cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.12.13.184 Par Nicolas Coolman (2015/12/11)
~ Démarré par Antoine (Administrator) (2015/12/14 16:42:32)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Antoine\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Antoine\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10586)

---\\ Navigateurs Internet (2) - 0s
MFIE: Mozilla Firefox 42.0 (x86 fr) v42.0
MSIE: Internet Explorer v11.20.10586.0

---\\ Informations sur les produits Windows (8) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : 3V66T
Windows License : OK
~ Windows Remaining Initializations Number : 1001
Windows Automatic Updates : OK

---\\ Logiciels de protection (3) - 0s
Bitdefender Antivirus Plus 2015 v19.2.0.142
Malwarebytes Anti-Malware version 2.2.0.1024
Windows Defender (Deactivate)

---\\ Logiciels d'optimisation (1) - 0s
CCleaner v5.12

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8386.612 MB (74% free)
System Restore: Activé (Enable)
System drive C: has 81 GB () free of 243 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: ANTOINE-PC
~ User Name: Antoine
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 81 GB free of 243 GB (System)
~ Drive D: has 423 GB free of 476 GB

---\\ Etat du Centre de Sécurité Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (25) - 0s
[MD5.4572EB3DDBD2DFA10DE7A037A6CC6D53] - 30/10/2015 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [4502864] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] ©
[MD5.CAD491DD9EC00BB841EA407D9C498C4A] - 30/10/2015 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [290856] =>.Microsoft Windows Publisher®
[MD5.AB4C1A9F37C0B8467AC923ED4AD727D6] - 04/12/2015 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [2647552] ©
[MD5.46C8E60DEDBDA95C102D1B2E74676578] - 30/10/2015 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [584704] ©
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] ©
[MD5.E7B524818100B0FDE2B057C74B0C0DCD] - 11/12/2015 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [686984] =>.Microsoft Windows®
[MD5.2796C0957F6F05A528DD64B8591371B6] - 11/12/2015 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535088] =>.Microsoft Windows®
[MD5.CE50037751671682D1FDBBE7C9B37F4A] - 30/10/2015 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [20480] ©
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 04/12/2015 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] ©
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] ©
[MD5.C9478D7DB7BE5D7ACE65CB1167F07320] - 30/10/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] ©
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] ©
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] ©
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] ©
[MD5.61F9F27A8C3D7BCD287FE98A440421CE] - 30/10/2015 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows®
[MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - 30/10/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279552] ©
[MD5.EFEFC245B884B1BE0401931398DCD707] - 01/12/2015 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152800] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] ©
[MD5.381B8F2311A0375676B635EA5E7C8AB0] - 30/10/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] ©
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] ©
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 04/12/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®

---\\ Liste des services NT non Microsoft et non désactivés (12) - 2s
O23 - Service: AdobeUpdateService (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - AGS Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe ©
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: FBackup 5 Service (FBackup5Srv) . (.Softland - FBackup - IPC service.) - C:\Program Files (x86)\Softland\FBackup 5\bService.exe {5A0A9BA760991132F47D1A5060AC240A} ©
O23 - Service: Freemake Improver (Freemake Improver) . (.Freemake - FreemakeUtilsService.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - d:\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: ReadyCLOUD HTTP Server (ReadyCLOUD HTTP Server) . (.Copyright (c) 2009 - ReadyCLOUD HTTP Server.) - C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\lnhttpservice.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe =>.TomTom International BV®
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe =>.Bitdefender SRL®
O23 - Service: @oem99.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixe (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\System32\viakaraokesrv.exe =>.VIA Technologies Inc.®
O23 - Service: Bitdefender Virus Shield (vsserv) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe =>.Bitdefender SRL®

---\\ Tâches planifiées en automatique (27) - 4s
[MD5.B89A82FB10E98F2FDF51FA82C7366DD3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736] =>.Adobe Systems, Incorporated®
[MD5.F4B462319256598A123CA6A661FA935B] [APT] [AdobeAAMUpdater-1.0-Antoine-PC-Antoine] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104] =>.Adobe Systems Incorporated®
[MD5.5C35525CEBE7B59FAFA05D5E98D7EDEF] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6602152] =>.Piriform Ltd®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000Core] (.Google Inc..) -- C:\Users\Antoine\AppData\Local\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000UA] (.Google Inc..) -- C:\Users\Antoine\AppData\Local\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [Launch HTC Sync Loader] (...) -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.) [0]
[MD5.00F05878A3671AF6D4AB4D3180A41673] [APT] [Quark Updater] (.2011 Quark Software Inc. All rights reserved..) -- C:\Program Files (x86)\Quark\Quark Update\AutoUpdate.exe [19432] {047766B90A18AD}
[MD5.AE8ED86C45C1947E7DB964DA39AE4845] [APT] [SamsungMagician] (.Samsung Electronics..) -- C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [4838816] {1121D54C6060D0ACF70C52CEAC844116F169} ©
[MD5.00000000000000000000000000000000] [APT] [SidebarExecute] (...) -- C:\Program Files\Windows Sidebar\sidebar.exe (.not file.) [0]
[MD5.20C6B97D57CF4BF09FA57B30A6F5BFB7] [APT] [{28D725F8-A520-4780-A634-F9F070E0DE04}] (.Ontrack Data Recovery Inc..) -- C:\Program Files (x86)\Ontrack\EasyRecovery Professional\EasyRecovery.exe [196608]
[MD5.20C6B97D57CF4BF09FA57B30A6F5BFB7] [APT] [{9F396096-C273-4951-AB81-867C36D7DB35}] (.Ontrack Data Recovery Inc..) -- C:\Program Files (x86)\Ontrack\EasyRecovery Professional\EasyRecovery.exe [196608]
[MD5.00000000000000000000000000000000] [APT] [{DAF61245-6989-4279-940F-31BFAAEE7D9E}] (...) -- C:\Program Files (x86)\Ciel\Compta\WK.exe (.not file.) [0]
[MD5.DC8122F28EAEE04E814013447D4A7C95] [APT] [Softland\FBackup 5\FBackup 5 Tray Agent_Antoine] (.Softland.) -- C:\Program Files (x86)\Softland\FBackup 5\bTray.exe [6506288] {5A0A9BA760991132F47D1A5060AC240A} ©
[MD5.E78DB20EE0FB8FCC03DA1D0B8F593FE7] [APT] [Softland\FBackup 5\fba_BK D TAF] (.Softland.) -- C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE [2612016] {5A0A9BA760991132F47D1A5060AC240A} ©
[MD5.582B1C973ABB1203F26A4EFCB415DF43] [APT] [Softland\FBackup 5\fba_BK D TAF CHIMERESC 82] (.Softland.) -- C:\Program Files (x86)\Softland\FBackup 5\bBackup.exe [5982000] {5A0A9BA760991132F47D1A5060AC240A} ©
O39 - APT: GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000Core - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000Core.job [1056] ©
O39 - APT: GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000UA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000UA.job [1108] ©
O39 - APT: Quark Updater - (.2011 Quark Software Inc. All rights reserved..) -- C:\WINDOWS\Tasks\Quark Updater.job [362]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [2954] ©
O39 - APT: AdobeAAMUpdater-1.0-Antoine-PC-Antoine - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Antoine-PC-Antoine [2762] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2864] ©
O39 - APT: GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000Core - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000Core [3850] ©
O39 - APT: GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000UA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-270315957-566422108-1653017096-1000UA [4226] ©
O39 - APT: Launch HTC Sync Loader - (...) -- C:\WINDOWS\System32\Tasks\Launch HTC Sync Loader [2786]
O39 - APT: Quark Updater - (.2011 Quark Software Inc. All rights reserved..) -- C:\WINDOWS\System32\Tasks\Quark Updater [2600]
O39 - APT: SamsungMagician - (.Samsung Electronics..) -- C:\WINDOWS\System32\Tasks\SamsungMagician [2544] ©
O39 - APT: SidebarExecute - (...) -- C:\WINDOWS\System32\Tasks\SidebarExecute [2078]

---\\ Processus lancés (12) - 2s
[MD5.7FE59496114A48A64E98E3218664A3E6] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [238080] [PID.1332] ©
[MD5.0594DCF055A1F567CAFF49B780BA0399] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [514048] [PID.1364] ©
[MD5.0938C10D880660BDF3FBBC9F0E7D2F1E] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [103936] [PID.1860] ©
[MD5.267E24C065E7856277761CBC0CA4B131] - (.Softland - FBackup - IPC service.) -- C:\Program Files (x86)\Softland\FBackup 5\bService.exe [2762544] [PID.2064] {5A0A9BA760991132F47D1A5060AC240A} ©
[MD5.AD4BC132DCE9102F41222058A70A3A7F] - (.Copyright (c) 2009 - ReadyCLOUD HTTP Server.) -- C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\lnhttpservice.exe [45056] [PID.2216]
[MD5.DC8122F28EAEE04E814013447D4A7C95] - (.Softland - FBackup - Tray notifier.) -- C:\Program Files (x86)\Softland\FBackup 5\bTray.exe [6506288] [PID.4104] {5A0A9BA760991132F47D1A5060AC240A} ©
[MD5.AF74709A65DEB45637501A03EA3983C4] - (.Diagonal - DiagonalMenu.) -- C:\Program Files\Diagonal\Commun\DiagonalMenu\DiagonalMenu.exe [303360] [PID.544] {60E1F14F27AEB24D2E28C76D745DA44C} ©
[MD5.EA7E57F87D6FEE5FD6C5F813C04E8CD2] - (.Brother Industries, Ltd. - BrYNCSvc.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760] [PID.6148] ©
[MD5.7349674F1A01DB177EEB5A6D3D19F24B] - (.Diagonal - Application Diagonal.) -- C:\Program Files\Diagonal\Commun\DiagonalMenu\DiagonalApp.exe [377600] [PID.6376] {60E1F14F27AEB24D2E28C76D745DA44C} ©
[MD5.41F1B1BFAFF3D6B9741227DA36021AA4] - (.Diagonal - DiagonalMenu.) -- C:\Program Files\Diagonal\wow64\Commun\DiagonalMenu\DiagonalMenu.exe [275200] [PID.6384] {60E1F14F27AEB24D2E28C76D745DA44C} ©
[MD5.AE8ED86C45C1947E7DB964DA39AE4845] - (.Samsung Electronics. - Samsung Magician Application.) -- C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [4838816] [PID.7080] {1121D54C6060D0ACF70C52CEAC844116F169} ©
[MD5.B2FDAEBE80EB9490B92F17D310225E9A] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\Antoine\AppData\Roaming\ZHP\ZHPDiag3.exe [2012672] [PID.4200] ©

---\\ Google Chrome, Démarrage,Recherche,Extensions (3) - 0s
G2 - GCE: Preference [User Data\Default] [fabcmochhfpldjekobfaaggijgohadih] Bitdefender Wallet
G2 - GCE: Preference [User Data\Default] [lhcjgpimnimhgniglmioklbbdghanoph] Extension de Prolexis
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (3) - 0s
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.DEU
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.FRA
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (11) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (68)

---\\ Browser Helper Object de navigateur (BHO) (1) - 0s
O2 - BHO: Bitdefender Wallet [64Bits] - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll =>.Bitdefender SRL®

---\\ Applications lancées au démarrage du système (18) - 0s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe =>.Bitdefender SRL®
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Antoine\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [Bitdefender Agent Wallet] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe =>.Bitdefender SRL®
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe ©
O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe =>.Adobe Systems, Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ©
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe =>.Adobe Systems, Incorporated®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-270315957-566422108-1653017096-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Antoine\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc®
O4 - HKUS\S-1-5-21-270315957-566422108-1653017096-1000\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-270315957-566422108-1653017096-1000\..\Run: [Bitdefender Agent Wallet] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe =>.Bitdefender SRL®
O4 - HKUS\S-1-5-21-270315957-566422108-1653017096-1000\..\RunOnce: [Uninstall C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe ©

---\\ Modification Domaine/Adresses DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

---\\ Protocole additionnel (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: leaf [64Bits] - {3c4a8a13-029e-430d-b8c1-46e834d20b31} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll ©
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Logiciels installés (54) - 13s
O42 - Logiciel: Adobe Acrobat 9 Pro - English, Français, Deutsch - (.Adobe Systems.) [HKLM][64Bits] -- {AC76BA86-1033-F400-7760-000000000004} ©
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR ©
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Creative Suite 4 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_b2d6abde968e6f277ddbfd501383e02 {4BEA817CBAC7C38ABA72E7BE6F00DE6D} ©
O42 - Logiciel: Adobe Digital Editions 2.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Digital Editions 2.0 ©
O42 - Logiciel: Adobe InDesign CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DBFD0312-6E55-1014-8952-E78D43BC0147} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe InDesign CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CFB770D7-8D43-1014-922B-CC2715FADE3F} =>.Adobe Systems Incorporated®
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Bitdefender Antivirus Plus 2015 - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender =>.Bitdefender SRL®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Code - (.Microsoft Corporation.) [HKCU][64Bits] -- Code =>.Microsoft Corporation®
O42 - Logiciel: Connect Label Design software - (...) [HKLM][64Bits] -- Connect Label Design software
O42 - Logiciel: CutePDF Writer 2.8 - (...) [HKLM][64Bits] -- CutePDF Writer Installation {3C20348318029EC708BB1602D55E5B06}
O42 - Logiciel: EasyRecovery Professional - (.Ontrack Data Recovery, Inc..) [HKLM][64Bits] -- {268723B7-A994-4286-9F85-B974D5CAFC7B}
O42 - Logiciel: EasyRecovery Professional - (.Ontrack Data Recovery, Inc..) [HKLM][64Bits] -- InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}
O42 - Logiciel: FBackup 4 - (. Softland.) [HKLM][64Bits] -- FBackup 4_is1 {4D666AB7C46E9702375EB8928DE82376}
O42 - Logiciel: FBackup 5.0 - (.Softland.) [HKLM][64Bits] -- {b3d19e6f-cda2-41e3-9522-7dbddffed0a2} {5A0A9BA760991132F47D1A5060AC240A} ©
O42 - Logiciel: FileZilla Client 3.14.1 - (.Tim Kosse.) [HKLM][64Bits] -- FileZilla Client ©
O42 - Logiciel: Filter Forge 3.014 - (.Filter Forge, Inc..) [HKLM][64Bits] -- Filter Forge 3_is1 ©
O42 - Logiciel: FLAC 1.2.1b (remove only) - (.Xiph.org.) [HKLM][64Bits] -- FLAC ©
O42 - Logiciel: foobar2000 v1.1.11 - (.Peter Pawlowski.) [HKLM][64Bits] -- foobar2000 ©
O42 - Logiciel: Freemake Audio Converter version 1.1.0 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Audio Converter_is1 ©
O42 - Logiciel: HD Tune 2.55 - (.EFD Software.) [HKLM][64Bits] -- HD Tune_is1 ©
O42 - Logiciel: HL-2250DN - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {E2A97415-BD97-4867-B906-05E39E9EE51F} {036939C475D53C1D70992DB8A87EB7D3} ©
O42 - Logiciel: HomeBase 2.3 - (...) [HKLM][64Bits] -- HomeBase 2.3
O42 - Logiciel: ITN Converter 1.87 - (.Benichou Software.) [HKLM][64Bits] -- ITN Converter_is1 ©
O42 - Logiciel: LEA SoftPlug 4.2.7 - (...) [HKLM][64Bits] -- LEA
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} ©
O42 - Logiciel: mIRC - (.mIRC Co. Ltd..) [HKLM][64Bits] -- mIRC {5B28ABFE6F787AE15475F0C45F20029B} ©
O42 - Logiciel: MozBackup 1.5.1 - (.Pavel Cvrcek.) [HKLM][64Bits] -- MozBackup ©
O42 - Logiciel: Mozilla Firefox 42.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 42.0 (x86 fr) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: Mozilla Thunderbird 38.4.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 38.4.0 (x86 fr) =>.Mozilla Corporation®
O42 - Logiciel: MyDefrag v4.3.1 - (.J.C. Kessels.) [HKLM][64Bits] -- MyDefrag v4.3.1_is1 ©
O42 - Logiciel: Notepad++ - (...) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: Overlook Fing - (.Overlook.) [HKLM][64Bits] -- Overlook Fing 2.2 ©
O42 - Logiciel: OVH MoM - (...) [HKLM][64Bits] -- OVH MoM
O42 - Logiciel: Poedit - (.Vaclav Slavik.) [HKLM][64Bits] -- {68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1 {0E04B35D382FB6D5BBE5311913BCB9A2} ©
O42 - Logiciel: PrestaPricing - (.Sitolog.) [HKLM][64Bits] -- PRESTAPRICINGPrestaPricing - Exécutable 64 bits
O42 - Logiciel: RAIDar 4.3.8 - (.Netgear Inc..) [HKLM][64Bits] -- 1381-5408-0515-7060 ©
O42 - Logiciel: ReadyCLOUD - (.NETGEAR.) [HKLM][64Bits] -- ReadyApps ©
O42 - Logiciel: Samsung Data Migration - (.Samsung.) [HKLM][64Bits] -- {D4DE3DB4-7734-47E5-8D92-B80146311406} ©
O42 - Logiciel: Samsung Magician - (.Samsung Electronics.) [HKLM][64Bits] -- {29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1 {1121D54C6060D0ACF70C52CEAC844116F169} ©
O42 - Logiciel: Service Pack 1 pour SQL Server 2008 R2 (KB2528583) (64-bit) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB2528583 =>.Microsoft Corporation®
O42 - Logiciel: StuffIt Standard - (.Allume Systems, Inc..) [HKLM][64Bits] -- {40ABF1E0-8B6F-4D32-B343-E19FA2F04B3C}
O42 - Logiciel: StuffIt Standard - (.Allume Systems, Inc..) [HKLM][64Bits] -- InstallShield_{40ABF1E0-8B6F-4D32-B343-E19FA2F04B3C}
O42 - Logiciel: Tiny Burner 1 - (.Softland.) [HKLM][64Bits] -- Tiny Burner_is1 {20D6573A13D7ADCD13DF5ED0AFB6D87D} ©
O42 - Logiciel: Tomtomax Maxi-Box V2.0.24 - (.Tomtomax et KoakDesign.) [HKLM][64Bits] -- {A10F672B-01C4-498F-ADBD-3E5B144284B7}_is1 ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player ©
O42 - Logiciel: VueScan x64 - (...) [HKLM][64Bits] -- VueScan x64 {233F0EC1E12F897C28D1CA013251744C}
O42 - Logiciel: winpcap-overlook 4.02 - (...) [HKLM][64Bits] -- winpcap-overlook
O42 - Logiciel: XAMPP 1.7.4 - (...) [HKLM][64Bits] -- xampp
O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPFix_is1 ©

---\\ HKCU & HKLM Software Keys (166) - 13s
HKLM\SOFTWARE\Wow6432Node\AbeBooks
HKLM\SOFTWARE\Wow6432Node\Acro Software
HKLM\SOFTWARE\Wow6432Node\Acro Software Inc
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\Ahead
HKLM\SOFTWARE\Wow6432Node\Allume Systems
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Audible
HKLM\SOFTWARE\Wow6432Node\AVS4YOU
HKLM\SOFTWARE\Wow6432Node\Bitdefender
HKLM\SOFTWARE\Wow6432Node\Brother
HKLM\SOFTWARE\Wow6432Node\Brother Industries, Ltd.
HKLM\SOFTWARE\Wow6432Node\Bunndle
HKLM\SOFTWARE\Wow6432Node\Canon
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\Diagonal
HKLM\SOFTWARE\Wow6432Node\EBP
HKLM\SOFTWARE\Wow6432Node\ej-technologies
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\FileZilla 3
HKLM\SOFTWARE\Wow6432Node\FileZilla Client
HKLM\SOFTWARE\Wow6432Node\FLAC
HKLM\SOFTWARE\Wow6432Node\foobar2000
HKLM\SOFTWARE\Wow6432Node\Freemake
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GPL Ghostscript
HKLM\SOFTWARE\Wow6432Node\iCF Skin Pack
HKLM\SOFTWARE\Wow6432Node\Imagineer Systems Ltd
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\iolo
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\LEA
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial)
HKLM\SOFTWARE\Wow6432Node\MAXSOFT-OCRON
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\Minnetonka Audio Software
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NEC
HKLM\SOFTWARE\Wow6432Node\Nero
HKLM\SOFTWARE\Wow6432Node\NeroDigital
HKLM\SOFTWARE\Wow6432Node\NETGEAR
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Ontrack
HKLM\SOFTWARE\Wow6432Node\OVH
HKLM\SOFTWARE\Wow6432Node\Panasonic
HKLM\SOFTWARE\Wow6432Node\PegasusImaging
HKLM\SOFTWARE\Wow6432Node\Pinnacle Systems
HKLM\SOFTWARE\Wow6432Node\Quark
HKLM\SOFTWARE\Wow6432Node\Remo Software
HKLM\SOFTWARE\Wow6432Node\Rene.E Laboratory
HKLM\SOFTWARE\Wow6432Node\Revenger inc.
HKLM\SOFTWARE\Wow6432Node\Sage
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\Samsung Magician
HKLM\SOFTWARE\Wow6432Node\Softland
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\Synthetic Aperture
HKLM\SOFTWARE\Wow6432Node\TomTom
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WinClon4.0
HKLM\SOFTWARE\Wow6432Node\Windows
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\xampp
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Acro Software Inc
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\Aladdin Systems
HKCU\SOFTWARE\Allume Systems
HKCU\SOFTWARE\APLI-Decadry
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\Avery Dennison
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\Bitdefender
HKCU\SOFTWARE\BitsPaper
HKCU\SOFTWARE\Brother
HKCU\SOFTWARE\Bugsplat
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\Caphyon
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\CodeGear
HKCU\SOFTWARE\Developer Express
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\File Helper
HKCU\SOFTWARE\FileMaker
HKCU\SOFTWARE\foobar2000
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\iColorFolder
HKCU\SOFTWARE\InnoSetup 5
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\iolo
HKCU\SOFTWARE\iometer.org
HKCU\SOFTWARE\ITNConv
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\LaserWare
HKCU\SOFTWARE\LEA
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MainConcept (Adobe2)
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\mIRC
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\Mozilla Backup
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MyDefrag
HKCU\SOFTWARE\Namo
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\NETGEAR
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Northcode Inc
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Ontrack
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\OVH
HKCU\SOFTWARE\Panasonic
HKCU\SOFTWARE\PC SOFT
HKCU\SOFTWARE\Pinnacle Systems
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Quark
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Revenger inc.
HKCU\SOFTWARE\Sitolog
HKCU\SOFTWARE\Softland
HKCU\SOFTWARE\Sony Ericsson
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Thunderbird
HKCU\SOFTWARE\TomTom
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Vaclav Slavik
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\VueScan
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\XnView
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Macromedia

---\\ Contenu des dossiers Programmes (377) - 16s
O43 - CFD: 21/05/2011 - [] D -- C:\Program Files (x86)\AbeBooks
O43 - CFD: 30/06/2011 - [] D -- C:\Program Files (x86)\Acro Software
O43 - CFD: 28/11/2015 - [] AD -- C:\Program Files (x86)\Adobe
O43 - CFD: 28/03/2013 - [] D -- C:\Program Files (x86)\Adobe Download Assistant
O43 - CFD: 01/08/2012 - [] D -- C:\Program Files (x86)\Allume Systems
O43 - CFD: 17/12/2011 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 28/10/2012 - [0] D -- C:\Program Files (x86)\AVS4YOU
O43 - CFD: 17/12/2011 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 17/12/2011 - [] D -- C:\Program Files (x86)\Brother
O43 - CFD: 26/11/2011 - [] D -- C:\Program Files (x86)\Browny02
O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\Ciel
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 29/06/2015 - [] D -- C:\Program Files (x86)\Diagonal
O43 - CFD: 23/11/2015 - [] D -- C:\Program Files (x86)\EasyPHP-DevServer-14.1VC9
O43 - CFD: 14/11/2011 - [0] D -- C:\Program Files (x86)\epson
O43 - CFD: 06/12/2015 - [] D -- C:\Program Files (x86)\FileMaker
O43 - CFD: 01/11/2015 - [] AD -- C:\Program Files (x86)\FileZilla FTP Client
O43 - CFD: 27/06/2013 - [] AD -- C:\Program Files (x86)\Filter Forge 3
O43 - CFD: 24/06/2012 - [] AD -- C:\Program Files (x86)\FLAC
O43 - CFD: 24/06/2012 - [] AD -- C:\Program Files (x86)\foobar2000
O43 - CFD: 27/01/2014 - [] D -- C:\Program Files (x86)\Free MP3 CD Ripper
O43 - CFD: 25/01/2014 - [] AD -- C:\Program Files (x86)\Freemake
O43 - CFD: 11/12/2015 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 30/06/2011 - [] D -- C:\Program Files (x86)\GPLGS
O43 - CFD: 07/12/2012 - [] AD -- C:\Program Files (x86)\HD Tune
O43 - CFD: 22/12/2013 - [] D -- C:\Program Files (x86)\HomeBase2-3
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files (x86)\HTC
O43 - CFD: 09/06/2013 - [] D -- C:\Program Files (x86)\Inkscape
O43 - CFD: 09/12/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 30/06/2012 - [0] D -- C:\Program Files (x86)\Intel
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 27/09/2014 - [] AD -- C:\Program Files (x86)\ITN Converter1.87
O43 - CFD: 04/07/2012 - [] D -- C:\Program Files (x86)\IVCsoft
O43 - CFD: 31/05/2013 - [] D -- C:\Program Files (x86)\LabelDesignSoftware
O43 - CFD: 10/03/2015 - [] D -- C:\Program Files (x86)\LEA SoftPlug
O43 - CFD: 02/05/2015 - [] D -- C:\Program Files (x86)\Micro Application
O43 - CFD: 10/03/2015 - [] AD -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 10/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 08/08/2015 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 10/03/2015 - [] AD -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 22/10/2011 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
O43 - CFD: 18/09/2013 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 11/12/2015 - [] AD -- C:\Program Files (x86)\mIRC
O43 - CFD: 09/06/2013 - [] D -- C:\Program Files (x86)\Mobile Partner
O43 - CFD: 18/05/2011 - [] D -- C:\Program Files (x86)\MozBackup
O43 - CFD: 13/12/2015 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 13/12/2015 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 28/11/2015 - [] AD -- C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 09/08/2015 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 18/06/2014 - [] D -- C:\Program Files (x86)\MSECache
O43 - CFD: 09/06/2013 - [] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 15/05/2011 - [] D -- C:\Program Files (x86)\Nero
O43 - CFD: 13/12/2014 - [] AD -- C:\Program Files (x86)\NETGEAR ReadyNAS
O43 - CFD: 30/06/2011 - [] D -- C:\Program Files (x86)\Notepad++
O43 - CFD: 21/10/2012 - [] AD -- C:\Program Files (x86)\Ontrack
O43 - CFD: 22/06/2013 - [] D -- C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 29/11/2015 - [] D -- C:\Program Files (x86)\Overlook Fing 2.2
O43 - CFD: 29/06/2011 - [] D -- C:\Program Files (x86)\OVH
O43 - CFD: 03/07/2012 - [] D -- C:\Program Files (x86)\Pando Networks
O43 - CFD: 28/10/2012 - [] D -- C:\Program Files (x86)\Pinnacle
O43 - CFD: 20/05/2015 - [] AD -- C:\Program Files (x86)\Poedit
O43 - CFD: 17/05/2012 - [] D -- C:\Program Files (x86)\Quark
O43 - CFD: 19/05/2011 - [] D -- C:\Program Files (x86)\QuarkXPress 7.31
O43 - CFD: 09/08/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/03/2015 - [] D -- C:\Program Files (x86)\Rene.E Laboratory
O43 - CFD: 31/08/2013 - [] D -- C:\Program Files (x86)\Samsung
O43 - CFD: 09/12/2014 - [] AD -- C:\Program Files (x86)\Samsung Magician
O43 - CFD: 17/05/2011 - [] D -- C:\Program Files (x86)\ScanSoft
O43 - CFD: 15/11/2013 - [] D -- C:\Program Files (x86)\Softland
O43 - CFD: 27/06/2013 - [0] D -- C:\Program Files (x86)\Sony Ericsson
O43 - CFD: 19/06/2011 - [] D -- C:\Program Files (x86)\Sony Media Go Install
O43 - CFD: 08/08/2015 - [] D -- C:\Program Files (x86)\Symantec
O43 - CFD: 12/09/2015 - [] D -- C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 28/08/2011 - [] D -- C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 28/08/2011 - [] AD -- C:\Program Files (x86)\Tomtomax Maxi-Box
O43 - CFD: 11/12/2015 - [] D -- C:\Program Files (x86)\Trillian
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 08/11/2012 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 04/12/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 29/11/2015 - [] D -- C:\Program Files (x86)\WinPcap
O43 - CFD: 11/12/2012 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 14/12/2015 - [] D -- C:\Program Files (x86)\ZHPFix
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Overlook Fing
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 04/12/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 04/12/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4
O43 - CFD: 09/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APLI-DECADRY Soft SE
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
O43 - CFD: 10/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 13/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ciel
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connect Label Design software
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyPHP DevServer 14.1 VC9
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyRecovery Professional
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBackup 4
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBackup 5
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Filter Forge 3
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLAC
O43 - CFD: 09/08/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
O43 - CFD: 27/01/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP3 CD Ripper
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 14/07/2009 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeBase
O43 - CFD: 21/05/2011 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeBase 3
O43 - CFD: 27/01/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iometer 2006.07.27
O43 - CFD: 15/07/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ITN Converter1.85
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ITN Converter1.87
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVCsoft
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEA SoftPlug
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 02/05/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft .NET Framework SDK v2.0 (64bit)
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR ReadyNAS
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrestaPricing - 64b
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuarkXPress 9
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuarkXPress Passport
O43 - CFD: 21/08/2011 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadarSync
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rene.E Laboratory
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
O43 - CFD: 04/12/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StuffIt
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tiny Burner 1
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tomtomax Maxi-Box
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 14/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
O43 - CFD: 21/04/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 27/07/2011 - [0] D -- C:\ProgramData\ALM
O43 - CFD: 17/12/2011 - [] D -- C:\ProgramData\Apple
O43 - CFD: 19/05/2012 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 04/12/2015 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Avery
O43 - CFD: 04/07/2012 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 10/12/2015 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 10/12/2015 - [] D -- C:\ProgramData\Bitdefender
O43 - CFD: 26/11/2011 - [] D -- C:\ProgramData\Brother
O43 - CFD: 18/01/2011 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 13/09/2011 - [] HD -- C:\ProgramData\CanonBJ
O43 - CFD: 10/03/2011 - [] D -- C:\ProgramData\Ciel
O43 - CFD: 25/01/2014 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 09/06/2013 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 10/08/2011 - [] D -- C:\ProgramData\Diagonal
O43 - CFD: 04/12/2015 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 19/05/2012 - [] D -- C:\ProgramData\EBP
O43 - CFD: 23/08/2011 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 18/01/2011 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 06/12/2015 - [] D -- C:\ProgramData\FileMaker
O43 - CFD: 01/01/2014 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 25/01/2014 - [] D -- C:\ProgramData\Freemake
O43 - CFD: 16/09/2015 - [0] D -- C:\ProgramData\HTC
O43 - CFD: 11/03/2015 - [] D -- C:\ProgramData\Licenses
O43 - CFD: 27/03/2013 - [] D -- C:\ProgramData\Logs
O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 10/03/2011 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 18/01/2011 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 04/12/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 09/08/2015 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 18/01/2011 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 12/06/2013 - [] D -- C:\ProgramData\Motorola
O43 - CFD: 15/05/2011 - [] D -- C:\ProgramData\Nero
O43 - CFD: 10/12/2015 - [] D -- C:\ProgramData\Norton
O43 - CFD: 07/01/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Overlook
O43 - CFD: 16/06/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 03/07/2012 - [] D -- C:\ProgramData\Panasonic
O43 - CFD: 28/10/2012 - [] D -- C:\ProgramData\Pinnacle
O43 - CFD: 03/07/2012 - [] D -- C:\ProgramData\Pinnacle Studio Ultimate
O43 - CFD: 26/06/2014 - [] D -- C:\ProgramData\PrestaPricing
O43 - CFD: 21/12/2014 - [] D -- C:\ProgramData\PrestaPricing602
O43 - CFD: 23/08/2012 - [] D -- C:\ProgramData\Quark
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 09/09/2011 - [] D -- C:\ProgramData\ReviverSoft
O43 - CFD: 12/09/2013 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 30/08/2013 - [] D -- C:\ProgramData\Softland
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 27/06/2013 - [0] D -- C:\ProgramData\Sony Ericsson
O43 - CFD: 29/05/2011 - [] D -- C:\ProgramData\Sun
O43 - CFD: 09/08/2015 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 27/03/2015 - [] AD -- C:\ProgramData\TEMP
O43 - CFD: 28/08/2011 - [] D -- C:\ProgramData\TomTom
O43 - CFD: 27/01/2014 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 17/12/2011 - [] D -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 25/01/2014 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 28/11/2015 - [] AD -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 12/12/2014 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 19/05/2012 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 28/10/2012 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 16/05/2014 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 17/05/2011 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 27/07/2011 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 04/12/2015 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 28/10/2012 - [0] D -- C:\Program Files (x86)\Common Files\Panasonic
O43 - CFD: 03/07/2012 - [] D -- C:\Program Files (x86)\Common Files\Pinnacle
O43 - CFD: 20/05/2012 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 27/07/2011 - [] D -- C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 19/06/2011 - [] D -- C:\Program Files (x86)\Common Files\Sony Shared
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 09/08/2015 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 24/01/2012 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 10/12/2015 - [0] SHD -- C:\Users\Antoine\AppData\Roaming\.#
O43 - CFD: 21/08/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\3v
O43 - CFD: 21/05/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\AbeBooks
O43 - CFD: 24/11/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Adobe
O43 - CFD: 01/08/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\Allume Systems
O43 - CFD: 05/08/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\APLI-Decadry
O43 - CFD: 12/06/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\Apple Computer
O43 - CFD: 17/05/2012 - [0] D -- C:\Users\Antoine\AppData\Roaming\Aquafadas
O43 - CFD: 03/06/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\Avery
O43 - CFD: 04/07/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\AVS4YOU
O43 - CFD: 10/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Bitdefender
O43 - CFD: 31/05/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\BitsPaper
O43 - CFD: 17/09/2011 - [] RD -- C:\Users\Antoine\AppData\Roaming\Brother
O43 - CFD: 25/09/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\calibre
O43 - CFD: 17/05/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Canon
O43 - CFD: 15/09/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\chc
O43 - CFD: 06/04/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 22/05/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Code
O43 - CFD: 28/04/2014 - [] D -- C:\Users\Antoine\AppData\Roaming\com.adobe.dmp.contentviewer
O43 - CFD: 28/03/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
O43 - CFD: 17/11/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Diagonal
O43 - CFD: 03/07/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Disruptive Innovations SARL
O43 - CFD: 02/05/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\EASYTools
O43 - CFD: 22/05/2011 - [0] D -- C:\Users\Antoine\AppData\Roaming\FileMaker Pro
O43 - CFD: 14/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\FileZilla
O43 - CFD: 27/06/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\Filter Forge 3
O43 - CFD: 24/05/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\Flash Player
O43 - CFD: 07/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\foobar2000
O43 - CFD: 06/05/2014 - [] D -- C:\Users\Antoine\AppData\Roaming\FreeAudioPack
O43 - CFD: 10/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Google
O43 - CFD: 25/11/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\gtk-2.0
O43 - CFD: 16/09/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\HTC
O43 - CFD: 18/01/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Identities
O43 - CFD: 22/10/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\inkscape
O43 - CFD: 26/11/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\InstallShield
O43 - CFD: 03/07/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\KompoZer
O43 - CFD: 18/04/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Macromedia
O43 - CFD: 08/09/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Antoine\AppData\Roaming\Media Center Programs
O43 - CFD: 04/12/2015 - [] SD -- C:\Users\Antoine\AppData\Roaming\Microsoft
O43 - CFD: 18/12/2014 - [] D -- C:\Users\Antoine\AppData\Roaming\mIRC
O43 - CFD: 22/04/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Mozilla
O43 - CFD: 07/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\MP3 Quality Modifier
O43 - CFD: 24/05/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Nero
O43 - CFD: 30/06/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Notepad++
O43 - CFD: 29/05/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\OpenOffice.org
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Opera Software
O43 - CFD: 29/11/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Overlook
O43 - CFD: 03/07/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\Panasonic
O43 - CFD: 30/03/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\PDAppFlex
O43 - CFD: 20/05/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Poedit
O43 - CFD: 17/05/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\Quark
O43 - CFD: 10/12/2015 - [0] D -- C:\Users\Antoine\AppData\Roaming\QuickScan
O43 - CFD: 06/01/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\Quite
O43 - CFD: 26/11/2014 - [] D -- C:\Users\Antoine\AppData\Roaming\Sitolog
O43 - CFD: 30/08/2013 - [] D -- C:\Users\Antoine\AppData\Roaming\Softland
O43 - CFD: 19/06/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Sony
O43 - CFD: 17/05/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 18/01/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Thunderbird
O43 - CFD: 28/08/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\TomTom
O43 - CFD: 18/05/2011 - [] D -- C:\Users\Antoine\AppData\Roaming\Trillian
O43 - CFD: 25/01/2014 - [] D -- C:\Users\Antoine\AppData\Roaming\TuneUp Software
O43 - CFD: 11/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Tyre
O43 - CFD: 11/12/2012 - [] D -- C:\Users\Antoine\AppData\Roaming\uTorrent
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\vlc
O43 - CFD: 12/04/2011 - [0] D -- C:\Users\Antoine\AppData\Roaming\WinRAR
O43 - CFD: 11/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\XnView
O43 - CFD: 14/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\ZHP
O43 - CFD: 21/05/2011 - [] D -- C:\Users\Antoine\AppData\Local\Abebooks_Inc
O43 - CFD: 14/12/2015 - [0] D -- C:\Users\Antoine\AppData\Local\ActiveSync
O43 - CFD: 14/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\Adobe
O43 - CFD: 07/07/2013 - [] D -- C:\Users\Antoine\AppData\Local\Adobe_Systems_Incorporate
O43 - CFD: 07/06/2011 - [] D -- C:\Users\Antoine\AppData\Local\Ahead
O43 - CFD: 22/05/2011 - [] D -- C:\Users\Antoine\AppData\Local\Apple
O43 - CFD: 12/06/2013 - [] D -- C:\Users\Antoine\AppData\Local\Apple Computer
O43 - CFD: 04/12/2015 - [0] SHD -- C:\Users\Antoine\AppData\Local\Application Data
O43 - CFD: 16/06/2011 - [] D -- C:\Users\Antoine\AppData\Local\Apps
O43 - CFD: 18/11/2015 - [] D -- C:\Users\Antoine\AppData\Local\CEF
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\Code
O43 - CFD: 09/08/2015 - [] D -- C:\Users\Antoine\AppData\Local\Comms
O43 - CFD: 11/12/2015 - [0] D -- C:\Users\Antoine\AppData\Local\CrashDumps
O43 - CFD: 11/12/2012 - [] D -- C:\Users\Antoine\AppData\Local\CustomStamp
O43 - CFD: 03/07/2011 - [] D -- C:\Users\Antoine\AppData\Local\CutePDF
O43 - CFD: 11/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\CutePDF Writer
O43 - CFD: 02/07/2011 - [] D -- C:\Users\Antoine\AppData\Local\CutePDF_Filler
O43 - CFD: 23/11/2015 - [] D -- C:\Users\Antoine\AppData\Local\Diagnostics
O43 - CFD: 10/08/2011 - [] D -- C:\Users\Antoine\AppData\Local\Diagonal
O43 - CFD: 03/07/2011 - [] D -- C:\Users\Antoine\AppData\Local\Disruptive Innovations SARL
O43 - CFD: 16/09/2015 - [] D -- C:\Users\Antoine\AppData\Local\Downloaded Installations
O43 - CFD: 22/10/2011 - [] D -- C:\Users\Antoine\AppData\Local\EBP
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\ElevatedDiagnostics
O43 - CFD: 06/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\FileMaker
O43 - CFD: 28/11/2015 - [] D -- C:\Users\Antoine\AppData\Local\Google
O43 - CFD: 25/07/2015 - [] D -- C:\Users\Antoine\AppData\Local\GWX
O43 - CFD: 04/12/2015 - [0] SHD -- C:\Users\Antoine\AppData\Local\Historique
O43 - CFD: 18/05/2011 - [] D -- C:\Users\Antoine\AppData\Local\IsolatedStorage
O43 - CFD: 03/09/2012 - [] D -- C:\Users\Antoine\AppData\Local\Macromedia
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\Microsoft
O43 - CFD: 08/07/2014 - [] D -- C:\Users\Antoine\AppData\Local\Microsoft Help
O43 - CFD: 30/08/2015 - [] D -- C:\Users\Antoine\AppData\Local\MicrosoftEdge
O43 - CFD: 10/08/2011 - [] D -- C:\Users\Antoine\AppData\Local\Microsoft_Corporation
O43 - CFD: 02/10/2013 - [] D -- C:\Users\Antoine\AppData\Local\Mozilla
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\Opera Software
O43 - CFD: 12/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\Packages
O43 - CFD: 09/08/2015 - [0] D -- C:\Users\Antoine\AppData\Local\PeerDistRepub
O43 - CFD: 03/07/2012 - [] D -- C:\Users\Antoine\AppData\Local\Pinnacle
O43 - CFD: 27/03/2013 - [] D -- C:\Users\Antoine\AppData\Local\Programs
O43 - CFD: 09/08/2015 - [] D -- C:\Users\Antoine\AppData\Local\Publishers
O43 - CFD: 17/05/2012 - [] D -- C:\Users\Antoine\AppData\Local\Quark
O43 - CFD: 13/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\ReadyNASRemote
O43 - CFD: 27/06/2013 - [] D -- C:\Users\Antoine\AppData\Local\Sony
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\SquirrelTemp
O43 - CFD: 12/08/2013 - [] D -- C:\Users\Antoine\AppData\Local\Symantec
O43 - CFD: 14/12/2015 - [] D -- C:\Users\Antoine\AppData\Local\Temp
O43 - CFD: 04/12/2015 - [0] SHD -- C:\Users\Antoine\AppData\Local\Temporary Internet Files
O43 - CFD: 29/12/2014 - [] D -- C:\Users\Antoine\AppData\Local\Thunderbird
O43 - CFD: 09/08/2015 - [] D -- C:\Users\Antoine\AppData\Local\TileDataLayer
O43 - CFD: 28/08/2011 - [] D -- C:\Users\Antoine\AppData\Local\TomTom
O43 - CFD: 10/03/2011 - [] D -- C:\Users\Antoine\AppData\Local\VirtualStore
O43 - CFD: 26/06/2014 - [] D -- C:\Users\Antoine\AppData\Local\WDSetup
O43 - CFD: 03/07/2012 - [0] D -- C:\Users\Antoine\AppData\Local\WMTools Downloaded Files
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 10/12/2015 - [] RD -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 10/12/2015 - [] RD -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
O43 - CFD: 25/01/2014 - [0] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiograbber
O43 - CFD: 31/05/2013 - [0] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Connect Label Design software
O43 - CFD: 21/10/2012 - [0] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EasyRecovery Professional
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 09/10/2011 - [0] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeBase
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/08/2015 - [0] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MoM
O43 - CFD: 30/06/2011 - [0] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 11/12/2015 - [] RD -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 11/04/2014 - [0] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tyre
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 04/12/2015 - [] D -- C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ ShellIconOverlayIdentifiers (SIOI) (5) - 1s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Antoine\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll =>.Microsoft Corporation®

---\\ Enumération des clés StartupReg (1) - 0s
O53 - SMSR:HKLM\...\startupreg\ReadyNAS Remote [Key] . (.Copyright (c) 2009 - ReadyCLOUD Utils.) -- C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe

---\\ Liste des pilotes du système (71) - 4s
O58 - SDL:2015/10/30 08:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2008/06/27 06:51:10 A . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\WINDOWS\System32\drivers\adfs.sys [88632] {4BEA817CBAC7C38ABA72E7BE6F00DE6D} ©
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2009/11/02 17:16:50 A . (.HTC, Corporation - ADB Interface.) -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys [33736]
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2013/05/17 10:13:26 A . (. - ATK0110 ACPI Utility.) -- C:\WINDOWS\System32\drivers\ASACPI.sys [17280] =>.ASUSTeK Computer Inc.®
O58 - SDL:2015/01/13 16:41:40 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [11922944] ©
O58 - SDL:2015/01/13 15:20:44 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [359936] ©
O58 - SDL:2015/12/10 21:10:52 A . (.BitDefender - Active Virus Control filter driver.) -- C:\WINDOWS\System32\drivers\avc3.sys [1600512] =>.Bitdefender SRL®
O58 - SDL:2015/12/10 21:00:41 A . (.BitDefender - BitDefender AntiVirus Active Virus Control.) -- C:\WINDOWS\System32\drivers\avchv.sys [282000] =>.Bitdefender SRL®
O58 - SDL:2015/12/10 21:11:23 A . (.BitDefender - Active Virus Control Kernel Filtering drive.) -- C:\WINDOWS\System32\drivers\avckf.sys [775424] =>.Bitdefender SRL®
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] ©
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] ©
O58 - SDL:2013/09/08 20:04:56 A . (.Bitdefender - Bitdefender Early Launch Anti-Malware Drive.) -- C:\WINDOWS\System32\drivers\bdelam.sys [23568] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2015/12/10 21:12:42 A . (.BitDefender - FileVault Disk Driver.) -- C:\WINDOWS\System32\drivers\bdvedisk.sys [79192] =>.Bitdefender SRL®
O58 - SDL:2015/10/30 08:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows®
O58 - SDL:2015/12/10 21:11:35 A . (.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) -- C:\WINDOWS\System32\drivers\gzflt.sys [160032] =>.Bitdefender SRL®
O58 - SDL:2015/10/30 08:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2010/06/25 15:08:10 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\WINDOWS\System32\drivers\htcnprot.sys [36928] =>.HTC Corp.®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] ©
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] ©
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] ©
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows®
O58 - SDL:2012/07/27 04:05:02 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\LEA.sys [35344] =>.CACE Technologies, Inc.®
O58 - SDL:2014/10/20 05:14:20 A . (.Leaf Networks - Leaf Networks Network Adapter.) -- C:\WINDOWS\System32\drivers\leafnets.sys [29696]
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2005/09/23 21:18:34 A . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120] ©
O58 - SDL:2015/10/05 09:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [25816] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [109272] =>.Malwarebytes Corporation®
O58 - SDL:2015/12/11 10:23:36 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:22 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [64216] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows®
O58 - SDL:2009/02/08 12:12:48 A . (.CACE Technologies - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [40464] {1AABA1ED0C8F63F3BF2BE0D4C050A208} ©
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2008/02/06 02:00:00 A . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\WINDOWS\System32\drivers\PxHlpa64.sys [54480] =>.Sonic Solutions®
O58 - SDL:2009/02/12 15:11:26 A . (.EldoS Corporation - RawDisk Driver. Allows write access to file.) -- C:\WINDOWS\System32\drivers\rsdrvx64.sys [26024] {010000000001100C983A31} ©
O58 - SDL:2015/10/30 08:17:23 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [589824] ©
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2015/09/26 10:14:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [108800] =>.DEVGURU CO LTD®
O58 - SDL:2015/09/26 10:21:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2015/10/30 08:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2015/08/09 14:04:21 A . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS [174200] {66660552D465B31F429F7527EA6A93BF} ©
O58 - SDL:2015/08/09 14:03:48 A . (.Symantec Corporation - Symantec CMC Firewall SysPlant.) -- C:\WINDOWS\System32\drivers\SysPlant.sys [147632] {66660552D465B31F429F7527EA6A93BF} ©
O58 - SDL:2011/05/26 08:24:06 A . (.Symantec Corporation - Symantec CMC Firewall Teefer3.) -- C:\WINDOWS\System32\drivers\Teefer.sys [62136] {66660552D465B31F429F7527EA6A93BF} ©
O58 - SDL:2015/12/10 21:11:34 A . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\WINDOWS\System32\drivers\trufos.sys [477272] =>.Bitdefender SRL®
O58 - SDL:2015/06/22 01:49:50 A . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\viahduaa.sys [701136] {48B232AC601840B7ECE54FBCBEB5A947} ©
O58 - SDL:2015/06/22 01:49:50 A . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\WINDOWS\System32\drivers\VMfilt64.sys [42192] {48B232AC601840B7ECE54FBCBEB5A947} ©
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2015/08/09 14:03:48 A . (.Symantec Corporation - Symantec Network Access Control Protocol Dr.) -- C:\WINDOWS\System32\drivers\WGX64.SYS [42632] {66660552D465B31F429F7527EA6A93BF} ©
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows®
O58 - SDL:2015/12/01 21:15:06 A . (.zcengine - WFP driver.) -- C:\WINDOWS\System32\drivers\zcwfp64.sys [45320] {0090B35CE5B6C9D9E98F1608C2B50F373D} =>PUP.Optional.FastSearch

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (10) - 11s
O61 - LFC: 2015/12/13 17:37:28 A . (..) -- C:\Users\Antoine\Desktop\adwcleaner.exe [1325827]
O61 - LFC: 2015/12/07 16:08:20 A . (..) -- C:\Users\Antoine\AppData\Roaming\MP3 Quality Modifier\Encoder.exe [640512]
O61 - LFC: 2015/12/07 16:08:20 A . (..) -- C:\Users\Antoine\AppData\Roaming\MP3 Quality Modifier\Validator.exe [296960]
O61 - LFC: 2015/12/14 11:54:07 A . (..) -- C:\Users\Antoine\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin [138064]
O61 - LFC: 2015/12/10 20:30:34 A . (..) -- C:\Users\Antoine\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [12136]
O61 - LFC: 2015/12/14 16:35:10 A . (..) -- C:\Users\Antoine\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2015/12/14 15:54:54 A . (..) -- C:\Users\Antoine\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635856931673134629.bin [41080]
O61 - LFC: 2015/12/14 16:33:59 A . (..) -- C:\Users\Antoine\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2015/12/11 15:15:23 A . (..) -- C:\Users\Antoine\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635854333596923912.bin [66468]
O61 - LFC: 2015/12/14 09:49:07 A . (..) -- C:\Users\Antoine\AppData\Local\Adobe\Acrobat\DC\UserCache.bin [132525]

---\\ Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Recherche d'infection sur les navigateurs (1) - 5s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/

---\\ Enumère les services démarrés par Svchost (42) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\WINDOWS\System32\certprop.dll [192000] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\system32\srvsvc.dll [283136] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll [1338368] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll [957952] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\WINDOWS\System32\iphlpsvc.dll [958464] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [31232] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\WINDOWS\System32\appinfo.dll [94720] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll [112640] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [1012224] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\WINDOWS\System32\browser.dll [134656] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [372736] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2058240] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\WINDOWS\System32\ncasvc.dll [168960] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\WINDOWS\System32\NetSetupSvc.dll [203776] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\WINDOWS\system32\themeservice.dll [59392] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\Windows\System32\lfsvc.dll [27136] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\WINDOWS\System32\rasauto.dll [106496] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\WINDOWS\System32\rasmans.dll [696320] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [507904] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\WINDOWS\System32\sens.dll [73216] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\WINDOWS\System32\ipnathlp.dll [457728] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [311808] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\WINDOWS\system32\wuaueng.dll [2280448] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\System32\qmgr.dll [1144320] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [608768] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\WINDOWS\System32\bdesvc.dll [360448] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [360960] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1130496] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948224] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [200192] ©

---\\ Liste des exceptions du parefeu Windows (6) - 3s
O87 - FAEL: "{A0C2B344-5E1A-42E2-88F0-94BA472CACB2}" [In-None-P17-TRUE] .(.Copyright (c) 2009 - ReadyCLOUD Utils.) -- C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe
O87 - FAEL: "{B18D4CCC-DDB5-439F-B4D5-8D555F325DCA}" [In-None-P6-TRUE] .(.Copyright (c) 2009 - ReadyCLOUD Utils.) -- C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe
O87 - FAEL: "{FE62F45E-C1F3-48CF-A769-695A47056A07}" [In-None-P17-TRUE] .(.Copyright (c) 2009 - ReadyCLOUD Utils.) -- C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe
O87 - FAEL: "TCP Query User{5EB20F41-EB6B-47DE-8EB1-4848AFD24E14}C:\filemaker pro 7\filemaker pro.exe" [In-None-P6-TRUE] .(.FileMaker, Inc. - FileMaker Pro.) -- C:\filemaker pro 7\filemaker pro.exe
O87 - FAEL: "UDP Query User{82FBE6BC-14DB-4A1F-AD2C-1E8F189886E9}C:\filemaker pro 7\filemaker pro.exe" [In-None-P17-TRUE] .(.FileMaker, Inc. - FileMaker Pro.) -- C:\filemaker pro 7\filemaker pro.exe
O87 - FAEL: "{0DC50BB5-6FD6-444C-94DB-976F87B6854F}" [In-None-P17-TRUE] .(.Copyright (c) 2009 - ReadyCLOUD Utils.) -- C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (28) - 22s

SS - Disabl [15/08/2008] [ 284016] Adobe Version Cue CS4 (Adobe Version Cue CS4) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe {4BEA817CBAC7C38ABA72E7BE6F00DE6D} ©
SS - Demand [28/10/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SR - Auto [16/11/2015] [ 683696] AdobeUpdateService (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [25/11/2015] [ 2016448] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
SR - Auto [13/01/2015] [ 238080] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe ©
SS - Disabl [18/10/2010] [ 20549] Apache2.2 (Apache2.2) . (.Apache Software Foundation.) - c:\xampp\apache\bin\httpd.exe ©
SS - Disabl [27/02/2012] [ 55144] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Auto [30/08/2011] [ 462184] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Demand [25/01/2010] [ 245760] BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe ©
SR - Auto [14/11/2013] [ 2762544] FBackup 5 Service (FBackup5Srv) . (.Softland.) - C:\Program Files (x86)\Softland\FBackup 5\bService.exe {5A0A9BA760991132F47D1A5060AC240A} ©
SS - Disabl [17/10/2010] [ 742912] FileZilla Server FTP server (FileZilla Server) . (.FileZilla Project.) - c:\xampp\FileZillaFTP\FileZillaServer.exe ©
SS - Demand [27/07/2011] [ 655624] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe =>.Acresso Software Inc.®
SS - Demand [27/07/2011] [ 1038088] FLEXnet Licensing Service 64 (FLEXnet Licensing Service 64) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe =>.Acresso Software Inc.®
SR - Auto [20/12/2013] [ 103936] Freemake Improver (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe ©
SS - Demand [14/11/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe ©
SS - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - d:\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [30/10/2015] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Disabl [03/12/2010] [ 8133120] mysql (mysql) . (...) - c:\xampp\mysql\bin\mysqld.exe
SS - Disabl [08/06/2008] [ 877864] Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe =>.Nero AG®
SS - Disabl [24/06/2008] [ 537896] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe =>.Nero AG®
SS - Disabl [19/12/2006] [ 81920] PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\SysWOW64\IoctlSvc.exe ©
SR - Auto [22/11/2014] [ 45056] ReadyCLOUD HTTP Server (ReadyCLOUD HTTP Server) . (.Copyright (c) 2009.) - C:\Program Files (x86)\NETGEAR ReadyNAS\Remote\bin\lnhttpservice.exe
SS - Demand [19/02/2010] [ 517096] SwitchBoard (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ©
SR - Auto [13/07/2015] [ 93040] TomTomHOMEService (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe =>.TomTom International BV®
SR - Auto [10/12/2015] [ 100816] Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe =>.Bitdefender SRL®
SR - Auto [22/06/2015] [ 36504] @oem99.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixe (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe ©
SR - Auto [10/12/2015] [ 1561344] Bitdefender Virus Shield (vsserv) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe =>.Bitdefender SRL®

---\\ Scan Additionnel (1) - 0s
C:\WINDOWS\System32\drivers\zcwfp64.sys =>PUP.Optional.FastSearch

---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s
http://www.nicolascoolman.fr/repaquetage-et_infections =>PUP.Optional.FastSearch

~ End of the scan, 22272 items in 113 seconds (995)(0)

Publicité


Signaler le contenu de ce document

Publicité