~ Rapport de ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014) ~ Lancé par CHRISTINE (24/01/2014 12:17:10) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.16476 GCIE: Google Chrome v32.0.1700.76 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : BWX77 Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2011 McAfee Security Scan Plus v3.8.130.10 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 2936 MB (51% free) System Restore: Activé (Enable) System drive C: has 55 GB (36%) free of 149 GB ---\\ Mode de connexion au système ~ Computer Name: CHRISTINE-TOSH ~ User Name: CHRISTINE ~ All Users Names: HomeGroupUser$, CHRISTINE, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\CHRISTINE\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\CHRISTINE\AppData\Roaming\ ~ %Desktop% : C:\Users\CHRISTINE\Desktop\ ~ %Favorites% : C:\Users\CHRISTINE\Desktop\Favorites\ ~ %LocalAppData% : C:\Users\CHRISTINE\AppData\Local\ ~ %StartMenu% : C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 55 Go of 149 Go) D: Hard drive, Flash drive, Thumb drive (Free 130 Go of 149 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 46 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/5990 ~ Mes musiques (My Musics) : 1/22 ~ Mes Videos (My Videos) : 2/70 ~ Mes Favoris (My Favorites) : 1/60 ~ Mes Documents (My Documents) : 1/122 ~ Mon Bureau (My Desktop) : 2/204 ~ Menu demarrer (Programs) : 1/25 ~ Hidden Files: Scanned in 00mn 01s ---\\ Processus lancés [MD5.1FAA54E9FFEA6FD3E0CEAD951CDDFEF6] - (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160] [PID.3780] [MD5.80D632DC81BDF6E58630D8FA329FAE54] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840] [PID.3888] [MD5.86E69581356CA45167EA6986B6E29087] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304560] [PID.3988] [MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.3728] [MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848] [PID.3388] [MD5.3B0BA44D5691E00088B956394FDE64B6] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584] [PID.4512] [MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.3832] [MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1192] [MD5.4DE2EE2A5186D74BABC4E7F60D2AE989] - (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456] [PID.1664] [MD5.CAB0EEAF5295FC96DDD3E19DCE27E131] - (.TOSHIBA CORPORATION - ConfigFree Service Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [46448] [PID.4456] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [hphehadppenpmajgnkjdcopcfijjegaf] Jump Flip v.1.0.0 (Désactivé) =>PUP.JumpFlip G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.0 (Activé) ~ Google Browser: 10 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\CHRISTINE\AppData\Roaming\Mozilla\Firefox\Profiles\7iivt05g.default\prefs.js M2 - MFEP: prefs.js [CHRISTINE - 7iivt05g.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.9 (..) P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_39] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npdeployJava1.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ~ Firefox Browser: 3 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.16428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 ~ IE Browser: 20 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: MSS+ Identifier [64Bits] - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll O2 - BHO: Désactivation du cookie publicitaire [64Bits] - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} . (.Google Inc - Pas de description.) -- C:\Program Files (x86)\Google\Advertising Cookie Opt-out\opt_out.dll O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d’aide de l’Assistant de connexion au compte Microsoft [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O2 - BHO: TOSHIBA Media Controller Plug-in [64Bits] - {F3C88694-EFFA-4d78-B409-54B7B2535B14} . (. - TOSHIBA Media Controller Plug-in.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline ~ BHO: 13 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [Public]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe O4 - GS\Desktop [Public]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation - OpenOffice 4.0.0.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Microsoft Default Manager.lnk . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.) O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation O4 - GS\QuickLaunch [CHRISTINE]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [CHRISTINE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [CHRISTINE]: Adobe Photoshop Elements 6.0.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Elements 6.0.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\Photoshop Elements 6.0.exe =>.Adobe Systems Incorporated O4 - GS\TaskBar [CHRISTINE]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar [CHRISTINE]: Google Earth.lnk . (.Google - Google Earth.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe =>.Google Inc O4 - GS\TaskBar [CHRISTINE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [CHRISTINE]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\TaskBar [CHRISTINE]: Skype.lnk . (...) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe O4 - GS\TaskBar [CHRISTINE]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\TaskBar [CHRISTINE]: Toshiba Assist.lnk . (...) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Assist\TInTouch.exe (.not file.) O4 - GS\TaskBar [CHRISTINE]: ViewNX 2.lnk . (...) -- C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\ViewNX2.exe (.not file.) O4 - GS\TaskBar [CHRISTINE]: VLC media player.lnk . (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (.not file.) =>.VideoLAN O4 - GS\TaskBar [CHRISTINE]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\TaskBar [CHRISTINE]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\Program [CHRISTINE]: Centre d'aide Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://support.google.com =>Hijacker.Browsers O4 - GS\Program [CHRISTINE]: Crédit Mutuel.lnk . (.Microsoft Corporation - Microsoft Silverlight Out-of-Browser Launch.) -- C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe O4 - GS\Program [CHRISTINE]: Créer des raccourcis vers des applications - Centre d'aide Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://support.google.com =>Hijacker.Browsers O4 - GS\Program [CHRISTINE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Accessories [CHRISTINE]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O4 - GS\Accessories [CHRISTINE]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [CHRISTINE]: Run.lnk - Clé orpheline O4 - GS\Accessories [CHRISTINE]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\SystemTools [CHRISTINE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SystemTools [CHRISTINE]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation O4 - GS\SendTo [CHRISTINE]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - GS\SendTo [CHRISTINE]: TOSHIBA Disc Creator (CD audio).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.Toshiba Corporation O4 - GS\SendTo [CHRISTINE]: TOSHIBA Disc Creator (Disque de données).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.Toshiba Corporation O4 - GS\SendTo [CHRISTINE]: TOSHIBA Disc Creator (Images vers disque).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.Toshiba Corporation O4 - GS\Desktop [CHRISTINE]: FAMILLE - Raccourci.lnk . (...) -- C:\Users\CHRISTINE\Pictures\PHOTOS\FAMILLE O4 - GS\Desktop [CHRISTINE]: FREEBOX - Raccourci.lnk - Clé orpheline O4 - GS\Desktop [CHRISTINE]: PHOTOS - Raccourci.lnk . (...) -- C:\Users\CHRISTINE\Pictures\PHOTOS O4 - GS\Desktop [CHRISTINE]: StoreJet Transcend - Raccourci.lnk - Clé orpheline O4 - GS\Desktop [CHRISTINE]: Téléchargements.lnk . (...) -- C:\Users\CHRISTINE\Downloads O4 - GS\Desktop [CHRISTINE]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [CHRISTINE]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman ~ Global Startup: 75 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.) O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.) O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe =>.Toshiba Corporation O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.) O4 - HKLM\..\Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.) O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.) O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe =>.Toshiba Corporation O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe O4 - HKLM\..\RunOnce: [NCInstallQueue] Clé orpheline O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe =>.Microsoft Corporation O4 - HKLM\..\Wow6432Node\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe O4 - HKLM\..\Wow6432Node\Run: [KeNotify] . (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.Toshiba Corporation O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [Nikon Message Center 2] . (.Nikon Corporation - Nikon Message Center 2.) -- C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe =>.Toshiba Corporation O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe =>.Toshiba Corporation O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2499207221-3485120698-3705934866-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 8 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{08AA94FA-D538-4D8E-8359-B52C8481DA8E}: DhcpNameServer = 100.100.0.101 O17 - HKLM\System\CCS\Services\Tcpip\..\{A50AB5DD-8E8D-49A5-B9F4-4B7C1126009C}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{08AA94FA-D538-4D8E-8359-B52C8481DA8E}: DhcpNameServer = 100.100.0.101 O17 - HKLM\System\CS1\Services\Tcpip\..\{A50AB5DD-8E8D-49A5-B9F4-4B7C1126009C}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{08AA94FA-D538-4D8E-8359-B52C8481DA8E}: DhcpNameServer = 100.100.0.101 O17 - HKLM\System\CS2\Services\Tcpip\..\{A50AB5DD-8E8D-49A5-B9F4-4B7C1126009C}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\Windows\system32\HPSIsvc.exe O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: Update GreyGray (Update GreyGray) . (...) - C:\Program Files (x86)\GreyGray\updateGreyGray.exe (.not file.) ~ Services: 10 Scanned in 00mn 08s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\File Helper.job [346] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1070] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1074] [MD5.24DC2A6F110B79787D6C5D5FF52A0235] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [765176] [MD5.86E69581356CA45167EA6986B6E29087] [APT] [ConfigFree Startup Programs] (.TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304560] [MD5.00000000000000000000000000000000] [APT] [File Helper] (...) -- C:\Program Files (x86)\File Helper\File Helper.lnk --scan --stack=from-scheduler (.not file.) [0] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [MD5.00000000000000000000000000000000] [APT] [Hoolapp For Android] (...) -- C:\Users\CHRISTINE\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Hoolapp Init] (...) -- C:\Users\CHRISTINE\AppData\Roaming\HOOLAP~1\Hoolapp.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{0807C59B-0108-4515-B9DB-BF0BB5DE43B7}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) [0] =>PUP.Babylon [MD5.00000000000000000000000000000000] [APT] [{3F29F2CB-FAD2-4649-A15B-F150021C941B}] (...) -- C:\Program Files\Alwil Software\Avast5\aswRundll.exe (.not file.) [0] [MD5.3B0BA44D5691E00088B956394FDE64B6] [APT] [{447C5F3C-FAA2-4CE9-91B0-FE871B58AFB2}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584] [MD5.3B0BA44D5691E00088B956394FDE64B6] [APT] [{5C00725D-E7CE-435B-A2A1-1CB1459FA1E3}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584] [MD5.00000000000000000000000000000000] [APT] [{7A97C962-F16E-4E39-AC72-0516572DCCC1}] (...) -- C:\Users\CHRISTINE\Downloads\wlsetup-web (1).exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8FE6FF5E-4EF0-466F-8F32-946241C9E51E}] (...) -- C:\Users\CHRISTINE\Downloads\S-VNX2__-212WF-EURFR-32BIT_.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A2510CE3-3D91-4516-9B78-1987A88FC0F8}] (...) -- E:\autorun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{B8AC1E9B-ADBF-41C3-847A-EAA0C60450F5}] (...) -- C:\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe (.not file.) [0] =>PUP.SweetIM [MD5.00000000000000000000000000000000] [APT] [{C0A9F426-D6D6-41D1-9655-F37E5E4944B8}] (...) -- C:\Users\CHRISTINE\Downloads\chromeinstall.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D9542DF0-AE63-4060-A1BC-6BA890832099}] (...) -- C:\emme\Plume\chapp.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] ~ Scheduled Task: 24 Scanned in 00mn 05s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 10 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 69 Scanned in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {52E225FC-FCB4-41F7-837B-6E37FB05BD7B} O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.downloadassistant.AdobeDownloadAssistant O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5E21B617-F52E-BB10-92F9-C8AB2C799A8A} O42 - Logiciel: Adobe Photoshop Elements 6.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Photoshop Elements 6 =>.Adobe Systems Incorporated O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Crédit Mutuel - (.mobile.creditmutuel.fr.) [HKCU][64Bits] -- 1048903886.mobile.creditmutuel.fr O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: File Uploader - (.Nikon.) [HKLM][64Bits] -- {237CD223-1B9D-47E8-A76C-E478B83CCEA2} O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Désactivation du cookie publicitaire - (.Google Inc.) [HKLM][64Bits] -- {60B6768E-D1E7-4340-A8CA-1ADBE940671B} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} O42 - Logiciel: HP LaserJet Professional M1130-M1210 MFP Series - (...) [HKLM][64Bits] -- HP LaserJet Professional M1130-M1210 MFP Series O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Internet TV pour Windows Media Center - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D318C86-AF4C-409F-A6AC-7183FF4CF424} =>.Microsoft Corporation O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {F6F30C28-38AA-4DBA-AE0B-7E30238E61BB} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM][64Bits] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2} =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Nikon Message Center 2 - (.Nikon.) [HKLM][64Bits] -- {B014EE44-9197-4513-9613-71E6EB1B514E} O42 - Logiciel: OpenOffice 4.0.0 - (.Apache Software Foundation.) [HKLM][64Bits] -- {4F8C9861-DDCF-4EE8-978C-35B691C406B3} O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1 O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- {9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E} O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM][64Bits] -- {87441A59-5E64-4096-A170-14EFE67200C3} O42 - Logiciel: Picture Control Utility x64 - (.Nikon.) [HKLM][64Bits] -- {11953C65-BB4E-4CA4-B0F0-2600A4B20040} O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} O42 - Logiciel: Rapport - (.Trusteer.) [HKLM][64Bits] -- {1DD81E7D-0D28-4CEB-87B2-C041A4FCB215} O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16} O42 - Logiciel: Scan To - (.HP.) [HKLM][64Bits] -- {E8A34AC8-0137-4515-A94B-0A0946DDC251} O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM][64Bits] -- {981029E0-7FC9-4CF3-AB39-6F133621921A} O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C2A276E3-154E-44DC-AAF1-FFDD7FD30E35} O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380} O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380} O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {E0FAA369-B0E3-48B8-9447-4873103B0012} O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31} O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F} O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F} O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.Nom de votre société.) [HKLM][64Bits] -- InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E} O42 - Logiciel: TOSHIBA Flash Cards Support Utility - (.Nom de votre société.) [HKLM][64Bits] -- {620BBA5E-F848-4D56-8BDA-584E44584C5E} O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38} O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38} O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3} O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {5279374D-87FE-4879-9385-F17278EBB9D3} O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22} O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0} O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} O42 - Logiciel: TOSHIBA Online Product Information - (.TOSHIBA.) [HKLM][64Bits] -- {2290A680-4083-410A-ADCC-7092C67FC052} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM][64Bits] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492} O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C} O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {24811C12-F4A9-4D0F-8494-A7B8FE46123C} O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E} O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3} O42 - Logiciel: TRORMCLauncher - (...) [HKLM][64Bits] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600} O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM][64Bits] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173} O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM][64Bits] -- {DBB7021A-3437-446F-ACE5-7261644A972C} =>.Toshiba Corporation O42 - Logiciel: Utility Common Driver - (.TOSHIBA.) [HKLM][64Bits] -- InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F} O42 - Logiciel: Utility Common Driver - (.TOSHIBA.) [HKLM][64Bits] -- {12688FD7-CB92-4A5B-BEE4-5C8E0574434F} O42 - Logiciel: ViewNX 2 - (.Nikon.) [HKLM][64Bits] -- {635BE602-BB9C-4C59-8CC5-93F9366E8A21} O42 - Logiciel: avast! Free Antivirus v9.0.2011 - (.Avast Software.) [HKLM][64Bits] -- avast O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ~ Logic: 46 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Avg] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\EasyBits] [HKCU\Software\File Helper] [HKCU\Software\FreeToLoad] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\Hoolapp] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Licenses] [HKCU\Software\MCAFEE] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Nikon)] [HKCU\Software\Marvell] [HKCU\Software\MozillaPlugins] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Nikon] [HKCU\Software\OpenOffice] [HKCU\Software\PDFCreator] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\RegisteredApplications] [HKCU\Software\Skype] [HKCU\Software\Software] [HKCU\Software\Spacious] [HKCU\Software\Sports] [HKCU\Software\Static Library] [HKCU\Software\Synaptics] [HKCU\Software\TOSHIBA] [HKCU\Software\Transcend Elite] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\USyndication] =>Trojan.USyndication [HKCU\Software\UpToDown] =>PUP.UpToDown [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Widgets] [HKCU\Software\Wow6432Node] [HKCU\Software\Yahoo] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\mozilla] [HKCU\Software\usyndication.com] =>Trojan.USyndication [HKCU\Software\yahooinstall] [HKLM\Software\ATI Technologies] [HKLM\Software\Audible] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cyberlink] [HKLM\Software\DTS] [HKLM\Software\File Helper] [HKLM\Software\Google] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Macromedia] [HKLM\Software\Marvell] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\SiteAdvisor] [HKLM\Software\SonicFocus] [HKLM\Software\Sonic] [HKLM\Software\Synaptics] [HKLM\Software\TOSHIBA] [HKLM\Software\Toshiba Tempro] =>.Toshiba Corporation [HKLM\Software\TuneUp] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node\ALWIL Software] [HKLM\Software\Wow6432Node\AVAST Software] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Audible] [HKLM\Software\Wow6432Node\COMPAL] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HewlettPackard] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\KoyoteSRTB] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Macrovision] [HKLM\Software\Wow6432Node\McAfeeInstaller] [HKLM\Software\Wow6432Node\McAfee] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Nero] [HKLM\Software\Wow6432Node\Nikon] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OpenOffice] [HKLM\Software\Wow6432Node\PDFCreator] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\RtWLan] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Software] [HKLM\Software\Wow6432Node\Sonic] [HKLM\Software\Wow6432Node\Super Strings] [HKLM\Software\Wow6432Node\Sync Services] [HKLM\Software\Wow6432Node\Synth Textures] [HKLM\Software\Wow6432Node\TOSHIBA CORPORATION] [HKLM\Software\Wow6432Node\TOSHIBA] [HKLM\Software\Wow6432Node\Trusteer] [HKLM\Software\Wow6432Node\TuneUp] [HKLM\Software\Wow6432Node\Video Converter] [HKLM\Software\Wow6432Node\Windows] [HKLM\Software\Wow6432Node\Yahoo] [HKLM\Software\Wow6432Node\emme] [HKLM\Software\Wow6432Node\emmegroups] [HKLM\Software\Wow6432Node\laserjet] [HKLM\Software\Wow6432Node\mcafeeupdater] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] [HKLM\Software\mcafeeupdater] ~ Key Software: 275 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 14/04/2013 - 09:14:44 - [372,331] ----D C:\Program Files (x86)\Adobe O43 - CFD: 07/04/2013 - 09:33:35 - [2,913] ----D C:\Program Files (x86)\Adobe Download Assistant O43 - CFD: 07/09/2011 - 21:04:09 - [2,316] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 20/01/2014 - 19:20:31 - [278,814] ----D C:\Program Files (x86)\Common Files O43 - CFD: 15/06/2013 - 08:56:55 - [0,107] ----D C:\Program Files (x86)\Free Easy CD DVD Burner O43 - CFD: 10/12/2013 - 09:44:17 - [734,226] ----D C:\Program Files (x86)\Google O43 - CFD: 14/06/2013 - 13:03:36 - [149,943] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 15/09/2010 - 07:38:57 - [62,665] ----D C:\Program Files (x86)\Intel O43 - CFD: 13/12/2013 - 09:37:57 - [10,979] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 23/04/2013 - 07:46:31 - [0,892] ----D C:\Program Files (x86)\Java O43 - CFD: 20/05/2012 - 19:20:02 - [0,482] ----D C:\Program Files (x86)\Kerio O43 - CFD: 15/02/2011 - 09:58:57 - [0] ----D C:\Program Files (x86)\McAfee O43 - CFD: 16/10/2013 - 19:14:13 - [0] ----D C:\Program Files (x86)\McAfee Security Scan O43 - CFD: 12/12/2012 - 19:00:06 - [1,835] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 16/10/2013 - 22:08:31 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 31/10/2013 - 20:13:37 - [5,397] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 01/09/2010 - 17:27:15 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 14/02/2011 - 22:40:23 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 08/02/2011 - 15:48:06 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 20/05/2012 - 19:15:25 - [0] ----D C:\Program Files (x86)\My Company Name O43 - CFD: 18/10/2012 - 18:11:20 - [36,772] ----D C:\Program Files (x86)\Nikon O43 - CFD: 10/08/2013 - 09:48:20 - [315,745] ----D C:\Program Files (x86)\OpenOffice 4 O43 - CFD: 04/03/2013 - 11:49:15 - [2,961] ----D C:\Program Files (x86)\PDFCreator O43 - CFD: 01/09/2010 - 17:21:27 - [26,129] ----D C:\Program Files (x86)\Photo-Service O43 - CFD: 27/05/2013 - 17:34:33 - [73,545] ----D C:\Program Files (x86)\QuickTime O43 - CFD: 15/09/2010 - 07:50:04 - [16,788] ----D C:\Program Files (x86)\Realtek O43 - CFD: 15/09/2010 - 07:50:58 - [5,446] ----D C:\Program Files (x86)\Realtek WLAN Driver O43 - CFD: 14/07/2009 - 06:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 31/05/2013 - 12:55:19 - [4,720] ----D C:\Program Files (x86)\RocketPDF O43 - CFD: 13/09/2012 - 21:05:05 - [24,550] R---D C:\Program Files (x86)\Skype O43 - CFD: 08/02/2013 - 20:44:15 - [0] ----D C:\Program Files (x86)\SweetPacks =>PUP.SweetIM O43 - CFD: 20/01/2014 - 12:31:32 - [0] ----D C:\Program Files (x86)\Systweak Support Dock O43 - CFD: 15/09/2010 - 07:41:42 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 24/06/2013 - 10:08:58 - [243,677] ----D C:\Program Files (x86)\TOSHIBA O43 - CFD: 17/09/2012 - 21:13:51 - [16,673] ----D C:\Program Files (x86)\TOSHIBA Games O43 - CFD: 20/01/2014 - 17:26:52 - [10,895] ----D C:\Program Files (x86)\Toshiba TEMPRO =>.Toshiba Corporation O43 - CFD: 06/05/2013 - 14:20:54 - [0,941] ----D C:\Program Files (x86)\Traducteur O43 - CFD: 31/05/2013 - 12:55:21 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 22/01/2014 - 23:04:22 - [0] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 11/07/2013 - 07:37:13 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 31/10/2013 - 20:18:56 - [155,107] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 08/11/2011 - 13:23:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 13/12/2013 - 09:38:03 - [4,791] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 08/11/2011 - 13:23:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 08/11/2011 - 13:23:23 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 08/11/2011 - 13:23:23 - [6,267] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 18/02/2011 - 20:57:51 - [0] ----D C:\Program Files (x86)\Yahoo! O43 - CFD: 24/01/2014 - 12:16:19 - [17,257] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 20/01/2014 - 00:13:38 - [0] ----D C:\Program Files (x86)\ZHPFix =>.Nicolas Coolman O43 - CFD: 21/01/2014 - 18:55:36 - [44,322] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 01/12/2013 - 20:53:26 - [45,951] ----D C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 16/02/2011 - 16:37:22 - [64,209] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 16/02/2011 - 16:24:26 - [5,209] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 19/02/2011 - 18:48:59 - [0,625] ----D C:\Program Files (x86)\Common Files\Macrovision Shared O43 - CFD: 14/02/2011 - 21:35:07 - [0,782] ----D C:\Program Files (x86)\Common Files\mcafee O43 - CFD: 31/10/2013 - 20:17:47 - [20,599] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 23/10/2013 - 22:05:10 - [0,066] ----D C:\Program Files (x86)\Common Files\Nero O43 - CFD: 18/10/2012 - 18:12:10 - [33,337] ----D C:\Program Files (x86)\Common Files\Nikon O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 13/09/2012 - 21:05:04 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 11/11/2011 - 15:01:25 - [9,767] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 24/06/2013 - 10:10:08 - [4,069] ----D C:\Program Files (x86)\Common Files\Toshiba Shared O43 - CFD: 01/09/2010 - 17:25:12 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 01/09/2010 - 17:24:40 - [8,619] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 18/10/2012 - 18:12:04 - [0] ----D C:\ProgramData\AccountTypes O43 - CFD: 21/01/2014 - 18:55:42 - [520,784] ----D C:\ProgramData\Adobe O43 - CFD: 20/01/2014 - 12:36:28 - [0] ----D C:\ProgramData\Allmyapps O43 - CFD: 14/02/2011 - 22:00:16 - [1,147] ----D C:\ProgramData\Alwil Software O43 - CFD: 18/10/2012 - 18:11:08 - [0] ----D C:\ProgramData\Analog Pad O43 - CFD: 16/02/2011 - 16:37:12 - [98,146] ----D C:\ProgramData\Apple O43 - CFD: 27/05/2013 - 17:34:15 - [26,332] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 28/11/2013 - 19:05:32 - [27,579] ----D C:\ProgramData\AVAST Software O43 - CFD: 22/01/2014 - 23:00:22 - [0,131] ----D C:\ProgramData\AVG2014 O43 - CFD: 02/02/2011 - 14:33:52 - [0] -SH-D C:\ProgramData\Bureau O43 - CFD: 04/03/2013 - 11:49:40 - [0] --H-D C:\ProgramData\Common Files O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Desktop O43 - CFD: 18/10/2012 - 18:10:17 - [0] ----D C:\ProgramData\Documentation O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Documents O43 - CFD: 18/10/2012 - 18:10:17 - [0,001] ----D C:\ProgramData\EnterNHelp O43 - CFD: 02/02/2011 - 14:33:52 - [0] -SH-D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Favorites O43 - CFD: 20/01/2014 - 17:26:54 - [0,001] ----D C:\ProgramData\FLEXnet O43 - CFD: 02/03/2013 - 09:38:04 - [0,012] ----D C:\ProgramData\Google O43 - CFD: 21/03/2013 - 08:34:47 - [0,004] ----D C:\ProgramData\IsolatedStorage O43 - CFD: 18/10/2012 - 18:11:07 - [0] ----D C:\ProgramData\laserjet O43 - CFD: 15/02/2011 - 09:58:57 - [0,046] ----D C:\ProgramData\McAfee O43 - CFD: 21/01/2014 - 19:04:40 - [0,001] ----D C:\ProgramData\McAfee Security Scan O43 - CFD: 02/02/2011 - 14:33:52 - [0] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 22/01/2014 - 23:02:16 - [73,297] ----D C:\ProgramData\MFAData O43 - CFD: 22/12/2013 - 16:30:34 - [294,892] -S--D C:\ProgramData\Microsoft O43 - CFD: 18/11/2011 - 17:15:53 - [0,048] ----D C:\ProgramData\Microsoft Help O43 - CFD: 31/10/2013 - 20:13:07 - [0] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 02/02/2011 - 14:33:52 - [0] -SH-D C:\ProgramData\Modèles O43 - CFD: 30/08/2012 - 18:00:50 - [0] ----D C:\ProgramData\Mozilla O43 - CFD: 23/10/2013 - 22:04:47 - [0,980] ----D C:\ProgramData\Nero O43 - CFD: 04/03/2013 - 19:41:05 - [0,159] ----D C:\ProgramData\Nikon O43 - CFD: 13/09/2012 - 21:05:03 - [41,218] ----D C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Start Menu O43 - CFD: 01/09/2010 - 17:03:13 - [0] ----D C:\ProgramData\Sun O43 - CFD: 07/02/2013 - 14:26:05 - [0] ---AD C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Templates O43 - CFD: 27/05/2013 - 15:17:24 - [22,767] ----D C:\ProgramData\Toshiba O43 - CFD: 21/03/2013 - 08:34:47 - [0] ----D C:\ProgramData\TOSHIBA Tempro =>.Toshiba Corporation O43 - CFD: 02/02/2011 - 14:34:41 - [0,002] ----D C:\ProgramData\ToshibaEurope O43 - CFD: 30/08/2012 - 17:45:25 - [142,583] ----D C:\ProgramData\Trusteer O43 - CFD: 04/03/2013 - 11:49:58 - [0,301] ----D C:\ProgramData\TuneUp Software O43 - CFD: 18/10/2012 - 18:10:17 - [0] ----D C:\ProgramData\Ultima_T15 O43 - CFD: 24/10/2011 - 11:55:39 - [0] ----D C:\ProgramData\VirtualizedApplications O43 - CFD: 15/09/2010 - 07:44:30 - [2,158] ----D C:\ProgramData\vista32 O43 - CFD: 15/09/2010 - 07:44:30 - [3,146] ----D C:\ProgramData\vista64 O43 - CFD: 17/09/2012 - 21:13:45 - [0,588] ----D C:\ProgramData\WildTangent O43 - CFD: 15/09/2010 - 07:47:52 - [2,117] ----D C:\ProgramData\win7_32 O43 - CFD: 15/09/2010 - 07:47:52 - [3,069] ----D C:\ProgramData\win7_64 O43 - CFD: 15/09/2010 - 07:44:29 - [0,055] ----D C:\ProgramData\xp O43 - CFD: 04/03/2013 - 11:49:41 - [23,027] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 12/06/2011 - 15:14:40 - [107,985] ----D C:\Users\CHRISTINE\AppData\Roaming\Adobe O43 - CFD: 19/11/2011 - 09:17:48 - [0,021] ----D C:\Users\CHRISTINE\AppData\Roaming\Apple Computer O43 - CFD: 28/11/2013 - 19:36:32 - [6,149] ----D C:\Users\CHRISTINE\AppData\Roaming\AVAST Software O43 - CFD: 22/01/2014 - 21:46:31 - [0,001] ----D C:\Users\CHRISTINE\AppData\Roaming\AVG2014 O43 - CFD: 07/04/2013 - 09:33:38 - [0,011] ----D C:\Users\CHRISTINE\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 20/01/2014 - 12:01:15 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\DigitalSites =>Hijacker.DSite O43 - CFD: 03/07/2013 - 18:33:15 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\dvdcss O43 - CFD: 15/06/2013 - 08:50:36 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\FreeBurner O43 - CFD: 03/03/2013 - 09:38:54 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\Google O43 - CFD: 07/02/2013 - 14:43:08 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\HoolappForAndroid O43 - CFD: 02/02/2011 - 15:09:11 - [0,006] ----D C:\Users\CHRISTINE\AppData\Roaming\HP O43 - CFD: 02/02/2011 - 14:36:55 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\Identities O43 - CFD: 02/03/2011 - 19:26:37 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\InstallShield O43 - CFD: 01/09/2010 - 17:21:25 - [0,055] ----D C:\Users\CHRISTINE\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - 16:35:05 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\Media Center Programs O43 - CFD: 20/01/2014 - 19:25:35 - [19,516] -S--D C:\Users\CHRISTINE\AppData\Roaming\Microsoft O43 - CFD: 05/03/2012 - 13:54:21 - [14,004] ----D C:\Users\CHRISTINE\AppData\Roaming\Mozilla O43 - CFD: 23/05/2011 - 15:22:17 - [5,213] ----D C:\Users\CHRISTINE\AppData\Roaming\Nero O43 - CFD: 18/02/2011 - 16:10:36 - [9,530] ----D C:\Users\CHRISTINE\AppData\Roaming\Nikon O43 - CFD: 10/08/2013 - 10:07:35 - [7,749] ----D C:\Users\CHRISTINE\AppData\Roaming\OpenOffice O43 - CFD: 31/05/2013 - 12:56:00 - [0,001] ----D C:\Users\CHRISTINE\AppData\Roaming\RocketPDF O43 - CFD: 21/03/2013 - 22:32:43 - [4,067] ----D C:\Users\CHRISTINE\AppData\Roaming\Skype O43 - CFD: 08/08/2012 - 15:07:51 - [0,025] ----D C:\Users\CHRISTINE\AppData\Roaming\skypePM O43 - CFD: 03/07/2013 - 18:42:27 - [0,884] ----D C:\Users\CHRISTINE\AppData\Roaming\SoftGrid Client O43 - CFD: 18/07/2013 - 19:09:21 - [0,457] ----D C:\Users\CHRISTINE\AppData\Roaming\TomTom O43 - CFD: 27/05/2013 - 15:33:31 - [6,847] ----D C:\Users\CHRISTINE\AppData\Roaming\Toshiba O43 - CFD: 24/10/2011 - 09:11:50 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\TP O43 - CFD: 03/03/2012 - 17:43:38 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\Transcend Elite O43 - CFD: 22/01/2014 - 21:45:16 - [0,003] ----D C:\Users\CHRISTINE\AppData\Roaming\TuneUp Software O43 - CFD: 27/10/2013 - 10:04:43 - [0,078] ----D C:\Users\CHRISTINE\AppData\Roaming\vlc O43 - CFD: 02/03/2011 - 19:26:32 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\WinBatch O43 - CFD: 02/10/2011 - 11:14:47 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\Windows Live Writer O43 - CFD: 02/02/2011 - 16:15:59 - [0] ----D C:\Users\CHRISTINE\AppData\Roaming\Yahoo! O43 - CFD: 24/01/2014 - 12:17:40 - [0,318] ----D C:\Users\CHRISTINE\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 20/01/2014 - 12:29:58 - [15,869] ----D C:\Users\CHRISTINE\AppData\Local\Adobe O43 - CFD: 16/02/2011 - 16:37:15 - [0] ----D C:\Users\CHRISTINE\AppData\Local\Apple O43 - CFD: 18/02/2011 - 21:22:58 - [0] ----D C:\Users\CHRISTINE\AppData\Local\Apple Computer O43 - CFD: 02/02/2011 - 14:34:13 - [0] -SH-D C:\Users\CHRISTINE\AppData\Local\Application Data O43 - CFD: 08/02/2011 - 15:22:40 - [1,173] ----D C:\Users\CHRISTINE\AppData\Local\Apps O43 - CFD: 22/01/2014 - 21:48:50 - [0,027] ----D C:\Users\CHRISTINE\AppData\Local\Avg2014 O43 - CFD: 21/01/2014 - 13:20:11 - [0] ----D C:\Users\CHRISTINE\AppData\Local\cache O43 - CFD: 20/01/2014 - 12:17:35 - [0] ----D C:\Users\CHRISTINE\AppData\Local\CrashRpt O43 - CFD: 02/12/2013 - 09:07:00 - [3,041] ----D C:\Users\CHRISTINE\AppData\Local\CRE O43 - CFD: 08/02/2011 - 15:22:59 - [0] ----D C:\Users\CHRISTINE\AppData\Local\Deployment O43 - CFD: 20/01/2014 - 14:10:09 - [1,031] ----D C:\Users\CHRISTINE\AppData\Local\Diagnostics O43 - CFD: 18/07/2013 - 19:06:59 - [123,296] ----D C:\Users\CHRISTINE\AppData\Local\Downloaded Installations O43 - CFD: 15/01/2014 - 13:42:00 - [0,264] ----D C:\Users\CHRISTINE\AppData\Local\ElevatedDiagnostics O43 - CFD: 21/01/2014 - 18:55:44 - [440,344] ----D C:\Users\CHRISTINE\AppData\Local\Google O43 - CFD: 02/02/2011 - 14:34:13 - [0] -SH-D C:\Users\CHRISTINE\AppData\Local\Historique O43 - CFD: 30/08/2012 - 20:19:12 - [0] ----D C:\Users\CHRISTINE\AppData\Local\Macromedia O43 - CFD: 22/01/2014 - 21:39:59 - [8,836] ----D C:\Users\CHRISTINE\AppData\Local\MFAData O43 - CFD: 11/12/2013 - 08:33:47 - [631,592] ----D C:\Users\CHRISTINE\AppData\Local\Microsoft O43 - CFD: 20/02/2011 - 20:01:08 - [0,336] ----D C:\Users\CHRISTINE\AppData\Local\Microsoft Games O43 - CFD: 18/11/2011 - 17:15:52 - [0] ----D C:\Users\CHRISTINE\AppData\Local\Microsoft Help O43 - CFD: 18/01/2014 - 10:34:24 - [0] ----D C:\Users\CHRISTINE\AppData\Local\MigWiz O43 - CFD: 20/01/2014 - 17:25:41 - [46,449] ----D C:\Users\CHRISTINE\AppData\Local\Mozilla O43 - CFD: 23/05/2011 - 15:24:18 - [0,001] ----D C:\Users\CHRISTINE\AppData\Local\Nero_AG O43 - CFD: 18/10/2012 - 18:13:50 - [70,513] ----D C:\Users\CHRISTINE\AppData\Local\Nikon O43 - CFD: 28/01/2013 - 15:23:08 - [0] ----D C:\Users\CHRISTINE\AppData\Local\Programs O43 - CFD: 24/10/2011 - 09:11:41 - [0,750] ----D C:\Users\CHRISTINE\AppData\Local\SoftGrid Client O43 - CFD: 20/01/2014 - 19:34:22 - [0] ----D C:\Users\CHRISTINE\AppData\Local\Software O43 - CFD: 24/01/2014 - 12:17:22 - [158,494] ----D C:\Users\CHRISTINE\AppData\Local\Temp O43 - CFD: 02/02/2011 - 14:34:13 - [0] -SH-D C:\Users\CHRISTINE\AppData\Local\Temporary Internet Files O43 - CFD: 18/07/2013 - 19:09:21 - [1,735] ----D C:\Users\CHRISTINE\AppData\Local\TomTom O43 - CFD: 02/02/2011 - 15:11:20 - [0,001] ----D C:\Users\CHRISTINE\AppData\Local\Toshiba O43 - CFD: 02/02/2011 - 17:22:12 - [0,001] ----D C:\Users\CHRISTINE\AppData\Local\TOSHIBA_Corporation O43 - CFD: 30/08/2012 - 17:54:18 - [17,832] ----D C:\Users\CHRISTINE\AppData\Local\Trusteer O43 - CFD: 04/03/2013 - 12:04:53 - [0,024] ----D C:\Users\CHRISTINE\AppData\Local\VirtualStore O43 - CFD: 09/01/2014 - 20:08:54 - [0,094] ----D C:\Users\CHRISTINE\AppData\Local\Windows Live O43 - CFD: 29/03/2011 - 19:58:02 - [0,620] ----D C:\Users\CHRISTINE\AppData\Local\Windows Live Writer O43 - CFD: 12/11/2011 - 19:53:50 - [0] ----D C:\Users\CHRISTINE\AppData\Local\_NkvMail@ O43 - CFD: 14/07/2009 - 05:54:32 - [0,014] R---D C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 13/09/2013 - 07:58:24 - [0] R---D C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 14/07/2009 - 05:49:38 - [0,001] R---D C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 13/09/2013 - 07:58:24 - [0] R---D C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ~ 100 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 294 Scanned in 00mn 03s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3555BA97171CD153118F73FDCCC8BFDE] - 20/01/2014 - 17:39:05 ---A- . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Drivers\netio.sys [376768] O44 - LFC:[MD5.F2BF71FCEAB8FB8A691408C478E2FF4C] - 20/01/2014 - 17:39:08 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3156480] O44 - LFC:[MD5.8D1196CFBB223621F2C67D45710F25BA] - 20/01/2014 - 17:39:12 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys [343040] O44 - LFC:[MD5.18A85013A3E0F7E1755365D287443965] - 20/01/2014 - 17:39:12 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [53248] O44 - LFC:[MD5.765A92D428A8DB88B960DA5A8D6089DC] - 20/01/2014 - 17:39:12 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys [25600] O44 - LFC:[MD5.12FEB33791920678F8433701C822BCFD] - 20/01/2014 - 17:39:12 ---A- . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\Drivers\usbport.sys [325120] O44 - LFC:[MD5.DD253AFC3BC6CBA412342DE60C3647F3] - 20/01/2014 - 17:39:12 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [30720] O44 - LFC:[MD5.DCA68B0943D6FA415F0C56C92158A83A] - 20/01/2014 - 17:39:12 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys [99840] O44 - LFC:[MD5.FFA06EF43987ED0DD42AD59B260C0C78] - 20/01/2014 - 17:39:12 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [7808] O44 - LFC:[MD5.DCA862F9796BBF621DB12768978DBBA6] - 20/01/2014 - 17:54:11 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [86054176] O44 - LFC:[MD5.A097DA3C5952B80941C4E95784F63E53] - 20/01/2014 - 18:31:18 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [299304] O44 - LFC:[MD5.5280A9E16274DDBCB731BB4AB6F1C615] - 22/01/2014 - 23:15:14 ---A- . (...) -- C:\Windows\PFRO.log [322382] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/01/2014 - 15:26:01 ---A- . (...) -- C:\Windows\System32\chkdsk [0] O44 - LFC:[MD5.BB2A818F18F838C0F0AC0E8850F717D4] - 23/01/2014 - 18:26:37 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669656] O44 - LFC:[MD5.E67F13002CA8019BE80406CCAA7BEBFA] - 23/01/2014 - 18:26:37 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122352] O44 - LFC:[MD5.0070378DC714A32A935062B920D98DD0] - 23/01/2014 - 18:26:37 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150402] O44 - LFC:[MD5.2C352A28AC74C1F89A868C601121FE6E] - 23/01/2014 - 18:26:37 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654480] O44 - LFC:[MD5.FD1042B27F445338CD7D4BAE02EEAEAC] - 23/01/2014 - 18:26:37 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747910] O44 - LFC:[MD5.ADF0B4D67DB8C8987CEC37C4BBD4E5CD] - 24/01/2014 - 09:18:59 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.E4E715D693BDF668E8CB98552ABAF409] - 24/01/2014 - 09:19:01 ---A- . (...) -- C:\Windows\setupact.log [2408] O44 - LFC:[MD5.48C36517A9F9B5597F961A9382E79968] - 24/01/2014 - 09:22:16 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1314824] ~ Files: 21 Scanned in 00mn 24s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.EDCAB49C7254F49455B4F8CF4FAE2235] - 18/01/2014 - 08:33:44 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.B9C9A0029AE8795D4B6A2EDED7C2F943] - 21/01/2014 - 18:15:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf O45 - LFCP:[MD5.C81BEA2180B22E5165E9A17B2B28655D] - 22/01/2014 - 23:13:57 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf O45 - LFCP:[MD5.866E938485414594120FEA76914320A2] - 23/01/2014 - 10:25:37 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf O45 - LFCP:[MD5.60154831160732689CAF7068EEF900A4] - 23/01/2014 - 13:02:55 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-297C4568.pf O45 - LFCP:[MD5.CF564B7EBC961FA684F8A04844DAA650] - 23/01/2014 - 13:05:04 ---A- - C:\Windows\Prefetch\HPM1210SM.EXE-198B95FD.pf O45 - LFCP:[MD5.30B597D5132C8306BF034CDD9CC2A515] - 23/01/2014 - 13:18:00 ---A- - C:\Windows\Prefetch\CFMAIN.EXE-99168EBD.pf O45 - LFCP:[MD5.5DD2284D426B480D6536F7259DC59FD2] - 23/01/2014 - 13:35:16 ---A- - C:\Windows\Prefetch\TCRDMAIN.EXE-3DBFB9C5.pf O45 - LFCP:[MD5.03AEC9C47F11014EB642F3FBCF63302C] - 23/01/2014 - 13:39:39 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf O45 - LFCP:[MD5.6C31DCB655C2EF4DE959837919F63BB9] - 23/01/2014 - 13:39:44 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf O45 - LFCP:[MD5.0A612B191F10D369B6596B4901E87105] - 23/01/2014 - 14:53:07 ---A- - C:\Windows\Prefetch\SMOOTHVIEW.EXE-0A8316E6.pf O45 - LFCP:[MD5.68695C6A21690AA6CB2AFBA85224F65F] - 23/01/2014 - 15:06:51 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-79E9E64A.pf O45 - LFCP:[MD5.C8B5A0F16439E41493B80CF3070164D9] - 23/01/2014 - 15:07:00 ---A- - C:\Windows\Prefetch\SC.EXE-945D79AE.pf O45 - LFCP:[MD5.E57CE7BCE9A0CB41DCC280A0DFAA1534] - 23/01/2014 - 15:27:41 ---A- - C:\Windows\Prefetch\EVENTVWR.EXE-E775CAE5.pf O45 - LFCP:[MD5.61302249D0B75DE594B033D3BC82D25C] - 23/01/2014 - 15:27:46 ---A- - C:\Windows\Prefetch\MMC.EXE-43333CB7.pf O45 - LFCP:[MD5.B8048E73290CA7C8A2FFEF3A2EF84E6C] - 23/01/2014 - 15:37:12 ---A- - C:\Windows\Prefetch\WSCRIPT.EXE-52CF1F0C.pf O45 - LFCP:[MD5.73D732CA31C481E41765C0965CF73EFC] - 23/01/2014 - 15:49:26 ---A- - C:\Windows\Prefetch\SNIPPINGTOOL.EXE-EFFDAFDE.pf O45 - LFCP:[MD5.0883288AC1A589FBD7B27BA88C7F9753] - 23/01/2014 - 15:49:27 ---A- - C:\Windows\Prefetch\WISPTIS.EXE-595A3677.pf O45 - LFCP:[MD5.800812C85E9F9CFFC8C68CC100430B3B] - 23/01/2014 - 16:02:21 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf O45 - LFCP:[MD5.33722041DC438A4147AD19808C1CA795] - 23/01/2014 - 16:07:44 ---A- - C:\Windows\Prefetch\CHKDSK.EXE-7F65C258.pf O45 - LFCP:[MD5.61CF5E4EEC46708CE82AB672728BA723] - 23/01/2014 - 16:11:24 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf O45 - LFCP:[MD5.0795490ACFEA2E986857F7696F5F835E] - 23/01/2014 - 16:13:31 ---A- - C:\Windows\Prefetch\SMARTFACEVWATCHER.EXE-A9E78692.pf O45 - LFCP:[MD5.F0876F5A08F5695674AC9186E2F7CE48] - 23/01/2014 - 16:13:32 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-E6DC1353.pf O45 - LFCP:[MD5.D38BD1238BE894930B649A7A2CEEC027] - 23/01/2014 - 16:13:40 ---A- - C:\Windows\Prefetch\NKMC2.EXE-74A37982.pf O45 - LFCP:[MD5.ABC717362DD6BEF283619D9AB68A237E] - 23/01/2014 - 16:13:40 ---A- - C:\Windows\Prefetch\SSSCHEDULER.EXE-67936310.pf O45 - LFCP:[MD5.C7271C20AB6C506FE3B0784FAECA3E18] - 23/01/2014 - 16:13:41 ---A- - C:\Windows\Prefetch\APSDAEMON.EXE-4484BAA6.pf O45 - LFCP:[MD5.056F702135ABE2C9C1D66151898DB747] - 23/01/2014 - 16:13:45 ---A- - C:\Windows\Prefetch\TOSHIBASERVICESTATION.EXE-92A6EAE9.pf O45 - LFCP:[MD5.E54D189552E91A9C2A1D318E82396F06] - 23/01/2014 - 17:10:09 ---A- - C:\Windows\Prefetch\PING.EXE-371F41E2.pf O45 - LFCP:[MD5.6B5FAB676B0555626B7CF5F06C76B66C] - 23/01/2014 - 17:11:15 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-2E0065BF.pf O45 - LFCP:[MD5.5790D0971988B5C3CAF378AFA5226DDE] - 23/01/2014 - 17:13:54 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf O45 - LFCP:[MD5.8E7DF0127274115E46B795E714B04E26] - 23/01/2014 - 17:13:54 ---A- - C:\Windows\Prefetch\REG.EXE-E7E8BD26.pf O45 - LFCP:[MD5.918BE48BB6BA3B51D87333226D064F39] - 23/01/2014 - 17:15:45 ---A- - C:\Windows\Prefetch\KENOTIFY.EXE-E6F3D900.pf O45 - LFCP:[MD5.86BBA12B7ECCDBF23EF0FA54D80966AB] - 23/01/2014 - 17:15:46 ---A- - C:\Windows\Prefetch\TWEBCAMERA.EXE-82879EEF.pf O45 - LFCP:[MD5.1B02ACFA69D7BEE1F89A0B6D026A131A] - 23/01/2014 - 17:28:39 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf O45 - LFCP:[MD5.B243833379EAE034EC104F91327BFD79] - 23/01/2014 - 17:51:34 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf O45 - LFCP:[MD5.FEBB0A189C30A4437FF1FBF1F199D495] - 23/01/2014 - 18:25:30 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf O45 - LFCP:[MD5.8EF7A39680C2695F633798AA0BB05A01] - 23/01/2014 - 18:33:36 ---A- - C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-17410B90.pf O45 - LFCP:[MD5.4C3D8418ADB7AB21457B7211F2B9D4E9] - 23/01/2014 - 18:33:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7A37F3C0.pf O45 - LFCP:[MD5.1F6CE19B48964FF3B10ED79C94A6B2C8] - 23/01/2014 - 18:40:11 ---A- - C:\Windows\Prefetch\MCUICNT.EXE-8A03D28E.pf O45 - LFCP:[MD5.2FE5941DC41AFC5EF4F081F09C291FFD] - 23/01/2014 - 19:18:16 ---A- - C:\Windows\Prefetch\MCCHSVC.EXE-80D2FA6A.pf O45 - LFCP:[MD5.4F7631715B9DE553ECA97CF6D7603A37] - 23/01/2014 - 21:15:29 ---A- - C:\Windows\Prefetch\INSTUP.EXE-7E543EAF.pf O45 - LFCP:[MD5.16B7F5D29F7E578DA3502BAD67F76B01] - 23/01/2014 - 21:15:46 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-3B5B9E84.pf O45 - LFCP:[MD5.DF4A5F7158CA3A7E72EA25B1DC233A93] - 23/01/2014 - 21:42:54 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf O45 - LFCP:[MD5.A0E0094EECF8CEC2139DADCED6A9F38D] - 23/01/2014 - 21:44:07 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf O45 - LFCP:[MD5.7D9D8E5276ACF4234A1B6A2534DD59B3] - 24/01/2014 - 09:03:32 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-F11F9E20.pf O45 - LFCP:[MD5.9790CDC74D96D850DC2B2D79946FA3AB] - 24/01/2014 - 09:03:32 ---A- - C:\Windows\Prefetch\TOSHIBAREMINDER.EXE-82C396B3.pf O45 - LFCP:[MD5.D19A2411B3280F3CA9363E0E8C200915] - 24/01/2014 - 09:03:32 ---A- - C:\Windows\Prefetch\TOSVOLREGULATOR.EXE-99D29444.pf O45 - LFCP:[MD5.C773E3FE2F3C10097C93728BD01930CF] - 24/01/2014 - 09:03:32 ---A- - C:\Windows\Prefetch\TOSWAITSRV.EXE-4901C686.pf O45 - LFCP:[MD5.256C88674F07EB8964305C1A1B7C1475] - 24/01/2014 - 09:07:53 ---A- - C:\Windows\Prefetch\MCUPDATE.EXE-62E74733.pf O45 - LFCP:[MD5.35119C8ECDDB7C14CBF2AE07ECEB6A7A] - 24/01/2014 - 09:07:56 ---A- - C:\Windows\Prefetch\EHSCHED.EXE-7A86D5F8.pf O45 - LFCP:[MD5.C47281390AE9147461BAF4B38B5DEEFA] - 24/01/2014 - 09:07:56 ---A- - C:\Windows\Prefetch\EHTRAY.EXE-FEBFC005.pf O45 - LFCP:[MD5.4006DBDB38AB121DC4CB5B589D7A82B0] - 24/01/2014 - 09:08:01 ---A- - C:\Windows\Prefetch\EHREC.EXE-BFABB40F.pf O45 - LFCP:[MD5.42B2CC4FA2FD91C07A34878BE3654E28] - 24/01/2014 - 09:08:07 ---A- - C:\Windows\Prefetch\MCGLIDHOST.EXE-E3F0E99A.pf O45 - LFCP:[MD5.2FDE833DA7521691B27241D9D55B83D1] - 24/01/2014 - 09:08:10 ---A- - C:\Windows\Prefetch\EHRECVR.EXE-96B31E37.pf O45 - LFCP:[MD5.F44D28F4B7888D894DE771937B369BD1] - 24/01/2014 - 09:18:18 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.C84341241D11268DEF3AD56C8297B97D] - 24/01/2014 - 09:18:18 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.773B228FA8699B7531CE0614DE6624AB] - 24/01/2014 - 09:18:19 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.7784B7A1135590E9E273195B6D6279A5] - 24/01/2014 - 09:18:19 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.AFFA05DFCE8DB865F28009F3AB136779] - 24/01/2014 - 09:18:19 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.26F2E127AFB60D2FA662249F740E68D4] - 24/01/2014 - 09:19:58 ---A- - C:\Windows\Prefetch\DEFMGR.EXE-30900847.pf O45 - LFCP:[MD5.C69DFE6F03A6FC213DF0286A29AE44F9] - 24/01/2014 - 09:19:58 ---A- - C:\Windows\Prefetch\QTTASK.EXE-D20C213D.pf O45 - LFCP:[MD5.B70EB82FE7DB22D677DEB032D3F63577] - 24/01/2014 - 09:19:58 ---A- - C:\Windows\Prefetch\SVPWUTIL.EXE-76108559.pf O45 - LFCP:[MD5.D1AE53C25A5A5B196725F82D910B35DD] - 24/01/2014 - 09:19:58 ---A- - C:\Windows\Prefetch\SYNTPHELPER.EXE-0A20AAC4.pf O45 - LFCP:[MD5.E6C373712FD071062709573702693B80] - 24/01/2014 - 09:19:58 ---A- - C:\Windows\Prefetch\TCRDKBB.EXE-BD533577.pf O45 - LFCP:[MD5.CFCE2A145DCAE5826FA2BE363A3AE3E8] - 24/01/2014 - 09:20:00 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-56B29A08.pf O45 - LFCP:[MD5.404D0F781D7A2F9C2FE7391631257707] - 24/01/2014 - 09:20:22 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf O45 - LFCP:[MD5.93D70ADA50C4E409D5BE6DDB7A2A3F30] - 24/01/2014 - 09:20:45 ---A- - C:\Windows\Prefetch\CSC.EXE-BE9AC2DF.pf O45 - LFCP:[MD5.175AE92D8D50DF17029462E2097F1122] - 24/01/2014 - 09:20:45 ---A- - C:\Windows\Prefetch\CVTRES.EXE-2B9D810D.pf O45 - LFCP:[MD5.85BE96ADC50935ED3E5FC0759896CEE5] - 24/01/2014 - 09:20:54 ---A- - C:\Windows\Prefetch\TMACHINFO.EXE-2FCB5A05.pf O45 - LFCP:[MD5.998A170FD80294DA07E36AB97F7E757F] - 24/01/2014 - 09:21:13 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-6EF4B603.pf O45 - LFCP:[MD5.5FBA9406E1093E28F1AD63F1BD9AB58F] - 24/01/2014 - 09:21:19 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf O45 - LFCP:[MD5.B24A5B63BF54FC9D6568A38232854157] - 24/01/2014 - 09:21:19 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf O45 - LFCP:[MD5.14E6398F294B791E6427ABC36ED58DA7] - 24/01/2014 - 09:21:29 ---A- - C:\Windows\Prefetch\CFIWMXSVCS64.EXE-E079CBBA.pf O45 - LFCP:[MD5.6DC055EE278429795D710E21F74E7A47] - 24/01/2014 - 09:21:30 ---A- - C:\Windows\Prefetch\CFSVCS.EXE-35E839CF.pf O45 - LFCP:[MD5.361D69FDF19D8E7207A17C7105EA0B5B] - 24/01/2014 - 09:21:30 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf O45 - LFCP:[MD5.5DEAB560E5C14859DA1ABCCD68A001A1] - 24/01/2014 - 09:21:48 ---A- - C:\Windows\Prefetch\TOSSMARTSRV.EXE-BCFE7888.pf O45 - LFCP:[MD5.B9FADB4565E2946441C063B8A8CC9B75] - 24/01/2014 - 09:21:49 ---A- - C:\Windows\Prefetch\TOSSENOTIFY.EXE-BC36C1CB.pf O45 - LFCP:[MD5.0447E3D523DDE8B69625B545CCF032C5] - 24/01/2014 - 09:23:16 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.D4576BD5329F718576F1AF01A6804AAC] - 24/01/2014 - 09:32:11 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.550EC39F185AFEBCEC577158AC173231] - 24/01/2014 - 09:32:12 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf O45 - LFCP:[MD5.2CA0A62C3652F1305F5ED888B4D8E6EE] - 24/01/2014 - 09:34:17 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf O45 - LFCP:[MD5.2AF7E88610A20360E1C40A933595F7D6] - 24/01/2014 - 10:05:38 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.86F9673F83D179ACABFEA6B8AFF661F0] - 24/01/2014 - 10:05:46 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf O45 - LFCP:[MD5.2CAD92548042DB3B42D954835556064C] - 24/01/2014 - 10:05:48 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf O45 - LFCP:[MD5.CC68E516C40FA165C36F8D1D3ABA77B6] - 24/01/2014 - 10:08:44 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf O45 - LFCP:[MD5.5A67842AC0E0C393BF7D8641A7E726D4] - 24/01/2014 - 10:16:00 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf O45 - LFCP:[MD5.51A84C438391A1F25B0EE6DD0821C56B] - 24/01/2014 - 10:16:15 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf O45 - LFCP:[MD5.C629EB9CE78FA310AFF6B63EAC424374] - 24/01/2014 - 10:19:52 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf O45 - LFCP:[MD5.64E5671A023E0803F6EDD8198FBE7F25] - 24/01/2014 - 11:42:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf O45 - LFCP:[MD5.DA00CA1A05285AFFE60A03E33FAAA627] - 24/01/2014 - 12:13:05 ---A- - C:\Windows\Prefetch\CHROME.EXE-D999B1BA.pf O45 - LFCP:[MD5.06CEFB6CBBC813EADF40887945B94C1D] - 24/01/2014 - 12:13:08 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf O45 - LFCP:[MD5.2EA6DECCD4A9325959178D867CC95D91] - 24/01/2014 - 12:14:52 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf O45 - LFCP:[MD5.451CF42096AFDC9EFA293F28A70099D2] - 24/01/2014 - 12:14:52 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf O45 - LFCP:[MD5.E99E19268F5851B59ACC02DD6999422B] - 24/01/2014 - 12:14:54 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf O45 - LFCP:[MD5.6AF6BAB1648D2D25A1C128740C572306] - 24/01/2014 - 12:14:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A8DE6D5B.pf O45 - LFCP:[MD5.F778463D5CBF551C554757BA87DE2CCA] - 24/01/2014 - 12:15:18 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf O45 - LFCP:[MD5.6CA8F1AA72E961B0A3627A461E6716BE] - 24/01/2014 - 12:15:23 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.7E5A8527F4F4E35EF18B287BCA8F26CC] - 24/01/2014 - 12:15:25 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-6CC1B56A.pf O45 - LFCP:[MD5.8E1C4F40EC85B443F7EE54512024E14B] - 24/01/2014 - 12:15:28 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-AFC138AE.pf O45 - LFCP:[MD5.8929D4263BB50D83126DB53E69C3060B] - 24/01/2014 - 12:15:29 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-F6A9A4CB.pf O45 - LFCP:[MD5.FAFCE68694CD62FA84775A8721A61A0A] - 24/01/2014 - 12:15:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.E3D31FB2C9045B425B6168BE3266E325] - 24/01/2014 - 12:16:18 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-EBD3B8D7.pf O45 - LFCP:[MD5.4D08204BE927A85346A5707FB9936CE7] - 24/01/2014 - 12:16:28 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-0D117CAF.pf O45 - LFCP:[MD5.CED71017F9AC95AD7DA8FD3B48B4ABFF] - 24/01/2014 - 12:17:10 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2499207221-3485120698-3705934866-1000.db O45 - LFCP:[MD5.A6632B54F1DEE0FFB9F37BF4F76DE83A] - 24/01/2014 - 12:17:10 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2499207221-3485120698-3705934866-1000.db O45 - LFCP:[MD5.1493F8A22F9B737FC5B67EC33920408D] - 24/01/2014 - 12:17:17 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf O45 - LFCP:[MD5.09F1BA4FB9857B34686450BE3A5639F3] - 24/01/2014 - 12:17:17 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-0FB3F22C.pf O45 - LFCP:[MD5.6FCC51E891DDE367D75C67353043D619] - 24/01/2014 - 12:17:21 ---A- - C:\Windows\Prefetch\PV.EXE-34B75B82.pf O45 - LFCP:[MD5.0D949C7BC7714030B2C9A948351B2915] - 24/01/2014 - 12:17:21 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf O45 - LFCP:[MD5.396305AE6293754DE7609F8E18793045] - 24/01/2014 - 12:17:21 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf O45 - LFCP:[MD5.1F602EFFE3B142B974167EB8D7F1B079] - 24/01/2014 - 12:17:28 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf O45 - LFCP:[MD5.75C7E0E6FC7172B11D671AB164AD084C] - 24/01/2014 - 12:17:28 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-AB0CE9D9.pf O45 - LFCP:[MD5.B9919EE6B4A6A9983CCEAE5D2BB2E357] - 24/01/2014 - 12:17:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf O45 - LFCP:[MD5.1D71298085FC348959E592BB4A00DC52] - 24/01/2014 - 12:17:40 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-AD598958.pf O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/09/2167 - 03:06:45 ----D - C:\Windows\Prefetch\ReadyBoot ~ Prefetcher: 115 Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{2b1a204e-75dd-11e1-8719-88ae1de77ce3}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856] O58 - SDL:[MD5.9C2BEA3957EFFD45F352F0938DFB3721] - 07/01/2014 - 21:57:24 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [78648] O58 - SDL:[MD5.679712B7A353EE665B9301592164A172] - 28/11/2013 - 19:09:50 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [92544] O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 28/11/2013 - 19:09:50 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] O58 - SDL:[MD5.52B5F8FAF7E78C02D26B0B6E3A05F596] - 07/01/2014 - 21:57:24 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1034464] O58 - SDL:[MD5.251360C2FCA22BAFE0583314B3262F98] - 07/01/2014 - 21:57:24 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [422216] O58 - SDL:[MD5.AAB5F5336EDBB5D99CC7E1A9F4D8F63F] - 07/01/2014 - 21:57:46 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [79672] O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 07/01/2014 - 21:57:24 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904] O58 - SDL:[MD5.E857EEE6B92AAA473EBB3465ADD8F7E7] - 20/06/2009 - 03:09:57 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [1394688] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480] O58 - SDL:[MD5.192AA0324412C6ED8BD7B345706D8A66] - 19/02/2011 - 18:45:48 ----- . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [10488] O58 - SDL:[MD5.9BDA54D19073AB1C2DBAFB13D989FE97] - 19/02/2011 - 18:45:48 ----- . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [10488] O58 - SDL:[MD5.7E83E47BD1FF93E11CD69F1AD65A9581] - 15/09/2010 - 07:44:15 ---A- . (.Compal Electronics, INC. - CeKbFilter.) -- C:\Windows\System32\Drivers\CeKbFilter.sys [20592] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.1D004CB1DA6323B1F55CAEF7F94B61D9] - 04/06/2009 - 17:54:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [408600] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496] O58 - SDL:[MD5.898AB5BFED7040D7AB07AF01885EB944] - 20/02/2010 - 23:24:36 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [10300800] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112] O58 - SDL:[MD5.2825A71E7501CB33B3B9F856610C729D] - 22/03/2010 - 09:55:20 ---A- . (.COMPAL ELECTRONIC INC. - LPCFilter.) -- C:\Windows\System32\Drivers\LPCFilter.sys [46192] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736] O58 - SDL:[MD5.E5C81AB15F35901D542696C4719264BC] - 20/11/2009 - 14:36:04 ---A- . (.Marvell Semiconductor, Inc. - USB EWS Device Driver.) -- C:\Windows\System32\Drivers\mvusbews.sys [20480] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272] O58 - SDL:[MD5.663962900E7FEA522126BA287715BB4A] - 22/06/2009 - 16:06:38 ---A- . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\Drivers\PGEffect.sys [35008] O58 - SDL:[MD5.A6BF0A9B5A30D743623CA0D3BE35DF05] - 19/02/2011 - 18:45:47 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys [52856] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592] O58 - SDL:[MD5.4B42BC58294E83A6A92EC8B88C14C4A3] - 23/06/2010 - 16:10:56 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [344680] O58 - SDL:[MD5.E8017F1662D9142F45CEAB694D013C00] - 28/07/2010 - 17:26:00 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [2445672] O58 - SDL:[MD5.945AB249D12CBE044782430C6013AA1A] - 31/03/2010 - 10:10:18 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\Drivers\rtl8187B.sys [450048] O58 - SDL:[MD5.F79E887762D9A0C3FDE5D188DCA5BB26] - 01/04/2010 - 13:01:10 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8187Se.sys [442368] O58 - SDL:[MD5.FFC748D848740D1BC8F330A8879C2674] - 28/04/2010 - 10:32:20 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192ce.sys [932384] O58 - SDL:[MD5.7475548B0BA58EBA4D12414FC9E9DFE6] - 27/04/2010 - 00:23:08 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192se.sys [1103904] O58 - SDL:[MD5.DBA89D7C8C888BB7161BB63A60B2CCE8] - 08/04/2010 - 09:07:58 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl819xp.sys [612352] O58 - SDL:[MD5.907C4464381B5EBDFDC60F6C7D0DEDFC] - 07/01/2010 - 08:05:46 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys [232992] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:[MD5.470C47DABA9CA3966F0AB3F835D7D135] - 10/03/2010 - 17:51:32 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [316464] O58 - SDL:[MD5.FD542B661BD22FA69CA789AD0AC58C29] - 30/07/2009 - 18:22:04 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys [27784] O58 - SDL:[MD5.09FF7B0B1B5C3D225495CB6F5A9B39F8] - 08/05/2010 - 17:38:56 ---A- . (.TOSHIBA Corporation - tos_sps64.) -- C:\Windows\System32\Drivers\tos_sps64.sys [482384] O58 - SDL:[MD5.550B567F9364D8F7684C3FB3EA665A72] - 14/07/2009 - 14:31:18 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [26840] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872] O58 - SDL:[MD5.A31246180E61140AD7FF9DD7EDF1F6A1] - 21/06/2011 - 05:09:00 ---A- . (.Trend Micro Inc. - TrendMicro Common Module NoTrap Build.) -- C:\Windows\SysWOW64\drivers\tmcomm.sys [200976] ~ Drivers: 16 Scanned in 00mn 04s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 21/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Diagnostics\2560293460\2014012112.000\NetworkDiagnostics.0.debugreport.xml [1334] O61 - LFC: 21/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Diagnostics\2560293460\2014012112.000\ResultReport.xml [39124] O61 - LFC: 21/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Diagnostics\2560293460\2014012112.000\WindowsUpdateDiagnostic.0.debugreport.xml [2557] O61 - LFC: 21/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Diagnostics\2560293460\2014012112.000\results.xml [284] O61 - LFC: 21/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Diagnostics\2560293460\2014012112.000\results.xsl [49097] O61 - LFC: 21/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Diagnostics\2560293460\latest.cab [12660] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [12898] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [12898] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\bg\messages.json [1585] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ca\messages.json [682] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\cs\messages.json [743] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\da\messages.json [665] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\de\messages.json [714] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\el\messages.json [1764] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en\messages.json [611] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en_GB\messages.json [611] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es\messages.json [713] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es_419\messages.json [671] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\et\messages.json [615] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fi\messages.json [738] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fil\messages.json [672] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fr\messages.json [721] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hi\messages.json [1406] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hr\messages.json [662] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hu\messages.json [766] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\id\messages.json [612] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\it\messages.json [626] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ja\messages.json [1181] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ko\messages.json [892] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lt\messages.json [706] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lv\messages.json [735] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nb\messages.json [665] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nl\messages.json [630] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pl\messages.json [701] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_BR\messages.json [701] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_PT\messages.json [702] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ro\messages.json [700] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ru\messages.json [1296] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sk\messages.json [739] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sl\messages.json [647] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sr\messages.json [1507] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sv\messages.json [687] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\th\messages.json [1626] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\tr\messages.json [728] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\uk\messages.json [1403] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\vi\messages.json [798] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_CN\messages.json [760] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_TW\messages.json [814] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\css\craw_window.css [1741] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\css\craw_window.css~ [1702] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\html\craw_window.html [810] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images\icon_128.png [9460] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images\icon_16.png [702] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images\topbar_floating_button.png [160] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images\topbar_floating_button_close.png [252] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images\topbar_floating_button_hover.png [160] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images\topbar_floating_button_maximize.png [166] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images\topbar_floating_button_pressed.png [160] O61 - LFC: 21/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\manifest.json [1275] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage [74752] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal [3608] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.reviversoft.com_0.localstorage [3072] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.reviversoft.com_0.localstorage-journal [3608] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.terre-net.fr_0.localstorage [3072] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.terre-net.fr_0.localstorage-journal [512] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [3072] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [3608] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [3072] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [512] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage [3072] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.fr_0.localstorage-journal [3608] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [24576] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [15992] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PFLX64E9\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol [81] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PFLX64E9\macromedia.com\support\flashplayer\sys\#www.terre-net-webtv.fr\settings.sol [92] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PFLX64E9\www.terre-net-webtv.fr\_public\swf\playerwm.swf\flashSessid.sol [86] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PFLX64E9\www.terre-net-webtv.fr\analytics.sol [456] O61 - LFC: 21/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad [18676] O61 - LFC: 21/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Toolbar Cache\7.5.4805.320\fr\translate_element.js.content [2385] O61 - LFC: 21/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Toolbar Cache\7.5.4805.320\fr\translate_languages.json.content [2033] O61 - LFC: 21/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Toolbar Cache\7.5.4805.320\profile_picture_75PAJS75DFDN39N2SS2V.png.content [930] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696502_stp.CIS [5583612] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696502_stp.CIS.part [74] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696504_stp.CIS [9735] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696504_stp.CIS.part [20] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696715_stp.CIS [2002467] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696715_stp.CIS.part [39] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696791_stp.CIS [218183] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696791_stp.CIS.part [22] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696870_stp.CIS [4930487] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696870_stp.CIS.part [68] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696934_stp.CIS [19435632] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3696934_stp.CIS.part [209] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3697184_stp.CIS [501103] O61 - LFC: 21/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\is357113909\3697184_stp.CIS.part [24] O61 - LFC: 21/01/2014 - 12:18:34 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\Microsoft\HTML Help\hh.dat [9030] O61 - LFC: 21/01/2014 - 12:18:39 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\WBPU-TTL.DAT [5] O61 - LFC: 22/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Avg2014\log\avgcfg.log.lock [0] O61 - LFC: 22/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Avg2014\log\avgcore.log.lock [0] O61 - LFC: 22/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Avg2014\log\avgmsgdisp.log.lock [0] O61 - LFC: 22/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Avg2014\log\avgui.log.lock [0] O61 - LFC: 22/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Avg2014\log\krnlapi.log.lock [0] O61 - LFC: 22/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Avg2014\update\download\avg14infoavi.ctf [3371] O61 - LFC: 22/01/2014 - 12:18:22 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Avg2014\update\download\avg14infowin.ctf [25378] O61 - LFC: 22/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\001350.ldb [124] O61 - LFC: 22/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [9216] O61 - LFC: 22/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal [5672] O61 - LFC: 22/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\databases\http_download.cnet.com_0\32 [4096] O61 - LFC: 22/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG.old [733] O61 - LFC: 22/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PFLX64E9\audienceinsights.net\pus.sol [68] O61 - LFC: 22/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PFLX64E9\macromedia.com\support\flashplayer\sys\#audienceinsights.net\settings.sol [90] O61 - LFC: 22/01/2014 - 12:18:29 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\avginfo.id [82] O61 - LFC: 22/01/2014 - 12:18:30 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\dd_SetupUtility.txt [162] O61 - LFC: 22/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\Microsoft .NET Framework 4.5.1 Setup_20140122_230753120-MSI_netfx_Full_GDR_x64.msi.txt [12235090] O61 - LFC: 22/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\Microsoft .NET Framework 4.5.1 Setup_20140122_230753120.html [1153356] O61 - LFC: 22/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\dd_wcf_CA_smci_20140122_221043_706.txt [4684] O61 - LFC: 22/01/2014 - 12:18:31 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\dd_wcf_CA_smci_20140122_221045_672.txt [2694] O61 - LFC: 22/01/2014 - 12:18:32 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\RGIE62.tmp-tmp [8910] O61 - LFC: 22/01/2014 - 12:18:34 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\AVG2014\cfgall\filevault.cfg [54] O61 - LFC: 22/01/2014 - 12:18:34 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\AVG2014\cfgall\fixcfg.lock [0] O61 - LFC: 22/01/2014 - 12:18:34 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\AVG2014\cfgall\userawacs.cfg [592] O61 - LFC: 22/01/2014 - 12:18:34 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\AVG2014\cfgall\usergui.cfg [201] O61 - LFC: 22/01/2014 - 12:18:34 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\AVG2014\cfgall\userguistate.cfg [60] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOG [151] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-001351 [133] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [118600] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pcastuces.over-blog.com_0.localstorage [3072] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pcastuces.over-blog.com_0.localstorage-journal [512] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [136192] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\PFLX64E9\macromedia.com\support\flashplayer\sys\settings.sol [465] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [24576] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [8768] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [12288] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [12824] O61 - LFC: 23/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\PnaclTranslationCache\data_1 [270336] O61 - LFC: 23/01/2014 - 12:18:27 --HA- . (...) -- C:\Users\CHRISTINE\AppData\Local\IconCache.db [2731042] O61 - LFC: 23/01/2014 - 12:18:32 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\tmpBB43.url [358] O61 - LFC: 23/01/2014 - 12:18:32 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\tmpBB44.vbs [218] O61 - LFC: 23/01/2014 - 12:18:34 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\Microsoft\MMC\eventvwr [139542] O61 - LFC: 23/01/2014 - 12:18:35 -SHA- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Protect\S-1-5-21-2499207221-3485120698-3705934866-1000\474e33f0-89b8-43bc-9845-43bdb05a7f15 [468] O61 - LFC: 23/01/2014 - 12:18:35 -SHA- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\Microsoft\Protect\S-1-5-21-2499207221-3485120698-3705934866-1000\Preferred [24] O61 - LFC: 23/01/2014 - 12:18:40 ---A- . (...) -- C:\Users\CHRISTINE\Downloads\adwcleaner.exe [1236282] O61 - LFC: 23/01/2014 - 12:18:44 ---A- . (...) -- C:\Users\CHRISTINE\Pictures\winlog1.PNG [14272] O61 - LFC: 23/01/2014 - 12:18:44 ---A- . (...) -- C:\Users\CHRISTINE\Pictures\winlog2.PNG [15356] O61 - LFC: 23/01/2014 - 12:18:44 ---A- . (...) -- C:\Users\CHRISTINE\Pictures\winlog3.PNG [15824] O61 - LFC: 23/01/2014 - 12:18:44 ---A- . (...) -- C:\Users\CHRISTINE\Pictures\winlog4.PNG [14348] O61 - LFC: 23/01/2014 - 12:18:44 ---A- . (...) -- C:\Users\CHRISTINE\Pictures\winlog5.PNG [16245] O61 - LFC: 23/01/2014 - 12:18:44 ---A- . (...) -- C:\Users\CHRISTINE\Pictures\winlog6.PNG [16874] O61 - LFC: 23/01/2014 - 12:18:44 ---A- . (...) -- C:\Users\CHRISTINE\Pictures\winlog7.PNG [16482] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Cookies [898048] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [0] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [0] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [0] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Favicons [548864] O61 - LFC: 24/01/2014 - 12:18:25 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\History [360448] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Last Session [164202] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [53500] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ak-ns.sascdn.com_0.localstorage [3072] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ak-ns.sascdn.com_0.localstorage-journal [3608] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage [3072] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage-journal [512] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Login Data [32768] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal [4624] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Preferences [37586] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Session Storage\001818.ldb [50537] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [797] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [275] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-001815 [472] =>.Google Inc O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Top Sites [131072] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [1284] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Web Data [221184] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [12848] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Local State [67193] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [5845052] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1374196] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 24/01/2014 - 12:18:26 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640] O61 - LFC: 24/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135444] O61 - LFC: 24/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [927676] O61 - LFC: 24/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [18840] O61 - LFC: 24/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6920] O61 - LFC: 24/01/2014 - 12:18:27 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Safe Browsing IP Blacklist [308] O61 - LFC: 24/01/2014 - 12:18:38 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat [257863] O61 - LFC: 24/01/2014 - 12:18:39 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat [257863] O61 - LFC: 24/01/2014 - 12:18:39 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\ZHP\Log.txt [293545] =>.Nicolas Coolman O61 - LFC: 24/01/2014 - 12:18:39 ---A- . (...) -- C:\Users\CHRISTINE\AppData\Roaming\ZHP\TestsZHPDiag.txt [2964] =>.Nicolas Coolman O61 - LFC: 24/01/2014 - 12:18:41 ---A- . (.Nicolas Coolman.) -- C:\Users\CHRISTINE\Downloads\ZHPDiag2.exe [6864616] =>.Nicolas Coolman ~ 23 Fichiers temporaires (Temporary files) ~ Files: 196 Scanned in 00mn 24s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 28/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 07/01/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 28/11/2013 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR O64 - Services: CurCS - 28/11/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT O64 - Services: CurCS - 07/01/2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX O64 - Services: CurCS - 07/01/2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP O64 - Services: CurCS - 07/01/2014 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM O64 - Services: CurCS - 07/01/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 04/07/2013 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\msahci.sys (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pciide.sys (pciide) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF ~ Legacy: 101 Scanned in 00mn 01s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {0845351D-83BA-4137-9576-3667D855316C} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {4C93A6DA-9198-4348-9FA3-90E1789E8DBF} - (Search Here) - http://www.mysearchresults.com =>Adware.MyWebSearch O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {A527F28A-9963-48A4-B3CD-F29BF8229727} - (eBay) - http://rover.ebay.com =>Toolbar.eBay ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.17F85774FAD85A85830A0C14B2ED142A] [SPRF][08/02/2011] (...) -- C:\ProgramData\ezsidmv.dat [56] [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][01/01/2014] (.Conduit - SP Usage Sender.) -- C:\Users\CHRISTINE\AppData\Local\Temp\nsa72A7.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][01/01/2014] (.Conduit - SP Usage Sender.) -- C:\Users\CHRISTINE\AppData\Local\Temp\nsaF432.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][01/01/2014] (.Conduit - SP Usage Sender.) -- C:\Users\CHRISTINE\AppData\Local\Temp\nsl6D1B.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][01/01/2014] (.Conduit - SP Usage Sender.) -- C:\Users\CHRISTINE\AppData\Local\Temp\nsqFBE1.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][01/01/2014] (.Conduit - SP Usage Sender.) -- C:\Users\CHRISTINE\AppData\Local\Temp\nss195E.exe [167812] =>Toolbar.Conduit [MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\Quarantine.exe [360073] [MD5.9C3F4C583CE06463694F4D683E21B35B] [SPRF][20/01/2014] (.Amônétízé Ltd - Installer.) -- C:\Users\CHRISTINE\AppData\Local\Temp\setup__1976.exe [337960] [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][20/01/2014] (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\snhuc8va.dll [0] [MD5.B91FE1536AB4D680DDD77469EA3FD4BF] [SPRF][09/01/2014] (...) -- C:\Users\CHRISTINE\AppData\Local\Temp\vlc-2.1.2-win32.exe [24097311] ~ Files: 10 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "{A48CA41F-661D-4EF2-98C5-6F788BA0A645}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.) O87 - FAEL: "{C1B8DBFB-A074-40F2-BC04-57F53021B553}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.) O87 - FAEL: "{B8392FE4-3149-4FA8-9762-F66A4AD9B7A8}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O87 - FAEL: "{64957485-C73C-4B4D-8AF1-10051A513DCF}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{752C8762-FF71-443D-9C53-3A47C68CF0D3}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe O87 - FAEL: "{331DF974-C9CF-4F46-B93D-B9086777D1FD}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{F9CF5B1A-6925-418D-886C-435A3290DC3E}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{6CD9384D-A6A1-4F4A-A529-A7CB426DD95F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{82E18800-78CE-4D4E-9E6F-7B4332C5B497}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{0DFA3B7B-B48B-444C-9C00-EBA1153F2664}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{268C952B-14B8-4EA5-AC83-9C3982C3B93E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{7F7A2BB8-17E8-4B68-A54A-829659D23272}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{2B0D9781-FB07-4F63-A4B3-E515F6D5F5CB}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{53709C27-B602-405C-A24B-7FABA3D3CEF0}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{5F0CB0F3-1820-4B78-BA2A-83CEC0912093}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{A049F07D-377A-4D61-A90E-E52443466EC7}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{2B389632-AA20-4DC1-A6F5-4C9354B048D2}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{AC0A02DE-B530-4FD6-8F40-A00C5E537239}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{DDD0F56A-ACC7-479E-9BEF-1A344C6521A0}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{DFA747A0-631C-411A-8D26-DF471DED8A02}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{4F8420EA-B6BB-42DB-8FB5-6B34C7325F4B}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{6DDB6D2D-696C-422A-BF08-C3EC12AC04E3}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{5A4D29A7-06E5-47FE-8EAD-F28BD47532D2}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{B3FC58E3-D494-4C6A-8116-58032D82E9C1}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{8DBC59F4-D003-4458-BA13-7A9DC2418B30}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{1DB0F36E-69E0-46C0-85EB-42A7F4173BEF}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "{918D39C2-4C52-4A45-ADE5-872B9250EE79}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation O87 - FAEL: "TCP Query User{D9439381-56F4-4C87-8BF9-EF9B5F012480}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\client\googleearth.exe =>.Google Inc O87 - FAEL: "UDP Query User{3D8C4BAC-7482-4585-B384-A89BC36EA593}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\client\googleearth.exe =>.Google Inc O87 - FAEL: "{06F16300-CF7A-4BF6-8EDB-C72E154CBFBE}" | In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe O87 - FAEL: "{D0F05CFB-8304-4D85-89BE-038D8D275CE5}" | In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe O87 - FAEL: "{568571AA-B042-4227-8502-77641E6496F8}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{5A465737-10B4-465F-8EFD-810013273617}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe O87 - FAEL: "{31110CE3-79B1-47C4-821D-2FD8848CA2F4}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{1C243C18-22FC-42B8-A1AF-0A016EF0CD55}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe O87 - FAEL: "{620BF5D2-144C-4D15-ACA8-8896B87B9973}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe (.not file.) O87 - FAEL: "{AB886704-3043-4CA1-960B-6CDF185AE562}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe (.not file.) ~ Firewall: 204 Scanned in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "0336A2D4B8F23E11C9048BCAF6798BE8" . (.Google Earth.) -- C:\Windows\Installer\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}\ARPPRODUCTICON.exe O90 - PUC: "0E9201899CF73FC4BA93F631631229A1" . (.Skype Toolbars.) -- C:\Windows\Installer\{981029E0-7FC9-4CF3-AB39-6F133621921A}\IconUninstallIco O90 - PUC: "1689C8F4FCDD8EE479C8536B194C603B" . (.OpenOffice 4.0.0.) -- C:\Windows\Installer\{4F8C9861-DDCF-4EE8-978C-35B691C406B3}\soffice.ico O90 - PUC: "175ACBFED716A484E9AC3E10BBD67005" . (.Windows Live Writer.) -- C:\Windows\Installer\{EFBCA571-617D-484A-9ECA-E301BB6D0750}\ApplicationIcon.ico O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "1F079377ABE54744DAEEE13A0B5A4929" . (.TOSHIBA Recovery Media Creator Reminder.) -- C:\Windows\Installer\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\ARPPRODUCTICON.exe O90 - PUC: "206EB536C9BB95C4C85C399F63E6A812" . (.ViewNX 2.) -- C:\Windows\Installer\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}\ARPPRODUCTICON.exe O90 - PUC: "21C118429A4FF0D448497A8BEF6421C3" . (.TOSHIBA ReelTime.) -- C:\Windows\Installer\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\ARPPRODUCTICON.exe O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype™ 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe O90 - PUC: "3933DAC50CEEEC44F939CBAA63B577BF" . (.Nikon Movie Editor.) -- C:\Windows\Installer\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}\ARPPRODUCTICON.exe O90 - PUC: "3CAB682B6EBC4584FB86BE273AC4AE65" . (.Windows Live Messenger.) -- C:\Windows\Installer\{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}\MsblIco.Exe O90 - PUC: "44EE410B791931546931176EBEB115E4" . (.Nikon Message Center 2.) -- C:\Windows\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\ARPPRODUCTICON.exe O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico =>.Apple Inc O90 - PUC: "545AF76F5E8D9024681BEA0E541D00F3" . (.TOSHIBA Face Recognition.) -- C:\Windows\Installer\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\ARPPRODUCTICON.exe O90 - PUC: "60BBB56BE8F15F84A8450B429A1EF5FD" . (.TOSHIBA Recovery Media Creator.) -- C:\Windows\Installer\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\ARPPRODUCTICON.exe O90 - PUC: "651E4B155A414094A94E1BAAA2E064EB" . (.TOSHIBA Supervisor Password.) -- C:\Windows\Installer\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\ARPPRODUCTICON.exe O90 - PUC: "75FDF62FE3848C249A9CEE1EDE2B650E" . (.TOSHIBA Media Controller Plug-in.) -- C:\Windows\Installer\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}\ARPPRODUCTICON.exe O90 - PUC: "7DF8862129BCB5A4EB4EC5E8504734F4" . (.Utility Common Driver.) -- C:\Windows\Installer\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}\ARPPRODUCTICON.exe O90 - PUC: "82D6625F2B0E0314FB5CEE51A55D41CD" . (.Apple Application Support.) -- C:\Windows\Installer\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}\WinInstall.ico O90 - PUC: "8442234DFA6B61348B958D0A8ED4BC83" . (.TOSHIBA HDD/SSD Alert.) -- C:\Windows\Installer\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\ARPPRODUCTICON.exe O90 - PUC: "8FFFC660FB2109346A37579FE5FF81E8" . (.TOSHIBA Value Added Package.) -- C:\Windows\Installer\{066CFFF8-12BF-4390-A673-75F95EFF188E}\ARPPRODUCTICON.exe O90 - PUC: "963AAF0E3E0B8B844974843701B30021" . (.TOSHIBA ConfigFree.) -- C:\Windows\Installer\{E0FAA369-B0E3-48B8-9447-4873103B0012}\ARPPRODUCTICON.exe O90 - PUC: "A0AF0DF212A7A4C42B8611245BE430E5" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}\fssicon.ico O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico O90 - PUC: "ABFAB76BF9C4AF84496939E3B3520544" . (.QuickTime.) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\Installer.ico O90 - PUC: "D4739725EF78978439581F2787BE9B3D" . (.TOSHIBA Hardware Setup.) -- C:\Windows\Installer\{5279374D-87FE-4879-9385-F17278EBB9D3}\ARPPRODUCTICON.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "E5ABB026848F65D4B8AD85E44485C4E5" . (.TOSHIBA Flash Cards Support Utility.) -- C:\Windows\Installer\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\ARPPRODUCTICON.exe O90 - PUC: "E8676B067E1D04348AACA1BD9E0476B1" . (.Google Désactivation du cookie publicitaire.) -- C:\Windows\Installer\{60B6768E-D1E7-4340-A8CA-1ADBE940671B}\google.ico O90 - PUC: "E8D7C56ED681B484EB8AED0F33C16E00" . (.TRORMCLauncher.) -- C:\Windows\Installer\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\ARPPRODUCTICON.exe O90 - PUC: "F20E0AD5B079B424FB1415A305814E0C" . (.TOSHIBA Disc Creator.) -- C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\ARPPRODUCTICON.exe =>.Toshiba Corporation O90 - PUC: "FA81541CF0A193D4081196AB0AC13D08" . (.TOSHIBA Bulletin Board.) -- C:\Windows\Installer\{C14518AF-1A0F-4D39-8011-69BAA01CD380}\ARPPRODUCTICON.exe ~ Update Products: 90 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.3E895DC298A85A0E58B5582E56AB6A17] [WIS][13/09/2012] (.Trusteer - Rapport.) -- C:\Windows\Installer\11219.msi [31973376] [MD5.F88CAF2B3E92F301DC1FCF16D76E50B0] [WIS][01/09/2010] (.myphotobook GmbH - Photo-Service.) -- C:\Windows\Installer\117e1.msi [57856] [MD5.B68FD81A0ABDDBA4C120AB440ABF73F4] [WIS][01/09/2010] (.Skype Technologies S.A. - Skype Toolbars.) -- C:\Windows\Installer\117f0.msi [2391040] [MD5.5512F490FEE9DB850D350CE1BB2236DB] [WIS][12/02/2013] (.Google Inc - Désactive de façon permanente le cookie DoubleClick, qui est un.) -- C:\Windows\Installer\14e58a.msi [264704] [MD5.DF82656D48282E6755A06D3592776FB3] [WIS][08/11/2011] (.Nikon - Blank Project Template.) -- C:\Windows\Installer\19dfd2.msi [26845360] [MD5.41EB61D8D9A936DDDCF51B064A081881] [WIS][13/09/2012] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\1dc177a.msi [19337216] [MD5.354A18940658996B8160CA1F7D8A1F69] [WIS][18/10/2012] (.Nikon - ViewNX 2.) -- C:\Windows\Installer\2669f9c.msi [29531300] [MD5.5BC1772F32A0E66D95821B7ECB868884] [WIS][18/10/2012] (.Nikon - Blank Project Template.) -- C:\Windows\Installer\2669fad.msi [27142340] [MD5.C474307CD6E2B7E5E9FFC304676E60EB] [WIS][18/10/2012] (.Nikon - Blank Project Template.) -- C:\Windows\Installer\2669fc9.msi [15884288] [MD5.60FB52C07D89635DDEBDA4B51DF05196] [WIS][02/03/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\28822.msi [28160] =>Toolbar.Google [MD5.87E1A688164B05E42C6156B27E7AF7FC] [WIS][16/02/2011] (.Nikon - Blank Project Template.) -- C:\Windows\Installer\2d329f.msi [11379712] [MD5.FF18A8C1E1287D093D5ADC8FB6EFD267] [WIS][17/04/2013] (.Google, Inc. - Google Drive.) -- C:\Windows\Installer\3aa183.msi [31125504] ~ WIS: 97 Scanned in 00mn 16s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 19/02/2011 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 11/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 11/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 02/03/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Demand 06/09/2013 288776 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Auto 10/07/1658 0 | (Update GreyGray) . (...) - C:\Program Files (x86)\GreyGray\updateGreyGray.exe SR - | Auto 07/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 28/01/2010 249200 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe SR - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe SR - | Auto 04/12/2009 126520 | (HPSIService) . (.HP.) - C:\Windows\system32\HPSIsvc.exe SR - | Auto 27/08/2010 1811456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe SR - | Auto 11/05/2010 124368 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation SR - | Demand 11/02/2011 54136 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe SR - | Auto 25/05/2010 489384 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe SR - | Demand 05/02/2010 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 17s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by CHRISTINE at 24/01/2014 12:19:38 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by CHRISTINE at 24/01/2014 12:19:40 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13024 - (17/01/2014) Clés trouvées (Keys found) : 16 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 4 Fichiers trouvés (Files found) : 12 [HKLM\Software\Google\Chrome\Extensions\hphehadppenpmajgnkjdcopcfijjegaf] =>PUP.JumpFlip^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^ [HKLM\Software\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{981029E0-7FC9-4CF3-AB39-6F133621921A}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Wow6432Node\KoyoteSRTB] =>Toolbar.CoyoteSoft [HKCU\Software\USyndication] =>Trojan.USyndication [HKCU\Software\usyndication.com] =>Trojan.USyndication [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ C:\Users\CHRISTINE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphehadppenpmajgnkjdcopcfijjegaf =>PUP.JumpFlip^ C:\Program Files (x86)\SweetPacks =>PUP.SweetIM^ C:\Users\CHRISTINE\AppData\Roaming\DigitalSites =>Hijacker.DSite^ C:\Users\CHRISTINE\AppData\Local\Software =>Adware.Boxore [HKCU\Software\UpToDown] =>PUP.UpToDown^ C:\Users\CHRISTINE\AppData\Local\Temp\nsa72A7.exe =>Toolbar.Conduit^ C:\Users\CHRISTINE\AppData\Local\Temp\nsaF432.exe =>Toolbar.Conduit^ C:\Users\CHRISTINE\AppData\Local\Temp\nsl6D1B.exe =>Toolbar.Conduit^ C:\Users\CHRISTINE\AppData\Local\Temp\nsqFBE1.exe =>Toolbar.Conduit^ C:\Users\CHRISTINE\AppData\Local\Temp\nss195E.exe =>Toolbar.Conduit^ C:\Windows\Installer\28822.msi =>Toolbar.Google^ ~ Additionnel Scan: 257188 Items scanned in 00mn 46s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/33263878-hijacker-browser =>Hijacker.Browsers ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM ~ http://nicolascoolman.webs.com/apps/blog/show/27328365-trojan-usyndication =>Trojan.USyndication ~ http://nicolascoolman.webs.com/apps/blog/show/35170315-hijacker-dsite =>Hijacker.DSite ~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ MSI: 9 link(s) detected in 00mn 46s End of the scan (1974 lines in 03mn 20s)(0)