672]
O58 - SDL:10/02/2010 - 12:36:06 ---A- . (.Broadcom Corporation - Broadcom Advanced Server Program Driver.) -- C:\Windows\System32\Drivers\basp.sys [86016]
O58 - SDL:03/11/2009 - 10:21:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Unified Crash Dump (x86).) -- C:\Windows\System32\Drivers\bnxcdx.sys [226344]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:03/04/2014 - 16:18:07 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [508184]
O58 - SDL:03/04/2014 - 16:18:07 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [152400]
O58 - SDL:03/04/2014 - 16:18:06 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [175144]
O58 - SDL:03/04/2014 - 16:18:06 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [33832]
O58 - SDL:03/04/2014 - 16:18:06 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [18728]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:18/12/2014 - 17:28:52 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [243128]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:03/03/2010 - 19:33:26 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStor.sys [435736]
O58 - SDL:11/03/2011 - 06:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:17/03/2015 - 06:15:22 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [23256]
O58 - SDL:17/03/2015 - 06:15:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [92888]
O58 - SDL:24/03/2015 - 07:18:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:17/03/2015 - 06:15:36 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [51928]
O58 - SDL:14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:01/02/2010 - 23:02:12 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 191.75.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [9532488]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744]
O58 - SDL:04/06/2008 - 14:14:00 ---A- . (.Dell Inc - PBA Support Driver.) -- C:\Windows\System32\Drivers\PBADRV.sys [26608]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:14/07/2009 - 00:45:33 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\serial.sys [83456]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:22/08/2013 - 13:40:22 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35288]
O58 - SDL:19/07/2010 - 17:03:10 ---A- . (.Trend Micro Inc. - TrendMicro Activity Monitor Module.) -- C:\Windows\System32\Drivers\tmactmon.sys [59472]
O58 - SDL:19/07/2010 - 17:02:54 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\System32\Drivers\tmcomm.sys [163408]
O58 - SDL:19/07/2010 - 17:03:00 ---A- . (.Trend Micro Inc. - TrendMicro Event Management Module.) -- C:\Windows\System32\Drivers\tmevtmgr.sys [51792]
O58 - SDL:23/02/2009 - 11:32:54 ---A- . (.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) -- C:\Windows\System32\Drivers\tmtdi.sys [78352]
O58 - SDL:14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:19/01/2010 - 12:46:44 ---A- . (.Wave Systems Corp. - WavX Document Manager Filter Driver.) -- C:\Windows\System32\Drivers\WavxDMgr.sys [229888]
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 80 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 23/03/2015 - 18:37:51 ---A- . (...) -- C:\Users\faustinot.malalou\AppData\Roaming\ZHP\ZHPCleaner.exe [1701888] =>.Nicolas Coolman
O61 - LFC: 24/03/2015 - 18:37:33 ---A- . (...) -- C:\Users\faustinot.malalou\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphd_qjg.dll [43008]
O61 - LFC: 24/03/2015 - 18:37:33 ---A- . (...) -- C:\Users\faustinot.malalou\AppData\Local\WavXMapDrive.bat [0]
O61 - LFC: 24/03/2015 - 18:37:48 ---A- . (...) -- C:\Users\faustinot.malalou\AppData\Roaming\Microsoft\Microsoft SQL Server\100\Tools\Shell\SqlStudio.bin [33638]
O61 - LFC: 24/03/2015 - 18:39:10 ---A- . (.Thisisu.) -- C:\Users\faustinot.malalou\MAKUTUX\Up&down\JRT.exe [1388782]
~ 15 Fichiers temporaires (Temporary files)
~ 6 Fichiers cookies (Cookies files)
~ Files: 5 Scanned in 01mn 47s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\iaStorV.sys (iaStorV) .(.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) - LEGACY_IASTORV
O64 - Services: CurCS - 17/03/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 04/06/2008 - C:\Windows\System32\DRIVERS\PBADRV.sys (PBADRV) .(.Dell Inc - PBA Support Driver.) - LEGACY_PBADRV
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 19/07/2010 - C:\Windows\System32\DRIVERS\tmactmon.sys (tmactmon) .(.Trend Micro Inc. - TrendMicro Activity Monitor Module.) - LEGACY_TMACTMON
O64 - Services: CurCS - 19/07/2010 - C:\Windows\System32\DRIVERS\tmcomm.sys (tmcomm) .(.Trend Micro Inc. - TrendMicro Common Module.) - LEGACY_TMCOMM
O64 - Services: CurCS - 19/07/2010 - C:\Windows\System32\DRIVERS\tmevtmgr.sys (tmevtmgr) .(.Trend Micro Inc. - TrendMicro Event Management Module.) - LEGACY_TMEVTMGR
O64 - Services: CurCS - 14/08/2013 - C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys (TmFilter) .(.Trend Micro Inc. - Post Filter For XP.) - LEGACY_TMFILTER
O64 - Services: CurCS - 14/08/2013 - C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys (TmPreFilter) .(.Trend Micro Inc. - Pre-Filter For XP.) - LEGACY_TMPREFILTER
O64 - Services: CurCS - 23/02/2009 - C:\Windows\System32\DRIVERS\tmtdi.sys (tmtdi) .(.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) - LEGACY_TMTDI
O64 - Services: CurCS - 14/08/2013 - C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys (VSApiNt) .(.Trend Micro Inc. - VsapiNT.) - LEGACY_VSAPINT
O64 - Services: CurCS - 19/01/2010 - C:\Windows\System32\DRIVERS\WavxDMgr.sys (WavxDMgr) .(.Wave Systems Corp. - WavX Document Manager Filter Driver.) - LEGACY_WAVXDMGR
~ Legacy: 91 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [597504]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1973728]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]
~ Services: 33 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.A3942874E1842E0AB7290D4B10301209] [SPRF][18/05/2013] (...) -- C:\Users\faustinot.malalou\Desktop\Déplacement fichier le plus récent.exe [453003]
[MD5.578BF9C1228E3726D83A1631288E8D09] [SPRF][15/08/2013] (.InstallShield Software Corporation - Setup.exe.) -- C:\Users\faustinot.malalou\Desktop\EClea2_0.exe [2951802]
[MD5.6AF62ECF3D40FAEB3F90BB95C0283292] [SPRF][19/03/2013] (...) -- C:\Users\faustinot.malalou\Desktop\ExprodLGPI.exe [1234432]
[MD5.098A81724FA0BD30DB53BF72D3AA64A2] [SPRF][14/08/2014] (...) -- C:\Users\faustinot.malalou\Desktop\Ftp_JStock_Cloud_V2.bat [3597]
[MD5.EB96973546223098157D3645BBE8A6B9] [SPRF][24/01/2013] (.Microsoft - XmlIndent.) -- C:\Users\faustinot.malalou\Desktop\XmlIndent.exe [5632]
~ Files: 5 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/02/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 17/03/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 22/03/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 03/02/2010 1032192 | (SecureStorageService) . (.Wave Systems Corp..) - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
SS - | Auto 12/11/2008 1273856 | (tcsd_win32.exe) . (...) - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
SS - | Demand 23/02/2009 652552 | (TmProxy) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 27/02/2013 829656 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 24/08/2010 388464 | (dcpsysmgrsvc) . (.Dell Inc..) - c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
SR - | Auto 03/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 22/07/1658 0 | (MySQL) . (...) - C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt" "--defaults-file=C:\Program Files\MySQL\MySQL Server 4.1\my.ini
SR - | Auto 03/06/2009 1332520 | (ntrtscan) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
SR - | Auto 27/10/2009 5233256 | (NVIDIA Performance Driver Service) . (...) - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
SR - | Auto 04/12/2009 215656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 25/11/2011 35840 | (OCS Inventory Service) . (.OCS Inventory NG.) - C:\Program Files\OCS Inventory Agent\OcsService.exe
SR - | Auto 29/03/2010 1164648 | (TdmService) . (.Wave Systems Corp..) - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
SR - | Auto 07/02/2014 5093216 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Demand 12/03/2009 341256 | (TMBMServer) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\OfficeScan Client\..\BM\TMBMSRV.exe
SR - | Auto 03/06/2009 1246848 | (tmlisten) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
SR - | Auto 06/12/2009 1590216 | (uvnc_service) . (.UltraVNC.) - C:\Program Files\UltraVNC\WinVNC.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Faustinot.MALALOU at 24/03/2015 18:42:51
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (23/03/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 376208 Items scanned in 00mn 35s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Scanned in 00mn 00s



End of the scan (1437 lines in 09mn 29s)(0.11)

Publicité


Signaler le contenu de ce document

Publicité