Rapport de ZHPDiag v2013.6.28.43 par Nicolas Coolman, Update du 28/06/2013 Run by Kriss at 29/06/2013 17:49:57 WebSite: http://nicolascoolman.webs.com State : Version à jour. WhiteList : Disable High Elevated Privileges : OK UAC : Deactivate by user ---\\ Web Browser MSIE: Internet Explorer v10.0.9200.16618 MFIE: Mozilla Firefox 21.0 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows Vista Ultimate Edition, 64-bit (Build 6000) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : HYRR2 Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK ---\\ System Protection ---\\ System Optimizer CCleaner v4.02 =>Piriform Ltd ---\\ Peer To Peer (P2P) ---\\ Software Update Adobe Flash Player 11 Plugin Adobe Reader XI Java 7 Update 25 ---\\ System Information ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8191 MB (35% free) System Restore: Activé (Enable) System drive C: has 151 GB (64%) free of 235 GB ---\\ Logged in mode ~ Computer Name: KRISS-PC ~ User Name: Kriss ~ All Users Names: UpdatusUser, Kriss, Guest, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Kriss\AppData\Roaming\ ~ %Desktop% : C:\Users\Kriss\Desktop\ ~ %Favorites% : C:\Users\Kriss\Favorites\ ~ %LocalAppData% : C:\Users\Kriss\AppData\Local\ ~ %StartMenu% : C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 151 Go of 235 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 66 Go of 68 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 149 Go of 149 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 20 Go) G:\ Hard drive, Flash drive, Thumb drive (Free 212 Go of 230 Go) H:\ Hard drive, Flash drive, Thumb drive (Free 58 Go of 61 Go) I:\ CD-ROM drive (Free 0 Go of 0 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 34 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.1E79B157B16DF86CBF2BC521AA07301D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/06/2013 - 19:39:49.) -- C:\Windows\System32\wininet.dll [2241024] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Videos (My Videos) : 1/3 ~ Mes Favoris (My Favorites) : 1/20 ~ Mes Documents (My Documents) : 1/85 ~ Mon Bureau (My Desktop) : 1/42 ~ Menu demarrer (Programs) : 1/26 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.C213B43AB4018B2FBDED32C8EC31CDAE] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [2904984] [PID.2840] [MD5.BB73B4A6D4A9F1410563D1BA4D53E7CA] - (.CANON INC. - Canon IJ Network Scan Utility.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640] [PID.3192] [MD5.1F3A8448323CFA5E66AF02B1EDC2EEE4] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048] [PID.3208] [MD5.8FE651ACBA3344E645CFEB6286FFF6B8] - (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312] [PID.3164] [MD5.95110A1C5A1D228AC1DDF6AB67D00BEB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.4168] [MD5.6FC79A950476A5F539EEB65F9097C0A8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.4944] [MD5.60B241EFB669D286C9BF636A0334B3BA] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe [1855880] [PID.4988] [MD5.F577910A133A592234EBAAD3F3AFA258] - (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096] [PID.3004] [MD5.962F17D115EE9E9827C7B89C3559E101] - (.Adobe Systems, Inc. - Adobe Dreamweaver CS6.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe [18219664] [PID.4700] [MD5.BCAE94105D572D937326354FA8122BEA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7596544] [PID.3788] [MD5.0887B293199AA2055888FABA989ED0A6] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [413472] [PID.812] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1476] [MD5.7FE34FD5652C54BDA8D2DF8AC92E833A] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664] [PID.1528] [MD5.A9AFE5B0648C8D7A411A72D8222F7F6E] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1826592] [PID.1984] [MD5.EB17DF573B4423DF0B3B2EE3B268A6DE] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208] [PID.2132] [MD5.879F46329B7DC4D109345AA96F1AB47F] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [4150112] [PID.2232] [MD5.C5B04409186A27409BD069580208A6D3] - (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [116104] [PID.3092] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ~ Firefox Browser: 2 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 14 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 63 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO [64Bits] - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll ~ BHO: 7 Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe O4 - HKLM\..\Wow6432Node\Run: [IJNetworkScanUtility] . (.CANON INC. - Canon IJ Network Scan Utility.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-4147268373-1569833931-2933840164-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-4147268373-1569833931-2933840164-1002\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe O4 - GS\Desktop: Virtual DJ Pro.lnk . (.Atomix Productions - VirtualDJ.) -- C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exe O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - GS\Desktop: Kies Air Discovery Service.lnk . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\SysWOW64\javaws.exe ~ Global Startup: Scanned in 00mn 01s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Winsock: 6 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{28C0B3AD-0F08-4DAE-970A-BBE59A2F9142}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{28C0B3AD-0F08-4DAE-970A-BBE59A2F9142}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{28C0B3AD-0F08-4DAE-970A-BBE59A2F9142}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extende (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Servey.) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 320.1.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\System32\viakaraokesrv.exe ~ Services: 11 Scanned in 00mn 09s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [830] [MD5.9915504F602D277EE47FD843A677FD15] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [256904] [MD5.518545E8CBD79EBF42891A6066578118] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3591960] =>Piriform Ltd [MD5.1321DC81E317EE48C4D004775FB29AC9] [APT] [{AD682A97-8161-4E4B-82CB-40A8F712697B}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe [1916928] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] ~ Scheduled Task: 5 Scanned in 00mn 05s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 10 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (eamonm) . (.ESET - Amon monitor.) - C:\Windows\System32\DRIVERS\eamonm.sys O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys O41 - Driver: (EpfwLWF) . (.ESET - Epfw NDIS LightWeight Filter.) - C:\Windows\System32\DRIVERS\EpfwLWF.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 72 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A} O42 - Logiciel: Adobe Acrobat X Pro - English, Français, Deutsch - (.Adobe Systems.) [HKLM][64Bits] -- {AC76BA86-1033-F400-7760-000000000005} O42 - Logiciel: Adobe Creative Suite 6 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1} O42 - Logiciel: Adobe Reader XI (11.0.03) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Adobe Widget Browser - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- com.adobe.WidgetBrowser O42 - Logiciel: Adobe Widget Browser - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- {EFBE6DD5-B224-96E5-72B9-68D328CB12A6} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd O42 - Logiciel: Canon Easy-WebPrint EX - (...) [HKLM][64Bits] -- Easy-WebPrint EX O42 - Logiciel: Canon IJ Network Scan Utility - (...) [HKLM][64Bits] -- Canon_IJ_Network_Scan_UTILITY O42 - Logiciel: Canon IJ Network Tool - (...) [HKLM][64Bits] -- Canon_IJ_Network_UTILITY O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (...) [HKLM][64Bits] -- CANONIJPLM100 O42 - Logiciel: Canon MP Navigator EX 3.1 - (...) [HKLM][64Bits] -- MP Navigator EX 3.1 O42 - Logiciel: Canon MX340 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series O42 - Logiciel: Canon Utilitaire de numérotation rapide - (...) [HKLM][64Bits] -- Speed Dial Utility O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (...) [HKLM][64Bits] -- Easy-PhotoPrint EX O42 - Logiciel: Canon Utilities My Printer - (...) [HKLM][64Bits] -- CanonMyPrinter O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM][64Bits] -- CanonSolutionMenu O42 - Logiciel: Enregistrement utilisateur de Canon MX340 series - (...) [HKLM][64Bits] -- Enregistrement utilisateur de Canon MX340 series O42 - Logiciel: FileZilla Client 3.7.1 - (.FileZilla Project.) [HKLM][64Bits] -- FileZilla Client O42 - Logiciel: Freemake Video Converter version 4.0.1 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1 O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF} O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {50A9E459-A2CF-4109-BB73-9079702BEBF2} O42 - Logiciel: Microsoft Mouse and Keyboard Center - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Mozilla Firefox 21.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 21.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: NVIDIA 3D Vision Controller Driver 320.18 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA 3D Vision Driver 320.18 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA GeForce Experience 1.5 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience O42 - Logiciel: NVIDIA Graphics Driver 320.18 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA HD Audio Driver 1.3.24.2 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29} O42 - Logiciel: NVIDIA PhysX System Software 9.12.1031 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo O42 - Logiciel: NVIDIA Update 4.11.9 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120} O42 - Logiciel: Skype™ 6.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 8 O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} O42 - Logiciel: Virtual DJ Pro Full - Atomix Productions - (...) [HKLM][64Bits] -- Virtual DJ Pro Full - Atomix Productions O42 - Logiciel: WinRAR 4.20 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: bl - (.Your Company Name.) [HKLM][64Bits] -- {2A075BB4-E976-4278-BF3F-E5C6945D84C0} O42 - Logiciel: ph - (.Your Company Name.) [HKLM][64Bits] -- {185F9795-9663-4F13-9EF9-307A282ADB5A} ~ Logic: 105 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Canon] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ESET] [HKCU\Software\Free mp3 Wma Converter] [HKCU\Software\Freemake] [HKCU\Software\IM Providers] [HKCU\Software\Intel\Indeo\4.1] [HKCU\Software\JavaSoft] [HKCU\Software\MOVAVI] [HKCU\Software\Macromedia] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Skype] [HKCU\Software\TeamViewer] [HKCU\Software\VIA] [HKCU\Software\VirtualDJ] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\ESET] [HKLM\Software\FileZilla 3] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Sonic] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node\AGEIA Technologies] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Bunndle] [HKLM\Software\Wow6432Node\Canon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\ESET] [HKLM\Software\Wow6432Node\FileZilla 3] [HKLM\Software\Wow6432Node\Freemake] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\InterVideo] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\MAXSOFT-OCRON] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Minnetonka Audio Software] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\NVIDIA Corporation] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Sonic] [HKLM\Software\Wow6432Node\TeamViewer] [HKLM\Software\Wow6432Node\VIA Technologies, Inc] [HKLM\Software\Wow6432Node\VirtualDJ] [HKLM\Software\Wow6432Node\Wow6432Node] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] [HKLM\Software\cybelsoft] ~ Key Software: 148 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 28/06/2013 - 18:27:56 - [-1231,963] ----D C:\Program Files (x86)\Adobe O43 - CFD: 12/06/2013 - 23:44:33 - [0] ----D C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 13/06/2013 - 17:05:35 - [2,316] ----D C:\Program Files (x86)\Apple Software Update O43 - CFD: 29/06/2013 - 14:36:59 - [336,198] ----D C:\Program Files (x86)\Canon O43 - CFD: 21/06/2013 - 21:04:26 - [1431,277] ----D C:\Program Files (x86)\Common Files O43 - CFD: 22/06/2013 - 10:33:58 - [17,321] ----D C:\Program Files (x86)\FileZilla FTP Client O43 - CFD: 29/06/2013 - 09:35:03 - [0,124] ----D C:\Program Files (x86)\Free mp3 Wma Converter O43 - CFD: 13/06/2013 - 21:45:22 - [69,689] ----D C:\Program Files (x86)\Freemake O43 - CFD: 13/06/2013 - 19:07:27 - [5,528] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 12/06/2013 - 20:39:18 - [0,133] ----D C:\Program Files (x86)\Intel O43 - CFD: 13/06/2013 - 21:02:35 - [4,885] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 21/06/2013 - 21:03:44 - [124,160] ----D C:\Program Files (x86)\Java O43 - CFD: 28/06/2013 - 20:44:20 - [561,108] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 22/06/2013 - 15:32:16 - [40,835] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 20/06/2013 - 17:12:27 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 20/06/2013 - 17:09:52 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 20/06/2013 - 20:25:18 - [3,554] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 20/06/2013 - 17:12:11 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 20/06/2013 - 16:55:15 - [57,795] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 12/06/2013 - 20:17:24 - [0,214] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 20/06/2013 - 17:12:35 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 13/06/2013 - 19:30:23 - [0] ----D C:\Program Files (x86)\My Company Name O43 - CFD: 12/06/2013 - 23:45:15 - [114,079] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 13/06/2013 - 17:07:58 - [72,777] ----D C:\Program Files (x86)\QuickTime O43 - CFD: 12/06/2013 - 20:30:16 - [3,175] ----D C:\Program Files (x86)\Realtek O43 - CFD: 27/06/2013 - 18:07:10 - [2,690] ----D C:\Program Files (x86)\Red Kawa O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 12/06/2013 - 20:44:34 - [49,538] R---D C:\Program Files (x86)\Skype O43 - CFD: 13/06/2013 - 17:27:30 - [23,555] ----D C:\Program Files (x86)\TeamViewer O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 13/06/2013 - 19:05:08 - [53,330] ----D C:\Program Files (x86)\VIA O43 - CFD: 13/06/2013 - 21:47:09 - [28,161] ----D C:\Program Files (x86)\VirtualDJ O43 - CFD: 13/06/2013 - 16:52:33 - [0,549] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 13/06/2013 - 18:39:00 - [6,395] ----D C:\Program Files (x86)\Windows Mail O43 - CFD: 13/06/2013 - 18:39:00 - [4,878] ----D C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:38 - [11,690] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 13/06/2013 - 18:38:56 - [4,251] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 13/06/2013 - 18:39:00 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 13/06/2013 - 18:39:00 - [6,604] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 13/06/2013 - 16:59:25 - [0,000] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 29/06/2013 - 17:50:10 - [22,410] ----D C:\Program Files (x86)\ZHPDiag O43 - CFD: 29/06/2013 - 09:15:50 - [1016,991] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 13/06/2013 - 19:26:55 - [37,554] ----D C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 13/06/2013 - 17:05:43 - [63,895] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 20/06/2013 - 17:12:27 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 13/06/2013 - 19:02:40 - [1,629] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 21/06/2013 - 21:04:26 - [1,189] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 20/06/2013 - 20:25:28 - [225,738] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 28/06/2013 - 18:02:14 - [0,200] ----D C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 12/06/2013 - 20:44:14 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 13/06/2013 - 19:30:30 - [0,362] ----D C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 05:20:08 - [39,202] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 20/06/2013 - 17:09:39 - [42,523] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 28/06/2013 - 18:30:41 - [417,024] ----D C:\ProgramData\Adobe O43 - CFD: 28/06/2013 - 18:18:46 - [0] ----D C:\ProgramData\ALM O43 - CFD: 13/06/2013 - 17:05:34 - [22,757] ----D C:\ProgramData\Apple O43 - CFD: 13/06/2013 - 17:07:36 - [26,332] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data O43 - CFD: 16/06/2013 - 14:38:08 - [23,791] --H-D C:\ProgramData\CanonBJ O43 - CFD: 29/06/2013 - 14:48:57 - [0,000] ----D C:\ProgramData\CanonIJ O43 - CFD: 29/06/2013 - 16:02:35 - [0,004] ----D C:\ProgramData\CanonIJPLM O43 - CFD: 29/06/2013 - 14:44:27 - [0,002] --H-D C:\ProgramData\CanonIJScan O43 - CFD: 29/06/2013 - 14:37:52 - [0,000] --H-D C:\ProgramData\CanonIJSolutionMenu O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents O43 - CFD: 12/06/2013 - 20:54:15 - [274,057] ----D C:\ProgramData\ESET O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites O43 - CFD: 13/06/2013 - 21:51:05 - [0] ----D C:\ProgramData\Freemake O43 - CFD: 12/06/2013 - 20:19:31 - [1,323] ----D C:\ProgramData\ma-config.com O43 - CFD: 21/06/2013 - 20:08:59 - [252,738] -S--D C:\ProgramData\Microsoft O43 - CFD: 21/06/2013 - 18:08:27 - [0,062] ----D C:\ProgramData\Microsoft Help O43 - CFD: 12/06/2013 - 20:17:23 - [0,000] ----D C:\ProgramData\Mozilla O43 - CFD: 29/06/2013 - 14:34:08 - [23,280] ----D C:\ProgramData\NVIDIA O43 - CFD: 13/06/2013 - 16:38:09 - [3,212] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 28/06/2013 - 18:44:16 - [0,008] ----D C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 12/06/2013 - 20:44:34 - [34,587] ----D C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu O43 - CFD: 21/06/2013 - 21:04:27 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates O43 - CFD: 29/06/2013 - 16:58:25 - [15,596] ----D C:\Users\Kriss\AppData\Roaming\Adobe O43 - CFD: 13/06/2013 - 17:21:50 - [0,021] ----D C:\Users\Kriss\AppData\Roaming\Apple Computer O43 - CFD: 29/06/2013 - 14:44:27 - [0,002] ----D C:\Users\Kriss\AppData\Roaming\Canon O43 - CFD: 12/06/2013 - 20:56:51 - [0,000] ----D C:\Users\Kriss\AppData\Roaming\ESET O43 - CFD: 29/06/2013 - 12:00:42 - [0,018] ----D C:\Users\Kriss\AppData\Roaming\FileZilla O43 - CFD: 27/06/2013 - 19:44:19 - [0,000] ----D C:\Users\Kriss\AppData\Roaming\FreeAudioPack O43 - CFD: 13/06/2013 - 05:12:26 - [0] ----D C:\Users\Kriss\AppData\Roaming\Identities O43 - CFD: 13/06/2013 - 05:16:18 - [0,001] ----D C:\Users\Kriss\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - 09:45:14 - [0] ----D C:\Users\Kriss\AppData\Roaming\Media Center Programs O43 - CFD: 28/06/2013 - 18:44:44 - [43,619] -S--D C:\Users\Kriss\AppData\Roaming\Microsoft O43 - CFD: 22/06/2013 - 17:16:56 - [0,007] ----D C:\Users\Kriss\AppData\Roaming\MOVAVI O43 - CFD: 12/06/2013 - 20:17:31 - [15,585] ----D C:\Users\Kriss\AppData\Roaming\Mozilla O43 - CFD: 13/06/2013 - 20:14:11 - [0,137] ----D C:\Users\Kriss\AppData\Roaming\NVIDIA O43 - CFD: 26/06/2013 - 19:42:59 - [0] ----D C:\Users\Kriss\AppData\Roaming\PDAppFlex O43 - CFD: 29/06/2013 - 17:40:58 - [6,174] ----D C:\Users\Kriss\AppData\Roaming\Skype O43 - CFD: 26/06/2013 - 19:43:24 - [0] ----D C:\Users\Kriss\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 O43 - CFD: 20/06/2013 - 16:46:02 - [0] ----D C:\Users\Kriss\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 13/06/2013 - 17:49:56 - [0,077] ----D C:\Users\Kriss\AppData\Roaming\vlc O43 - CFD: 13/06/2013 - 17:49:20 - [0,000] ----D C:\Users\Kriss\AppData\Roaming\WinRAR O43 - CFD: 28/06/2013 - 18:26:46 - [17,396] ----D C:\Users\Kriss\AppData\Local\Adobe O43 - CFD: 13/06/2013 - 17:05:36 - [0] ----D C:\Users\Kriss\AppData\Local\Apple O43 - CFD: 13/06/2013 - 05:07:34 - [0] ----D C:\Users\Kriss\AppData\Local\Application Data O43 - CFD: 12/06/2013 - 20:56:51 - [2,082] ----D C:\Users\Kriss\AppData\Local\ESET O43 - CFD: 13/06/2013 - 05:07:34 - [0] ----D C:\Users\Kriss\AppData\Local\History O43 - CFD: 13/06/2013 - 17:06:06 - [0] ----D C:\Users\Kriss\AppData\Local\Macromedia O43 - CFD: 21/06/2013 - 18:52:10 - [98,625] ----D C:\Users\Kriss\AppData\Local\Microsoft O43 - CFD: 15/06/2013 - 18:20:54 - [0] ----D C:\Users\Kriss\AppData\Local\Microsoft Help O43 - CFD: 12/06/2013 - 20:17:27 - [4,748] ----D C:\Users\Kriss\AppData\Local\Mozilla O43 - CFD: 13/06/2013 - 21:42:03 - [0] ----D C:\Users\Kriss\AppData\Local\Programs O43 - CFD: 29/06/2013 - 17:49:22 - [180,561] ----D C:\Users\Kriss\AppData\Local\Temp O43 - CFD: 13/06/2013 - 05:07:34 - [0] ----D C:\Users\Kriss\AppData\Local\Temporary Internet Files O43 - CFD: 13/06/2013 - 05:12:20 - [0] ----D C:\Users\Kriss\AppData\Local\VirtualStore O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 13/06/2013 - 21:10:25 - [0,000] R---D C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 13/06/2013 - 21:45:23 - [0,001] ----D C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 13/06/2013 - 21:10:25 - [0,000] R---D C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 13/06/2013 - 21:46:54 - [0] ----D C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ O43 - CFD: 13/06/2013 - 16:59:48 - [0,003] ----D C:\Users\Kriss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 119 Scanned in 00mn 37s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.DBAEA78092027C41B0073EA8B063FEC5] - 29/06/2013 - 16:19:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log [19201] O44 - LFC:[MD5.2EE33F44808062C11F5635CB42A1D4D7] - 29/06/2013 - 15:03:05 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1670440] O44 - LFC:[MD5.384CD40F8C3F503423E666C9CFD567AB] - 29/06/2013 - 15:03:05 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [121964] O44 - LFC:[MD5.230F8EE21E49D04CBCEE643599D26D3E] - 29/06/2013 - 15:03:05 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [149222] O44 - LFC:[MD5.D2E6B9BB2534B520B36D0E1497EBB6A1] - 29/06/2013 - 15:03:05 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [655092] O44 - LFC:[MD5.F3511C2DAF6133C85B7E7A1A177D9ACB] - 29/06/2013 - 15:03:05 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [746182] O44 - LFC:[MD5.2EE33F44808062C11F5635CB42A1D4D7] - 29/06/2013 - 15:03:05 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1670440] O44 - LFC:[MD5.384CD40F8C3F503423E666C9CFD567AB] - 29/06/2013 - 15:03:05 RSHAD . (...) -- C:\Windows\System32\perfc009.dat [121964] O44 - LFC:[MD5.230F8EE21E49D04CBCEE643599D26D3E] - 29/06/2013 - 15:03:05 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat [149222] O44 - LFC:[MD5.D2E6B9BB2534B520B36D0E1497EBB6A1] - 29/06/2013 - 15:03:05 RSHAD . (...) -- C:\Windows\System32\perfh009.dat [655092] O44 - LFC:[MD5.F3511C2DAF6133C85B7E7A1A177D9ACB] - 29/06/2013 - 15:03:05 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat [746182] O44 - LFC:[MD5.C240DB392CABA437E2D6BC22E681B7AC] - 29/06/2013 - 15:00:17 ---A- . (...) -- C:\Windows\setupact.log [699] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/06/2013 - 15:00:17 RSHAD . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/06/2013 - 14:28:00 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.85609C0BDE9F63CDF64923438B31C4DD] - 29/06/2013 - 13:36:46 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [5066872] O44 - LFC:[MD5.85609C0BDE9F63CDF64923438B31C4DD] - 29/06/2013 - 13:36:46 RSHAD . (...) -- C:\Windows\System32\FNTCACHE.DAT [5066872] O44 - LFC:[MD5.F2BA298C02CF048B8DB643E442093859] - 29/06/2013 - 13:34:03 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.2DEADD492C20CF032D4CF26ACBAB3C69] - 29/06/2013 - 13:17:28 ---A- . (.CANON INC. - Canon IJ Network 64bit UI Module.) -- C:\Windows\SysNative\CNMN6UI.DLL [144384] O44 - LFC:[MD5.7F725B746447B05B9154F57EFBF4F67E] - 29/06/2013 - 13:17:28 ---A- . (.CANON INC. - Canon IJ Network 64bit comm Module.) -- C:\Windows\SysNative\CNMN6PPM.DLL [337920] O44 - LFC:[MD5.2DEADD492C20CF032D4CF26ACBAB3C69] - 29/06/2013 - 13:17:28 RSHAD . (.CANON INC. - Canon IJ Network 64bit UI Module.) -- C:\Windows\System32\CNMN6UI.DLL [144384] O44 - LFC:[MD5.7F725B746447B05B9154F57EFBF4F67E] - 29/06/2013 - 13:17:28 RSHAD . (.CANON INC. - Canon IJ Network 64bit comm Module.) -- C:\Windows\System32\CNMN6PPM.DLL [337920] O44 - LFC:[MD5.E13F489F0B1E52319A86BDD996263F4B] - 21/06/2013 - 16:59:00 ---A- . (...) -- C:\Windows\win.ini [478] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/06/2013 - 16:09:16 RSHAD . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [0] O44 - LFC:[MD5.7B619C36F84720CB6AB77031B6F4FA60] - 16/06/2013 - 13:42:10 ---A- . (.Microsoft Corporation - Extension de stratégie de groupe pour la re.) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [13312] O44 - LFC:[MD5.E9A0777DCA9148157E0EF9B71D7DE353] - 16/06/2013 - 13:42:10 ---A- . (.Microsoft Corporation - Remote Desktop Protocol Group Policy Extens.) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [15360] O44 - LFC:[MD5.0E894692EB8579703FB1EC8AB6908571] - 16/06/2013 - 13:42:10 ---A- . (.Microsoft Corporation - Remote Desktop USB Redirection GP Extension.) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [13312] O44 - LFC:[MD5.7B619C36F84720CB6AB77031B6F4FA60] - 16/06/2013 - 13:42:10 RSHAD . (.Microsoft Corporation - Extension de stratégie de groupe pour la re.) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [13312] O44 - LFC:[MD5.E9A0777DCA9148157E0EF9B71D7DE353] - 16/06/2013 - 13:42:10 RSHAD . (.Microsoft Corporation - Remote Desktop Protocol Group Policy Extens.) -- C:\Windows\System32\RdpGroupPolicyExtension.dll [15360] O44 - LFC:[MD5.0E894692EB8579703FB1EC8AB6908571] - 16/06/2013 - 13:42:10 RSHAD . (.Microsoft Corporation - Remote Desktop USB Redirection GP Extension.) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe [13312] O44 - LFC:[MD5.313F68E1A3E6345A4F47A36B07062F34] - 16/06/2013 - 13:42:09 RSHAD . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\Windows\System32\Drivers\rdpvideominiport.sys [19456] O44 - LFC:[MD5.17C6B51CBCCDED95B3CC14E22791F85E] - 16/06/2013 - 13:42:09 RSHAD . (.Microsoft Corporation - Pilote de filtre pour concentrateur USB du.) -- C:\Windows\System32\Drivers\TsUsbFlt.sys [57856] O44 - LFC:[MD5.E98E2152251EB2576714B2CCE01555DC] - 16/06/2013 - 13:42:07 ---A- . (.Microsoft Corporation - Client de contrainte de quarantaine de la p.) -- C:\Windows\SysNative\tsgqec.dll [44032] O44 - LFC:[MD5.E98E2152251EB2576714B2CCE01555DC] - 16/06/2013 - 13:42:07 ---A- . (.Microsoft Corporation - Client de contrainte de quarantaine de la p.) -- C:\Windows\System32\tsgqec.dll [44032] O44 - LFC:[MD5.9EB297848DAACF111C36B6048EFF5AEA] - 16/06/2013 - 13:42:07 ---A- . (.Microsoft Corporation - Co-installateur de pilote USB générique du.) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [43520] O44 - LFC:[MD5.09112DADA82F4700F833C2E40DFB59FC] - 16/06/2013 - 13:42:07 ---A- . (.Microsoft Corporation - WorkspaceRuntime ProxyStub DLL.) -- C:\Windows\SysNative\wksprtPS.dll [18432] O44 - LFC:[MD5.09112DADA82F4700F833C2E40DFB59FC] - 16/06/2013 - 13:42:07 ---A- . (.Microsoft Corporation - WorkspaceRuntime ProxyStub DLL.) -- C:\Windows\System32\wksprtPS.dll [18432] O44 - LFC:[MD5.9EB297848DAACF111C36B6048EFF5AEA] - 16/06/2013 - 13:42:07 RSHAD . (.Microsoft Corporation - Co-installateur de pilote USB générique du.) -- C:\Windows\System32\TsUsbGDCoInstaller.dll [43520] O44 - LFC:[MD5.87E8244DCB33A7A0836C66389B8874B6] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Client avec accès à distance.) -- C:\Windows\SysNative\aaclient.dll [322560] O44 - LFC:[MD5.87E8244DCB33A7A0836C66389B8874B6] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Client avec accès à distance.) -- C:\Windows\System32\aaclient.dll [322560] O44 - LFC:[MD5.98C04A60A10777D99B569636C55FE91C] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\SysNative\mstsc.exe [1123840] O44 - LFC:[MD5.98C04A60A10777D99B569636C55FE91C] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe [1123840] O44 - LFC:[MD5.F059D17612BF074443C01FCCC8D5C905] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Acces.) -- C:\Windows\SysNative\MsRdpWebAccess.dll [54272] O44 - LFC:[MD5.F059D17612BF074443C01FCCC8D5C905] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Acces.) -- C:\Windows\System32\MsRdpWebAccess.dll [54272] O44 - LFC:[MD5.AE8535663AA64318D174CD7CA44ED947] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Proxy.) -- C:\Windows\SysNative\TSWbPrxy.exe [62976] O44 - LFC:[MD5.D346E07D62E3D4BEAB040939744EC31B] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Point de terminaison audio RDP.) -- C:\Windows\SysNative\rdpendp_winip.dll [228864] O44 - LFC:[MD5.D346E07D62E3D4BEAB040939744EC31B] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Point de terminaison audio RDP.) -- C:\Windows\System32\rdpendp_winip.dll [228864] O44 - LFC:[MD5.6846ECABF7034DD97EE1DE38F1DA16B4] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - Runtime de connexion RemoteApp et Bureau à.) -- C:\Windows\SysNative\wksprt.exe [384000] O44 - LFC:[MD5.AD4D0AEDB5993EDA31EB80A54EDBC344] - 16/06/2013 - 13:42:06 ---A- . (.Microsoft Corporation - UMRDP Display Driver.) -- C:\Windows\SysNative\rdpudd.dll [243200] O44 - LFC:[MD5.AE8535663AA64318D174CD7CA44ED947] - 16/06/2013 - 13:42:06 RSHAD . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Proxy.) -- C:\Windows\System32\TSWbPrxy.exe [62976] O44 - LFC:[MD5.6846ECABF7034DD97EE1DE38F1DA16B4] - 16/06/2013 - 13:42:06 RSHAD . (.Microsoft Corporation - Runtime de connexion RemoteApp et Bureau à.) -- C:\Windows\System32\wksprt.exe [384000] O44 - LFC:[MD5.AD4D0AEDB5993EDA31EB80A54EDBC344] - 16/06/2013 - 13:42:06 RSHAD . (.Microsoft Corporation - UMRDP Display Driver.) -- C:\Windows\System32\rdpudd.dll [243200] O44 - LFC:[MD5.8F69EE5E0EB0779DC3E90DFD8D8E8683] - 16/06/2013 - 13:42:04 ---A- . (.Microsoft Corporation - DLL RDPCore TS.) -- C:\Windows\SysNative\rdpcorets.dll [3174912] O44 - LFC:[MD5.8F69EE5E0EB0779DC3E90DFD8D8E8683] - 16/06/2013 - 13:42:04 RSHAD . (.Microsoft Corporation - DLL RDPCore TS.) -- C:\Windows\System32\rdpcorets.dll [3174912] O44 - LFC:[MD5.FF16B21E5C0C46A70B2CD4F65B87D9F1] - 16/06/2013 - 13:42:03 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\SysNative\mstscax.dll [5773824] O44 - LFC:[MD5.FF16B21E5C0C46A70B2CD4F65B87D9F1] - 16/06/2013 - 13:42:03 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\System32\mstscax.dll [5773824] O44 - LFC:[MD5.973131EB99BE1E19DAC502CB724E72A5] - 16/06/2013 - 13:40:33 ---A- . (.Microsoft Corporation - DirectShow DVD PlayBack Runtime..) -- C:\Windows\SysNative\qdvd.dll [366592] O44 - LFC:[MD5.973131EB99BE1E19DAC502CB724E72A5] - 16/06/2013 - 13:40:33 ---A- . (.Microsoft Corporation - DirectShow DVD PlayBack Runtime..) -- C:\Windows\System32\qdvd.dll [366592] O44 - LFC:[MD5.685527DA09EBFB681E98C515978BDEE2] - 16/06/2013 - 13:40:32 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\SysNative\lsasrv.dll [1448448] O44 - LFC:[MD5.B7D42CB36C08FA017E73FF2433CD7287] - 16/06/2013 - 13:40:32 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\SysNative\schannel.dll [340992] O44 - LFC:[MD5.B7D42CB36C08FA017E73FF2433CD7287] - 16/06/2013 - 13:40:32 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [340992] O44 - LFC:[MD5.685527DA09EBFB681E98C515978BDEE2] - 16/06/2013 - 13:40:32 RSHAD . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1448448] O44 - LFC:[MD5.AAFCB52FE0037207FB6FBEA070D25EFE] - 16/06/2013 - 13:40:32 RSHAD . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [458712] O44 - LFC:[MD5.7EFB9333E4ECCE6AE4AE9D777D9E553E] - 16/06/2013 - 13:40:32 RSHAD . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [154480] O44 - LFC:[MD5.93B9E4D0B7BD601372C5B50FE0381533] - 16/06/2013 - 13:37:12 ---A- . (.CANON INC. - IJ Language Monitor.) -- C:\Windows\SysNative\CNMLMA5.DLL [385024] O44 - LFC:[MD5.93B9E4D0B7BD601372C5B50FE0381533] - 16/06/2013 - 13:37:12 RSHAD . (.CANON INC. - IJ Language Monitor.) -- C:\Windows\System32\CNMLMA5.DLL [385024] O44 - LFC:[MD5.C5A852B58FBBA931E9DF01BF96542C9E] - 16/06/2013 - 13:37:06 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkAR.DLL [2560] O44 - LFC:[MD5.DD8F8D1A80D6F4BC44B1D13B6221715E] - 16/06/2013 - 13:37:06 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkCN.DLL [2048] O44 - LFC:[MD5.86A0DA551FFD791996C9D8EF38BD79CA] - 16/06/2013 - 13:37:06 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkKR.DLL [2560] O44 - LFC:[MD5.F7E5137E6269CEF66A3BA8E26E3E5B87] - 16/06/2013 - 13:37:06 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkTR.DLL [2560] O44 - LFC:[MD5.864A78D7FB2AE6A4B010E69AA03D7E6B] - 16/06/2013 - 13:37:06 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkTW.DLL [2048] O44 - LFC:[MD5.07319C9382CB38EEDFC03645C7FF0558] - 16/06/2013 - 13:37:06 ---A- . (.Canon Inc. - Sumber Daya Monitor Bahasa MP FAX.) -- C:\Windows\SysNative\CNCFLkID.DLL [3072] O44 - LFC:[MD5.3F80D909664340B72F41921FE6859E50] - 16/06/2013 - 13:37:06 ---A- . (.Canon Inc. - ??????????????????????? MP FAX.) -- C:\Windows\SysNative\CNCFLkTH.DLL [2560] O44 - LFC:[MD5.C5A852B58FBBA931E9DF01BF96542C9E] - 16/06/2013 - 13:37:06 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkAR.DLL [2560] O44 - LFC:[MD5.DD8F8D1A80D6F4BC44B1D13B6221715E] - 16/06/2013 - 13:37:06 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkCN.DLL [2048] O44 - LFC:[MD5.86A0DA551FFD791996C9D8EF38BD79CA] - 16/06/2013 - 13:37:06 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkKR.DLL [2560] O44 - LFC:[MD5.F7E5137E6269CEF66A3BA8E26E3E5B87] - 16/06/2013 - 13:37:06 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkTR.DLL [2560] O44 - LFC:[MD5.864A78D7FB2AE6A4B010E69AA03D7E6B] - 16/06/2013 - 13:37:06 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkTW.DLL [2048] O44 - LFC:[MD5.07319C9382CB38EEDFC03645C7FF0558] - 16/06/2013 - 13:37:06 RSHAD . (.Canon Inc. - Sumber Daya Monitor Bahasa MP FAX.) -- C:\Windows\System32\CNCFLkID.DLL [3072] O44 - LFC:[MD5.3F80D909664340B72F41921FE6859E50] - 16/06/2013 - 13:37:06 RSHAD . (.Canon Inc. - ??????????????????????? MP FAX.) -- C:\Windows\System32\CNCFLkTH.DLL [2560] O44 - LFC:[MD5.E06169C17EC4B0FFF910F01F7512D940] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkCZ.DLL [2560] O44 - LFC:[MD5.7753B8BAA6F68C66D94A12569A426FD6] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkDK.DLL [2560] O44 - LFC:[MD5.72B5DC1FB1B539F1C6BC662EDDBD1CFC] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkFI.DLL [3072] O44 - LFC:[MD5.190F8AC0A6C3837466F4A122257207CE] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkGR.DLL [3072] O44 - LFC:[MD5.9B5C036DF631839438797F4BC5FECAF4] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkHU.DLL [2560] O44 - LFC:[MD5.E9463A065D6E10112FF864186A95487A] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkNO.DLL [2560] O44 - LFC:[MD5.25940651C07855AA6C797E3F17EDC906] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkRU.DLL [3072] O44 - LFC:[MD5.2CA6BCB6639F864E29DD9C73746FE8B9] - 16/06/2013 - 13:37:00 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkSE.DLL [3072] O44 - LFC:[MD5.E06169C17EC4B0FFF910F01F7512D940] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkCZ.DLL [2560] O44 - LFC:[MD5.7753B8BAA6F68C66D94A12569A426FD6] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkDK.DLL [2560] O44 - LFC:[MD5.72B5DC1FB1B539F1C6BC662EDDBD1CFC] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkFI.DLL [3072] O44 - LFC:[MD5.190F8AC0A6C3837466F4A122257207CE] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkGR.DLL [3072] O44 - LFC:[MD5.9B5C036DF631839438797F4BC5FECAF4] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkHU.DLL [2560] O44 - LFC:[MD5.E9463A065D6E10112FF864186A95487A] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkNO.DLL [2560] O44 - LFC:[MD5.25940651C07855AA6C797E3F17EDC906] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkRU.DLL [3072] O44 - LFC:[MD5.2CA6BCB6639F864E29DD9C73746FE8B9] - 16/06/2013 - 13:37:00 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkSE.DLL [3072] O44 - LFC:[MD5.6ABB9FDF6E000065D1101E73F1177A85] - 16/06/2013 - 13:36:59 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkDE.DLL [3072] O44 - LFC:[MD5.EDCFB73968E15037E63048F8E6143C2F] - 16/06/2013 - 13:36:59 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkES.DLL [3072] O44 - LFC:[MD5.FEF67E8B98F8E508E12A14DB49E5E3E7] - 16/06/2013 - 13:36:59 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkFR.DLL [3072] O44 - LFC:[MD5.B55BE727942D97074976B51147A9EAB5] - 16/06/2013 - 13:36:59 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkIT.DLL [3072] O44 - LFC:[MD5.BB2D539B642FA276FB6E7C0A8AF53AAC] - 16/06/2013 - 13:36:59 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkNL.DLL [3072] O44 - LFC:[MD5.43DB13339D2A92B4DF932E2BB253D718] - 16/06/2013 - 13:36:59 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkPL.DLL [3072] O44 - LFC:[MD5.484D942AA76A3439249AA2E0D29969AE] - 16/06/2013 - 13:36:59 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkPT.DLL [3072] O44 - LFC:[MD5.6ABB9FDF6E000065D1101E73F1177A85] - 16/06/2013 - 13:36:59 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkDE.DLL [3072] O44 - LFC:[MD5.EDCFB73968E15037E63048F8E6143C2F] - 16/06/2013 - 13:36:59 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkES.DLL [3072] O44 - LFC:[MD5.FEF67E8B98F8E508E12A14DB49E5E3E7] - 16/06/2013 - 13:36:59 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkFR.DLL [3072] O44 - LFC:[MD5.B55BE727942D97074976B51147A9EAB5] - 16/06/2013 - 13:36:59 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkIT.DLL [3072] O44 - LFC:[MD5.BB2D539B642FA276FB6E7C0A8AF53AAC] - 16/06/2013 - 13:36:59 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkNL.DLL [3072] O44 - LFC:[MD5.43DB13339D2A92B4DF932E2BB253D718] - 16/06/2013 - 13:36:59 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkPL.DLL [3072] O44 - LFC:[MD5.484D942AA76A3439249AA2E0D29969AE] - 16/06/2013 - 13:36:59 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkPT.DLL [3072] O44 - LFC:[MD5.0D491BB1D7FA78FD971ED64548182883] - 16/06/2013 - 13:36:58 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkJP.DLL [2560] O44 - LFC:[MD5.BB67C52850F6968935FEDAA2557AA296] - 16/06/2013 - 13:36:58 ---A- . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\SysNative\CNCFLkUS.DLL [3072] O44 - LFC:[MD5.0D491BB1D7FA78FD971ED64548182883] - 16/06/2013 - 13:36:58 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkJP.DLL [2560] O44 - LFC:[MD5.BB67C52850F6968935FEDAA2557AA296] - 16/06/2013 - 13:36:58 RSHAD . (.Canon Inc. - MP FAX Language Monitor Resource.) -- C:\Windows\System32\CNCFLkUS.DLL [3072] O44 - LFC:[MD5.34CA29F202FBBC4CC76E5D912DDD14BD] - 16/06/2013 - 13:36:57 ---A- . (.Canon Inc. - MP Fax Language Monitor Module.) -- C:\Windows\SysNative\CNCFMSk.EXE [182272] O44 - LFC:[MD5.34CA29F202FBBC4CC76E5D912DDD14BD] - 16/06/2013 - 13:36:57 RSHAD . (.Canon Inc. - MP Fax Language Monitor Module.) -- C:\Windows\System32\CNCFMSk.EXE [182272] O44 - LFC:[MD5.0AFFF58CC116399FADCDB76B3E5EEA35] - 16/06/2013 - 13:36:56 ---A- . (.Canon Inc. - MP FAX Language Monitor DLL.) -- C:\Windows\SysNative\CNCF2Lk.DLL [343552] O44 - LFC:[MD5.0AFFF58CC116399FADCDB76B3E5EEA35] - 16/06/2013 - 13:36:56 RSHAD . (.Canon Inc. - MP FAX Language Monitor DLL.) -- C:\Windows\System32\CNCF2Lk.DLL [343552] O44 - LFC:[MD5.92E89EE1C9E20C4AA4ACF4E2EE2CD2D2] - 16/06/2013 - 13:36:46 ---A- . (...) -- C:\Windows\SysNative\CNC1741D.TBL [14592] O44 - LFC:[MD5.92E89EE1C9E20C4AA4ACF4E2EE2CD2D2] - 16/06/2013 - 13:36:46 ---A- . (...) -- C:\Windows\System32\CNC1741D.TBL [14592] O44 - LFC:[MD5.F04FE79A6DBE9FD9702FC2BB1C819311] - 16/06/2013 - 13:36:46 ---A- . (.CANON INC. - LLD.) -- C:\Windows\SysNative\CNC340L.dll [346624] O44 - LFC:[MD5.F04FE79A6DBE9FD9702FC2BB1C819311] - 16/06/2013 - 13:36:46 ---A- . (.CANON INC. - LLD.) -- C:\Windows\System32\CNC340L.dll [346624] O44 - LFC:[MD5.5F10C644DE0B02FD49495C218EFE1933] - 16/06/2013 - 13:36:46 ---A- . (.CANON INC. - WIA Scanner Driver Image Enhancement dll 64.) -- C:\Windows\SysNative\CNC340I.dll [109568] O44 - LFC:[MD5.5F10C644DE0B02FD49495C218EFE1933] - 16/06/2013 - 13:36:46 RSHAD . (.CANON INC. - WIA Scanner Driver Image Enhancement dll 64.) -- C:\Windows\System32\CNC340I.dll [109568] O44 - LFC:[MD5.493574E218AA18161D14EECFD572A0E8] - 16/06/2013 - 13:36:45 ---A- . (.CANON INC. - Canon Device Dependent Informations for Sca.) -- C:\Windows\SysNative\CNHMCA6.dll [17920] O44 - LFC:[MD5.7472FDF25CEBBFC65E45AD1C55431C9B] - 16/06/2013 - 13:36:45 ---A- . (.CANON INC. - WIA Scanner Driver 64-bit Edition.) -- C:\Windows\SysNative\CNC340C.dll [1324544] O44 - LFC:[MD5.493574E218AA18161D14EECFD572A0E8] - 16/06/2013 - 13:36:45 RSHAD . (.CANON INC. - Canon Device Dependent Informations for Sca.) -- C:\Windows\System32\CNHMCA6.dll [17920] O44 - LFC:[MD5.7472FDF25CEBBFC65E45AD1C55431C9B] - 16/06/2013 - 13:36:45 RSHAD . (.CANON INC. - WIA Scanner Driver 64-bit Edition.) -- C:\Windows\System32\CNC340C.dll [1324544] O44 - LFC:[MD5.72F2D357120F95C1E725C22915FE95E1] - 15/06/2013 - 16:29:02 ---A- . (...) -- C:\Windows\WORDPAD.INI [193] ~ Files: 128 Scanned in 00mn 59s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.E28E956B63FFB7431BEBF19E5C62A40A] - 12/06/2013 - 19:02:49 ---A- - C:\Windows\Prefetch\AgAppLaunch.db O45 - LFCP:[MD5.8EC7ED02A9F7D5D057FFD0FB60247CDC] - 13/06/2013 - 18:12:20 ---A- - C:\Windows\Prefetch\AgCx_SC4.db O45 - LFCP:[MD5.7E1D2169C762C2BA8D54081AAF36B93F] - 13/06/2013 - 18:56:36 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.E424C9BA4BE5D90BDD5998CEAD94DA61] - 13/06/2013 - 18:57:37 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.2EC67FCE7E56D9C3FD6B8F23C088CA0E] - 17/06/2013 - 16:04:15 ---A- - C:\Windows\Prefetch\EGUI.EXE-DDACC729.pf O45 - LFCP:[MD5.D26955D8D3C615EDAC2F11D9E3D6E667] - 17/06/2013 - 16:04:15 ---A- - C:\Windows\Prefetch\NVTMRU.EXE-231A7003.pf O45 - LFCP:[MD5.3B6083B995A15505487ED0AA0B56333B] - 27/06/2013 - 15:48:56 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.79A601078F92078B8AB2EFAF4F83E254] - 29/06/2013 - 08:34:57 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-97F6A314.pf O45 - LFCP:[MD5.8A27635E6F00BA68BCFEF43BD577C194] - 29/06/2013 - 11:00:44 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4147268373-1569833931-2933840164-1000.db O45 - LFCP:[MD5.C639605C820DF00042DCFE45D84E5AAB] - 29/06/2013 - 11:00:44 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4147268373-1569833931-2933840164-1000.db O45 - LFCP:[MD5.F280E39889930D9196ADE44FAEFA7A2C] - 29/06/2013 - 11:01:14 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf O45 - LFCP:[MD5.A2A0081FA69EB4D02756E53C9F0F8BE2] - 29/06/2013 - 11:01:14 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf O45 - LFCP:[MD5.0EDAEDDD26E302F8D7796934AB986552] - 29/06/2013 - 11:18:10 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf O45 - LFCP:[MD5.E053FC2262BBCF7CDB1904733992F96F] - 29/06/2013 - 11:18:12 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf O45 - LFCP:[MD5.EAF3E8B6CF116C255CBBEBF5AB88BE24] - 29/06/2013 - 11:45:23 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf O45 - LFCP:[MD5.C0F467A25F61B773A5290E506B9DF41E] - 29/06/2013 - 11:45:23 ---A- - C:\Windows\Prefetch\MACONFIGAGENT.EXE-388336DB.pf O45 - LFCP:[MD5.14F9C8E39C9AA7F6CA52A5AC8CAD04EA] - 29/06/2013 - 11:45:23 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf O45 - LFCP:[MD5.C2E4B049AE9610F472136B4CFC200088] - 29/06/2013 - 11:47:05 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf O45 - LFCP:[MD5.891F80655CB7A570FC732A76A102660E] - 29/06/2013 - 11:47:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5FD5BD9D.pf O45 - LFCP:[MD5.EDB5B58A818790867CFB78E91B349BEF] - 29/06/2013 - 12:01:46 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.A590EE9E342909F3E5D50A5DA18AF031] - 29/06/2013 - 12:13:54 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf O45 - LFCP:[MD5.9F968D4D88364A6F927067D968728980] - 29/06/2013 - 12:13:54 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf O45 - LFCP:[MD5.7EFA179DF6899F3EDA1DCA2465D03C28] - 29/06/2013 - 12:13:54 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf O45 - LFCP:[MD5.8195F94C2F9CA2D932293540DA0786D2] - 29/06/2013 - 13:13:27 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf O45 - LFCP:[MD5.AADB59D7261316D5CB04938226585D15] - 29/06/2013 - 13:18:12 ---A- - C:\Windows\Prefetch\STARTHTM.EXE-E484B60F.pf O45 - LFCP:[MD5.93E4ACE2D5557F5D0122F86E5C872A31] - 29/06/2013 - 13:18:49 ---A- - C:\Windows\Prefetch\CMVIEW.EXE-5711B622.pf O45 - LFCP:[MD5.321F7BAC8F406FA32D89DFAC765E6994] - 29/06/2013 - 13:19:12 ---A- - C:\Windows\Prefetch\SETUP.EXE-1E5D0608.pf O45 - LFCP:[MD5.7C2BF53AA8C7E995AF0E2741EF2EC152] - 29/06/2013 - 13:19:31 ---A- - C:\Windows\Prefetch\SETUP.EXE-13B128E7.pf O45 - LFCP:[MD5.C1EF7B2E561C4E32FEAAC6D6202BC968] - 29/06/2013 - 13:19:50 ---A- - C:\Windows\Prefetch\SETEVENT.EXE-1D884AEA.pf O45 - LFCP:[MD5.86B9818954EAE7D0C99632A19AE659C3] - 29/06/2013 - 13:20:02 ---A- - C:\Windows\Prefetch\SETUP.EXE-02A3F78F.pf O45 - LFCP:[MD5.AF69488F4C8C5B0EA367B64C27087B34] - 29/06/2013 - 13:20:19 ---A- - C:\Windows\Prefetch\SETUP.EXE-D2AFFEDB.pf O45 - LFCP:[MD5.7E623269741E6978020F5473F0981069] - 29/06/2013 - 13:20:47 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf O45 - LFCP:[MD5.A4193C34AFB82F717FF1819B0E3CEFA7] - 29/06/2013 - 13:21:04 ---A- - C:\Windows\Prefetch\SETUP.EXE-EB2E14C5.pf O45 - LFCP:[MD5.39201E6D701ED558A1C3C5C84F7DF478] - 29/06/2013 - 13:21:15 ---A- - C:\Windows\Prefetch\SETUP.EXE-64F94F51.pf O45 - LFCP:[MD5.1AB706C4AF75CC87FEF0D4B52CD06D70] - 29/06/2013 - 13:21:33 ---A- - C:\Windows\Prefetch\EWPEXDL.EXE-90FEB5D0.pf O45 - LFCP:[MD5.FE44693AB44D40FB8B86DBFE0ADF0128] - 29/06/2013 - 13:21:33 ---A- - C:\Windows\Prefetch\SETUP.EXE-2EA65B6C.pf O45 - LFCP:[MD5.9404CE7130A39656F04ACB5593D7B836] - 29/06/2013 - 13:23:11 ---A- - C:\Windows\Prefetch\SETUP.EXE-01F00DC1.pf O45 - LFCP:[MD5.2E3A4AB4FB9ABDAE668B13BC15E6D177] - 29/06/2013 - 13:23:12 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf O45 - LFCP:[MD5.CF63DFBBB61FC6D5BA037831DA6B41EF] - 29/06/2013 - 13:23:17 ---A- - C:\Windows\Prefetch\SETUP.EXE-6BF8FA70.pf O45 - LFCP:[MD5.24D5893B9E372BB1F16350B7ECFDB2DE] - 29/06/2013 - 13:23:42 ---A- - C:\Windows\Prefetch\SETUP.EXE-32AF4178.pf O45 - LFCP:[MD5.960A9C354718EE08462C14B9DD30A6E9] - 29/06/2013 - 13:23:43 ---A- - C:\Windows\Prefetch\SETUP64.EXE-7E2392DA.pf O45 - LFCP:[MD5.E344CC8A17C0F330A040DFE650EA34F4] - 29/06/2013 - 13:31:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F96DDA35.pf O45 - LFCP:[MD5.195847A2FCE3A47A8AB6D972FB767A88] - 29/06/2013 - 13:31:14 ---A- - C:\Windows\Prefetch\CNMVSA5.EXE-128F7E3E.pf O45 - LFCP:[MD5.F56A8A31C80A23B509052E23B020F7CF] - 29/06/2013 - 13:31:14 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-4A16D0D2.pf O45 - LFCP:[MD5.BADC246F6EE12608FF03E49C6B64B7C6] - 29/06/2013 - 13:31:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C3FCAB42.pf O45 - LFCP:[MD5.FDA68BA3662E2E097B74526E52E51B92] - 29/06/2013 - 13:31:16 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf O45 - LFCP:[MD5.4429F007FB6D9980AC69F7A36317D89F] - 29/06/2013 - 13:31:16 ---A- - C:\Windows\Prefetch\ROUTE.EXE-5E3D06CB.pf O45 - LFCP:[MD5.A0ED0EE090C9B4BC97386C17423E345F] - 29/06/2013 - 13:31:16 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C431DA8A.pf O45 - LFCP:[MD5.958A363F5BB9DDD0C9ED3A6C0B1C326C] - 29/06/2013 - 13:31:23 ---A- - C:\Windows\Prefetch\SETUP.EXE-AC05B78F.pf O45 - LFCP:[MD5.323D95FE590DF3BF740125E4B14B6BD4] - 29/06/2013 - 13:31:31 ---A- - C:\Windows\Prefetch\SETUP.EXE-1602A587.pf O45 - LFCP:[MD5.4F0B86C7CF65B8B5E5FE184A4AC4A1DC] - 29/06/2013 - 13:32:37 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf O45 - LFCP:[MD5.15836A8316017D2617E9B73732184592] - 29/06/2013 - 13:32:40 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.F1B0EC0BC10174D4E58659E99141F3F9] - 29/06/2013 - 13:35:53 ---A- - C:\Windows\Prefetch\C2C_SERVICE.EXE-76976284.pf O45 - LFCP:[MD5.1907C2CE3FFD395FEE0BA27F278D8EBA] - 29/06/2013 - 13:35:53 ---A- - C:\Windows\Prefetch\DAEMONU.EXE-79EAD54C.pf O45 - LFCP:[MD5.10360C1D98770B45ACAAA98E48827D03] - 29/06/2013 - 13:35:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.ADE88215D3DBB2F587840F1AD806726B] - 29/06/2013 - 13:35:53 ---A- - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf O45 - LFCP:[MD5.7E067FBA236C8E55055ADBFCFB290C7D] - 29/06/2013 - 13:35:53 ---A- - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf O45 - LFCP:[MD5.91AA7C8EE3C5D43CA4B225864D5C9A0A] - 29/06/2013 - 13:35:57 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf O45 - LFCP:[MD5.BCB14D0C534C50B882273215D9A41E03] - 29/06/2013 - 13:36:30 ---A- - C:\Windows\Prefetch\MSETUP4.EXE-5EE46726.pf O45 - LFCP:[MD5.883B0051C05A6DBFD81803E002D12DD5] - 29/06/2013 - 13:36:36 ---A- - C:\Windows\Prefetch\MSETUP4.EXE-8AF95307.pf O45 - LFCP:[MD5.152F0C7AA0D32E612268283C715847AC] - 29/06/2013 - 13:36:37 ---A- - C:\Windows\Prefetch\IJEREG.EXE-94173053.pf O45 - LFCP:[MD5.F6351604E04613DB11A446763BD774E8] - 29/06/2013 - 13:36:55 ---A- - C:\Windows\Prefetch\SETUP.EXE-E788D69B.pf O45 - LFCP:[MD5.299088E6ED4C522C0780D94FBCA33CC2] - 29/06/2013 - 13:37:02 ---A- - C:\Windows\Prefetch\IJPLMSVC.EXE-936C3664.pf O45 - LFCP:[MD5.C28337617D9EA88AC67CBDBCA6F4E0D0] - 29/06/2013 - 13:37:05 ---A- - C:\Windows\Prefetch\CNMNSUT.EXE-B66B5D99.pf O45 - LFCP:[MD5.04C302C07F843EF2D4C05267E8727B5A] - 29/06/2013 - 13:37:09 ---A- - C:\Windows\Prefetch\CNSLMAIN.EXE-45AEDFDB.pf O45 - LFCP:[MD5.94825C0BBF9FEF74F65E4A8C41DEEA86] - 29/06/2013 - 13:37:31 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf O45 - LFCP:[MD5.41D0010B7C76BE45AF14246AD46E8403] - 29/06/2013 - 13:37:32 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf O45 - LFCP:[MD5.73B9AB89E40FECC188B16B7328896864] - 29/06/2013 - 13:37:42 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf O45 - LFCP:[MD5.2C4B494BC9DA349C54F59CDBEE2248B9] - 29/06/2013 - 13:40:57 ---A- - C:\Windows\Prefetch\SKYPE.EXE-E71BF59F.pf O45 - LFCP:[MD5.9849B36074B4E76E93A274066DF218C4] - 29/06/2013 - 13:41:07 ---A- - C:\Windows\Prefetch\UPDATER.EXE-EA1310CB.pf O45 - LFCP:[MD5.AEF2BBB71EE5467FA84B29B46D4CA49F] - 29/06/2013 - 13:42:29 ---A- - C:\Windows\Prefetch\BJMYPRT.EXE-2C6EC7CF.pf O45 - LFCP:[MD5.132838D62BFA6146F0AD189E9D85994A] - 29/06/2013 - 13:42:49 ---A- - C:\Windows\Prefetch\MPNEX31.EXE-C644ADAF.pf O45 - LFCP:[MD5.6D77C168104A8514A70D694FFC19FF09] - 29/06/2013 - 13:47:29 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.816F8D8C2CB15A58AF3F8C37784E5DF1] - 29/06/2013 - 13:49:06 ---A- - C:\Windows\Prefetch\SNIFFER_GPU.EXE-4EDF8502.pf O45 - LFCP:[MD5.45D134EE9F6B65EE14AB3552F36CE500] - 29/06/2013 - 13:49:24 ---A- - C:\Windows\Prefetch\CS6SERVICEMANAGER.EXE-87BC6064.pf O45 - LFCP:[MD5.D22A2AADC2092B93AFFAD5F86B12227A] - 29/06/2013 - 14:06:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf O45 - LFCP:[MD5.34DFABAA02824C7DC45BF4148C399A6B] - 29/06/2013 - 14:06:50 ---A- - C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-17410B90.pf O45 - LFCP:[MD5.9730FC2C792EB7B6C4D3A1FDCF4C6238] - 29/06/2013 - 14:07:54 ---A- - C:\Windows\Prefetch\WPDSHEXTAUTOPLAY.EXE-BD31DDCE.pf O45 - LFCP:[MD5.9A31EBBD9B839C619F4968A48678B86C] - 29/06/2013 - 14:08:08 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf O45 - LFCP:[MD5.B335C6850DA58AFE5CB8CB9850DE68A3] - 29/06/2013 - 14:16:46 ---A- - C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf O45 - LFCP:[MD5.A823614D67DFFBCFA510AA1A3483D304] - 29/06/2013 - 14:20:17 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E4D89796.pf O45 - LFCP:[MD5.F64076D9B1AFD49B3FC27FFAE88DB3BE] - 29/06/2013 - 14:20:24 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf O45 - LFCP:[MD5.DF10DEAE3E59E44A3322467405184C36] - 29/06/2013 - 14:24:40 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-297C4568.pf O45 - LFCP:[MD5.0E897C574F86705814F885845B74C5D9] - 29/06/2013 - 14:36:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf O45 - LFCP:[MD5.3FFF6CF075FC07B0802C42287272D61B] - 29/06/2013 - 14:44:33 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf O45 - LFCP:[MD5.CD773680253890A5DF7EE21433ECD412] - 29/06/2013 - 15:00:16 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7EAB62D9.pf O45 - LFCP:[MD5.C502C9F64F722A7F776D90CCE39B6F2E] - 29/06/2013 - 15:00:17 ---A- - C:\Windows\Prefetch\DINOTIFY.EXE-35A869D6.pf O45 - LFCP:[MD5.B69B442414E71CCF4C3E93217456F063] - 29/06/2013 - 15:00:17 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf O45 - LFCP:[MD5.9EB304A807941594B9A01B63097B5796] - 29/06/2013 - 15:01:21 ---A- - C:\Windows\Prefetch\ACROBAT.EXE-90719117.pf O45 - LFCP:[MD5.FB2A1B2AF1506D4C6C7166573B8B4C3A] - 29/06/2013 - 15:01:21 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.39F7F5AE4F53A9E70A98209868C808D0] - 29/06/2013 - 15:01:28 ---A- - C:\Windows\Prefetch\PDAPP.EXE-0CD424B4.pf O45 - LFCP:[MD5.4924EE5A4DD8CB7CB8DB12A8DEB050D1] - 29/06/2013 - 15:02:03 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-D066635E.pf O45 - LFCP:[MD5.0D36EDEC0523673AC100A5C50593FDA2] - 29/06/2013 - 15:02:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EBC1953C.pf O45 - LFCP:[MD5.A5773516A1DAF5124F8FA07E97437068] - 29/06/2013 - 15:02:27 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf O45 - LFCP:[MD5.DA4C75746A3B01CACD17BBCC92ADF6B2] - 29/06/2013 - 15:03:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-16246731.pf O45 - LFCP:[MD5.5E8E653BC7FC9AEBF0A2187792F663EF] - 29/06/2013 - 15:14:58 ---A- - C:\Windows\Prefetch\CNMSEA5.EXE-80A73211.pf O45 - LFCP:[MD5.A8736AE1FBC1E3126624852570FC1FD2] - 29/06/2013 - 15:15:06 ---A- - C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-E0CD10A9.pf O45 - LFCP:[MD5.2D2B626D04243B4D8F75EE86AC6B0292] - 29/06/2013 - 15:15:08 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9FD9EA20.pf O45 - LFCP:[MD5.A23541B875B59041F08BD024D5483476] - 29/06/2013 - 15:16:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-64F7CCBF.pf O45 - LFCP:[MD5.E84BABA3D3CD8CDD511110EA6EB3B729] - 29/06/2013 - 15:26:51 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf O45 - LFCP:[MD5.48C45DAF0AE3ACB5732F18D8B86A3061] - 29/06/2013 - 15:31:10 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf O45 - LFCP:[MD5.8592E1345A2F70EB5E14A8FF2B44481C] - 29/06/2013 - 15:31:31 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_7_700_22-4CA03018.pf O45 - LFCP:[MD5.3244E0FEFAD72A9938105A3C3C6B73EA] - 29/06/2013 - 15:31:31 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf O45 - LFCP:[MD5.722724376D36CBD2E494B8D4C605F746] - 29/06/2013 - 15:48:30 ---A- - C:\Windows\Prefetch\FONTVIEW.EXE-9D7359FA.pf O45 - LFCP:[MD5.4F4E3B6DC5515689B92A0EE80962C0E8] - 29/06/2013 - 15:48:33 ---A- - C:\Windows\Prefetch\ACRODIST.EXE-F0A2C068.pf O45 - LFCP:[MD5.C25E10964E688FD8A6148118E828AF10] - 29/06/2013 - 15:48:55 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf O45 - LFCP:[MD5.A46EF95FDF73B5783FFCE4F67F8E10B7] - 29/06/2013 - 15:58:36 ---A- - C:\Windows\Prefetch\SWITCHBOARD.EXE-44EC7AA8.pf O45 - LFCP:[MD5.841541E907EE923469BB16E882CABA59] - 29/06/2013 - 16:00:01 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf O45 - LFCP:[MD5.76EDCC1DD5BD76BD226FEECF2651513C] - 29/06/2013 - 16:01:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf O45 - LFCP:[MD5.0AE9EAAF81943CF263CFA4ACCCC712F7] - 29/06/2013 - 16:01:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf O45 - LFCP:[MD5.FA05C479A82152BB736CA2B66EB53859] - 29/06/2013 - 16:22:55 ---A- - C:\Windows\Prefetch\DREAMWEAVER.EXE-5745BDD5.pf O45 - LFCP:[MD5.50D3DC3EF7FCD0EFEE2CCC9DC20E28D5] - 29/06/2013 - 16:24:06 ---A- - C:\Windows\Prefetch\COMUPDATUS.EXE-8D36D2F0.pf O45 - LFCP:[MD5.D79688294BF16CAA6A7EAB49850025B9] - 29/06/2013 - 16:24:10 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf O45 - LFCP:[MD5.20591682968D0B6B02C1053BE2B0D9AE] - 29/06/2013 - 16:34:18 ---A- - C:\Windows\Prefetch\MAGNIFY.EXE-FB2A9A47.pf O45 - LFCP:[MD5.67FBBF538A4CE3B69F17A353E8FA6507] - 29/06/2013 - 16:34:18 ---A- - C:\Windows\Prefetch\UTILMAN.EXE-5AD4C272.pf O45 - LFCP:[MD5.2808A811B6081AD80060DB2A2F115AD7] - 29/06/2013 - 16:35:39 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-A6F3C8F6.pf O45 - LFCP:[MD5.D74C26592215478B533CDD8E811DF3E9] - 29/06/2013 - 16:35:52 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf O45 - LFCP:[MD5.8B9509BAD5B8DBE83DC6A5DBFD2F353B] - 29/06/2013 - 16:35:52 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-E3BC2745.pf O45 - LFCP:[MD5.32F55C1F24B80E02A24D6E1BB93FE655] - 29/06/2013 - 16:35:52 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-0BFF1729.pf O45 - LFCP:[MD5.879455EBDFA089309DA5BE387282B35B] - 29/06/2013 - 16:36:23 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-EBD3B8D7.pf O45 - LFCP:[MD5.D1907654950E6FBD4B7E92EF6E40388D] - 29/06/2013 - 16:36:33 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-0D117CAF.pf O45 - LFCP:[MD5.F2E5194ECF8B52F61145BC7CDAF148D3] - 29/06/2013 - 16:41:10 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.E1C6BACA0ACF87A2DF696E02EB53545C] - 29/06/2013 - 16:41:10 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.42F8F54776D8BAA1A63CB0F1416078BC] - 29/06/2013 - 16:41:11 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.BD40074CA5409DBC768D0247212EF3E3] - 29/06/2013 - 16:41:11 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.90C7C7791E93DEC1104B2C66F5F17BB2] - 29/06/2013 - 16:46:02 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf O45 - LFCP:[MD5.DDDB4DC4E520C0A033DC482327AB53A2] - 29/06/2013 - 16:49:18 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-829F2D51.pf O45 - LFCP:[MD5.326BD31F2853D53A4469F05DFE45F634] - 29/06/2013 - 16:49:18 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-7C637231.pf O45 - LFCP:[MD5.F38D8BADECB5F5E4B7B4644406637188] - 29/06/2013 - 16:49:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A8DE6D5B.pf O45 - LFCP:[MD5.408D89ED86D738406EFAB6768898B4E0] - 29/06/2013 - 16:50:07 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf O45 - LFCP:[MD5.FCEE51BAFBBBEB8A2D92D6E9DAFFAB3C] - 29/06/2013 - 16:50:08 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf O45 - LFCP:[MD5.AAD1E2354CAAC3C7DF3B03C11295868E] - 29/06/2013 - 16:50:09 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf O45 - LFCP:[MD5.DF6A8F6629544FD4CA26A6E6B9491C13] - 29/06/2013 - 16:50:28 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf O45 - LFCP:[MD5.29116B0A72F99DCFFE2DD51029A7420F] - 29/06/2013 - 16:51:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.67D702F1A72DBF98F3BD285F4F2A57EE] - 29/06/2013 - 16:51:39 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf O45 - LFCP:[MD5.CFF2361B903579AC1361CC56CA325E56] - 29/06/2013 - 16:51:39 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf O45 - LFCP:[MD5.03D46D4B037A32E57B53E377DDFB6DCE] - 29/06/2013 - 16:51:47 ---A- - C:\Windows\Prefetch\PHOTOSHOP.EXE-B9EAAF9E.pf O45 - LFCP:[MD5.CDB61B2666D501F7037CBBF12A164BC9] - 29/06/2013 - 16:51:51 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf ~ Prefetcher: 138 Scanned in 00mn 02s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll ~ LSA: 8 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{2bcd14cf-d38a-11e2-84bf-806e6f6e6963}\AutoRun\command. (.CANON INC. - Master Setup Launcher.) -- I:\Msetup4.exe ~ Keys: Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O53 - SMSR:HKLM\...\startupreg\AdobeCS6ServiceManager [Key] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O53 - SMSR:HKLM\...\startupreg\HDAudDeck [Key] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe O53 - SMSR:HKLM\...\startupreg\Nvtmru [Key] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\SwitchBoard [Key] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ~ SMSR Keys: 9 Scanned in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Scanned in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] ~ Drivers: Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 26/06/2013 - 15:52:59 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\03\03f2c9363c9124d9.dat [27207] O61 - LFC: 26/06/2013 - 16:03:32 ---A- C:\Users\Kriss\Downloads\Outlook.zip [1582643] O61 - LFC: 26/06/2013 - 16:27:31 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\bd\bdb401d606879ff9.dat [95534] O61 - LFC: 26/06/2013 - 18:46:35 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Enregistrer pour le Web AI\16.0\Adobe Enregistrer pour le Web AI 16.0 Prefs [1307] O61 - LFC: 26/06/2013 - 18:46:36 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Illustrator\16.0.0\AppPrefs.xml [172] O61 - LFC: 27/06/2013 - 09:42:50 R--A- C:\Users\Kriss\Downloads\Adobe.Creative.Suite.6.Master.Collection-TheRainb0w\Serial - NS _ Adobe Master Collection CS6.txt [143] O61 - LFC: 27/06/2013 - 09:44:38 R--A- C:\Users\Kriss\Downloads\Adobe.Creative.Suite.6.Master.Collection-TheRainb0w\MasterCollection_CS6_LS4.exe [1055720] O61 - LFC: 27/06/2013 - 09:51:56 R--A- C:\Users\Kriss\Downloads\Adobe.Creative.Suite.6.Master.Collection-TheRainb0w\Adobe.Creative.Suite.6.Master.Collection-TheRainb0w.nfo [4386] O61 - LFC: 27/06/2013 - 09:51:56 R--A- C:\Users\Kriss\Downloads\Adobe.Creative.Suite.6.Master.Collection-TheRainb0w\Crack Adobe_CS6_amtlib.dll.rar [1290816] O61 - LFC: 27/06/2013 - 09:56:49 R--A- C:\Users\Kriss\Downloads\Adobe.Creative.Suite.6.Master.Collection-TheRainb0w\MasterCollection_CS6_LS4.7z [9073673040] O61 - LFC: 27/06/2013 - 15:51:21 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\09\09e8360a2b8290fd.dat [33681] O61 - LFC: 27/06/2013 - 17:03:18 ---A- C:\Users\Kriss\Downloads\ps3-video-9_ps3_video_9_2.25_anglais_45620.exe [9528790] O61 - LFC: 27/06/2013 - 17:58:10 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\df\df20a1cba94992c2.dat [4536] O61 - LFC: 27/06/2013 - 18:27:24 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\28\289c985acbcaac8d.dat [24754] O61 - LFC: 27/06/2013 - 18:42:05 ---A- C:\Users\Kriss\Downloads\FreeMp3WmaConverterSetup-r0-n.exe [1167504] O61 - LFC: 27/06/2013 - 19:46:41 ---A- C:\Users\Kriss\Documents\Converted Videos\PS3\MPEG4-AVC\superMan.vf.ts.2013.mp4 [891538842] O61 - LFC: 27/06/2013 - 20:35:18 ---A- C:\Users\Kriss\Documents\Freemake\FreemakeVideoConverter\Projects\DefaultProject.xml [1285] O61 - LFC: 28/06/2013 - 16:14:24 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\93\93bcc88479eb035f.dat [13455] O61 - LFC: 28/06/2013 - 16:14:29 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\7b\7bd880ac72e7b427.dat [53669] O61 - LFC: 28/06/2013 - 16:50:51 ---A- C:\Users\Kriss\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20130628_175046080-MSI_vc_red.msi.txt [228108] O61 - LFC: 28/06/2013 - 16:50:52 ---A- C:\Users\Kriss\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20130628_175046080.html [72330] O61 - LFC: 28/06/2013 - 16:51:02 ---A- C:\Users\Kriss\AppData\Local\Temp\dd_vcredistMSI4059.txt [359428] O61 - LFC: 28/06/2013 - 16:51:02 ---A- C:\Users\Kriss\AppData\Local\Temp\dd_vcredistUI4059.txt [11474] O61 - LFC: 28/06/2013 - 16:52:53 ---A- C:\Users\Kriss\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20130628_175249033-MSI_vc_red.msi.txt [228862] O61 - LFC: 28/06/2013 - 16:52:54 ---A- C:\Users\Kriss\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20130628_175249033.html [77682] O61 - LFC: 28/06/2013 - 16:52:58 ---A- C:\Users\Kriss\AppData\Local\Temp\dd_vcredistMSI41E0.txt [347712] O61 - LFC: 28/06/2013 - 16:52:58 ---A- C:\Users\Kriss\AppData\Local\Temp\dd_vcredistUI41E0.txt [11458] O61 - LFC: 28/06/2013 - 16:53:33 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\SwitchBoard\launch.switchboard [0] O61 - LFC: 28/06/2013 - 17:50:33 ---A- C:\Users\Kriss\AppData\Roaming\Microsoft\Office\Excel12.pip [1544] O61 - LFC: 28/06/2013 - 18:49:07 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\PluginCache.psp [818174] O61 - LFC: 28/06/2013 - 18:49:14 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\CS6ServiceManager\cache\ExtensionManifest\PHSP_13_0_0_fr_FR.cache [9680] O61 - LFC: 28/06/2013 - 18:50:49 ---A- C:\Users\Kriss\AppData\Roaming\NVIDIA\GLCache\bb91686e62657732c2f40d7b70119d3c\84686dd264456c53\637d27b69533bb65.bin [5770] O61 - LFC: 28/06/2013 - 18:50:49 ---A- C:\Users\Kriss\AppData\Roaming\NVIDIA\GLCache\bb91686e62657732c2f40d7b70119d3c\84686dd264456c53\637d27b69533bb65.toc [164] O61 - LFC: 28/06/2013 - 18:50:56 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\dynamiclinkmanager\6.0\memorybalancercs6v2.xml [1428] O61 - LFC: 28/06/2013 - 18:51:28 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Common\AE_MediaCoreQTCodecRulesCS6.xml [41406] O61 - LFC: 28/06/2013 - 18:51:37 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Adobe After Effects 11.0 MC Prefs [1147] O61 - LFC: 28/06/2013 - 18:51:37 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Interpretation Rules.txt [10043] O61 - LFC: 28/06/2013 - 18:51:59 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Adobe After Effects 11.0 Raccourcis.txt [27623] O61 - LFC: 28/06/2013 - 18:51:59 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Debug Database.txt [872] O61 - LFC: 28/06/2013 - 18:51:59 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Espacesdetravail.xml [474] O61 - LFC: 28/06/2013 - 18:52:34 ---A- C:\Users\Kriss\AppData\Roaming\NVIDIA\GLCache\bb91686e62657732c2f40d7b70119d3c\84686dd264456c53\fcd7cf460f457ee6.bin [14848] O61 - LFC: 28/06/2013 - 18:52:34 ---A- C:\Users\Kriss\AppData\Roaming\NVIDIA\GLCache\bb91686e62657732c2f40d7b70119d3c\84686dd264456c53\fcd7cf460f457ee6.toc [356] O61 - LFC: 28/06/2013 - 18:53:04 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Adobe After Effects 11.0-x64 Préfs.txt [520361] O61 - LFC: 28/06/2013 - 18:53:04 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\DVADialogPrefs\DVADialogPrefs.xml [904] O61 - LFC: 28/06/2013 - 18:53:04 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Espacesdetravailmodifies\UserWorkspace1.xml [15624] O61 - LFC: 28/06/2013 - 18:53:04 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\After Effects\11.0\Trace Database.txt [142] O61 - LFC: 28/06/2013 - 18:57:24 ---A- C:\Users\Kriss\Downloads\183049_179843432058515_1469043_n.jpg [8472] O61 - LFC: 28/06/2013 - 19:14:24 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\CS6ServiceManager\cache\ExtensionManifest\DRWV_12_0_fr_FR.cache [13672] O61 - LFC: 28/06/2013 - 19:43:05 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Actions Palette.psp [31495] O61 - LFC: 28/06/2013 - 19:43:05 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Color Settings.csf [560008] O61 - LFC: 28/06/2013 - 19:43:05 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Workspace Prefs.psp [19627] O61 - LFC: 28/06/2013 - 19:43:06 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\Adobe Photoshop X64 CS6 Prefs.psp [182943] O61 - LFC: 28/06/2013 - 19:43:06 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\RepoussePresets.psp [10] O61 - LFC: 28/06/2013 - 19:44:10 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\d2\d2a1ed857f6a6364.dat [8356] O61 - LFC: 28/06/2013 - 19:58:44 ---A- C:\Users\Kriss\AppData\Local\Temp\Low\__skype_toolbar_v5_logs\html\firefox.exe.3320.html [1077] O61 - LFC: 29/06/2013 - 08:15:30 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\SwitchBoard\switchboard.xml [15773] O61 - LFC: 29/06/2013 - 08:32:33 ---A- C:\Users\Kriss\AppData\Local\Temp\FXSAPIDebugLogFile.txt [0] O61 - LFC: 29/06/2013 - 08:35:18 ---A- C:\Users\Kriss\AppData\Local\Temp\Low\__skype_toolbar_v5_logs\html\firefox.exe.2484.html [1077] O61 - LFC: 29/06/2013 - 08:37:34 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\19\19f52f68ad6bc1d3.dat [7499] O61 - LFC: 29/06/2013 - 11:00:40 ---A- C:\Users\Kriss\AppData\Roaming\NVIDIA\GLCache\bb91686e62657732c2f40d7b70119d3c\84686dd264456c53\2ad2147cf33d62a7.bin [115121] O61 - LFC: 29/06/2013 - 11:00:40 ---A- C:\Users\Kriss\AppData\Roaming\NVIDIA\GLCache\bb91686e62657732c2f40d7b70119d3c\84686dd264456c53\2ad2147cf33d62a7.toc [1964] O61 - LFC: 29/06/2013 - 13:14:24 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\2c\2cdd1c8a99a8917d.dat [4610] O61 - LFC: 29/06/2013 - 13:32:37 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\httpfe\cookies.dat [2] O61 - LFC: 29/06/2013 - 13:32:37 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\settings\restorer.queue [55] O61 - LFC: 29/06/2013 - 13:32:37 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\simcache\streamlist [44] O61 - LFC: 29/06/2013 - 13:32:37 --HA- C:\Users\Kriss\AppData\Local\IconCache.db [1881271] O61 - LFC: 29/06/2013 - 13:36:55 ---A- C:\Users\Kriss\AppData\Local\Temp\MS49F1B.LOG [519] O61 - LFC: 29/06/2013 - 13:40:48 ---A- C:\Users\Kriss\AppData\Local\Temp\Low\__skype_toolbar_v5_logs\html\firefox.exe.3820.html [1077] O61 - LFC: 29/06/2013 - 13:40:57 ---A- C:\Users\Kriss\AppData\Roaming\Skype\shared_dynco\dc.db [2248704] O61 - LFC: 29/06/2013 - 13:40:57 ---A- C:\Users\Kriss\AppData\Roaming\Skype\shared_dynco\dc.db-journal [8720] O61 - LFC: 29/06/2013 - 13:42:30 ---A- C:\Users\Kriss\AppData\Local\Temp\FXSTIFFDebugLogFile.txt [0] O61 - LFC: 29/06/2013 - 13:42:41 ---A- C:\Users\Kriss\AppData\Local\Temp\Twunk002.MTX [0] O61 - LFC: 29/06/2013 - 13:44:26 ---A- C:\Users\Kriss\AppData\Local\Temp\Twain001.Mtx [2] O61 - LFC: 29/06/2013 - 13:44:26 ---A- C:\Users\Kriss\AppData\Local\Temp\Twunk001.MTX [156] O61 - LFC: 29/06/2013 - 13:44:39 ---A- C:\Users\Kriss\AppData\Local\Temp\Skype\DbTemp\temp-JlOv5UafnXgZFNLIatMIQyb1 [0] O61 - LFC: 29/06/2013 - 13:44:40 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\eas.db [53248] O61 - LFC: 29/06/2013 - 13:44:40 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\mmanager\mediacache.ldb [40] O61 - LFC: 29/06/2013 - 13:44:40 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\thmanager\thcache.ldb [40] O61 - LFC: 29/06/2013 - 13:44:44 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\keyval.db [53248] O61 - LFC: 29/06/2013 - 13:44:44 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\keyval.db-journal [41552] O61 - LFC: 29/06/2013 - 13:44:50 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\bistats.db [69632] O61 - LFC: 29/06/2013 - 13:44:50 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\bistats.db-journal [37448] O61 - LFC: 29/06/2013 - 13:45:05 ---A- C:\Users\Kriss\AppData\Local\Temp\Skype\DbTemp\temp-XnbSRjl3tfySL6690oxb7gbJ [0] O61 - LFC: 29/06/2013 - 13:46:29 ---A- C:\Users\Kriss\AppData\Local\Temp\TWAIN.LOG [15762] O61 - LFC: 29/06/2013 - 13:46:29 ---A- C:\Users\Kriss\AppData\Roaming\Canon\MX340 series\SCNUI2.DAT [2136] O61 - LFC: 29/06/2013 - 13:48:57 ---A- C:\Users\Kriss\AppData\Roaming\Canon\MP Navigator EX V31\index\image.idx [36] O61 - LFC: 29/06/2013 - 13:48:57 ---A- C:\Users\Kriss\AppData\Roaming\Canon\MP Navigator EX V31\index\index.idx [36] O61 - LFC: 29/06/2013 - 13:49:09 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6 Settings\LaunchEndFlag.psp [10] O61 - LFC: 29/06/2013 - 15:02:14 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\11.0\Security\CRLCache\48B76449F3D5FEFA1133AA805E420F0FCA643651.crl [898] O61 - LFC: 29/06/2013 - 15:02:14 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\11.0\Security\CRLCache\A9B8213768ADC68AF64FCC6409E8BE414726687F.crl [36268] O61 - LFC: 29/06/2013 - 15:25:40 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\11.0\JSCache\GlobSettings [24] O61 - LFC: 29/06/2013 - 15:31:09 ---A- C:\Users\Kriss\AppData\Local\Temp\Low\__skype_toolbar_v5_logs\html\firefox.exe.3484.html [1077] O61 - LFC: 29/06/2013 - 15:31:09 ---A- C:\Users\Kriss\AppData\Local\Temp\Low\__skype_toolbar_v5_logs\html\script.js [1559] O61 - LFC: 29/06/2013 - 15:32:44 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\d4\d47c7284d98f555f.dat [6541] O61 - LFC: 29/06/2013 - 15:44:44 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\AutoRecover\_Sans titre-1-RécupéréE06F2BCC5AE1EDCEB327F255D2C3AAD7.psb [1591056] O61 - LFC: 29/06/2013 - 15:48:32 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFntSys.lst [190216] O61 - LFC: 29/06/2013 - 15:48:34 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFnt01.lst [257321] O61 - LFC: 29/06/2013 - 15:48:34 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFnt02.lst [1318] O61 - LFC: 29/06/2013 - 15:48:34 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFnt04.lst [13966] O61 - LFC: 29/06/2013 - 15:48:34 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFnt05.lst [2659] O61 - LFC: 29/06/2013 - 15:48:34 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFnt08.lst [13935] O61 - LFC: 29/06/2013 - 15:48:34 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFnt09.lst [1093] O61 - LFC: 29/06/2013 - 15:48:35 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\AdobeFnt10.lst [11229] O61 - LFC: 29/06/2013 - 15:48:35 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Acrobat\Distiller 10\Cache\PSHFList1 [101020] O61 - LFC: 29/06/2013 - 15:58:25 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Mini Bridge CS6\PHSP.xml [148] O61 - LFC: 29/06/2013 - 16:12:16 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\AutoRecover\_VIP-Encheres - Charte graphique Final 2 - Page 404t5AC96C456C3DEFDE2CB543E7D83BC361.psb [6020278] O61 - LFC: 29/06/2013 - 16:13:32 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\AutoRecover\_jeux-en-ligne-RécupéréBE259814B2F0BEAD81942B4EA52D4199.psb [886630] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Colors\Black - White.act [772] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Colors\Grayscale.act [772] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Colors\Mac OS.act [768] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Colors\Windows.act [768] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\GIF 128 Dithered.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\GIF 128 No Dither.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\GIF 32 Dithered.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\GIF 32 No Dither.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\GIF 64 Dithered.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\GIF 64 No Dither.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\GIF Restrictive.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\JPEG High.irs [1142] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\JPEG Low.irs [1142] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\JPEG Medium.irs [1142] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\PNG-24.irs [1106] O61 - LFC: 29/06/2013 - 16:18:55 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Settings\PNG-8 128 Dithered.irs [1106] O61 - LFC: 29/06/2013 - 16:19:22 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Output Settings\Background Image.iros [1647] O61 - LFC: 29/06/2013 - 16:19:22 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Output Settings\Default Settings.iros [41] O61 - LFC: 29/06/2013 - 16:19:22 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Optimized Output Settings\XHTML.iros [1647] O61 - LFC: 29/06/2013 - 16:20:25 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6\Recently Used Optimizations.irs [8919] O61 - LFC: 29/06/2013 - 16:20:25 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Plugins\Adobe Save for Web CS6\Photoshop\Adobe Save for Web CS6 Prefs [455] O61 - LFC: 29/06/2013 - 16:22:55 ---A- C:\Users\Kriss\AppData\Local\GDIPFONTCACHEV1.DAT [113472] O61 - LFC: 29/06/2013 - 16:22:59 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\LogTransport2\LogTransport2.cfg [142] O61 - LFC: 29/06/2013 - 16:23:03 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Flash Player\AssetCache\WJKJ3578\8D9BD95C28BED7A58006E8111DF0DC7F938F766C.heu [149] O61 - LFC: 29/06/2013 - 16:23:03 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Flash Player\AssetCache\WJKJ3578\8F903698240FE799F61EEDA8595181137B996156.heu [149] O61 - LFC: 29/06/2013 - 16:23:03 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Flash Player\AssetCache\WJKJ3578\A5515FD0D36E8AFB49675489EFDC2060580BA794.heu [149] O61 - LFC: 29/06/2013 - 16:35:20 ---A- C:\Users\Kriss\Downloads\ZHPDiag2.exe [5691768] O61 - LFC: 29/06/2013 - 16:51:33 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\dc.db [49152] O61 - LFC: 29/06/2013 - 16:51:47 ---A- C:\Users\Kriss\AppData\Roaming\Adobe\Color\ACEConfigCache2.lst [233] O61 - LFC: 29/06/2013 - 16:52:02 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\bd\bdce6483db24685a.dat [36498] O61 - LFC: 29/06/2013 - 16:52:11 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\main.db [1966080] O61 - LFC: 29/06/2013 - 16:52:11 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\main.db-journal [488888] O61 - LFC: 29/06/2013 - 16:52:15 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\config.xml [14282] O61 - LFC: 29/06/2013 - 16:52:15 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\msn.db [49152] O61 - LFC: 29/06/2013 - 16:52:15 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\msn.db-journal [37448] O61 - LFC: 29/06/2013 - 16:52:16 ---A- C:\Users\Kriss\AppData\Roaming\Skype\world.media.concept\chatsync\3a\3a90553f80f0c006.dat [6336] O61 - LFC: 29/06/2013 - 16:52:18 ---A- C:\Users\Kriss\AppData\Roaming\Skype\shared.xml [72447] ~ 22 Fichiers temporaires (Temporary files) ~ Files: 144 Scanned in 00mn 27s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 22/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (driverhardwarev2x64) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64 O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 14/02/2013 - C:\Windows\System32\DRIVERS\eamonm.sys (eamonm) .(.ESET - Amon monitor.) - LEGACY_EAMONM O64 - Services: CurCS - 10/01/2013 - C:\Windows\System32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV O64 - Services: CurCS - 10/01/2013 - C:\Windows\System32\DRIVERS\epfw.sys (epfw) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFW O64 - Services: CurCS - 10/01/2013 - C:\Windows\System32\DRIVERS\EpfwLWF.sys (EpfwLWF) .(.ESET - Epfw NDIS LightWeight Filter.) - LEGACY_EPFWLWF O64 - Services: CurCS - 14/02/2013 - C:\Windows\System32\DRIVERS\epfwwfp.sys (epfwwfp) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\vmbusres.dll (vmbus) .(.Microsoft Corporation - Fichier DLL de ressources de bus VMBus.) - LEGACY_VMBUS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 26/07/2012 - C:\Windows\system32\drivers\Wudfpf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 71 Scanned in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS6.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ FASS Keys: 19 Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] ~ Services: 33 Scanned in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-In" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-Out" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{860EFFF1-A1E2-4F21-86CD-9745BF3C65D5}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe O87 - FAEL: "{1FF9FE45-0F95-4CF3-8DFB-DE57C7C1E467}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe O87 - FAEL: "{F6913529-B51C-44AC-B4E1-2C84D6257D80}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O87 - FAEL: "{6E94A918-D991-47D4-A385-E02E5568279E}" | In - None - P6 - TRUE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe O87 - FAEL: "{1878D251-CBD6-4CD5-BDFB-5926564B8DB8}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{8B22033E-80DE-43D1-A60C-A0E7C5F6D81B}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{26AAF25A-5149-46A1-9BA2-AB2F41E0DA88}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{0600119B-17E0-484B-9337-565D1282328E}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{569A0C82-511D-47FC-993A-ED73D1118959}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe O87 - FAEL: "{3B0F3101-1A2E-45C8-9CC3-7F3645EBB676}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "{7C202817-7185-46B1-B492-A392C6834E6D}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O87 - FAEL: "RemoteDesktop-UserMode-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteDesktop-UserMode-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{02F12C94-CA8A-4BD1-9B80-617B6FC1FA37}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe O87 - FAEL: "{87F50747-70E0-42D6-8B7A-9F27B53579B7}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe O87 - FAEL: "{EA711A8F-A33B-48A9-A1EF-58FF94621E90}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe ~ Firewall: 185 Scanned in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : v2.12613 - (28/06/2013) Clés trouvées (Keys found) : 13 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip [HKLM\Software\Wow6432Node\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip [HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip [HKLM\Software\Wow6432Node\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype ~ Additionnel Scan: 281059 Items scanned in 00mn 37s ---\\ Product Upgrade Codes (O90) O90 - PUC: "09683D6BE55704F43AA5328FCBB268CA" . (.Microsoft_VC90_MFCLOC_x86.) -- C:\Windows\Installer\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}\ARPPRODUCTICON.exe O90 - PUC: "0AF7403EB6D26DB4C84D9599551FECD9" . (.Microsoft Mouse and Keyboard Center.) -- C:\Windows\Installer\{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}\DeviceCenter.ico O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe O90 - PUC: "277C90D53BCEB244C96C4B43C187DF2C" . (.Apple Application Support.) -- C:\Windows\Installer\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}\WinInstall.ico O90 - PUC: "43670361EAB77BB48BA82E0233C1A84A" . (.ESET Smart Security.) -- C:\Windows\Installer\{16307634-7BAE-4BB7-B88A-E220331C8AA4}\Icon_Product O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico O90 - PUC: "4BB570A2679E8724FBF35E6C49D5480C" . (.bl.) -- C:\Windows\Installer\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}\ARPPRODUCTICON.exe O90 - PUC: "5979F581366931F4E99F03A782A2BDA5" . (.ph.) -- C:\Windows\Installer\{185F9795-9663-4F13-9EF9-307A282ADB5A}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA3301004F7706000000000050" . (.Adobe Acrobat X Pro - English, Français, Deutsch.) -- C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000005}\_SC_Acrobat.ico O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.03) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco O90 - PUC: "8FC229B8C6A8EC148A851F57D5F7D592" . (.NVIDIA PhysX.) -- C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe O90 - PUC: "954E9A05FC2A9014BB37099707B2BE2F" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{50A9E459-A2CF-4109-BB73-9079702BEBF2}\maconfico O90 - PUC: "ABFAB76BF9C4AF84496939E3B3520544" . (.QuickTime.) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\Installer.ico O90 - PUC: "B5DEF536D6C2EB94786EA7F6DC22CBA5" . (.Microsoft_VC90_MFC_x86.) -- C:\Windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.5.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe ~ Update Products: 54 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 13/06/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 21/03/2013 1341664 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe SR - | Auto 116104 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe SR - | Auto 09/06/2013 2635600 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe SS - | Demand 11/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 12/05/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 16/05/2013 1826592 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 14/05/2013 3289208 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe SS - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SR - | Auto 12/05/2013 413472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SR - | Auto 07/06/2013 4150112 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe SR - | Auto 22/10/2012 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Kriss at 29/06/2013 17:56:09 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ~ MBR: 9 Scanned in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Kriss at 29/06/2013 17:56:11 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Malicius Software Information ~ MSI: Scanned in 00mn 04s End of the scan (1623 lines in 06mn 14s)(0)