~ Rapport de ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014) ~ Lancé par lisa (29/12/2014 09:30:15) ~ Adresse du Site Web http://nicolascoolman.fr ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.17183 GCIE: Google Chrome v39.0.2171.95 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8, 64-bit (Build 9200) Windows Server License Manager Script : OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : XD4D6 Windows License : OK ~ Windows Remaining Initializations Number : 998 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 2.0.4.1028 Norton Internet Security v20.5.0.28 Windows Defender W8 (Deactivate) ---\\ Logiciels d'optimisation du système CCleaner v5.01 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels ---\\ Informations sur le système ~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3674 MB (46% free) System Restore: Activé (Enable) System drive C: has 585 GB (86%) free of 679 GB ---\\ Mode de connexion au système ~ Computer Name: PC-LISA ~ User Name: lisa ~ All Users Names: lisa, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\lisa\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\lisa\AppData\Roaming\ ~ %Desktop% : C:\Users\lisa\Desktop\ ~ %Favorites% : C:\Users\lisa\Favorites\ ~ %LocalAppData% : C:\Users\lisa\AppData\Local\ ~ %StartMenu% : C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 585 Go of 679 Go) D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 18 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 41 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.7E5EFE2543E98D7D6A6557ED704D3DD6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/11/2014 - 09:38:00.) -- C:\Windows\System32\wininet.dll [2237952] [MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936] ~ Generic Processes: Scanned in 00mn 03s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/3544 Mes Videos (My Videos) : 2/2 (Modified) ~ Mes Favoris (My Favorites) : 1/2 ~ Mes Documents (My Documents) : 2/3215 ~ Mon Bureau (My Desktop) : 2/17 ~ Menu demarrer (Programs) : 1/33 ~ Hidden Files: Scanned in 01mn 12s ---\\ Processus lancés [MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.1480] [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.3840] [MD5.EBAE9EE13F51F38B57D616CF4A420682] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512] [PID.1240] [MD5.1BF9D6476061B31CD7FC2BF848529A56] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368] [PID.4136] [MD5.CF0B46A34780C3B4E3AF1297217A80BD] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222208] [PID.3320] [MD5.5F3587E344F2990B59C941FB405CAA0F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904] [PID.4368] [MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.2608] [MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.5504] ~ Processes Running: Scanned in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M2 - MFEP: RegExtension {76aa785e-0ace-46d5-ba82-ee5f1b429703} . (...) -- C:\Program Files (x86)\LyricsWoofer\133.xpi (.not file.) =>Adware.AddLyrics P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\lisa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll ~ Firefox Browser: 3 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk ~ IE Browser: 15 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (50) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.dll O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll ~ BHO: 3 Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [BtPreLoad] . (...) -- C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKUS\S-1-5-21-3068389877-3726547814-856184931-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-3068389877-3726547814-856184931-1002\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-3068389877-3726547814-856184931-1002\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Winsock: 8 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{624B57CB-7E7D-4D73-98CE-2474C7F9084D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{90B0C71C-3DDC-4E98-A099-77F3573D3B01}: DhcpNameServer = 192.168.24.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{90B0C71C-3DDC-4E98-A099-77F3573D3B01}: DhcpDomain = A111SWDL.COM O17 - HKLM\System\CS1\Services\Tcpip\..\{624B57CB-7E7D-4D73-98CE-2474C7F9084D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{90B0C71C-3DDC-4E98-A099-77F3573D3B01}: DhcpNameServer = 192.168.24.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{90B0C71C-3DDC-4E98-A099-77F3573D3B01}: DhcpDomain = A111SWDL.COM O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: supt4pc_fr_49 (supt4pc_fr_49) . (...) - C:\Users\lisa\AppData\Local\tuto4pc_fr_49\supt4pc_fr_49.exe (.not file.) =>PUP.Eorezo O23 - Service: ZAtheros Bt&Wlan Coex Agent (ZAtheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ~ Services: 14 Scanned in 00mn 34s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5489944] [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002Core] (.Facebook Inc..) -- C:\Users\lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002UA] (.Facebook Inc..) -- C:\Users\lisa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [MD5.5E28A80338A450F97547ABDED6BC4978] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [164624] [MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [524192] [MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [524192] [MD5.829AD42B9B9E3F589DAA30ACCAB76214] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [524192] [MD5.00000000000000000000000000000000] [APT] [Update Check] (...) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe (.not file.) [0] [MD5.7720251986778B402978761589434491] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [54096] [MD5.7720251986778B402978761589434491] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [54096] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002Core.job [918] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002Core [918] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002UA.job [940] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3068389877-3726547814-856184931-1002UA [940] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1076] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1076] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1080] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1080] ~ Scheduled Task: 18 Scanned in 00mn 21s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll ~ Active Setup: 9 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avgtp) . (.AVG Technologies - Pas de description.) - C:\Windows\system32\drivers\avgtpx64.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: (ccSet_NIS) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.sys O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Drivers: 42 Scanned in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {63ADEC24-A374-80A8-E89B-BE401C787F75} O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Agatha Christie - 4:50 from Paddington - (.WildTangent.) [HKLM][64Bits] -- WTA-851b6b9e-e43c-4b07-b3b5-50d6d807c023 O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WTA-d7c84aad-d7b4-43d0-937a-84202e46de95 O42 - Logiciel: Belarc Advisor 8.4 - (.Belarc Inc..) [HKLM][64Bits] -- Belarc Advisor O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Boutique Boulevard - (.WildTangent.) [HKLM][64Bits] -- WTA-83550ff4-f68a-4889-9a28-b5c87d3552ac O42 - Logiciel: Build-a-lot 4 - Power Source - (.WildTangent.) [HKLM][64Bits] -- WTA-d6072be9-b441-4d17-bf9c-8daa1bd94312 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0DCCD5F4-29E7-4AA0-8C1D-F8E1503B91F4} O42 - Logiciel: Connected Music powered by Universal Music Group version 1.0 - (.Snowite.) [HKLM][64Bits] -- {46037DC7-F927-46DF-935F-D6F122BDD34B}_is1 O42 - Logiciel: Cooking Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-d7169120-5afc-40fa-9c47-291774a42faa O42 - Logiciel: Cooking Dash - DinerTown Studios - (.WildTangent.) [HKLM][64Bits] -- WTA-75ded776-06da-47d1-977b-3f2ce5f0a71e O42 - Logiciel: Cooking Dash 3: Thrills and Spills - (.WildTangent.) [HKLM][64Bits] -- WTA-18ec61c7-e207-4b26-bb5a-2502e580de43 O42 - Logiciel: Cradle of Rome 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-d40496af-93f7-44fa-9440-d9aa05379e37 O42 - Logiciel: Crazy Chicken Kart 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-1aa42925-9c57-495f-a622-c683c81663f4 O42 - Logiciel: Crazy Chicken Soccer - (.WildTangent.) [HKLM][64Bits] -- WTA-c495bc9f-ea86-49a2-997d-b149eba1b375 O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Dairy Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-9399c662-b9f1-4ec6-8cec-f3008d86d3da O42 - Logiciel: Diner Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-e495a0ac-5751-4c7e-8711-f2d8e22618a5 O42 - Logiciel: Diner Dash - Flo Through Time - (.WildTangent.) [HKLM][64Bits] -- WTA-a04a9e2e-9163-4574-ab11-efd5a9154c76 O42 - Logiciel: Diner Dash - Flo on the Go - (.WildTangent.) [HKLM][64Bits] -- WTA-bbf22726-f837-4261-a75a-2f96284e9748 O42 - Logiciel: Diner Dash - Seasonal Snack Pack - (.WildTangent.) [HKLM][64Bits] -- WTA-f226a768-96c7-4583-a5d5-92c280e8fa4e O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WTA-2d15316b-3ce7-43ec-aaa3-121267e362d2 O42 - Logiciel: Diner Dash 5 - Boom! The Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-543490f2-bf57-40b1-b4d5-a4131f77e70a O42 - Logiciel: Diner Dash Hometown Hero - (.WildTangent.) [HKLM][64Bits] -- WTA-7cf1f009-109f-4a22-b564-6dcb5f80120f O42 - Logiciel: Energy Star - (.Hewlett-Packard.) [HKLM][64Bits] -- {0FA995CC-C849-4755-B14B-5404CC75DC24} O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WTA-2ef83d19-46cf-4f56-b64f-e33ed8ec942a O42 - Logiciel: Fashion Fits! - (.WildTangent.) [HKLM][64Bits] -- WTA-db5e3aef-2e1e-4740-851e-470515865725 O42 - Logiciel: Gardenscapes - (.WildTangent.) [HKLM][64Bits] -- WTA-fe821ad5-0501-42d0-bd4f-c480f85e93b2 O42 - Logiciel: Gardenscapes 2 Collector's Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-29d03a9a-09c2-4cd9-86ab-dc765015c171 O42 - Logiciel: Gardenscapes: Mansion Makeover - (.WildTangent.) [HKLM][64Bits] -- WTA-5f5ad779-b21e-4d80-a075-c2481f0aa04f O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM][64Bits] -- {E3F4EA31-41D7-4789-9AC4-F26CDAF797BA} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-a14e3d69-40d0-46ec-8326-d04d22da1008 O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544} O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {8E7CB625-076C-4812-87B9-A2695C2CFABF} O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD} O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {4ED7050C-9332-4FB2-AB07-E94F25A53D39} O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {528AB81B-D65A-4AB0-A2B6-82B51A087D01} O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA} O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {1D9458B5-414A-419E-824B-5F8AA148884E} O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {B8019B54-F9BE-490A-9619-6D06F18F129F} =>.Hewlett-Packard Co O42 - Logiciel: HP Utility Center - (.Hewlett-Packard.) [HKLM][64Bits] -- {0C57987A-A03A-4B95-A309-D23F78F406CA} O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {941DE69D-6CEE-4171-8F1F-3D7E352AA498} O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.0.0 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} O42 - Logiciel: Hotel Dash - Suite Success - (.WildTangent.) [HKLM][64Bits] -- WTA-c6031ee7-2c4f-46eb-976c-561b974ff434 O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS O42 - Logiciel: OPERATION Mania - (.WildTangent.) [HKLM][64Bits] -- WTA-7617d5e4-1df8-48c7-8ab9-672550dcfed7 O42 - Logiciel: Open Office Packages - (...) [HKCU][64Bits] -- Open Office Packages O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8} O42 - Logiciel: Parking Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-a7ef4d72-7cbc-4cf4-bd30-8fe8630aa46c O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-f998f2e7-5547-416d-aa40-7917f2bf2399 O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Nom de votre société.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801} O42 - Logiciel: Qualcomm Atheros Driver Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7} O42 - Logiciel: Ranch Rush 2 - Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-0ab83117-049a-49a2-807b-95b748f393ed O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C} O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: Virtual Families - (.WildTangent.) [HKLM][64Bits] -- WTA-336992fc-0c4a-4a07-8fea-1a2433384c7b O42 - Logiciel: Wedding Dash (R) 4-Ever - (.WildTangent.) [HKLM][64Bits] -- WTA-a82c08ff-615b-4d8a-b0b4-04a6376e3cef O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-dfe9d180-3d16-4ec7-9b47-9b33d3a8e2e3 O42 - Logiciel: Wedding Dash 2 - Rings Around the World - (.WildTangent.) [HKLM][64Bits] -- WTA-1e1180a9-5ffa-4d5f-bf64-f8f672afc6fc O42 - Logiciel: Youda Farmer 3: Seasons - (.WildTangent.) [HKLM][64Bits] -- WTA-c7969d8a-4278-4247-9666-d86b7a3e8cc8 O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ~ Logic: 81 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ATI] [HKCU\Software\AppDataLow] [HKCU\Software\Atheros] [HKCU\Software\Belarc] [HKCU\Software\Bugsplat] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Facebook] [HKCU\Software\Fugazo] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HipSoft] [HKCU\Software\IM Providers] [HKCU\Software\JEDI-VCL] [HKCU\Software\Lake] [HKCU\Software\Licenses] [HKCU\Software\MK2] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Norton] [HKCU\Software\OpenOffice] [HKCU\Software\Piriform] [HKCU\Software\Pogo] [HKCU\Software\Policies] [HKCU\Software\PopCap] [HKCU\Software\Realtek] [HKCU\Software\RegisteredApplications] [HKCU\Software\Screentime Media] [HKCU\Software\SkypeRS] [HKCU\Software\Skype] [HKCU\Software\Symantec] [HKCU\Software\Synaptics] [HKCU\Software\Trolltech] [HKCU\Software\WildTangent] [HKCU\Software\Windows Live Writer] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\mhk2] [HKCU\Software\mozilla] [HKCU\Software\phenomedia publishing gmbh] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Apple Inc.] [HKLM\Software\Atheros] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\Wow6432Node\AMD] [HKLM\Software\Wow6432Node\ATI Technologies] [HKLM\Software\Wow6432Node\ATI] [HKLM\Software\Wow6432Node\AdobeFlashPlayerUpdate] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\Belarc] [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\Hewlett-Packard] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Lake] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Norton] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OpenOffice] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Qualcomm Atheros] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\Wow6432Node] [HKLM\Software\Wow6432Node] ~ Key Software: 272 Scanned in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 19/10/2012 - 10:52:46 - [] ----D C:\Program Files (x86)\AMD APP O43 - CFD: 19/10/2012 - 10:52:21 - [] ----D C:\Program Files (x86)\ATI Technologies O43 - CFD: 27/12/2014 - 11:43:32 - [] ----D C:\Program Files (x86)\Belarc O43 - CFD: 19/10/2012 - 11:09:05 - [] ----D C:\Program Files (x86)\Bluetooth Suite O43 - CFD: 19/10/2012 - 10:49:35 - [] ----D C:\Program Files (x86)\Bonjour O43 - CFD: 30/11/2013 - 09:33:09 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 18/08/2012 - 12:04:32 - [] ----D C:\Program Files (x86)\Connected Music powered by Universal Music Group O43 - CFD: 25/10/2013 - 18:00:27 - [] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 15/12/2013 - 09:56:51 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 01/02/2013 - 18:35:37 - [] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 09/11/2013 - 17:42:28 - [] ----D C:\Program Files (x86)\HP Games O43 - CFD: 10/08/2013 - 11:03:17 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 28/12/2014 - 11:20:33 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 27/07/2013 - 07:35:54 - [0] ----D C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.AgenceExclusive O43 - CFD: 27/12/2014 - 12:57:16 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 18/08/2012 - 11:48:33 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 07/06/2013 - 19:34:30 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 18/08/2012 - 11:55:10 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 26/07/2012 - 09:12:59 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 19/04/2013 - 16:38:07 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 03/08/2012 - 23:37:58 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 19/10/2012 - 11:50:19 - [] ----D C:\Program Files (x86)\Norton Internet Security O43 - CFD: 19/10/2012 - 11:48:38 - [] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 31/01/2013 - 12:03:46 - [] R---D C:\Program Files (x86)\Online Services O43 - CFD: 29/11/2013 - 17:43:54 - [] ----D C:\Program Files (x86)\OpenOffice 4 O43 - CFD: 19/10/2012 - 10:55:01 - [] ----D C:\Program Files (x86)\Qualcomm Atheros O43 - CFD: 13/09/2013 - 19:15:27 - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 03/08/2012 - 23:37:58 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 21/12/2013 - 12:00:00 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 19/10/2012 - 11:52:24 - [] ----D C:\Program Files (x86)\SymSilent O43 - CFD: 19/10/2012 - 10:47:38 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 18/08/2012 - 12:25:33 - [] ----D C:\Program Files (x86)\WildGames O43 - CFD: 09/11/2013 - 17:34:12 - [] ----D C:\Program Files (x86)\WildTangent Games O43 - CFD: 28/12/2014 - 11:22:16 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 18/08/2012 - 11:55:56 - [] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 10/02/2013 - 15:28:47 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 10/02/2013 - 15:28:46 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 26/07/2012 - 09:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 26/07/2012 - 09:12:59 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 21/06/2013 - 21:01:56 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 26/07/2012 - 09:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 26/07/2012 - 09:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 28/12/2014 - 11:43:57 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 19/10/2012 - 11:09:05 - [] ----D C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 19/10/2012 - 10:46:21 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 04/02/2013 - 21:30:52 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 19/10/2012 - 11:10:04 - [] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth O43 - CFD: 26/07/2012 - 09:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 27/07/2013 - 19:02:59 - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 31/01/2013 - 12:37:08 - [] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 10/02/2013 - 15:28:45 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 18/08/2012 - 11:53:37 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 19/10/2012 - 10:51:51 - [] ----D C:\ProgramData\AMD O43 - CFD: 19/10/2012 - 10:49:32 - [] ----D C:\ProgramData\Apple O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 31/01/2013 - 12:05:18 - [] ----D C:\ProgramData\Atheros O43 - CFD: 19/10/2012 - 12:09:12 - [] ----D C:\ProgramData\ATI O43 - CFD: 31/01/2013 - 09:48:29 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 30/11/2013 - 09:30:53 - [] --H-D C:\ProgramData\Common Files O43 - CFD: 10/08/2013 - 11:03:13 - [] ----D C:\ProgramData\CyberLink O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 07/02/2013 - 12:00:29 - [] ----D C:\ProgramData\Dr Maboul - Une opération de malade  ! O43 - CFD: 07/02/2013 - 18:54:43 - [] ----D C:\ProgramData\Floodlight Games O43 - CFD: 14/02/2013 - 18:43:24 - [] ----D C:\ProgramData\FloodLightGames O43 - CFD: 04/03/2013 - 20:36:21 - [] ----D C:\ProgramData\Fugazo O43 - CFD: 15/12/2013 - 09:58:11 - [] ----D C:\ProgramData\Google O43 - CFD: 19/10/2012 - 11:58:16 - [] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 24/04/2013 - 09:48:28 - [] ----D C:\ProgramData\HipSoft O43 - CFD: 19/10/2012 - 11:36:30 - [] ----D C:\ProgramData\install_clap O43 - CFD: 27/12/2014 - 12:57:04 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 31/01/2013 - 09:48:29 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 28/12/2014 - 11:21:45 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 31/01/2013 - 09:48:29 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 31/01/2013 - 12:23:55 - [] ----D C:\ProgramData\Norton O43 - CFD: 19/10/2012 - 11:48:38 - [] ----D C:\ProgramData\NortonInstaller O43 - CFD: 16/05/2013 - 18:22:42 - [] ----D C:\ProgramData\PlayFirst O43 - CFD: 16/06/2013 - 17:06:33 - [] ----D C:\ProgramData\Playrix Entertainment O43 - CFD: 05/02/2013 - 11:50:08 - [] ----D C:\ProgramData\PRICache O43 - CFD: 19/10/2012 - 10:54:57 - [] ----D C:\ProgramData\Qualcomm Atheros O43 - CFD: 19/10/2012 - 20:40:01 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 21/12/2013 - 12:00:15 - [] ----D C:\ProgramData\Skype O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 19/10/2012 - 11:19:48 - [] ----D C:\ProgramData\Synaptics O43 - CFD: 19/10/2012 - 11:42:26 - [] ----D C:\ProgramData\Temp O43 - CFD: 26/07/2012 - 08:22:08 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 09/11/2013 - 17:33:57 - [] ----D C:\ProgramData\WildTangent O43 - CFD: 18/08/2012 - 12:06:48 - [] ----D C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4} O43 - CFD: 31/01/2013 - 12:03:48 - [] ----D C:\Users\lisa\AppData\Roaming\Adobe O43 - CFD: 31/01/2013 - 12:04:48 - [] ----D C:\Users\lisa\AppData\Roaming\Atheros O43 - CFD: 31/01/2013 - 12:05:42 - [] ----D C:\Users\lisa\AppData\Roaming\ATI O43 - CFD: 17/03/2013 - 16:35:28 - [] ----D C:\Users\lisa\AppData\Roaming\CyberLink O43 - CFD: 07/02/2013 - 18:54:43 - [] ----D C:\Users\lisa\AppData\Roaming\Floodlight Games O43 - CFD: 14/02/2013 - 18:43:24 - [] ----D C:\Users\lisa\AppData\Roaming\FloodLightGames O43 - CFD: 06/05/2013 - 16:55:38 - [] ----D C:\Users\lisa\AppData\Roaming\funkitron O43 - CFD: 22/04/2013 - 17:44:45 - [] ----D C:\Users\lisa\AppData\Roaming\Gaijin Ent O43 - CFD: 15/12/2013 - 09:58:11 - [] ----D C:\Users\lisa\AppData\Roaming\Google O43 - CFD: 01/02/2013 - 18:31:59 - [] ----D C:\Users\lisa\AppData\Roaming\Hewlett-Packard O43 - CFD: 31/01/2013 - 17:19:55 - [0] ----D C:\Users\lisa\AppData\Roaming\hpqlog O43 - CFD: 10/02/2013 - 13:19:31 - [] ----D C:\Users\lisa\AppData\Roaming\Identities O43 - CFD: 18/11/2013 - 17:44:03 - [] ----D C:\Users\lisa\AppData\Roaming\Join_The_Team_5e O43 - CFD: 31/01/2013 - 17:18:14 - [] ----D C:\Users\lisa\AppData\Roaming\Join_The_Team_6e O43 - CFD: 08/02/2013 - 17:30:06 - [] ----D C:\Users\lisa\AppData\Roaming\Macromedia O43 - CFD: 27/12/2014 - 12:57:32 - [0] ----D C:\Users\lisa\AppData\Roaming\Malwarebytes O43 - CFD: 10/08/2013 - 10:57:38 - [] -S--D C:\Users\lisa\AppData\Roaming\Microsoft O43 - CFD: 29/11/2013 - 17:47:18 - [] ----D C:\Users\lisa\AppData\Roaming\OpenOffice O43 - CFD: 16/05/2013 - 18:22:42 - [] ----D C:\Users\lisa\AppData\Roaming\PlayFirst O43 - CFD: 07/02/2013 - 12:00:05 - [] ----D C:\Users\lisa\AppData\Roaming\Pogo Games O43 - CFD: 19/12/2014 - 19:05:17 - [] ----D C:\Users\lisa\AppData\Roaming\Skype O43 - CFD: 31/01/2013 - 12:01:09 - [] ----D C:\Users\lisa\AppData\Roaming\Synaptics O43 - CFD: 04/03/2013 - 20:08:36 - [] ----D C:\Users\lisa\AppData\Roaming\THQ O43 - CFD: 17/03/2013 - 16:40:27 - [] ----D C:\Users\lisa\AppData\Roaming\WebApp O43 - CFD: 09/11/2013 - 17:33:55 - [] ----D C:\Users\lisa\AppData\Roaming\WildTangent O43 - CFD: 15/05/2013 - 11:48:08 - [0] ----D C:\Users\lisa\AppData\Roaming\Windows Live Writer O43 - CFD: 22/05/2013 - 17:21:41 - [] ----D C:\Users\lisa\AppData\Roaming\YoudaGames O43 - CFD: 29/12/2014 - 09:33:03 - [] ----D C:\Users\lisa\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 31/01/2013 - 12:08:53 - [] ----D C:\Users\lisa\AppData\Local\AMD O43 - CFD: 31/01/2013 - 11:58:45 - [] -SH-D C:\Users\lisa\AppData\Local\Application Data O43 - CFD: 22/03/2013 - 14:30:47 - [] ----D C:\Users\lisa\AppData\Local\Apps O43 - CFD: 31/01/2013 - 12:05:42 - [] ----D C:\Users\lisa\AppData\Local\ATI O43 - CFD: 28/12/2014 - 12:05:32 - [] ----D C:\Users\lisa\AppData\Local\AVG SafeGuard toolbar O43 - CFD: 13/09/2013 - 18:54:38 - [] ----D C:\Users\lisa\AppData\Local\avgchrome O43 - CFD: 31/01/2013 - 12:05:19 - [] ----D C:\Users\lisa\AppData\Local\BMExplorer O43 - CFD: 28/12/2014 - 12:51:44 - [] ----D C:\Users\lisa\AppData\Local\CrashDumps O43 - CFD: 05/05/2013 - 13:43:00 - [] ----D C:\Users\lisa\AppData\Local\CyberLink O43 - CFD: 12/08/2013 - 14:21:27 - [0] ----D C:\Users\lisa\AppData\Local\Deployment O43 - CFD: 19/05/2013 - 08:52:04 - [0] ----D C:\Users\lisa\AppData\Local\Diagnostics O43 - CFD: 07/06/2013 - 19:39:14 - [] ----D C:\Users\lisa\AppData\Local\Downloaded Installations O43 - CFD: 19/05/2013 - 08:52:05 - [0] ----D C:\Users\lisa\AppData\Local\ElevatedDiagnostics O43 - CFD: 12/09/2013 - 17:59:50 - [] ----D C:\Users\lisa\AppData\Local\Facebook O43 - CFD: 12/08/2013 - 14:21:30 - [] ----D C:\Users\lisa\AppData\Local\Google O43 - CFD: 06/12/2013 - 19:25:58 - [] ----D C:\Users\lisa\AppData\Local\Hewlett-Packard O43 - CFD: 31/01/2013 - 11:58:45 - [] -SH-D C:\Users\lisa\AppData\Local\Historique O43 - CFD: 07/06/2013 - 19:39:23 - [] ----D C:\Users\lisa\AppData\Local\Microsoft O43 - CFD: 08/07/2013 - 14:03:55 - [] ----D C:\Users\lisa\AppData\Local\Microsoft_Corporation O43 - CFD: 25/03/2013 - 19:31:13 - [] ----D C:\Users\lisa\AppData\Local\Packages O43 - CFD: 31/01/2013 - 12:01:27 - [] ----D C:\Users\lisa\AppData\Local\Power2Go8 O43 - CFD: 07/06/2013 - 19:33:23 - [] ----D C:\Users\lisa\AppData\Local\Programs O43 - CFD: 29/12/2014 - 09:31:29 - [] ----D C:\Users\lisa\AppData\Local\Temp O43 - CFD: 31/01/2013 - 11:58:45 - [] -SH-D C:\Users\lisa\AppData\Local\Temporary Internet Files O43 - CFD: 27/03/2013 - 14:38:33 - [] ----D C:\Users\lisa\AppData\Local\VirtualStore O43 - CFD: 15/05/2013 - 11:48:09 - [] ----D C:\Users\lisa\AppData\Local\Windows Live Writer O43 - CFD: 26/07/2012 - 09:13:00 - [] R---D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - 09:13:00 - [] R---D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 28/12/2014 - 11:39:01 - [] R---D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 08/07/2013 - 13:15:01 - [] R---D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices O43 - CFD: 26/07/2012 - 09:13:00 - [] ----D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 28/12/2014 - 11:39:01 - [] R---D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 26/07/2012 - 09:13:00 - [] R---D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools ~ 19 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 168 Scanned in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.68430AD3FB0FADBFA5D1677617D1E1F5] - 27/12/2014 - 11:27:17 ---A- . (.AVG Technologies - Pas de description.) -- C:\Windows\System32\Drivers\avgtpx64.sys [50976] O44 - LFC:[MD5.E07104ADA4972888FC2FADAC22CE4591] - 27/12/2014 - 11:30:23 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [40448] O44 - LFC:[MD5.56BCA2F14F696FBB619D042770859D7B] - 27/12/2014 - 11:30:23 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [144384] O44 - LFC:[MD5.3B61E09694F82333A4A0609714469E1E] - 27/12/2014 - 11:30:36 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll [773632] O44 - LFC:[MD5.F2463B2E9818D242B4F72B237E9BD545] - 27/12/2014 - 11:30:36 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [3286528] O44 - LFC:[MD5.B9E015C3C45556C39AD9A3F1C0F73639] - 27/12/2014 - 11:30:36 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll [1623040] O44 - LFC:[MD5.C7D91C7FF92B935FBEB1285DF720AE89] - 27/12/2014 - 11:30:39 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll [253440] O44 - LFC:[MD5.7B0A0BE4B067C9CC4898CFFC30BAD425] - 27/12/2014 - 11:30:39 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [59416] O44 - LFC:[MD5.07DE21A44C96710A2696CAC2D60942FC] - 27/12/2014 - 11:30:43 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll [176640] O44 - LFC:[MD5.2762E48274640A6E8F17CACF49AA8DF0] - 27/12/2014 - 11:30:43 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [100352] O44 - LFC:[MD5.9FD9378EDDE7808B39645A6158146348] - 27/12/2014 - 11:59:27 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1890816] O44 - LFC:[MD5.E7E9DBFDD3F25ED0C05B99AE9FA18BDE] - 27/12/2014 - 11:59:54 ---A- . (.Microsoft Corporation - Gestionnaire des points de montage.) -- C:\Windows\System32\Drivers\mountmgr.sys [94552] O44 - LFC:[MD5.961A45CC15514178E511BBF1384CE0B8] - 27/12/2014 - 11:59:58 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hidclass.sys [83968] O44 - LFC:[MD5.A4071DA3AE419F9694BFCB267C7DB8D7] - 27/12/2014 - 11:59:58 ---A- . (.Microsoft Corporation - PILOT IPMI WMI.) -- C:\Windows\System32\Drivers\IPMIDrv.sys [78336] O44 - LFC:[MD5.7BDE8F40FF491D8507CE3A6BF4EF0851] - 27/12/2014 - 11:59:59 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll [1258496] O44 - LFC:[MD5.AA6FD65C372252A338D8CD0E704D30D7] - 27/12/2014 - 11:59:59 ---A- . (.Microsoft Corporation - GPEdit.) -- C:\Windows\System32\gpedit.dll [1120768] O44 - LFC:[MD5.6F4DB6ED4AB48721D7E477B301177AFA] - 27/12/2014 - 12:03:17 ---A- . (.Microsoft Corporation - MSXML 3.0.) -- C:\Windows\System32\msxml3.dll [1845760] O44 - LFC:[MD5.5762FD609B0FC53B2DF43178607CF60E] - 27/12/2014 - 12:03:20 ---A- . (.Microsoft Corporation - Exécuteur de file d’attente d’opérations pr.) -- C:\Windows\System32\poqexec.exe [148480] O44 - LFC:[MD5.74BC4D08D027F81CB7A6B96E9FDA97CF] - 27/12/2014 - 12:03:21 ---A- . (.Microsoft Corporation - CMI tssdis plug-in.) -- C:\Windows\System32\tssdisai.dll [144896] O44 - LFC:[MD5.AE54A060C9A76ADACD6A09BCA83D50BF] - 27/12/2014 - 12:03:26 ---A- . (.Microsoft Corporation - Gestionnaire de liaisons d’objets2.) -- C:\Windows\System32\packager.dll [79872] O44 - LFC:[MD5.578F8E769CAB4B52D132843B6FE85475] - 27/12/2014 - 12:03:48 ---A- . (.Microsoft Corporation - Framebuffer Display Driver.) -- C:\Windows\System32\workerdd.dll [14848] O44 - LFC:[MD5.5579488320C3C827E75F5E8BBDF44AF6] - 27/12/2014 - 12:03:49 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [20480] O44 - LFC:[MD5.7926C10A43BBED1D04DFC17A7042FF68] - 27/12/2014 - 12:03:49 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [208896] O44 - LFC:[MD5.2ACBE51AA462AD845D2F484780AA312C] - 27/12/2014 - 12:03:49 ---A- . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll [238080] O44 - LFC:[MD5.D736F2A53EEC2CD9AEAE44B653A7CCDB] - 27/12/2014 - 12:03:49 ---A- . (.Microsoft Corporation - Utilisateur du Panneau de configuration.) -- C:\Windows\System32\usercpl.dll [1043968] O44 - LFC:[MD5.3639852ECE97DF80A23DF26E41C5A9AF] - 27/12/2014 - 12:03:49 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [94720] O44 - LFC:[MD5.A294087B82A4EB0CD179D0A90DE3B651] - 27/12/2014 - 12:03:50 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [318464] O44 - LFC:[MD5.01CA660050B7228B99C9A2FC9A3D6979] - 27/12/2014 - 12:03:50 ---A- . (.Microsoft Corporation - SHCORE.) -- C:\Windows\System32\SHCore.dll [588288] O44 - LFC:[MD5.1DC9B701F8EB7D67774035AC9C3104F6] - 27/12/2014 - 12:03:50 ---A- . (.Microsoft Corporation - Service du gestionnaire de session locale.) -- C:\Windows\System32\lsm.dll [439808] O44 - LFC:[MD5.75DD70A14145499C9F7D903CF9A8C91B] - 27/12/2014 - 12:03:51 ---A- . (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\winlogon.exe [578048] O44 - LFC:[MD5.20ED904FE289689B076D5DB690C5CA77] - 27/12/2014 - 12:03:51 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1281536] O44 - LFC:[MD5.822797E780335497E0CC7D059ADF64B6] - 27/12/2014 - 12:03:51 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [827904] O44 - LFC:[MD5.DBF9E5346431557BF56F41E7F8EC0DC1] - 27/12/2014 - 12:03:52 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [570216] O44 - LFC:[MD5.0EB535ADDC065F2D0CBFC089630A6065] - 27/12/2014 - 12:03:52 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [171840] O44 - LFC:[MD5.F39B36FC340ED4F322E0FB41FC7307BA] - 27/12/2014 - 12:05:41 ---A- . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\System32\rpcrt4.dll [1312768] O44 - LFC:[MD5.47C22FAAC1EC02467790C79B8DB6FCCB] - 27/12/2014 - 12:06:27 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [596480] O44 - LFC:[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - 27/12/2014 - 12:09:09 ---A- . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\Drivers\afd.sys [576512] O44 - LFC:[MD5.65DF4D0333CFC7AE430F5D210F77F4CE] - 27/12/2014 - 12:13:01 ---A- . (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\System32\consent.exe [112984] O44 - LFC:[MD5.AF6D3CC749D97FDC7E4C6051CA296B7F] - 27/12/2014 - 12:13:49 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\System32\actxprxy.dll [2146304] O44 - LFC:[MD5.05A31B89EAF676D2A57A51CC2462F4A1] - 27/12/2014 - 12:14:06 ---A- . (.Microsoft Corporation - Fichier DLL principal du service Serveur.) -- C:\Windows\System32\sscore.dll [35840] O44 - LFC:[MD5.4E94CA181141C246CBC25CCE2BF05DCF] - 27/12/2014 - 12:14:08 ---A- . (.Microsoft Corporation - Microsoft Distributed Transaction Coordinat.) -- C:\Windows\System32\msdtctm.dll [1549824] O44 - LFC:[MD5.78E9665C8DC59106D133CBEF0F0C3DE3] - 27/12/2014 - 12:14:08 ---A- . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Drivers\srvnet.sys [250368] O44 - LFC:[MD5.FAAB461D5AEB21EE5FC5C0DBD6648223] - 27/12/2014 - 12:14:08 ---A- . (.Microsoft Corporation - USB3 HUB Driver.) -- C:\Windows\System32\Drivers\USBHUB3.SYS [447296] O44 - LFC:[MD5.05A5B36592BB5F371B6AB020A2691E42] - 27/12/2014 - 12:14:09 ---A- . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [305664] O44 - LFC:[MD5.0AA400AB21745F1153ECE75E0186509A] - 27/12/2014 - 12:14:09 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys [211456] O44 - LFC:[MD5.FAC7814096952227B0EBB08175D82B40] - 27/12/2014 - 12:14:10 ---A- . (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\user32.dll [1341952] O44 - LFC:[MD5.14EE56050E1637926F5CFA65B1F4209B] - 27/12/2014 - 12:14:10 ---A- . (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\Drivers\mrxsmb.sys [404480] O44 - LFC:[MD5.B56A855B23676CCE05B626C6037FD02F] - 27/12/2014 - 12:14:10 ---A- . (.Microsoft Corporation - Pilote de serveur SMB 2.0.) -- C:\Windows\System32\Drivers\srv2.sys [674304] O44 - LFC:[MD5.76714016993263794ECBF8EF317F6E45] - 27/12/2014 - 12:26:27 ---A- . (.Microsoft Corporation - Microsoft SChannel Provider.) -- C:\Windows\System32\ncryptsslp.dll [86528] O44 - LFC:[MD5.3DA84EED8FD188EA00FAF7352D3C8A22] - 27/12/2014 - 12:26:29 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll [414208] O44 - LFC:[MD5.A5F88AEFDE2AB3C7B3215B30122754E8] - 27/12/2014 - 12:29:02 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [1300992] O44 - LFC:[MD5.9C6302820FEA434728A14B2E356A600A] - 27/12/2014 - 12:29:29 ---A- . (.Microsoft Corporation - Client Gestion des droits Windows.) -- C:\Windows\System32\msdrm.dll [583680] O44 - LFC:[MD5.E6A730CD372B10DB1AA3BC7D4DF39AD7] - 27/12/2014 - 12:29:53 ---A- . (.Microsoft Corporation - DLL du fournisseur du service de gestion d’.) -- C:\Windows\System32\dimsroam.dll [45056] O44 - LFC:[MD5.14D42343D1FBA771C8884B705637A821] - 27/12/2014 - 12:29:53 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [27648] O44 - LFC:[MD5.F1DA34D64F2BA200D28A7451804E2FEE] - 27/12/2014 - 12:29:54 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [35840] O44 - LFC:[MD5.8B3EB6372436195B8EA8AE09A184BCE2] - 27/12/2014 - 12:29:55 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [100184] O44 - LFC:[MD5.0D56D94264702B235C87EAD49D443949] - 27/12/2014 - 12:29:56 ---A- . (.Microsoft Corporation - DPAPI Server.) -- C:\Windows\System32\dpapisrv.dll [179712] O44 - LFC:[MD5.37C282CF52358E6CF25A36B2D94EC4D1] - 27/12/2014 - 12:29:56 ---A- . (.Microsoft Corporation - Dialogue du Sélecteur d’objet.) -- C:\Windows\System32\objsel.dll [684032] O44 - LFC:[MD5.773DF0EC54E53CE2CEEFB776CF941A93] - 27/12/2014 - 12:29:56 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [164864] O44 - LFC:[MD5.8501267018C90AE5C6D736D673B8DA2A] - 27/12/2014 - 12:30:00 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [982016] O44 - LFC:[MD5.279EF82B69C638555D4718C3931DA959] - 27/12/2014 - 12:30:17 ---A- . (.Microsoft Corporation - AutoUpdate Implementation.) -- C:\Windows\System32\AutoUpdate.exe [590816] O44 - LFC:[MD5.12EB318D09814572D6EA8A639EB68517] - 27/12/2014 - 12:30:17 ---A- . (.Microsoft Corporation - DLL WSShared.) -- C:\Windows\System32\WSShared.dll [695808] O44 - LFC:[MD5.DABD621A30894F4FE6C82D88E02BF4E7] - 27/12/2014 - 12:30:17 ---A- . (.Microsoft Corporation - DLL d’exécution de l’infrastructure de test.) -- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll [163840] O44 - LFC:[MD5.D445081E191E44AC51ADFB900FB92350] - 27/12/2014 - 12:30:17 ---A- . (.Microsoft Corporation - DLL d’exécution du Windows Store.) -- C:\Windows\System32\Windows.ApplicationModel.Store.dll [198656] O44 - LFC:[MD5.E02B7D16DA0F325940DA6F270B876724] - 27/12/2014 - 12:30:17 ---A- . (.Microsoft Corporation - Windows Setup UI.) -- C:\Windows\System32\WinSetupUI.dll [125952] O44 - LFC:[MD5.546E25DFB035828FA21E75C50EBF1768] - 27/12/2014 - 12:30:18 ---A- . (...) -- C:\Windows\System32\AutoconfigV2.cab [10777] O44 - LFC:[MD5.3B24189E39A1475F07C0B79CD7C6CCCC] - 27/12/2014 - 12:30:18 ---A- . (.Microsoft Corporation - Mise en œuvre de l'interface utilisateur de.) -- C:\Windows\System32\NotificationUI.exe [467408] O44 - LFC:[MD5.4CCBBD4944777CA100B9A6C2F149A46F] - 27/12/2014 - 12:30:29 ---A- . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\Windows\System32\Drivers\mpsdrv.sys [74752] O44 - LFC:[MD5.09DC813EA00294A6F5B2B6C75E2740ED] - 27/12/2014 - 12:30:30 ---A- . (.Microsoft Corporation - API du Pare-feu Windows.) -- C:\Windows\System32\FirewallAPI.dll [758784] O44 - LFC:[MD5.9B1384CE8E681D2D77BB3524B8E86311] - 27/12/2014 - 12:30:30 ---A- . (.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) -- C:\Windows\System32\WebClnt.dll [227840] O44 - LFC:[MD5.AE3786294CC246A5403783E1B86A0168] - 27/12/2014 - 12:30:30 ---A- . (.Microsoft Corporation - PnP Disk Driver.) -- C:\Windows\System32\Drivers\disk.sys [100696] O44 - LFC:[MD5.353F85DB0B6EB92A77DA1DC2B9DD4FEF] - 27/12/2014 - 12:30:30 ---A- . (.Microsoft Corporation - Web DAV Client DLL.) -- C:\Windows\System32\davclnt.dll [104448] O44 - LFC:[MD5.9DE3341BD4E14BC5FADFCAD3019F2D0D] - 27/12/2014 - 12:30:31 ---A- . (.Microsoft Corporation - Service de protection Microsoft.) -- C:\Windows\System32\MPSSVC.dll [915968] O44 - LFC:[MD5.660EBC5A7CCB2E15FEDFAED53E71FF24] - 27/12/2014 - 12:30:57 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1627648] O44 - LFC:[MD5.B9868B46EC3A67EF9B85B9437DB2CB65] - 27/12/2014 - 12:31:04 ---A- . (.Microsoft Corporation - Bibliothèque Microsoft D2D.) -- C:\Windows\System32\d2d1.dll [3842560] O44 - LFC:[MD5.D05FDB359808642231FC244CD06E8E4C] - 27/12/2014 - 12:31:04 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [2238976] O44 - LFC:[MD5.94C0D6C5B967720B59B134DDDA97FC7A] - 27/12/2014 - 12:31:34 ---A- . (.Microsoft Corporation - DLL des événements d’audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [146944] O44 - LFC:[MD5.A2D7F03BA538D9EFF7EF283E2FDBB30B] - 27/12/2014 - 12:31:34 ---A- . (.Microsoft Corporation - UMRDP Display Driver.) -- C:\Windows\System32\rdpudd.dll [235520] O44 - LFC:[MD5.76E0CE29EF5BC3EEDC7962AE18508FC1] - 27/12/2014 - 12:31:35 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [713728] O44 - LFC:[MD5.2ADDCFA35A7D45FDB883312821E2561C] - 27/12/2014 - 12:31:36 ---A- . (.Microsoft Corporation - DLL RDPCore TS.) -- C:\Windows\System32\rdpcorets.dll [3248640] O44 - LFC:[MD5.6B746A9668DB35E67518B658D4092FCB] - 27/12/2014 - 12:31:50 ---A- . (.Microsoft Corporation - Microsoft Robocopy.) -- C:\Windows\System32\Robocopy.exe [126464] O44 - LFC:[MD5.394B19F39139615C834E50265B544F23] - 27/12/2014 - 12:31:51 ---A- . (.Microsoft Corporation - DLL de spouleur local.) -- C:\Windows\System32\localspl.dll [1023488] O44 - LFC:[MD5.079051626A554ED91B75F5CEBF99AEF5] - 27/12/2014 - 12:31:52 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1824808] O44 - LFC:[MD5.9D87936649E3C7A4B319E6EE87D4280D] - 27/12/2014 - 12:31:53 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [6974808] O44 - LFC:[MD5.D315816709DE37EB937C89E44BC1090F] - 27/12/2014 - 12:32:02 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [396288] O44 - LFC:[MD5.EE25F8FBE6CC38785FC592B16DF3221B] - 27/12/2014 - 12:32:02 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [227328] O44 - LFC:[MD5.EE5ED8E6998D7E686F614BA8D876829B] - 27/12/2014 - 12:32:03 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000] O44 - LFC:[MD5.222F243A138149E51FEA4769A475A144] - 27/12/2014 - 12:32:03 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1083392] O44 - LFC:[MD5.59314E353DAE94B965825EFFF94F772C] - 27/12/2014 - 12:32:03 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [830464] O44 - LFC:[MD5.2DD8EC6F8DE5F8556ABC5F223D49EA07] - 27/12/2014 - 12:32:03 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [412672] O44 - LFC:[MD5.2788E69F49C0CB25126FDC0E847286D1] - 27/12/2014 - 12:32:03 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\invagent.dll [740864] O44 - LFC:[MD5.020C789C8481A6A0E8363ABBBD505574] - 27/12/2014 - 12:32:16 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [393216] O44 - LFC:[MD5.25A05112F470B22A9B4AEDC7BC0E4C0B] - 27/12/2014 - 12:32:17 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [2885632] O44 - LFC:[MD5.DDA84431EC8B11A1C5DA66BAD476424D] - 27/12/2014 - 12:32:22 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll [2307072] O44 - LFC:[MD5.F08961951319B772AA3C32113E107483] - 27/12/2014 - 12:32:25 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\System32\twinui.dll [10115072] O44 - LFC:[MD5.E79F88BD7D3B0030831A33895D2EC48C] - 27/12/2014 - 12:32:57 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [3959296] O44 - LFC:[MD5.BCF7FA61D9CAC73246D82137638D5DC6] - 27/12/2014 - 12:33:57 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [19283456] O44 - LFC:[MD5.DE95F90F4CBBB7B61BBADA7CCDAECBD8] - 27/12/2014 - 12:34:03 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [97280] O44 - LFC:[MD5.ACCABC53006CD62D6110E84A340FEFB9] - 27/12/2014 - 12:34:05 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1509376] O44 - LFC:[MD5.A1A85CF86615203447E05F81D84EFEA2] - 27/12/2014 - 12:34:09 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [855552] O44 - LFC:[MD5.B3368AE3156B28B10566C511B0F4F328] - 27/12/2014 - 12:34:09 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136] O44 - LFC:[MD5.3CE2333D4AFD1CC0A5CBD180786A2306] - 27/12/2014 - 12:34:09 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15400960] O44 - LFC:[MD5.BA2432BDE57C27673047F09F77E2B06B] - 27/12/2014 - 12:34:10 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2655232] O44 - LFC:[MD5.7E5EFE2543E98D7D6A6557ED704D3DD6] - 27/12/2014 - 12:34:11 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2237952] O44 - LFC:[MD5.D9EEE1D8F9437EAF419225344FA33F56] - 27/12/2014 - 12:34:12 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [136704] O44 - LFC:[MD5.E97428B9E1D014FC8423D4C8652027E4] - 27/12/2014 - 12:34:12 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [255488] O44 - LFC:[MD5.2FF748C3C69BB00450B29665A7C29C63] - 27/12/2014 - 12:34:13 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [67072] O44 - LFC:[MD5.8775BDAA98CE511454648F195364F155] - 27/12/2014 - 12:34:14 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\System32\uxtheme.dll [915968] O44 - LFC:[MD5.4EF2DC6E6926F9C8E57E1022358A34E3] - 27/12/2014 - 12:34:15 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2706432] O44 - LFC:[MD5.4FE1C342399D0C7D6A86F426688F6A91] - 27/12/2014 - 12:34:16 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [53760] O44 - LFC:[MD5.0EDBA99E21EDEB959884797642C07F29] - 27/12/2014 - 12:34:16 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [39936] O44 - LFC:[MD5.C2F645E5318CA19EF7727C6B7DA52B7A] - 27/12/2014 - 12:34:19 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\System32\UXInit.dll [53760] O44 - LFC:[MD5.9F518C52560E54F667D4BA807B6EE0E2] - 27/12/2014 - 12:34:20 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [197120] O44 - LFC:[MD5.AB60DE2BADBBAB609AEB45DFF8A0B348] - 27/12/2014 - 12:34:20 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1409536] O44 - LFC:[MD5.30EBCA6157B0A6D6F73385EBAC2FA712] - 27/12/2014 - 12:34:22 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712] O44 - LFC:[MD5.87C2B38DF709D99371124DD5E981EE97] - 27/12/2014 - 12:34:35 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\oleaut32.dll [778240] O44 - LFC:[MD5.7AFD5CA6E87242AD40FBBACBEC199177] - 27/12/2014 - 12:34:38 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4068864] O44 - LFC:[MD5.8BB7548307EE6147137993A410D64387] - 27/12/2014 - 12:36:10 ---A- . (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\Windows\System32\msvcr120_clr0400.dll [869544] O44 - LFC:[MD5.962025110A396E6D7790DA2CD4D8D424] - 27/12/2014 - 12:38:08 ---A- . (.Microsoft Corporation - Microsoft Tablet PC InkEdit Control.) -- C:\Windows\System32\InkEd.dll [265216] O44 - LFC:[MD5.155779F35206A76C7126273F9D5AD2EE] - 27/12/2014 - 12:39:04 ---A- . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe [1125376] O44 - LFC:[MD5.6D6C2DA65E13E51F75BBE2ACA3A48835] - 27/12/2014 - 12:39:04 ---A- . (.Microsoft Corporation - Winstation Library.) -- C:\Windows\System32\winsta.dll [300544] O44 - LFC:[MD5.2B3D2FDF50EDABEBE0A9E6F741C81858] - 27/12/2014 - 12:39:05 ---A- . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [724992] O44 - LFC:[MD5.F518FD5FDD680629673C9DC77DC0EEC6] - 27/12/2014 - 12:39:08 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\System32\mstscax.dll [5982208] O44 - LFC:[MD5.B7FD627AAE8E95848BFEC437C923A87E] - 27/12/2014 - 12:40:03 ---A- . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys [35320] O44 - LFC:[MD5.FAC362ED29713A535C6E2EEFFA5B4733] - 27/12/2014 - 12:40:03 ---A- . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys [270024] O44 - LFC:[MD5.8FB10919E1283FD108334FDBFB173574] - 27/12/2014 - 12:41:15 ---A- . (.Microsoft Corporation - Générateur de points de terminaison du serv.) -- C:\Windows\System32\AudioEndpointBuilder.dll [169472] O44 - LFC:[MD5.832D5BEB0478B52EE1698428DC23C2C2] - 27/12/2014 - 12:41:15 ---A- . (.Microsoft Corporation - Media Foundation Crash Dump Encryption DLL.) -- C:\Windows\System32\EncDump.dll [267264] O44 - LFC:[MD5.E68F456AF77E45A53DE634B2A361F16E] - 27/12/2014 - 12:41:16 ---A- . (.Microsoft Corporation - Audio Ks Endpoint.) -- C:\Windows\System32\AUDIOKSE.dll [522728] O44 - LFC:[MD5.37B2C3BFD6E259A5CBC0053100908157] - 27/12/2014 - 12:41:16 ---A- . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [783872] O44 - LFC:[MD5.B9450BC3F1820A99D010D7426BCA60E9] - 27/12/2014 - 12:41:37 ---A- . (.Microsoft Corporation - Service de résolution du cache DNS.) -- C:\Windows\System32\dnsrslvr.dll [212992] O44 - LFC:[MD5.6DEE155EE2983829EB0F28035083B79A] - 27/12/2014 - 12:41:38 ---A- . (.Microsoft Corporation - Media Foundation MPEG2 Source and Sink DLL.) -- C:\Windows\System32\mfmpeg2srcsnk.dll [673792] O44 - LFC:[MD5.7904C03BF9C0C0337563FFAA97D0ACE8] - 27/12/2014 - 12:41:39 ---A- . (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [623616] O44 - LFC:[MD5.06B59051EA619EB028B9CF2F8B6F5CDC] - 27/12/2014 - 12:41:49 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll [19764736] O44 - LFC:[MD5.3CD0811267360076328984561FA399E9] - 27/12/2014 - 12:49:14 ---A- . (.Microsoft Corporation - Microsoft Fax API Support DLL.) -- C:\Windows\System32\FXSAPI.dll [616448] O44 - LFC:[MD5.37C202C17E989578690756A75C120F0C] - 27/12/2014 - 12:49:14 ---A- . (.Microsoft Corporation - Microsoft Fax T30 Protocol Service Provide.) -- C:\Windows\System32\FXST30.dll [254976] O44 - LFC:[MD5.06814BF85FF787026BEEB23A4D49719E] - 27/12/2014 - 12:49:14 ---A- . (.Microsoft Corporation - Microsoft Fax TIFF library.) -- C:\Windows\System32\FXSTIFF.dll [432640] O44 - LFC:[MD5.00EECDBA8B58623470681044B606DD5B] - 27/12/2014 - 12:49:15 ---A- . (.Microsoft Corporation - Microsoft Fax Server Extended COM Client In.) -- C:\Windows\System32\FXSCOMEX.dll [609280] O44 - LFC:[MD5.FEE098DF4EFFD13F520277AA156D559E] - 27/12/2014 - 12:49:15 ---A- . (.Microsoft Corporation - RPC HTTP DLL.) -- C:\Windows\System32\rpchttp.dll [188928] O44 - LFC:[MD5.A92EF73B02686B7E6F070B486512DB88] - 27/12/2014 - 12:49:17 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [389176] O44 - LFC:[MD5.81D75DB1FCE576D5BAA2E0F568D224EF] - 27/12/2014 - 12:49:17 ---A- . (.Microsoft Corporation - WSMAN WMI Provider.) -- C:\Windows\System32\WsmWmiPl.dll [309248] O44 - LFC:[MD5.89DA335401D956F2696E35A38817BE19] - 27/12/2014 - 12:49:20 ---A- . (.Microsoft Corporation - Service WSMan.) -- C:\Windows\System32\WsmSvc.dll [2837504] O44 - LFC:[MD5.2AE9136724568DB4F08BC04F131CFC54] - 27/12/2014 - 12:49:26 ---A- . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys [2233152] O44 - LFC:[MD5.11B9DC4FF08E11CB1E77F4C0822B83C9] - 27/12/2014 - 12:49:26 ---A- . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Drivers\Classpnp.sys [328512] O44 - LFC:[MD5.462E0B687C91D7366854C2F6BFB00E58] - 27/12/2014 - 12:50:15 ---A- . (.Microsoft Corporation - Accessibilité au Clavier visuel.) -- C:\Windows\System32\osk.exe [1557504] O44 - LFC:[MD5.62C34DD7477501468924A4AA0C89BF8E] - 27/12/2014 - 12:51:02 ---A- . (.Microsoft Corporation - Programme d’installation de Windows Update.) -- C:\Windows\System32\wusa.exe [309760] O44 - LFC:[MD5.B34B484A500EE8B863DDE2D310D9F134] - 27/12/2014 - 12:51:17 ---A- . (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\Windows\System32\msvcp120_clr0400.dll [678600] O44 - LFC:[MD5.B70195713474BB161AB88AF3FAA8B99A] - 27/12/2014 - 12:51:38 ---A- . (.Microsoft Corporation - Accès distant PPP EAP-TLS.) -- C:\Windows\System32\rastls.dll [585728] O44 - LFC:[MD5.201C397A73DFEE109490F4BA1168CFC2] - 27/12/2014 - 12:51:43 ---A- . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1287680] O44 - LFC:[MD5.CC5B978B9A7EBFF2BB154A816554F51C] - 27/12/2014 - 12:51:46 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [199680] O44 - LFC:[MD5.2BB5627EB587FA995086C3D8C21B6D3F] - 27/12/2014 - 12:51:47 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [1453400] O44 - LFC:[MD5.478CC94C937D235CB0A96AB8F2359D81] - 27/12/2014 - 12:57:04 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400] O44 - LFC:[MD5.9D7BFFDB5FA62B600DF1FCB4919D9D79] - 27/12/2014 - 12:57:04 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216] O44 - LFC:[MD5.431141C6859990824D17F71C30A78728] - 27/12/2014 - 12:57:06 ---A- . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\Drivers\dfsc.sys [118784] O44 - LFC:[MD5.0EF7ABB612F7270DD5ABB7C66F1774AA] - 27/12/2014 - 12:57:09 ---A- . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys [332632] O44 - LFC:[MD5.A892732A2216DC3B101E2B61F1F465FF] - 27/12/2014 - 12:57:10 ---A- . (.Microsoft Corporation - DLL de l’API des services Web pour périphér.) -- C:\Windows\System32\WSDApi.dll [599040] O44 - LFC:[MD5.E6530FD4F61B40F338BF4355A21B9A09] - 27/12/2014 - 12:57:10 ---A- . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\Drivers\msiscsi.sys [278872] O44 - LFC:[MD5.A8705398E9A28627FC6EA239DAF3CB08] - 27/12/2014 - 12:57:16 ---A- . (.Microsoft Corporation - XPS to GDI Converter.) -- C:\Windows\System32\XpsGdiConverter.dll [523264] O44 - LFC:[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - 27/12/2014 - 12:57:29 ---A- . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\Drivers\ntfs.sys [1939288] O44 - LFC:[MD5.6DBE73C09215E281F4283641144110A5] - 27/12/2014 - 13:54:50 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Terminal Se.) -- C:\Windows\System32\TsWpfWrp.exe [35480] O44 - LFC:[MD5.58CC013EFA9893057160EDA018D8ADCE] - 27/12/2014 - 14:35:58 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys [71168] O44 - LFC:[MD5.2E9F4330645108C6A35EAB1120CD96D4] - 27/12/2014 - 15:36:35 ---A- . (.Microsoft Corporation - Bibliothèque de suivi du service VSS Micros.) -- C:\Windows\System32\vsstrace.dll [69632] O44 - LFC:[MD5.20C01B1C480554BD060272573259890F] - 27/12/2014 - 15:36:35 ---A- . (.Microsoft Corporation - Microsoft® Volume Shadow Copy Requestor/Wri.) -- C:\Windows\System32\vssapi.dll [1519104] O44 - LFC:[MD5.FE37051171F3B90B18037FDBAC5B9D76] - 27/12/2014 - 15:36:35 ---A- . (.Microsoft Corporation - Service de cliché instantané de volumes Mic.) -- C:\Windows\System32\VSSVC.exe [1484288] O44 - LFC:[MD5.72C0F01ED2D85DD7F60E6813F394A655] - 28/12/2014 - 11:52:17 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.FFC423A536C4A927F194318BBA9312F0] - 28/12/2014 - 12:05:57 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [312984] O44 - LFC:[MD5.EEBE51A654DEC13FD40401344034B4B4] - 28/12/2014 - 12:11:21 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1994362] O44 - LFC:[MD5.39D945D76A1EEB23F1D86E5DB2349EF7] - 28/12/2014 - 12:11:21 ---A- . (...) -- C:\Windows\System32\perfc009.dat [158234] O44 - LFC:[MD5.75E08AD02A7F6A8FAB82B7FBF86F8E61] - 28/12/2014 - 12:11:21 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [188148] O44 - LFC:[MD5.5833AB229C304074E7A6B55089346797] - 28/12/2014 - 12:11:21 ---A- . (...) -- C:\Windows\System32\perfh009.dat [774720] O44 - LFC:[MD5.D376A3DA5CA6A999D87A629F5AFE2BFE] - 28/12/2014 - 12:11:21 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [874848] O44 - LFC:[MD5.AD0340822F078400595FF44BB8AB5CDB] - 29/12/2014 - 09:11:14 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - 29/12/2014 - 09:11:52 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752] O44 - LFC:[MD5.AD69F07EA92BEFBD29624F86B24C4BDF] - 29/12/2014 - 09:14:39 ---A- . (...) -- C:\Windows\WindowsUpdate.log [98258] ~ Files: 175 Scanned in 01mn 32s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.575732FEA6071677C29DA98F8719B1E2] - 21/10/2013 - 10:08:09 ---A- - C:\Windows\Prefetch\FILESCOUT.EXE-1D01DFB0.pf =>PUP.FileScout O45 - LFCP:[MD5.17AEECBBE0C5002ED65A36BDF500B555] - 27/12/2014 - 11:32:35 ---A- - C:\Windows\Prefetch\LYRICSWOOFERUPD.EXE-E8CF44F8.pf =>Adware.AddLyrics O45 - LFCP:[MD5.DC7CA3B32FCD2DBDFC5F5B72444269DD] - 27/12/2014 - 11:35:58 ---A- - C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf =>PUP.MyPCBackup O45 - LFCP:[MD5.5DD64F7FC4BD9C6F1E9F694B44035F12] - 19/07/2013 - 10:16:11 ---A- - C:\Windows\Prefetch\PACKAGE_SWEETIM_INSTALLER_MUL-A179F41E.pf =>PUP.SweetIM O45 - LFCP:[MD5.2A2BB41A898D110D2D6CCD575CA718AE] - 29/09/2013 - 15:15:58 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_GOOGL-7C580733.pf =>Toolbar.Conduit O45 - LFCP:[MD5.6DA2BC4E1FA629952FAD8266763E3CFF] - 29/11/2013 - 15:31:54 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-C52F80C5.pf =>PUP.SpeedUpMyPC O45 - LFCP:[MD5.37CB97D66AA8608EDF0CCED37E248760] - 29/11/2013 - 15:30:48 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC_459283_.TMP-78C17657.pf =>PUP.SpeedUpMyPC O45 - LFCP:[MD5.44B7A50B3647CF234A606595149A40B7] - 29/11/2013 - 15:30:40 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC_459283_.TMP-C28989CC.pf =>PUP.SpeedUpMyPC O45 - LFCP:[MD5.7D4E071106014A65D6543CD5D17E5BB6] - 10/11/2013 - 16:59:27 ---A- - C:\Windows\Prefetch\TUTO4PC_FR_33.EXE-23A169E9.pf =>PUP.AgenceExclusive O45 - LFCP:[MD5.B2E80075890E8D5D47D99963F1DA58E8] - 28/12/2014 - 11:41:48 ---A- - C:\Windows\Prefetch\UPT4PC_FR_33.EXE-FE88A8C1.pf =>PUP.Eorezo ~ Prefetcher: 10 Scanned in 00mn 03s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 17 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{a648ce5b-19e9-11e2-be72-806e6f6e6963}\AutoRun\command. (...) -- E:\Join_The_Team_5e.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 01s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736] O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [492272] O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [340720] O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [184048] O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [76016] O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [258288] O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [26352] O58 - SDL:23/07/2012 - 22:35:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amd_sata.sys [79528] O58 - SDL:23/07/2012 - 22:35:12 ---A- . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\System32\Drivers\amd_xata.sys [26280] O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [104688] O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [108272] O58 - SDL:07/08/2012 - 16:57:34 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\AthDfu.sys [55448] O58 - SDL:24/07/2012 - 07:44:02 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3618304] O58 - SDL:17/07/2012 - 17:59:12 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdW86.sys [98472] O58 - SDL:02/08/2012 - 11:54:18 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [10280960] O58 - SDL:02/08/2012 - 09:09:30 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [368640] O58 - SDL:27/12/2014 - 11:27:17 ---A- . (.AVG Technologies - Pas de description.) -- C:\Windows\System32\Drivers\avgtpx64.sys [50976] O58 - SDL:07/08/2012 - 16:57:36 ---A- . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [344216] O58 - SDL:07/08/2012 - 16:57:36 ---A- . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys [114840] O58 - SDL:07/08/2012 - 16:57:36 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [33944] O58 - SDL:07/08/2012 - 16:57:38 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [88728] O58 - SDL:07/08/2012 - 16:57:38 ---A- . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [178840] O58 - SDL:07/08/2012 - 16:57:38 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [76952] O58 - SDL:07/08/2012 - 16:57:40 ---A- . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [135832] O58 - SDL:07/08/2012 - 16:57:42 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [574616] O58 - SDL:20/09/2012 - 08:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [533224] O58 - SDL:20/09/2012 - 08:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3265256] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64752] O58 - SDL:01/08/2012 - 11:22:00 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [645952] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [411888] O58 - SDL:02/06/2012 - 15:32:26 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [10627744] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [45296] O58 - SDL:07/08/2012 - 16:57:44 ---A- . (.Atheros - Bluetooth Low Engergy Hid Driver.) -- C:\Windows\System32\Drivers\leath_hid.sys [39704] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [108784] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [92400] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [116976] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [81136] O58 - SDL:21/11/2014 - 06:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:21/11/2014 - 06:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400] O58 - SDL:29/12/2014 - 09:11:52 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [51952] O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [353008] O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [64240] O58 - SDL:21/11/2014 - 06:14:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216] O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [52464] O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150256] O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168176] O58 - SDL:13/06/2012 - 06:41:22 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys [683664] O58 - SDL:20/06/2012 - 01:54:20 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [4065296] O58 - SDL:13/09/2013 - 19:14:18 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsP2Stor.sys [277648] O58 - SDL:26/07/2012 - 09:11:43 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44784] O58 - SDL:26/07/2012 - 06:00:56 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81648] O58 - SDL:29/08/2012 - 08:34:03 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [41272] O58 - SDL:29/08/2012 - 08:34:03 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [43832] O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960] O58 - SDL:19/06/2013 - 15:15:24 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\Drivers\SYMEVENT64x86.SYS [177312] O58 - SDL:29/08/2012 - 08:35:13 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [448312] O58 - SDL:19/06/2012 - 03:07:50 ---A- . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\Drivers\usbfilter.sys [57000] O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19184] O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [164080] O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [322800] O58 - SDL:03/08/2012 - 13:07:30 ---A- . (.Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) -- C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [20288] ~ Drivers: 63 Scanned in 00mn 20s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 27/12/2014 - 09:36:43 ---A- . (.Google Inc..) -- C:\Users\lisa\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe [571272] O61 - LFC: 27/12/2014 - 09:36:43 ---A- . (.Google Inc..) -- C:\Users\lisa\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe [774424] O61 - LFC: 27/12/2014 - 09:36:57 ---A- . (...) -- C:\Users\lisa\Downloads\advisorinstaller.exe [3655960] O61 - LFC: 28/12/2014 - 09:36:57 ---A- . (...) -- C:\Users\lisa\Downloads\adwcleaner_4.106.exe [2173952] O61 - LFC: 28/12/2014 - 09:36:57 ---A- . (.Google Inc..) -- C:\Users\lisa\Downloads\ChromeSetup (1).exe [880784] O61 - LFC: 28/12/2014 - 09:36:57 ---A- . (.Nicolas Coolman.) -- C:\Users\lisa\Downloads\ZHPDiag2.exe [6860008] =>.Nicolas Coolman O61 - LFC: 28/12/2014 - 09:36:57 ---A- . (.Piriform Ltd.) -- C:\Users\lisa\Downloads\ccsetup501.exe [5317104] O61 - LFC: 29/12/2014 - 09:36:43 ---A- . (...) -- C:\Users\lisa\AppData\LocalLow\Sun\Java\jre1.8.0_25\java_sp.dll [481766] O61 - LFC: 29/12/2014 - 09:36:57 ---A- . (.Oracle Corporation.) -- C:\Users\lisa\Downloads\chromeinstall-8u25.exe [638888] ~ 24 Fichiers temporaires (Temporary files) ~ 12 Fichiers cookies (Cookies files) ~ Files: 9 Scanned in 01mn 37s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {C12A522C-7BC7-42B1-8CAB-75C5386F31FC} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com =>Toolbar.eBay ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [190976] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [305664] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3286528] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1287680] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792] O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224] ~ Services: 34 Scanned in 00mn 02s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "FB6D58DD787439A4995AF3C00FEA8843" . (.Internet Explorer Toolbar 4.8 by SweetPacks.) -- C:\Windows\Installer\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}\ARPPRODUCTICON.exe =>PUP.SweetIM ~ Update Products: 1 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.7CA0B080F66FEA1D702CD46DBB37BC4C] [WIS][24/11/2014] (.APN, LLC - Search App by Ask.) -- C:\Windows\Installer\4a00554.msi [507904] =>Toolbar.Avira ~ WIS: 1 Scanned in 00mn 13s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 12/08/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 12/08/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Auto 10/07/1658 0 | (supt4pc_fr_49) . (...) - C:\Users\lisa\AppData\Local\tuto4pc_fr_49\supt4pc_fr_49.exe =>PUP.Eorezo SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe SR - | Auto 02/08/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 06/08/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SR - | Auto 24/11/2014 166296 | (APNMCP) . (.APN LLC..) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask SR - | Auto 07/08/2012 211072 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 10/08/2012 85504 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co SR - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - | Auto 09/07/2012 35232 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe SR - | Auto 13/09/2013 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe SR - | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SR - | Auto 21/05/2013 144368 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 07/08/2012 323584 | (ZAtheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ~ Services: Scanned in 00mn 27s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by lisa at 29/12/2014 09:49:55 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by lisa at 29/12/2014 09:49:58 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13026 - (28/08/2014) Clés trouvées (Keys found) : 5 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 5 Fichiers trouvés (Files found) : 1 [HKLM\SYSTEM\CurrentControlSet\Services\supt4pc_fr_49] =>PUP.Eorezo^ [HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask [HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}] =>Toolbar.Yahoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\EP: RegExtension {76aa785e-0ace-46d5-ba82-ee5f1b429703} . (...) -- C:\extensions\Program Files (x86)\LyricsWoofer\133.xpi (.not file.) =>Adware.AddLyrics^ C:\Program Files (x86)\majtuto4pc_fr_a1 =>PUP.AgenceExclusive^ C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.Ask C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask C:\Users\lisa\AppData\Local\AskPartnerNetwork =>Toolbar.Ask C:\Windows\Installer\4a00554.msi =>Toolbar.Avira^ ~ Additionnel Scan: 272811 Items scanned in 00mn 53s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPKS) (O51) ~ AMI: 4 Scanned in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/adware-addlyrics =>Adware.AddLyrics http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive http://nicolascoolman.fr/pup-filescout =>PUP.FileScout http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider ~ MSI: 9 link(s) detected in 00mn 00s End of the scan (1259 lines in 20mn 44s)(0)