~ ZHPDiag v2016.1.31.23 Par Nicolas Coolman (2016/01/30) ~ Démarré par Henry (Administrator) (2017/06/23 18:27:54) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Pas de fichier réseau ~ Mode: Scanner ~ Rapport: C:\Users\Henry\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\Henry\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Démarrage du système: Normal (Normal boot) Windows 10 Home, 64-bit (Build 15063) ---\\ Navigateurs Internet (2) - 1s MFIE: Mozilla Firefox 53.0.3 (x86 fr) MSIE: Internet Explorer v11.413.15063.0 ---\\ Informations sur les produits Windows (8) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK ~ Windows(R) Operating System, RETAIL channel Windows ID Activation : OK ~ Windows Partial Key : 8HVX7 Windows License : OK ~ Windows Remaining Initializations Number : 1001 Windows Automatic Updates : OK ---\\ Logiciels de protection (1) - 1s Windows Defender (Deactivate) ---\\ Surveillance de Logiciels (2) - 2s Adobe Flash Player 25 NPAPI Adobe Acrobat Reader DC - Français ---\\ Informations sur le système (6) - 0s ~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8335.212 MB (52% free) System Restore: Activé (Enable) System drive C: has 389 GB () free of 499 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: PEGASE ~ User Name: Henry ~ Logged in as Administrator ---\\ Enumération des unités disques (1) - 0s ~ Drive C: has 389 GB free of 499 GB (System) ---\\ Etat du Centre de Sécurité Windows (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Recherche particulière de fichiers génériques (25) - 1s [MD5.E719D0A5DBC7D5ACFC179D361EF8C2FC] - 20/06/2017 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [4847928] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.ECB702B8C5650381C0784F1EEABB97BC] - 18/03/2017 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [68608] =>.Microsoft Corporation [MD5.9A4BA96E87A1FD69381249557BDE2BF0] - 18/03/2017 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [318232] {330000010E55AA784D99B44BD300000000010E} =>.Microsoft Corporation [MD5.2B1361AFBF330AF9A652A336EE77CBCB] - 20/06/2017 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [3307008] =>.Microsoft Corporation [MD5.D0F1FB0E90BFBD14865B770E2567BE1D] - 20/06/2017 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [707072] =>.Microsoft Corporation [MD5.50CDF68A8EA8A2A9165CD573FA6C42D8] - 18/03/2017 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [414208] =>.Microsoft Corporation [MD5.0F9FA6A2D4EAE50393DCE473759A9845] - 18/03/2017 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [661224] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.3F969D5ADEAB3284ABD500B37D74A8F8] - 18/03/2017 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [508344] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.70E14A01193D817004C0F88E767BC59B] - 19/03/2017 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation [MD5.AC1928C2F7505BD556C552F153B062AB] - 18/03/2017 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [610712] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.01733BEEE02E51F712330D5909BD701C] - 18/03/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [29088] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.B6E5AD7C83A5254DEE9D86023C0E5A81] - 18/03/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation [MD5.ABE77AD954BC3D72F559CF0C381E50BC] - 18/03/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [160256] =>.Microsoft Corporation [MD5.185A4519B7764F4DEF714D890A7A9FD2] - 18/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [150528] =>.Microsoft Corporation [MD5.DD1A6F4998E7E21564FA9BAFE21C87ED] - 18/03/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86528] =>.Microsoft Corporation [MD5.C6C8315E3262FAE460529C6DA2951682] - 18/03/2017 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [115200] =>.Microsoft Corporation [MD5.DCC05E5EAA580C97F13B434FAFACED85] - 18/03/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214528] =>.Microsoft Corporation [MD5.F2AD1B72C5A6475FB5FF332E1980DF88] - 18/03/2017 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [467352] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.30C2F67EC84EB11B22011620107E0325] - 18/03/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [305152] =>.Microsoft Corporation [MD5.731FD52461C8107E5B19B9AEDBB82BFB] - 18/03/2017 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2328480] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.2CC6C325B271C7CA60F374F8F868CB45] - 18/03/2017 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [97792] =>.Microsoft Corporation [MD5.5279EC98F6218D29EADDFECCC0D80E9A] - 18/03/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [107008] =>.Microsoft Corporation [MD5.53A01D3FDB701AC5D9DDE4140227E3D9] - 20/03/2017 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [183296] =>.Microsoft Corporation [MD5.892AB2637603A5E9507C39E61101C3C3] - 20/06/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [119712] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.E3429DBBEA3965BB96E24B16EF4A2551] - 18/03/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [397216] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation ---\\ Liste des services NT non Microsoft et non désactivés (7) - 1s O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\system32\atiesrxx.exe =>.AMD O23 - Service: Ext2 Management Service (Ext2Srv) . (.www.ext2fsd.com - Ext2Fsd Service Management.) - C:\Program Files\Ext2Fsd\Ext2Srv.exe =>.Kasherlab Technology Inc.® O23 - Service: Garmin Device Interaction Service (Garmin Device Interaction Service) . (.Garmin Ltd. or its subsidiaries - Garmin Service.) - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe {1CF6B8FF05B6B62BC1E245E05AABD5A4} =>.Garmin Ltd. or its subsidiaries O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Copyright CANON INC. 2006-2013 - Inkjet Printer/Scanner/Fax Extended Survey.) - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe =>.Canon Inc.® O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated® O23 - Service: @oem5.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) . (.Validity Sensors, Inc. - ValidityWBF Policy Service (VSM).) - C:\Windows\System32\valWBFPolicyService.exe =>.Validity Sensors, Inc. ---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (11) - 31s SS - Disabl [25/04/2017] [ 83056] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe {068983642C953E46F7BDCE4143F133C1} =>.Adobe Systems Incorporated SR - Auto [26/02/2016] [ 249344] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe =>.AMD SR - Demand [09/03/2017] [ 300128] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation SR - Auto [22/02/2017] [ 34816] Ext2 Management Service (Ext2Srv) . (.www.ext2fsd.com.) - C:\Program Files\Ext2Fsd\Ext2Srv.exe =>.Kasherlab Technology Inc.® SR - Auto [23/05/2017] [ 1093648] Garmin Device Interaction Service (Garmin Device Interaction Service) . (.Garmin Ltd. or its subsidiaries.) - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe {1CF6B8FF05B6B62BC1E245E05AABD5A4} =>.Garmin Ltd. or its subsidiaries SR - Auto [28/06/2013] [ 84616] Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Copyright CANON INC. 2006-2013.) - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe =>.Canon Inc.® SR - Auto [09/05/2017] [ 4470736] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes SS - Demand [22/05/2017] [ 173512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [28/04/2016] [ 253960] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated® SR - Auto [30/10/2013] [ 35328] @oem5.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) . (.Validity Sensors, Inc..) - C:\Windows\System32\valWBFPolicyService.exe =>.Validity Sensors, Inc. ---\\ Tâches planifiées en automatique (6) - 3s [MD5.AFC094098B6D856151002051E31867D8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1162360] {068983642C953E46F7BDCE4143F133C1} =>.Adobe Systems Incorporated [MD5.7CFC2BF007F476CC2C3A7992A1879837] [APT] [AMD Updater] (.Advanced Micro Devices, Inc..) -- C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [10219208] =>.Advanced Micro Devices, Inc.® [MD5.78FC080E97CDD4859F9EBEE419239ADC] [APT] [GarminUpdaterTask] (.Copyright © 2015.) -- C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848] {1CF6B8FF05B6B62BC1E245E05AABD5A4} O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3482] =>.Adobe Systems Incorporated O39 - APT: AMD Updater - (.Advanced Micro Devices, Inc..) -- C:\WINDOWS\System32\Tasks\AMD Updater [3764] =>.Advanced Micro Devices, Inc. O39 - APT: GarminUpdaterTask - (.Copyright © 2015.) -- C:\WINDOWS\System32\Tasks\GarminUpdaterTask [2702] ---\\ Processus lancés (22) - 3s [MD5.D7A72B9BA6AB996DADB37BFCB0363D63] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [249344] [PID.1648] =>.AMD [MD5.F5EB6730278154866BA8ACE23CE6699C] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe [300128] [PID.2724] {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation [MD5.2A51E3D387012C07FEF9A14F3906BED6] - (.www.ext2fsd.com - Ext2Fsd Service Management.) -- C:\Program Files\Ext2Fsd\Ext2Srv.exe [34816] [PID.2764] =>.Kasherlab Technology Inc.® [MD5.D3EFC37F285DE231585A1871EFE2958A] - (.Validity Sensors, Inc. - ValidityWBF Policy Service (VSM).) -- C:\Windows\System32\valWBFPolicyService.exe [35328] [PID.2772] =>.Validity Sensors, Inc. [MD5.E4DB9DDFD9ACB5E6CA5E113F0ED8DCE7] - (.Garmin Ltd. or its subsidiaries - Garmin Service.) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093648] [PID.2780] {1CF6B8FF05B6B62BC1E245E05AABD5A4} =>.Garmin Ltd. or its subsidiaries [MD5.EB7BA65AA0EDF27EAB0109AC73F2779C] - (.Copyright CANON INC. 2006-2013 - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe [84616] [PID.2804] =>.Canon Inc.® [MD5.B811CD167596F904F68026058C293BD5] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960] [PID.2812] =>.Synaptics Incorporated® [MD5.D76E56108E6482905D3FAEA0649919E4] - (.Malwarebytes - Malwarebytes Service.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736] [PID.3184] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes [MD5.2015FF8029B9DB09211B106960791253] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [562688] [PID.828] =>.AMD [MD5.0AF24553D8D4C581B7E2462269FF97AA] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352] [PID.5060] =>.Synaptics Incorporated® [MD5.32CFC37FA01EC93047E82555C6610B67] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [218808] [PID.6268] =>.Synaptics Incorporated® [MD5.912C591D971F1F07FA9AAC72119483F4] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [193112] [PID.3676] {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation [MD5.112D91A8D3B209B963D10A6178D410B1] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [420960] [PID.7288] {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation [MD5.5602FF42444B4991E69C62E493BDAEC4] - (.Malwarebytes - Malwarebytes Tray Application.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [3146704] [PID.3924] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes [MD5.9131058936CA381242DA81B09461B755] - (.Dominik Reichl - KeePass.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2867712] [PID.8364] {209C2B0329CEF9DC704CBAB9BAB17BBB} =>.Dominik Reichl [MD5.9710FABEF9AD37A3AA966AF53BCBDD1A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [517064] [PID.10036] =>.Mozilla Corporation® [MD5.9710FABEF9AD37A3AA966AF53BCBDD1A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [517064] [PID.17964] =>.Mozilla Corporation® [MD5.9710FABEF9AD37A3AA966AF53BCBDD1A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [517064] [PID.17588] =>.Mozilla Corporation® [MD5.05F1680D6D875A29FC7D0E47A6E69048] - (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [601544] [PID.13972] =>.Mozilla Corporation® [MD5.46A835FFA44E97D6F4363D8B2AAE2A79] - (...) -- C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe [30965760] [PID.7524] [MD5.CEFF9A933BC3DD74023C9D4520CEEA13] - (.Copyright (C) 2009 Symantec Corporation - Symantec W32.Downadup Removal Tool.) -- C:\Users\Henry\Downloads\D.exe [2348928] [PID.13200] =>.Symantec Corporation® [MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Henry\Desktop\ZHPDiag3.exe [2105344] [PID.15036] =>.Nicolas Coolman ---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (4) - 0s P2 - EXT FILE: (...) -- C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\np9rcrc1.Henry\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp] - (...) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf] - (...) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll ---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (15) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer,Proxy Management (2) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 ---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Etude du fichier hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object de navigateur (BHO) (1) - 0s O2 - BHO: Canon Easy-WebPrint EX BHO [64Bits] - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll =>.Canon Inc.® ---\\ Applications lancées au démarrage du système (21) - 1s O4 - HKLM\..\Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe (.not file.) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation O4 - HKLM\..\Run: [StartCN] . (.Advanced Micro Devices, Inc. - Radeon Settings: Host Application.) -- C:\Program Files\AMD\CNext\CNext\cnext.exe =>.Advanced Micro Devices, Inc.® O4 - HKLM\..\Run: [Malwarebytes TrayApp] . (.Malwarebytes - Malwarebytes Tray Application.) -- C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKCU\..\Run: [KeePass Password Safe 2] . (.Dominik Reichl - KeePass.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe {209C2B0329CEF9DC704CBAB9BAB17BBB} =>.Dominik Reichl O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd. or its subsidiaries - Garmin Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe {1CF6B8FF05B6B62BC1E245E05AABD5A4} =>.Garmin Ltd. or its subsidiaries O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\OneDrive.exe {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O4 - HKCU\..\RunOnce: [Uninstall 17.3.6816.0313\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation O4 - HKCU\..\RunOnce: [Uninstall 17.3.6816.0313] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation O4 - HKLM\..\Wow6432Node\Run: [KeePass 2 PreLoad] . (.Dominik Reichl - KeePass.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe {209C2B0329CEF9DC704CBAB9BAB17BBB} =>.Dominik Reichl O4 - HKLM\..\Wow6432Node\Run: [IJNetworkScannerSelectorEX] . (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe =>.Canon Inc.® O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe {330000004C80D5F9985076B09C00010000004C} =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe {330000004C80D5F9985076B09C00010000004C} =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3533645464-1810715894-3363189709-1001\..\Run: [KeePass Password Safe 2] . (.Dominik Reichl - KeePass.) -- C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe {209C2B0329CEF9DC704CBAB9BAB17BBB} =>.Dominik Reichl O4 - HKUS\S-1-5-21-3533645464-1810715894-3363189709-1001\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd. or its subsidiaries - Garmin Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe {1CF6B8FF05B6B62BC1E245E05AABD5A4} =>.Garmin Ltd. or its subsidiaries O4 - HKUS\S-1-5-21-3533645464-1810715894-3363189709-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\OneDrive.exe {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3533645464-1810715894-3363189709-1001\..\RunOnce: [Uninstall 17.3.6816.0313\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3533645464-1810715894-3363189709-1001\..\RunOnce: [Uninstall 17.3.6816.0313] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation ---\\ Raccourcis Global Startup (24) - 2s O4 - GS\Desktop [Administrateur]: dparoic.lnk . (.toto societe - .) C:\Damocles\Parois\dparoic.exe O4 - GS\Desktop [Administrateur]: LiLi USB Creator.lnk . (.CopyLeft Thibaut Lauziere a.k.a Slÿm - Easily create a Linux Live USB.) C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe O4 - GS\Desktop [Administrateur]: Nmap - Zenmap GUI.lnk . (...) C:\Program Files (x86)\Nmap\zenmap.exe {08304B42D738E05D14039D55A29A00C8} O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Henry\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\TaskBar [Administrateur]: Microsoft Office Excel 2007.lnk . (...) C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Administrateur]: Microsoft Office PowerPoint 2007.lnk . (...) C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Administrateur]: Microsoft Office Word 2007.lnk . (...) C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Administrateur]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation® O4 - GS\Desktop [Henry]: dparoic.lnk . (.toto societe - .) C:\Damocles\Parois\dparoic.exe O4 - GS\Desktop [Henry]: LiLi USB Creator.lnk . (.CopyLeft Thibaut Lauziere a.k.a Slÿm - Easily create a Linux Live USB.) C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe O4 - GS\Desktop [Henry]: Nmap - Zenmap GUI.lnk . (...) C:\Program Files (x86)\Nmap\zenmap.exe {08304B42D738E05D14039D55A29A00C8} O4 - GS\Desktop [Henry]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Henry\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\TaskBar [Henry]: Microsoft Office Excel 2007.lnk . (...) C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Henry]: Microsoft Office PowerPoint 2007.lnk . (...) C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Henry]: Microsoft Office Word 2007.lnk . (...) C:\WINDOWS\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\TaskBar [Henry]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Henry]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated® O4 - GS\CommonDesktop [Public]: Canon MX470 series Manuel à l'écran.lnk . (.CANON INC. - Easy Guide Viewer.) C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe =>.Canon Inc.® O4 - GS\CommonDesktop [Public]: Garmin Express.lnk . (.Garmin Ltd. or its subsidiaries - Garmin Express.) C:\Program Files (x86)\Garmin\Express\express.exe {1CF6B8FF05B6B62BC1E245E05AABD5A4} =>.Garmin Ltd. or its subsidiaries O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - Malwarebytes.) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O4 - GS\CommonDesktop [Public]: PuTTY.lnk . (.Simon Tatham - SSH, Telnet and Rlogin client.) C:\Program Files (x86)\PuTTY\putty.exe {6CD282A2D9A2C158505B178D59518B7B} =>.Simon Tatham O4 - GS\Programs [Public]: AMD Radeon Settings.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\cnext.exe =>.Advanced Micro Devices, Inc. ---\\ Modification Domaine/Adresses DNS (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09bee82b-8736-4feb-a288-5ef635bd5f66}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49fd2b4a-6d69-40cd-bc65-345d538f013e}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{fa1a845f-27d1-4e22-a556-27eb3e7342a5}: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel (24) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Liste des clés Explorer StartupApproved (6) - 0s [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:KeePass Password Safe 2 [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:GarminExpressTrayApp [HKEY_USERS\S-1-5-21-3533645464-1810715894-3363189709-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive [HKEY_USERS\S-1-5-21-3533645464-1810715894-3363189709-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:KeePass Password Safe 2 [HKEY_USERS\S-1-5-21-3533645464-1810715894-3363189709-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:GarminExpressTrayApp ---\\ Logiciels installés (67) - 6s O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Flash Player 25 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI {06F04788031055D31DEFFEFCD026D6C5} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824225037} =>.Adobe Systems Incorporated O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} =>.Advanced Micro Devices Inc. O42 - Logiciel: AMD Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F389A14F-B924-E628-4E4F-8D93AFB0215F} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- AMD Catalyst Install Manager =>.Advanced Micro Devices, Inc.® O42 - Logiciel: AMD Settings - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A239C6BD-191D-63FF-32C1-7832EC2BBBFF} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Settings - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {CF2BFC1C-F47F-F92D-FC47-68281F76E707} =>.Advanced Micro Devices, Inc. O42 - Logiciel: AMD Settings - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {78ACE60E-0CB7-4935-BCD4-F33422105607} =>.Advanced Micro Devices, Inc. O42 - Logiciel: ANT Drivers Installer x64 - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {A1EECEC9-2A14-4BE2-8820-66747A61AA8F} =>.Garmin Ltd or its subsidiaries O42 - Logiciel: Assistant Mise à niveau de Windows 10 - (.Microsoft Corporation.) [HKLM][64Bits] -- {D5C69738-B486-402E-85AC-2456D98A64E4} {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O42 - Logiciel: Canon Easy-WebPrint EX - (.Canon Inc..) [HKLM][64Bits] -- Easy-WebPrint EX =>.Canon Inc.® O42 - Logiciel: Canon IJ Network Scanner Selector EX - (.Canon Inc..) [HKLM][64Bits] -- Canon_IJ_Network_Scanner_Selector_EX =>.Canon Inc.® O42 - Logiciel: Canon IJ Network Tool - (.Canon Inc..) [HKLM][64Bits] -- Canon_IJ_Network_UTILITY =>.Canon Inc.® O42 - Logiciel: Canon IJ Scan Utility - (.Canon Inc..) [HKLM][64Bits] -- Canon_IJ_Scan_Utility =>.Canon Inc.® O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (.Canon Inc..) [HKLM][64Bits] -- CANONIJPLM100 =>.Canon Inc.® O42 - Logiciel: Canon MX470 series MP Drivers - (.Canon Inc..) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX470_series =>.Canon Inc.® O42 - Logiciel: Canon MX470 series On-screen Manual - (.Canon Inc..) [HKLM][64Bits] -- Canon MX470 series On-screen Manual =>.Canon Inc.® O42 - Logiciel: Canon My Printer - (.Canon Inc..) [HKLM][64Bits] -- CanonMyPrinter =>.Canon Inc.® O42 - Logiciel: Catalyst Control Center InstallProxy - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D7D20EB4-BD89-05C0-05C6-33E5B762989E} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization BR - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {585A6A74-1DED-8DA0-32F1-F5EFA485DFB1} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization CHS - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A0649E20-C57C-DCFA-AE1B-1CE1CB9D98A8} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization CHT - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {35F79A5D-00E2-8C19-D929-2E85DEA4252D} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization CS - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {2CEBB6AA-EC39-DFF2-1F5B-9A98301C4DAB} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization DA - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F05F0B6E-9999-55D0-C323-D06DF0E2B59F} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization DE - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {CBABB5FD-BD69-8969-729A-5659E11D9518} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization EL - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {98527BF3-A8E0-B8CF-7297-436B714FC576} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization ES - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D6CD1B25-53E6-C2F8-FA99-F89138A9C86F} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization FI - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {487C3865-3005-F04A-FBA4-F4239E02A847} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization FR - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D80AD200-548C-B62B-32AE-BF3CD7AA7EA2} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization HU - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D21BFF5C-51AA-4C15-1C91-6A1087FDC373} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization IT - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {04F0FFCB-D9A5-2332-2697-CA47C0424AF2} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization JA - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {47F2FFDC-3D6A-CED6-0B54-6E7082D5B29B} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization KO - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5608D1B6-6483-9FA3-7297-C2CFC3FCE747} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization NL - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {1FCA484A-5A9E-9C91-F050-257D1F311A0C} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization NO - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D8FB03AE-A326-0C12-AC47-B898FE73FA94} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization PL - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F7876D2E-CDCD-CE53-0E88-995B57A94B58} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization RU - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3BAB5AC8-EF35-FED0-BCEB-9306D05EDE1C} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization SV - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {746E086C-023A-A79C-DBE1-062E773FF6C8} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization TH - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {1C44BB26-1941-DB44-D5E8-C455F89EE6E6} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Catalyst Control Center Next Localization TR - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BE7F26CB-6E91-7673-7130-80C36FBF13DE} =>.Advanced Micro Devices, Inc. O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {C07003B9-FDC4-45A1-9591-ACBF55C6B022} =>.Garmin Ltd or its subsidiaries O42 - Logiciel: Enregistrement utilisateur de Canon MX470 series - (.‭Canon Inc..) [HKLM][64Bits] -- Enregistrement utilisateur de Canon MX470 series =>.Canon Inc.® O42 - Logiciel: Ext2Fsd 0.69.1039-02.22 - (.Matt Wu.) [HKLM][64Bits] -- Ext2Fsd_is1 =>.Matt Wu O42 - Logiciel: Garmin Express - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {265e66eb-aaef-49b6-a890-ab4a7a60f4a9} {1CF6B8FF05B6B62BC1E245E05AABD5A4} =>.Garmin Ltd or its subsidiaries O42 - Logiciel: Garmin Express - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {F7E67BDA-D15C-48B3-BE25-CC97739F1FDA} =>.Garmin Ltd or its subsidiaries O42 - Logiciel: Garmin Express Tray - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {3E614111-85D4-4894-9970-AF03BD189E91} =>.Garmin Ltd or its subsidiaries O42 - Logiciel: KeePass Password Safe 2.35 - (.Dominik Reichl.) [HKLM][64Bits] -- KeePassPasswordSafe2_is1 =>.Dominik Reichl O42 - Logiciel: LinuxLive USB Creator - (.Thibaut Lauziere.) [HKLM][64Bits] -- LinuxLive USB Creator =>.Thibaut Lauziere O42 - Logiciel: Malwarebytes version 3.1.2.1733 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O42 - Logiciel: Microsoft Sync Framework 2.0 Core Components (x64) ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A} =>.Microsoft Corporation O42 - Logiciel: Microsoft Sync Framework 2.0 Provider Services (x64) ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {03AC245F-4C64-425C-89CF-7783C1D3AB2C} =>.Microsoft Corporation O42 - Logiciel: Mozilla Firefox 53.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 53.0.3 (x86 fr) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: Mozilla Thunderbird 52.2.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 52.2.0 (x86 fr) =>.Mozilla Corporation® O42 - Logiciel: MySQL Connector/ODBC 3.51 - (.MySQL AB.) [HKLM][64Bits] -- {0CB3C535-1171-4A20-B549-E2CB5DEB9723} =>.MySQL AB O42 - Logiciel: Nmap 7.31 - (...) [HKLM][64Bits] -- Nmap O42 - Logiciel: Npcap 0.10 r9 - (.Nmap Project.) [HKLM][64Bits] -- NpcapInst O42 - Logiciel: Package de pilotes Windows - Dynastream Innovations, Inc. ANT LibUSB Driver - (.Dynastream Innovations, Inc..) [HKLM][64Bits] -- F9D2A789F9CFF8CEC36B544F53877C80F1F73C46 =>.Dynastream Innovations, Inc. O42 - Logiciel: Package de pilotes Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB ( - (.Silicon Labs Software.) [HKLM][64Bits] -- D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2 =>.Silicon Labs Software O42 - Logiciel: paroisse - (...) [HKLM][64Bits] -- ST6UNST #1 O42 - Logiciel: PuTTY - (.Simon Tatham.) [HKLM][64Bits] -- {ED9EF59B-0799-428E-823D-6D2B7B4FE2E0} =>.Simon Tatham O42 - Logiciel: PX Profile Update - (.AMD.) [HKLM][64Bits] -- {E635F3DC-E92B-6E68-A2E7-BF77298E8584} =>.AMD O42 - Logiciel: Synaptics TouchPad Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated O42 - Logiciel: SyncToy 2.1 (x64) - (.Microsoft.) [HKLM][64Bits] -- {88DAAF05-5A72-46D2-A7C5-C3759697E943} =>.Microsoft O42 - Logiciel: Windows 10 Update and Privacy Settings - (.Microsoft Corporation.) [HKLM][64Bits] -- {293F2009-0145-450B-B4AA-063D43FB368C} =>.Microsoft Corporation ---\\ HKCU & HKLM Software Keys (47) - 6s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\Canon HKLM\SOFTWARE\Wow6432Node\Foxit Software HKLM\SOFTWARE\Wow6432Node\Garmin HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\LinuxLive USB Creator HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\MySQL AB HKLM\SOFTWARE\Wow6432Node\Npcap HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\SimonTatham HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WOW6432Node HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AMD HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ATI HKCU\SOFTWARE\Canon HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Foxit Software HKCU\SOFTWARE\Garmin HKCU\SOFTWARE\Google HKCU\SOFTWARE\Intel HKCU\SOFTWARE\LinuxLive HKCU\SOFTWARE\Malwarebytes HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nmap HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Raptr HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\SimonTatham HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Thunderbird HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\Canon ---\\ Contenu des dossiers Programmes (133) - 5s O43 - CFD: 19/04/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\AMD O43 - CFD: 21/04/2017 - [] AD -- C:\Program Files (x86)\AMD APP O43 - CFD: 21/04/2017 - [] AD -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Canon =>.Canon Inc.® O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 09/06/2017 - [] AD -- C:\Program Files (x86)\Garmin {1CF6B8FF05B6B62BC1E245E05AABD5A4} O43 - CFD: 18/04/2017 - [] D -- C:\Program Files (x86)\Intel {330000B898AA86B5A39E5A1BBD00020000B898} O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 18/04/2017 - [] AD -- C:\Program Files (x86)\KeePass Password Safe 2 {209C2B0329CEF9DC704CBAB9BAB17BBB} O43 - CFD: 19/04/2017 - [] AD -- C:\Program Files (x86)\LinuxLive USB Creator O43 - CFD: 20/04/2017 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 19/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Works O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 21/06/2017 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 16/06/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 16/06/2017 - [] AD -- C:\Program Files (x86)\Mozilla Thunderbird =>.Mozilla Corporation® O43 - CFD: 20/06/2017 - [] AD -- C:\Program Files (x86)\MSBuild O43 - CFD: 19/06/2017 - [] D -- C:\Program Files (x86)\Nmap {08304B42D738E05D14039D55A29A00C8} O43 - CFD: 01/06/2017 - [] D -- C:\Program Files (x86)\paroic O43 - CFD: 04/05/2017 - [] AD -- C:\Program Files (x86)\PuTTY {6CD282A2D9A2C158505B178D59518B7B} O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Raptr Inc {78C0E307602390C8762C0D70D2288CE7} O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 21/06/2017 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 20/03/2017 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer {330000014096A9EE7056FECC07000100000140} O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 18/03/2017 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 20/06/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX470 series Manual O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement utilisateur de Canon MX470 series O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ext2Fsd O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin O43 - CFD: 18/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Adobe O43 - CFD: 21/06/2017 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 18/04/2017 - [0] SHD -- C:\ProgramData\Bureau O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\Canon IJ Network Tool O43 - CFD: 20/04/2017 - [] HD -- C:\ProgramData\CanonBJ O43 - CFD: 06/05/2017 - [] HD -- C:\ProgramData\CanonIJETV O43 - CFD: 20/04/2017 - [] HD -- C:\ProgramData\CanonIJFAX O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\CanonIJPLM O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\CanonIJWSpt O43 - CFD: 16/07/2016 - [0] D -- C:\ProgramData\Comms O43 - CFD: 21/06/2017 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Foxit ContentPlatform O43 - CFD: 19/04/2017 - [0] D -- C:\ProgramData\Foxit Software O43 - CFD: 09/06/2017 - [] D -- C:\ProgramData\Garmin O43 - CFD: 12/06/2017 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 18/04/2017 - [0] SHD -- C:\ProgramData\Menu Démarrer O43 - CFD: 21/06/2017 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 21/06/2017 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 18/04/2017 - [0] SHD -- C:\ProgramData\Modèles O43 - CFD: 19/06/2017 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 21/06/2017 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 18/03/2017 - [0] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 18/04/2017 - [] D -- C:\ProgramData\Synaptics O43 - CFD: 21/06/2017 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 21/06/2017 - [] D -- C:\ProgramData\USOShared O43 - CFD: 20/06/2017 - [] D -- C:\ProgramData\Validity O43 - CFD: 20/03/2017 - [] D -- C:\ProgramData\WindowsHolographicDevices O43 - CFD: 19/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 20/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 20/06/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 20/06/2017 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Adobe O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\ATI O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Foxit AgentInformation O43 - CFD: 19/04/2017 - [0] D -- C:\Users\Henry\AppData\Roaming\Foxit Software O43 - CFD: 09/06/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Garmin O43 - CFD: 20/06/2017 - [] D -- C:\Users\Henry\AppData\Roaming\KeePass O43 - CFD: 20/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\library_dir O43 - CFD: 15/05/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Macromedia O43 - CFD: 21/06/2017 - [] SD -- C:\Users\Henry\AppData\Roaming\Microsoft O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Mozilla O43 - CFD: 22/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\PlaysTV O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Skype O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Synaptics O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Thunderbird O43 - CFD: 23/06/2017 - [] D -- C:\Users\Henry\AppData\Roaming\ZHP O43 - CFD: 18/04/2017 - [0] D -- C:\Users\Henry\AppData\Local\ActiveSync O43 - CFD: 30/05/2017 - [] D -- C:\Users\Henry\AppData\Local\Adobe O43 - CFD: 13/06/2017 - [] D -- C:\Users\Henry\AppData\Local\AMD O43 - CFD: 20/06/2017 - [0] SHD -- C:\Users\Henry\AppData\Local\Application Data O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Local\ATI O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Local\CEF O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Local\Comms O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Local\ConnectedDevicesPlatform O43 - CFD: 21/06/2017 - [0] D -- C:\Users\Henry\AppData\Local\DBG O43 - CFD: 21/05/2017 - [] D -- C:\Users\Henry\AppData\Local\Diagnostics O43 - CFD: 07/06/2017 - [] D -- C:\Users\Henry\AppData\Local\ElevatedDiagnostics O43 - CFD: 09/06/2017 - [] D -- C:\Users\Henry\AppData\Local\Garmin_Ltd._or_its_subsid O43 - CFD: 20/06/2017 - [0] SHD -- C:\Users\Henry\AppData\Local\Historique O43 - CFD: 15/05/2017 - [] D -- C:\Users\Henry\AppData\Local\Macromedia O43 - CFD: 21/06/2017 - [] D -- C:\Users\Henry\AppData\Local\Microsoft O43 - CFD: 19/04/2017 - [0] D -- C:\Users\Henry\AppData\Local\Microsoft Help O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Local\MicrosoftEdge O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Local\Mozilla O43 - CFD: 19/04/2017 - [0] D -- C:\Users\Henry\AppData\Local\NetworkTiles O43 - CFD: 21/06/2017 - [] D -- C:\Users\Henry\AppData\Local\Packages O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Local\Programs O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Local\Publishers O43 - CFD: 23/06/2017 - [] D -- C:\Users\Henry\AppData\Local\Temp O43 - CFD: 20/06/2017 - [0] SHD -- C:\Users\Henry\AppData\Local\Temporary Internet Files O43 - CFD: 19/04/2017 - [] D -- C:\Users\Henry\AppData\Local\Thunderbird O43 - CFD: 18/04/2017 - [] D -- C:\Users\Henry\AppData\Local\TileDataLayer O43 - CFD: 15/06/2017 - [] D -- C:\Users\Henry\AppData\Local\UNP O43 - CFD: 18/04/2017 - [0] D -- C:\Users\Henry\AppData\Local\VirtualStore O43 - CFD: 18/03/2017 - [] RD -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 21/06/2017 - [] RD -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 21/06/2017 - [] RD -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 20/06/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator O43 - CFD: 18/03/2017 - [] D -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 21/06/2017 - [] RD -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 18/03/2017 - [] RD -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 18/03/2017 - [] RD -- C:\Users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell ---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O106 - SIOI: ReadOnlyOverlayHandler Class [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Henry\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\FileSyncShell.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation ---\\ Liste des pilotes du système (66) - 6s O58 - SDL:2017/03/18 22:56:25 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107424] {33000001066EC325C431C9180E000000000106} =>.LSI O58 - SDL:2017/03/18 22:56:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] {33000001066EC325C431C9180E000000000106} =>.PMC-Sierra O58 - SDL:2016/02/26 22:57:16 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\WINDOWS\System32\drivers\amdacpksd.sys [296648] =>.Advanced Micro Devices, Inc.® O58 - SDL:2017/03/18 22:56:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] {33000001066EC325C431C9180E000000000106} =>.Advanced Micro Devices O58 - SDL:2017/03/18 22:56:25 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259488] {33000001066EC325C431C9180E000000000106} =>.AMD Technologies Inc. O58 - SDL:2017/03/18 22:56:25 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27040] {33000001066EC325C431C9180E000000000106} =>.Advanced Micro Devices O58 - SDL:2017/03/18 22:56:25 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [132000] {33000001066EC325C431C9180E000000000106} =>.PMC-Sierra, Inc. O58 - SDL:2016/02/26 22:53:36 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [23981568] =>.Advanced Micro Devices, Inc. O58 - SDL:2016/02/26 21:58:12 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [674816] =>.Advanced Micro Devices, Inc. O58 - SDL:2017/03/18 22:56:25 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2017/03/18 22:56:23 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533920] {33000001066EC325C431C9180E000000000106} =>.QLogic Corporation O58 - SDL:2017/03/18 22:56:25 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [102816] {33000001066EC325C431C9180E000000000106} O58 - SDL:2017/03/18 22:56:25 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [347032] {33000001066EC325C431C9180E000000000106} O58 - SDL:2017/03/18 22:56:25 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [2104224] {33000001066EC325C431C9180E000000000106} O58 - SDL:2017/03/18 22:56:23 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419040] {33000001066EC325C431C9180E000000000106} =>.QLogic Corporation O58 - SDL:2017/02/22 12:13:38 A . (.www.ext2fsd.com - Ext2 File System Driver for Windows.) -- C:\WINDOWS\System32\drivers\ext2fsd.sys [814080] =>.Kasherlab Technology Inc.® O58 - SDL:2017/06/21 05:46:20 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys [113592] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O58 - SDL:2017/03/18 22:56:25 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64416] {33000001066EC325C431C9180E000000000106} =>.Hewlett-Packard Company O58 - SDL:2017/03/18 22:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation O58 - SDL:2017/03/18 22:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation O58 - SDL:2017/03/18 22:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [70656] =>.Intel Corporation O58 - SDL:2017/03/18 22:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504] =>.Intel Corporation O58 - SDL:2017/03/18 22:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165376] =>.Intel Corporation O58 - SDL:2017/03/18 22:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448] =>.Intel Corporation O58 - SDL:2017/03/18 22:56:23 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2017/03/18 22:56:19 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2017/03/18 22:56:26 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673184] {33000001066EC325C431C9180E000000000106} =>.Intel Corporation O58 - SDL:2017/03/18 22:56:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412064] {33000001066EC325C431C9180E000000000106} =>.Intel Corporation O58 - SDL:2017/03/18 22:56:25 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526240] {33000001066EC325C431C9180E000000000106} =>.Mellanox O58 - SDL:2017/03/09 01:16:12 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [5382856] {3300000012B05493EADDCEEB4B000000000012} =>.Intel Corporation O58 - SDL:2017/03/18 22:56:25 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108960] {33000001066EC325C431C9180E000000000106} =>.LSI Corporation O58 - SDL:2017/03/18 22:56:25 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123808] {33000001066EC325C431C9180E000000000106} =>.LSI Corporation O58 - SDL:2017/03/18 22:56:25 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103328] {33000001066EC325C431C9180E000000000106} =>.Avago Technologies O58 - SDL:2017/03/18 22:56:25 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82848] {33000001066EC325C431C9180E000000000106} =>.LSI Corporation O58 - SDL:2017/06/12 12:01:08 A . (...) -- C:\WINDOWS\System32\drivers\mbae64.sys [77376] {044E3BF58976880FFD074448A8F7A058} O58 - SDL:2017/06/21 05:46:19 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys [44960] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O58 - SDL:2017/06/20 09:58:07 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C:\WINDOWS\System32\drivers\MBAMChameleon.sys [188312] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O58 - SDL:2017/06/21 05:46:18 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [252832] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O58 - SDL:2017/03/18 22:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59808] {33000001066EC325C431C9180E000000000106} =>.Avago Technologies O58 - SDL:2017/03/18 22:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [64416] {33000001066EC325C431C9180E000000000106} =>.Avago Technologies O58 - SDL:2017/03/18 22:56:25 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575904] {33000001066EC325C431C9180E000000000106} =>.LSI Corporation, Inc. O58 - SDL:2017/03/18 22:56:25 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842656] {33000001066EC325C431C9180E000000000106} =>.Mellanox O58 - SDL:2017/03/18 22:56:25 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63904] {33000001066EC325C431C9180E000000000106} =>.Marvell Semiconductor, Inc. O58 - SDL:2017/06/23 15:03:29 A . (.Malwarebytes - Malwarebytes Web Protection.) -- C:\WINDOWS\System32\drivers\mwac.sys [93600] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes O58 - SDL:2017/03/18 22:56:25 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108960] {33000001066EC325C431C9180E000000000106} =>.Mellanox O58 - SDL:2017/03/18 22:56:20 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\Netwsw00.sys [11518976] =>.Intel Corporation O58 - SDL:2016/10/17 07:07:50 A . (.Insecure.Com LLC. - npcap.sys (NT6 AMD64) Kernel Filter Driver.) -- C:\WINDOWS\System32\drivers\npcap.sys [61288] {08304B42D738E05D14039D55A29A00C8} O58 - SDL:2017/03/18 22:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150432] {33000001066EC325C431C9180E000000000106} =>.NVIDIA Corporation O58 - SDL:2017/03/18 22:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166304] {33000001066EC325C431C9180E000000000106} =>.NVIDIA Corporation O58 - SDL:2017/03/18 22:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58784] {33000001066EC325C431C9180E000000000106} =>.Avago Technologies O58 - SDL:2017/03/18 22:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] {33000001066EC325C431C9180E000000000106} =>.Avago Technologies O58 - SDL:2017/03/18 22:56:26 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [604160] =>.Realtek O58 - SDL:2015/06/03 07:41:50 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\WINDOWS\System32\drivers\RtsPStor.sys [374016] =>.Realtek Semiconductor Corp® O58 - SDL:2017/03/18 22:56:26 A . (...) -- C:\WINDOWS\System32\drivers\SDFRd.sys [31128] {33000001066EC325C431C9180E000000000106} O58 - SDL:2017/03/18 22:56:25 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44960] {33000001066EC325C431C9180E000000000106} =>.Silicon Integrated Systems Corp. O58 - SDL:2017/03/18 22:56:25 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81824] {33000001066EC325C431C9180E000000000106} =>.Silicon Integrated Systems O58 - SDL:2016/04/28 00:53:48 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [52392] =>.Synaptics Incorporated® O58 - SDL:2016/04/28 00:53:48 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [52904] =>.Synaptics Incorporated® O58 - SDL:2016/04/28 00:53:48 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [52904] =>.Synaptics Incorporated® O58 - SDL:2017/03/18 22:56:25 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31136] {33000001066EC325C431C9180E000000000106} =>.Promise Technology, Inc. O58 - SDL:2016/04/28 00:53:48 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [622784] =>.Synaptics Incorporated® O58 - SDL:2016/01/19 22:50:38 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [202032] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2017/03/18 22:56:25 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166816] {33000001066EC325C431C9180E000000000106} =>.VIA Technologies Inc.,Ltd O58 - SDL:2017/03/18 22:56:25 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305568] {33000001066EC325C431C9180E000000000106} =>.VIA Corporation O58 - SDL:2017/03/18 22:56:25 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32160] {33000001066EC325C431C9180E000000000106} =>.Mellanox O58 - SDL:2017/03/18 22:56:25 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] {33000001066EC325C431C9180E000000000106} =>.Mellanox ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (9) - 3s O61 - LFC: 2017/06/19 20:35:41 A . (.Insecure.org.) -- C:\Users\Henry\Downloads\nmap_7-31_en_318014.exe [27210576] {08304B42D738E05D14039D55A29A00C8} O61 - LFC: 2017/06/21 05:51:54 A . (..) -- C:\Users\Henry\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Data.bin [1048576] O61 - LFC: 2017/06/21 05:51:54 A . (..) -- C:\Users\Henry\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [9640] O61 - LFC: 2017/06/23 18:11:49 A . (..) -- C:\Users\Henry\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\LocalState\Features\du.bin [926] O61 - LFC: 2017/06/23 18:11:42 A . (..) -- C:\Users\Henry\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148] O61 - LFC: 2017/06/21 05:53:39 A . (..) -- C:\Users\Henry\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [452065] O61 - LFC: 2017/06/20 11:12:53 A . (..) -- C:\Users\Henry\AppData\Local\Microsoft\SyncToy\2.0\SyncToyDirPairs.bin [3047] O61 - LFC: 2017/06/21 06:23:52 A . (..) -- C:\Users\Henry\AppData\Local\Microsoft\GameDVR\KnownGameList.bin [370852] O61 - LFC: 2017/06/22 14:51:44 A . (..) -- C:\Users\Henry\AppData\Local\Adobe\Acrobat\DC\UserCache.bin [62570] ---\\ Associations Shell Spawning (11) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® ---\\ Menu de démarrage Internet (8) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Recherche d'infection sur les navigateurs (2) - 5s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Enumère les services démarrés par Svchost (47) - 0s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [189952] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\system32\srvsvc.dll [303616] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll [1269248] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll [934912] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\WINDOWS\System32\iphlpsvc.dll [996864] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\WINDOWS\System32\appinfo.dll [138752] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [150016] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll [108032] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [877568] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [221696] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\WINDOWS\System32\browser.dll [133120] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [413696] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [385536] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\WINDOWS\System32\wercplsupport.dll [91648] =>.Microsoft Corporation O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [192512] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1135104] =>.Microsoft Corporation O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Service d’authentification naturelle.) -- C:\WINDOWS\System32\NaturalAuth.dll [723968] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2155008] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [877568] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [1013248] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\Windows\System32\Windows.Internal.Management.dll [536064] =>.Microsoft Corporation O83 - Search Svchost Services: xbgm (xbgm) . (.Microsoft Corporation - Xbox Game Monitoring Service.) -- C:\WINDOWS\System32\xbgmsvc.dll [301216] {33000001125A147470A9987D6E000000000112} =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\WINDOWS\system32\themeservice.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1054208] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\WINDOWS\System32\lfsvc.dll [43520] =>.Microsoft Corporation O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur infrarouge.) -- C:\WINDOWS\System32\irmon.dll [24576] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\WINDOWS\System32\rasauto.dll [104448] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\WINDOWS\System32\rasmans.dll [871936] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [490496] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\WINDOWS\System32\sens.dll [69632] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\WINDOWS\System32\ipnathlp.dll [537600] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [306688] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\WINDOWS\system32\wuaueng.dll [2443776] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\System32\qmgr.dll [1159680] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [612864] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [55296] =>.Microsoft Corporation O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres de vol.) -- C:\WINDOWS\system32\flightsettings.dll [699904] =>.Microsoft Corporation O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Service du système de notifications Push Wi.) -- C:\WINDOWS\system32\WpnService.dll [276480] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\WINDOWS\System32\bdesvc.dll [385536] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1067008] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [681984] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\WINDOWS\System32\NetSetupSvc.dll [261632] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [233984] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\WINDOWS\System32\ncasvc.dll [167424] =>.Microsoft Corporation O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\WINDOWS\System32\XboxGipSvc.dll [18944] =>.Microsoft Corporation ---\\ Liste des exceptions du parefeu Windows (6) - 1s O87 - FAEL: "{A532D972-D62E-42C5-8F87-F34649C35ADE}" [In-None-P17-TRUE] .(.Copyright (c) 2017 Plays.tv, LLC - Plays.tv Video Recorder.) -- C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe {78C0E307602390C8762C0D70D2288CE7} O87 - FAEL: "{BFC511E8-5BA5-485D-942C-A67215BFE576}" [In-None-P6-TRUE] .(.Copyright (c) 2017 Plays.tv, LLC - Plays.tv Video Recorder.) -- C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe {78C0E307602390C8762C0D70D2288CE7} O87 - FAEL: "{066981C0-B0BB-4F2E-82BC-BEBE34FC461B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (.not file.) O87 - FAEL: "{3BCD8D0A-A7AF-4C58-AA54-FEB05F24B6AE}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (.not file.) O87 - FAEL: "{2629A4ED-B87B-41E2-A830-2C4C14BBF609}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (.not file.) O87 - FAEL: "{EAB17774-3845-4CBD-B9DD-14FF72C3CAF8}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (.not file.) ---\\ Scan Additionnel (1) - 0s ~ Aucun élément malicieux ou superflu trouvé. ---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s ~ Aucun élément malicieux ou superflu trouvé. ~ End of the scan, 30785 items in 00h01mn18s (647)(0)