~ Rapport de NCDiag v2014.9.14.109 - Copyright ©2014 - Nicolas Coolman, Tous droits réservés ~ Emplacement rapport : C:\Users\Joseph\AppData\Roaming\ZHP\NCDiag.txt ~ Lancé par Joseph (18/09/2014 - 15:48:32) ~ Adresse du Site Web : http://nicolascoolman.fr ~ Etat de la version : OK ~ Liste blanche : Désactivée par le programme ~ User Account Control (UAC): Activé par l'utilisateur ~ Elévation des Privilèges : OK ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17280 MFIE: Mozilla Firefox 32.0.1 (x86 fr) (Default) ---\\ Informations sur les produits Windows ~ Langage: Français Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601), 64-bit Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, RETAIL channel Windows ID Activation : OK ~ Windows Partial Key : CTCJH Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Informations sur le système ~ Operating System: 64 Bits ~ Boot Mode: Normal (Normal boot) System Restore: Activé (Enable) Total RAM: 3956 MB (68% free) ---\\ Mode de connexion au système ~ Nom d'Ordinateur: JOSEPH-PC ~ Nom d'utilisateur: Joseph ~ Nom des utilisateurs: Joseph,Public, ~ Connecté en administrateur ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (System) ( Free 67 Go of 100 Go) D: Hard drive, Flash drive, Thumb drive ( Free 287 Go of 365 Go) ---\\ Logiciels de protection du système Windows Defender W7 (Deactivate) Malwarebytes Anti-Malware version 2.0.2.1012 ---\\ Variables d'environnement ~ %SYSTEMDRIVE% = C: ~ %USERPROFILE% = C:\Users\Joseph ~ %APPDATA% = C:\Users\Joseph\AppData\Roaming ~ %DESKTOP% = C:\Users\Joseph\Desktop ~ %FAVORITES% = C:\Users\Joseph\Favorites ~ %LOCALAPPDATA% = C:\Users\Joseph\AppData\Local ~ %STARTMENU% = C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu ~ %WINDIR% = C:\Windows ~ %SYSTEM% = C:\Windows\System32 ~ %PROGRAMFILES% = C:\Program Files (x86) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktop: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2871808] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.D58988722C72D265B51A54103DFC2C6F] - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1812992] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] ---\\ Processus lancés [MD5.57BAD4B6D5359DADAD3536CFDEEE73D0] - (.IntelliBreeze Software - Gmail Notifier Pro.) -- C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2828096] [MD5.475A2BC64E0FF011C8C9AFC418E8E40D] - (.ultracopier.first-world.info - Supercopier under GPL3.) -- C:\Program Files (x86)\Supercopier\supercopier.exe [178688] [MD5.4D97DB3508FA1742B5F2C9F89E45A4B1] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888] [MD5.00000000000000000000000000000000] - (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe [0] [MD5.00000000000000000000000000000000] - (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe [0] [MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [MD5.8FE4E53FE6275ADA7AA9E803FD3655E7] - (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) -- C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe [29912] [MD5.E87213F37A13E2B54391E40934F071D0] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144] [MD5.4AEDAB50F83580D0B4D6CF78191F92AA] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088] [MD5.F1DB56A7C59278DC68DE7DBFE9F6C73B] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408] [MD5.D524B034148F14C60F1CA66D267EE56A] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232] =>.Intel Corporation [MD5.4208B958E35F0E596AA241EFB664636B] - (.Lexmark International, Inc. - Lexmark Connect Service Executable.) -- C:\Windows\system32\spool\DRIVERS\x64\3\lxdxserv.exe [29184] [MD5.21C843A23992BA690DD09F252BC91CE0] - (. - Printer Communication System.) -- C:\Windows\system32\lxdxcoms.exe [594600] ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\systempropertiesperformance.exe ~ 3 Internet Explorer Management found in 0 second(s) ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M0 - MFSP: prefs.js [Joseph - hu0ffyx7.default-1409816901358] google.fr M3 - MFPP: Plugins - [Joseph] -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\hu0ffyx7.default-1409816901358\adblockplus =>.© M3 - MFPP: Plugins - [Joseph] -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\hu0ffyx7.default-1409816901358\crashes =>.© M3 - MFPP: Plugins - [Joseph] -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\hu0ffyx7.default-1409816901358\firebug =>.© M3 - MFPP: Plugins - [Joseph] -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\hu0ffyx7.default-1409816901358\lightweighttheme-footer =>.© M3 - MFPP: Plugins - [Joseph] -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\hu0ffyx7.default-1409816901358\lightweighttheme-header =>.© M3 - MFPP: Plugins - [Joseph] -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\hu0ffyx7.default-1409816901358\lwtheme =>.© M3 - MFPP: Plugins - [Joseph] -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\hu0ffyx7.default-1409816901358\WOT =>.© P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (Adobe® Flash® Player 15.0.0.152 Plugin) -- C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.20.2] - (Java™ Deployment Toolkit) -- C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.20.2] - (Oracle® Java™ Plug-In) -- C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll ~ 11 Mozilla Firefox Preference found in 0 second(s) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com =>.© Google Inc. R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com =>.© Google Inc. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com =>.© Google Inc. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com =>.© Google Inc. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com =>.© Google Inc. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com =>.© Google Inc. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) - C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0 ~ 23 Internet Explorer Management found in 0 second(s) ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 ~ 4 Proxy Management found in 0 second(s) ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File Scanned in 0 seconds ~ Nombre de lignes malwares (Malware Number Lines) : 0/0 ---\\ Autres liens utilisateurs (O4) O4 - GS\Quick Launch [Joseph]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe O4 - GS\Quick Launch [Joseph]: Pointofix.lnk . (...) -- C:\Program Files (x86)\Pointofix\Pointofix.exe O4 - GS\Startup [Joseph]: ShellFolderFix.lnk . (...) -- C:\Program Files (x86)\ShellFolderFix\ShellFolderFixUI.exe O4 - GS\TaskBar [Joseph]: Arrêt.lnk . (.Microsoft Corporation - Outil d’arrêt et d’annotation Windows.) -- C:\Windows\System32\shutdown.exe O4 - GS\TaskBar [Joseph]: Canned Speeches Manager.lnk . (.www.libellules.ch - Canned Speeches Manager.) -- D:\Sécurité\CanRemember\CanRemember.exe O4 - GS\TaskBar [Joseph]: MyImgur.lnk . (...) -- D:\Graphisme\MyImgur Portable\x64\MyImgur.exe O4 - GS\TaskBar [Joseph]: xplorer2 Lite.lnk . (.ZabKat - xplorer² - explorer replacement.) -- C:\Program Files (x86)\zabkat\xplorer2_lite\xplorer2_lite.exe O4 - GS\Desktop [Joseph]: Audio.lnk . (...) -- D:\Audio O4 - GS\Desktop [Joseph]: Chargements.lnk . (...) -- D:\Chargements O4 - GS\Desktop [Joseph]: Graphisme.lnk . (...) -- D:\Graphisme O4 - GS\Desktop [Joseph]: Jeux.lnk . (...) -- D:\Jeux O4 - GS\Desktop [Joseph]: Sécurité.lnk . (...) -- D:\Sécurité O4 - GS\Desktop [Joseph]: Vidéos.lnk . (...) -- D:\Vidéos O4 - GS\Desktop [Joseph]: Windows Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\system32\wuapp.exe O4 - GS\Quick Launch [Public]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe O4 - GS\Quick Launch [Public]: Pointofix.lnk . (...) -- C:\Program Files (x86)\Pointofix\Pointofix.exe O4 - GS\Startup [Public]: ShellFolderFix.lnk . (...) -- C:\Program Files (x86)\ShellFolderFix\ShellFolderFixUI.exe O4 - GS\TaskBar [Public]: Arrêt.lnk . (.Microsoft Corporation - Outil d’arrêt et d’annotation Windows.) -- C:\Windows\System32\shutdown.exe O4 - GS\TaskBar [Public]: Canned Speeches Manager.lnk . (.www.libellules.ch - Canned Speeches Manager.) -- D:\Sécurité\CanRemember\CanRemember.exe O4 - GS\TaskBar [Public]: MyImgur.lnk . (...) -- D:\Graphisme\MyImgur Portable\x64\MyImgur.exe O4 - GS\TaskBar [Public]: xplorer2 Lite.lnk . (.ZabKat - xplorer² - explorer replacement.) -- C:\Program Files (x86)\zabkat\xplorer2_lite\xplorer2_lite.exe O4 - GS\Desktop [Public]: Audio.lnk . (...) -- D:\Audio O4 - GS\Desktop [Public]: Chargements.lnk . (...) -- D:\Chargements O4 - GS\Desktop [Public]: Graphisme.lnk . (...) -- D:\Graphisme O4 - GS\Desktop [Public]: Jeux.lnk . (...) -- D:\Jeux O4 - GS\Desktop [Public]: Sécurité.lnk . (...) -- D:\Sécurité O4 - GS\Desktop [Public]: Vidéos.lnk . (...) -- D:\Vidéos O4 - GS\Desktop [Public]: Windows Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\system32\wuapp.exe O4 - GS\Programs [Public]: PowerpointImageExtractor V1.2b.lnk . (...) -- C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe O4 - GS\Programs [Public]: Visionneuse Microsoft PowerPoint .lnk . (...) -- C:\Windows\Installer\{95140000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe O4 - GS\Desktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe ~ 32 Browser Shortcut Redirection found in 0 second(s) ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKCU\..\Run: [GmailNotifierPro] . (.IntelliBreeze Software - Gmail Notifier Pro.) -- C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe O4 - HKCU\..\Run: [ultracopier] . (.ultracopier.first-world.info - Supercopier under GPL3.) -- C:\Program Files (x86)\Supercopier\supercopier.exe O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [mctadmin] . (...) -- C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [mctadmin] . (...) -- C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-21-1753250563-599489337-4088562662-1000\..\Run: [GmailNotifierPro] . (.IntelliBreeze Software - Gmail Notifier Pro.) -- C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe O4 - HKUS\S-1-5-21-1753250563-599489337-4088562662-1000\..\Run: [ultracopier] . (.ultracopier.first-world.info - Supercopier under GPL3.) -- C:\Program Files (x86)\Supercopier\supercopier.exe ~ 9 Running Process found in 0 second(s) ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de m.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\Windows\System32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll ~ 6 Winsock hijacker scanned in 0 second(s) ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{8DA90175-3090-400F-A8EE-04CD02142143}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\SYSTEM\CS1\Services\Tcpip\..\{8DA90175-3090-400F-A8EE-04CD02142143}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\SYSTEM\CS2\Services\Tcpip\..\{8DA90175-3090-400F-A8EE-04CD02142143}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 ~ 4 DNS scanned in 0 second(s) ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll =>.© Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.© Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll =>.© Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll =>.© Microsoft Corporation O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.© Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll =>.© Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.© Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.© Microsoft Corporation O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.© Microsoft Corporation ~ 20 Protocols scanned in 0 second(s) ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.... -- Clé orphelineWebCheck Contrôleur de site Web =>.WebCheck Contrôleur de site Web O21 - SSO: Bluetooth Authentication Agent SSO - {F08C5AC2-E722-4116-ADB7-CE41B527994B} . (.Microsoft Corporation - Applet Panneau de configuration Bluetooth.) -- C:\Windows\System32\bthprops.cpl =>.Bluetooth Authentication O21 - SSO: HomeGroup SSO - {ff363bfe-4941-4179-a81c-f3f1ca72d820} . (.Microsoft Corporation - Panneau de configuration HomeGroup.) -- C:\Windows\System32\hgcpl.dll =>.HomeGroup ShellServiceObject ~ 3 SSODL/SSO scanned in 0 second(s) ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) -- C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: lxdxCATSCustConnectService (lxdxCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) -- C:\Windows\system32\spool\DRIVERS\x64\3\lxdxserv.exe O23 - Service: lxdx_device (lxdx_device) . (. - Printer Communication System.) -- C:\Windows\system32\lxdxcoms.exe ~ 6 Services found in 0 second(s) ---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36) O36 - KnownDLLs: (clbcatq) . (.Microsoft Corporation - COM+ Configuration Catalog.) -- C:\Windows\System32\clbcatq.dll =>.© Microsoft Corporation O36 - KnownDLLs: (ole32) . (.Microsoft Corporation - Microsoft OLE pour Windows.) -- C:\Windows\System32\ole32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (advapi32) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\System32\advapi32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (COMDLG32) . (.Microsoft Corporation - DLL commune de boîtes de dialogues.) -- C:\Windows\System32\COMDLG32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (gdi32) . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (IERTUTIL) . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\IERTUTIL.dll =>.© Microsoft Corporation O36 - KnownDLLs: (IMAGEHLP) . (.Microsoft Corporation - Windows NT Image Helper.) -- C:\Windows\System32\IMAGEHLP.dll =>.© Microsoft Corporation O36 - KnownDLLs: (IMM32) . (.Microsoft Corporation - Multi-User Windows IMM32 API Client DLL.) -- C:\Windows\System32\IMM32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (kernel32) . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (LPK) . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\LPK.dll =>.© Microsoft Corporation O36 - KnownDLLs: (MSCTF) . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\Windows\System32\MSCTF.dll =>.© Microsoft Corporation O36 - KnownDLLs: (MSVCRT) . (.Microsoft Corporation - Windows NT CRT DLL.) -- C:\Windows\System32\MSVCRT.dll =>.© Microsoft Corporation O36 - KnownDLLs: (NORMALIZ) . (.Microsoft Corporation - Unicode Normalization DLL.) -- C:\Windows\System32\NORMALIZ.dll =>.© Microsoft Corporation O36 - KnownDLLs: (NSI) . (.Microsoft Corporation - NSI User-mode interface DLL.) -- C:\Windows\System32\NSI.dll =>.© Microsoft Corporation O36 - KnownDLLs: (OLEAUT32) . (...) -- C:\Windows\System32\OLEAUT32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (rpcrt4) . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\System32\rpcrt4.dll =>.© Microsoft Corporation O36 - KnownDLLs: (sechost) . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\Windows\System32\sechost.dll =>.© Microsoft Corporation O36 - KnownDLLs: (Setupapi) . (.Microsoft Corporation - Installation de L’API Windows.) -- C:\Windows\System32\Setupapi.dll =>.© Microsoft Corporation O36 - KnownDLLs: (SHELL32) . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\SHELL32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (SHLWAPI) . (.Microsoft Corporation - Bibliothèque d’utilitaires légers du Shell.) -- C:\Windows\System32\SHLWAPI.dll =>.© Microsoft Corporation O36 - KnownDLLs: (URLMON) . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\URLMON.dll =>.© Microsoft Corporation O36 - KnownDLLs: (user32) . (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\user32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (USP10) . (.Microsoft Corporation - Uniscribe Unicode script processor.) -- C:\Windows\System32\USP10.dll =>.© Microsoft Corporation O36 - KnownDLLs: (WININET) . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\WININET.dll =>.© Microsoft Corporation O36 - KnownDLLs: (WLDAP32) . (.Microsoft Corporation - DLL API LDAP Win32.) -- C:\Windows\System32\WLDAP32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (WS2_32) . (.Microsoft Corporation - Windows Socket 2.0 32-Bit DLL.) -- C:\Windows\System32\WS2_32.dll =>.© Microsoft Corporation O36 - KnownDLLs: (DifxApi) . (.Microsoft Corporation - Driver Install Frameworks for API library m.) -- C:\Windows\System32\difxapi.dll =>.© Microsoft Corporation ~ 27 Session Manager Keys scanned in 0 second(s) ---\\ Tâches planifiées en automatique (O39) [MD5.FBB312C9DA3863673EC18F4AE4101778] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 15.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440] =>.Adobe Systems Inc. [MD5.816B4925CC73512A2DEBF625DABCCAB6] [APT] [CCleanerSkipUAC] (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [4796696] [MD5.68FF8A6C8BF428853C359D3BF479FDC8] [APT] [Installation App Launcher] (...) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe [16040] [MD5.709753B8CAB9F4969E5799CAFAF95EB1] [APT] [{457E6B10-F2E4-4254-BC4E-2EADAC0CFC47}] (...) -- C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe [1674240] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 15.0 r0.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 15.0 r0.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] ~ 6 Scheduled Tasks found in 1 second(s) ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bit] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\system32\wmploc.dll =>.© Microsoft Corporation O40 - ASIC: Themes Setup [64Bit] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\system32\themeui.dll =>.© Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player [64Bit] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\system32\wmploc.dll =>.© Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bit] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll =>.© Microsoft Corporation ~ 4 ActiveSetup scanned in 0 second(s) ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys =>.© Microsoft O41 - Driver: ammntdrv (ammntdrv) . (...) - C:\Windows\system32\ammntdrv.sys O41 - Driver: amwrtdrv (amwrtdrv) . (...) - C:\Windows\system32\amwrtdrv.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys =>.© Microsoft O41 - Driver: Pilote de CD-ROM (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys =>.© Microsoft O41 - Driver: eamonm (eamonm) . (.ESET - Amon monitor.) - C:\Windows\system32\DRIVERS\eamonm.sys O41 - Driver: ehdrv (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\system32\DRIVERS\ehdrv.sys O41 - Driver: epfw (epfw) . (.ESET - ESET Personal Firewall driver.) - C:\Windows\system32\DRIVERS\epfw.sys O41 - Driver: Epfw NDIS LightWeight Filter (EpfwLWF) . (.ESET - Epfw NDIS LightWeight Filter.) - C:\Windows\system32\DRIVERS\EpfwLWF.sys O41 - Driver: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - C:\Windows\system32\DRIVERS\lltdio.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\drivers\luafv.sys (luafv) . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - C:\Windows\system32\drivers\luafv.sys =>.© Microsoft O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys =>.© Microsoft O41 - Driver: NetBIOS Interface (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys =>.© Microsoft O41 - Driver: netmon_wfp (netmon_wfp) . (.Windows (R) Win 7 DDK provider - WFP driver platform.) - C:\Windows\system32\drivers\netmon_wfp.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys =>.© Microsoft O41 - Driver: PEAUTH (PEAUTH) . (.Microsoft Corporation - Protected Environment Authentication and Au.) - C:\Windows\system32\drivers\peauth.sys =>.© Microsoft O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys =>.© Microsoft O41 - Driver: Link-Layer Topology Discovery Responder (rspndr) . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - C:\Windows\system32\DRIVERS\rspndr.sys =>.© Microsoft O41 - Driver: Pilote de port série (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\system32\DRIVERS\serial.sys O41 - Driver: TCP/IP Registry Compatibility (tcpipreg) . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - C:\Windows\system32\drivers\tcpipreg.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys =>.© Microsoft O41 - Driver: Pilote de périphérique terminal (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys =>.© Microsoft O41 - Driver: Universal Image Mounter Controller (UimBus) . (...) - C:\Windows\system32\DRIVERS\UimBus.sys O41 - Driver: UIM Direct Device Image Plugin (Uim_DEVIM) . (...) - C:\Windows\system32\DRIVERS\uim_devim.sys O41 - Driver: UIM Drive Backup Image Plugin (Uim_IM) . (...) - C:\Windows\system32\DRIVERS\uim_im.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\System32\drivers\vga.sys =>.© Microsoft O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys =>.© Microsoft O41 - Driver: WFP Lightweight Filter (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys =>.© Microsoft ~ 35 Running Drivers scanned in 0 second(s) ---\\ Logiciels installés (O42) O42 - Logiciel: 123 Free Solitaire v10.0 - (.TreeCardGames.) [HKLM] [64Bits] -- 123 Free Solitaire_is1 O42 - Logiciel: 8 Ball Frenzy - (.FreeGamePick.) [HKLM] [64Bits] -- 8 Ball Frenzy_is1 O42 - Logiciel: QGifer - (...) [HKLM] [64Bits] -- 819FBA20-557E-4EFB-9EF9-8040D09FAE68 O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM] [64Bits] -- Adobe Flash Player ActiveX =>.© Adobe Systems Incorporated O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM] [64Bits] -- Adobe Flash Player Plugin =>.© Adobe Systems Incorporated O42 - Logiciel: AIMP3 - (.AIMP DevTeam.) [HKLM] [64Bits] -- AIMP3 O42 - Logiciel: AmiFoot 9.07.09 - (...) [HKLM] [64Bits] -- AmiFoot O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM] [64Bits] -- Audacity_is1 O42 - Logiciel: Bel Atout 5.22 - (.Vincent Brévart.) [HKLM] [64Bits] -- BelAtoutFr_is1 O42 - Logiciel: BurnAware Free 7.3 - (.Burnaware.) [HKLM] [64Bits] -- BurnAware Free_is1 O42 - Logiciel: CDex - Open Source Digital Audio CD Extractor - (.Georgy Berdyshev.) [HKLM] [64Bits] -- CDex O42 - Logiciel: ERUNT 1.1j - (.Lars Hederer.) [HKLM] [64Bits] -- ERUNT_is1 O42 - Logiciel: FastStone Capture 7.9 - (.FastStone Soft.) [HKLM] [64Bits] -- FastStone Capture O42 - Logiciel: FileHippo.com Update Checker - (...) [HKLM] [64Bits] -- FileHippo.com O42 - Logiciel: FormatFactory 3.3.5.0 - (.Format Factory.) [HKLM] [64Bits] -- FormatFactory O42 - Logiciel: Freemake Video Converter version 4.1.4 - (.Ellora Assets Corporation.) [HKLM] [64Bits] -- Freemake Video Converter_is1 =>.© Ellora Assets Corporation O42 - Logiciel: Gekko Mahjongg - (...) [HKLM] [64Bits] -- GEKKO Mahjongg O42 - Logiciel: Gmail Backup - (...) [HKLM] [64Bits] -- gmailbackup O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] [64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.© Samsung Electronics Co., Ltd. O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM] [64Bits] -- LAME_is1 O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 - (.Malwarebytes Corporation.) [HKLM] [64Bits] -- Malwarebytes Anti-Malware_is1 =>.© Malwarebytes Corporation O42 - Logiciel: Mozilla Firefox 32.0.1 (x86 fr) - (.Mozilla.) [HKLM] [64Bits] -- Mozilla Firefox 32.0.1 (x86 fr) =>.© Mozilla O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] [64Bits] -- MozillaMaintenanceService =>.© Mozilla O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] [64Bits] -- Notepad++ O42 - Logiciel: PDF Editor Pro 3 - (...) [HKLM] [64Bits] -- PDF Editor Pro 3 O42 - Logiciel: PhotoScape - (...) [HKLM] [64Bits] -- PhotoScape O42 - Logiciel: Pointofix - (.Amerigomedia.) [HKLM] [64Bits] -- Pointofix_is1 O42 - Logiciel: PowerpointImageExtractor - (...) [HKLM] [64Bits] -- PowerpointImageExtractor_is1 O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] [64Bits] -- Revo Uninstaller O42 - Logiciel: Supercopier 4.0.1.13 - (.Supercopier.) [HKLM] [64Bits] -- Supercopier O42 - Logiciel: SyncBackFree - (.2BrightSparks.) [HKLM] [64Bits] -- SyncBackFree_is1 O42 - Logiciel: TechPowerUp GPU-Z - (.TechPowerUp.) [HKLM] [64Bits] -- TechPowerUp GPU-Z O42 - Logiciel: Texas Hold 'Em - (.Micro Application.) [HKLM] [64Bits] -- Texas Hold 'Em O42 - Logiciel: Video mp3 Extractor - (.GeoVid.) [HKLM] [64Bits] -- Video mp3 Extractor_is1 O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] [64Bits] -- VLC media player =>.© VideoLAN O42 - Logiciel: XnView 2.22 - (.Gougelet Pierre-e.) [HKLM] [64Bits] -- XnView_is1 O42 - Logiciel: xplorer² lite 32 bit - (.Zabkat.) [HKLM] [64Bits] -- xplorer2l O42 - Logiciel: ZebHelpProcess 2014 - (.Nicolas Coolman.) [HKLM] [64Bits] -- ZebHelpProcess_is1 =>.© Nicolas Coolman O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM] [64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: AOMEI Partition Assistant Standard Edition 5.5 - (.AOMEI Technology Co., Ltd..) [HKLM] [64Bits] -- {02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1 O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E} =>.© Microsoft Corporation O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM] [64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2} =>.© Intel Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] [64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.© Oracle Corporation O42 - Logiciel: LibreOffice 4.3.0.4 - (.The Document Foundation.) [HKLM] [64Bits] -- {5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4} O42 - Logiciel: Gmail Notifier Pro - (.IntelliBreeze Software.) [HKLM] [64Bits] -- {836A6F60-86E8-40D2-8DB0-4130A33E34C9} =>.© IntelliBreeze Software O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] [64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.© Realtek O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] [64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.© Samsung Electronics Co., Ltd. O42 - Logiciel: Visionneuse Microsoft PowerPoint - (.Microsoft Corporation.) [HKLM] [64Bits] -- {95140000-00AF-040C-0000-0000000FF1CE} =>.© Microsoft Corporation O42 - Logiciel: AOMEI Backupper Standard Edition 2.0 - (.AOMEI Technology Co., Ltd..) [HKLM] [64Bits] -- {A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1 O42 - Logiciel: Adobe Reader XI (11.0.09) - Français - (.Adobe Systems Incorporated.) [HKLM] [64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} =>.© Adobe Systems Incorporated O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] [64Bits] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07} O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {ce085a78-074e-4823-8dc1-8a721b94b76d} =>.© Microsoft Corporation O42 - Logiciel: Auslogics DiskDefrag - (.Auslogics Labs Pty Ltd.) [HKLM] [64Bits] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 =>.© Auslogics Labs Pty Ltd O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] [64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.© Intel Corporation O42 - Logiciel: Belkin 54Mbps Wireless Network Adapter - (.Belkin.) [HKLM] [64Bits] -- {F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE} O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM] [64Bits] -- {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} =>.© Microsoft Corporation O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM] [64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} =>.© Intel Corporation O42 - Logiciel: CCleaner - (.Piriform.) [HKLM]-- CCleaner =>.© Piriform O42 - Logiciel: CPUID CPU-Z 1.70 - (...) [HKLM]-- CPUID CPU-Z_is1 O42 - Logiciel: Lexmark 3600-4600 Series - (.Lexmark International, Inc..) [HKLM]-- Lexmark 3600-4600 Series O42 - Logiciel: Recuva - (.Piriform.) [HKLM]-- Recuva =>.© Piriform O42 - Logiciel: Speccy - (.Piriform.) [HKLM]-- Speccy =>.© Piriform O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM]-- Unlocker O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM]-- {23170F69-40C1-2702-0920-000001000000} O42 - Logiciel: Java 8 Update 20 (64-bit) - (.Oracle Corporation.) [HKLM]-- {26A24AE4-039D-4CA4-87B4-2F86418020F0} =>.© Oracle Corporation O42 - Logiciel: ShellFolderFix 1.1.4 - (...) [HKLM]-- {3DD823AB-145A-4522-B9F6-A9566121F837}_is1 O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM]-- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.© Intel Corporation O42 - Logiciel: ESET Smart Security - (.ESET, spol s r. o..) [HKLM]-- {5515A613-3F62-4324-889D-9999C53D0632} O42 - Logiciel: Microsoft .NET Framework 4.5.1 - (.Microsoft Corporation.) [HKLM]-- {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4.5.1 - (.Microsoft Corporation.) [HKLM]-- {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4.5.1 (Français) - (.Microsoft Corporation.) [HKLM]-- {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036 =>.© Microsoft Corporation O42 - Logiciel: Microsoft .NET Framework 4.5.1 (FRA) - (.Microsoft Corporation.) [HKLM]-- {C22759DB-BA8B-30E7-99EE-8B47DB43AE56} =>.© Microsoft Corporation O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM]-- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E} =>.© Microsoft Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM]-- {EAF826C0-245E-4D02-9D51-BA4C98717EAE} =>.© Intel Corporation ~ 75 Softwares scanned in 0 second(s) ---\\ Clés de registre software HKCU & HKLM HKLM\SOFTWARE\7-Zip HKLM\SOFTWARE\ATI Technologies =>.© ATI Technologies HKLM\SOFTWARE\Borland =>.© Borland HKLM\SOFTWARE\CPUID HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Intel =>.© Intel HKLM\SOFTWARE\JavaSoft =>.© JavaSoft HKLM\SOFTWARE\Khronos HKLM\SOFTWARE\Lexmark HKLM\SOFTWARE\LexmarkInkjet HKLM\SOFTWARE\Macromedia =>.© Macromedia HKLM\SOFTWARE\Microsoft =>.© Microsoft HKLM\SOFTWARE\Mozilla =>.© Mozilla HKLM\SOFTWARE\MozillaPlugins =>.© MozillaPlugins HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Piriform =>.© Piriform HKLM\SOFTWARE\Realtek =>.© Realtek HKLM\SOFTWARE\RTLSetup HKLM\SOFTWARE\Sonic HKLM\SOFTWARE\Trolltech HKLM\SOFTWARE\Winaero.com HKLM\SOFTWARE\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15} HKLM\SOFTWARE\Wow6432Node\2BrightSparks HKLM\SOFTWARE\Wow6432Node\ABBYY HKLM\SOFTWARE\Wow6432Node\Adobe =>.© Adobe HKLM\SOFTWARE\Wow6432Node\Auslogics =>.© Auslogics HKLM\SOFTWARE\Wow6432Node\AviSynth HKLM\SOFTWARE\Wow6432Node\Belkin HKLM\SOFTWARE\Wow6432Node\Borland =>.© Borland HKLM\SOFTWARE\Wow6432Node\CDex HKLM\SOFTWARE\Wow6432Node\dck HKLM\SOFTWARE\Wow6432Node\ESET HKLM\SOFTWARE\Wow6432Node\Freemake HKLM\SOFTWARE\Wow6432Node\GEKKO HKLM\SOFTWARE\Wow6432Node\GmailBackup HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google =>.© Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Intel =>.© Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.© JavaSoft HKLM\SOFTWARE\Wow6432Node\JGsoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\Lame For Audacity HKLM\SOFTWARE\Wow6432Node\Lexmark HKLM\SOFTWARE\Wow6432Node\LexmarkInkjet HKLM\SOFTWARE\Wow6432Node\LibreOffice HKLM\SOFTWARE\Wow6432Node\Macromedia =>.© Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit =>.© Malwarebytes Anti-Exploit HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware =>.© Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Microsoft =>.© Microsoft HKLM\SOFTWARE\Wow6432Node\Mooii HKLM\SOFTWARE\Wow6432Node\Mozilla =>.© Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.© mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.© MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Notepad++ HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\PDFCreator HKLM\SOFTWARE\Wow6432Node\Realtek =>.© Realtek HKLM\SOFTWARE\Wow6432Node\The Document Foundation HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.© VideoLAN HKLM\SOFTWARE\Wow6432Node\Wise Solutions HKLM\SOFTWARE\Wow6432Node\XnView HKCU\Software\2BrightSparks HKCU\Software\7-Zip HKCU\Software\8322898 HKCU\Software\ABBYY HKCU\Software\Adobe =>.© Adobe HKCU\Software\Amerigomedia HKCU\Software\AmiFoot HKCU\Software\AOMEI HKCU\Software\Audacity HKCU\Software\Borland =>.© Borland HKCU\Software\ESET HKCU\Software\FileHippo.com HKCU\Software\Freemake HKCU\Software\FreeTime HKCU\Software\Gabest HKCU\Software\Geovid HKCU\Software\Gmail Notifier Pro HKCU\Software\GNU HKCU\Software\Google =>.© Google HKCU\Software\Haali HKCU\Software\IHUI HKCU\Software\Intel =>.© Intel HKCU\Software\Its HKCU\Software\JavaSoft =>.© JavaSoft HKCU\Software\Macromedia =>.© Macromedia HKCU\Software\Microsoft =>.© Microsoft HKCU\Software\Mooii HKCU\Software\Mozilla =>.© Mozilla HKCU\Software\Netscape =>.© Netscape HKCU\Software\Orange HKCU\Software\Partition Assistant HKCU\Software\PDFCreator HKCU\Software\PDFEdit HKCU\Software\PhotoFiltre 7 HKCU\Software\Piriform =>.© Piriform HKCU\Software\QGifer HKCU\Software\QtProject HKCU\Software\RadioSure HKCU\Software\Samsung =>.© Samsung HKCU\Software\ShellFolderFix HKCU\Software\Sysinternals =>.© Sysinternals HKCU\Software\techPowerUp HKCU\Software\Teorex HKCU\Software\The Document Foundation HKCU\Software\TinypicUploader HKCU\Software\TQIUYLTS HKCU\Software\Trolltech HKCU\Software\Ultracopier HKCU\Software\VB and VBA Program Settings HKCU\Software\VirtualDub.org HKCU\Software\VSRevoGroup HKCU\Software\Winaero.com HKCU\Software\Winamp HKCU\Software\xplorer2l HKCU\Software\ZabaraKatranemia Plc HKCU\Software\ZebHelpProcess Helper HKCU\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8} HKCU\Software\AppDataLow\Software\JavaSoft =>.© JavaSoft HKCU\Software\AppDataLow\Software\Microsoft =>.© Microsoft ~ 122 Software Keys scanned in 0 second(s) ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 27/08/2014 - 16:38:23 - [] ----D- C:\Program Files (x86)\123 Free Solitaire =>.© O43 - CFD: 27/08/2014 - 14:16:04 - [] ----D- C:\Program Files (x86)\2BrightSparks =>.© O43 - CFD: 27/08/2014 - 15:54:06 - [] ----D- C:\Program Files (x86)\Adobe =>.© O43 - CFD: 27/08/2014 - 14:54:27 - [] ----D- C:\Program Files (x86)\AIMP3 =>.© O43 - CFD: 27/08/2014 - 14:57:57 - [] ----D- C:\Program Files (x86)\Audacity =>.© O43 - CFD: 27/08/2014 - 13:45:26 - [] ----D- C:\Program Files (x86)\Auslogics O43 - CFD: 26/08/2014 - 15:33:44 - [] ----D- C:\Program Files (x86)\Belkin O43 - CFD: 27/08/2014 - 15:00:42 - [] ----D- C:\Program Files (x86)\BurnAware Free =>.© O43 - CFD: 27/08/2014 - 17:42:25 - [] ----D- C:\Program Files (x86)\CDex O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 18/09/2014 - 10:37:58 - [] ----D- C:\Program Files (x86)\ERUNT O43 - CFD: 27/08/2014 - 09:35:10 - [] ----D- C:\Program Files (x86)\FastStone Capture =>.© O43 - CFD: 27/08/2014 - 16:49:25 - [] ----D- C:\Program Files (x86)\FreeGamePick O43 - CFD: 27/08/2014 - 15:22:21 - [] ----D- C:\Program Files (x86)\Freemake =>.© O43 - CFD: 27/08/2014 - 15:17:28 - [] ----D- C:\Program Files (x86)\FreeTime =>.© O43 - CFD: 26/08/2014 - 20:32:22 - [] ----D- C:\Program Files (x86)\Gmail Notifier Pro =>.© O43 - CFD: 27/08/2014 - 15:57:30 - [] ----D- C:\Program Files (x86)\GmailBackup =>.© O43 - CFD: 18/09/2014 - 12:47:01 - [] ----D- C:\Program Files (x86)\Google O43 - CFD: 27/08/2014 - 14:03:28 - [] ----D- C:\Program Files (x86)\GPU-Z O43 - CFD: 27/08/2014 - 15:40:59 - [] --H-D- C:\Program Files (x86)\InstallJammer Registry O43 - CFD: 26/08/2014 - 15:33:56 - [] --H-D- C:\Program Files (x86)\InstallShield Installation Information =>.© O43 - CFD: 26/08/2014 - 17:21:13 - [] ----D- C:\Program Files (x86)\Intel O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Internet Explorer =>.© O43 - CFD: 27/08/2014 - 16:41:12 - [] ----D- C:\Program Files (x86)\Jeux de cartes O43 - CFD: 27/08/2014 - 17:24:35 - [] ----D- C:\Program Files (x86)\Lame For Audacity =>.© O43 - CFD: 27/08/2014 - 18:19:20 - [] ----D- C:\Program Files (x86)\Lexmark 3600-4600 Series O43 - CFD: 27/08/2014 - 17:59:14 - [] ----D- C:\Program Files (x86)\Lexmark Toolbar O43 - CFD: 27/08/2014 - 16:27:01 - [] ----D- C:\Program Files (x86)\LibreOffice 4 =>.© O43 - CFD: 27/08/2014 - 14:05:30 - [] ----D- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.© O43 - CFD: 27/08/2014 - 17:16:06 - [] ----D- C:\Program Files (x86)\Micro Application O43 - CFD: 27/08/2014 - 17:30:51 - [] ----D- C:\Program Files (x86)\Microsoft Office =>.© Microsoft O43 - CFD: 12/09/2014 - 20:26:51 - [] ----D- C:\Program Files (x86)\Mozilla Firefox =>.© O43 - CFD: 26/08/2014 - 18:48:15 - [] ----D- C:\Program Files (x86)\Mozilla Maintenance Service =>.© O43 - CFD: 27/08/2014 - 15:06:24 - [] ----D- C:\Program Files (x86)\MP3Gain O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\MSBuild =>.© O43 - CFD: 27/08/2014 - 17:30:28 - [] ----D- C:\Program Files (x86)\MSECache O43 - CFD: 27/08/2014 - 17:26:31 - [] ----D- C:\Program Files (x86)\Notepad++ =>.© O43 - CFD: 15/09/2014 - 20:35:21 - [] ----D- C:\Program Files (x86)\PDF Editor Pro 3 O43 - CFD: 27/08/2014 - 16:33:15 - [] ----D- C:\Program Files (x86)\PDFCreator =>.© O43 - CFD: 27/08/2014 - 15:34:35 - [] ----D- C:\Program Files (x86)\PhotoFiltre 7 =>.© O43 - CFD: 27/08/2014 - 15:37:18 - [] ----D- C:\Program Files (x86)\PhotoScape O43 - CFD: 15/09/2014 - 15:04:10 - [] ----D- C:\Program Files (x86)\Pointofix O43 - CFD: 07/09/2014 - 11:01:47 - [] ----D- C:\Program Files (x86)\PowerpointImageExtractor_V1_2 O43 - CFD: 27/08/2014 - 15:40:44 - [] ----D- C:\Program Files (x86)\QGifer O43 - CFD: 31/08/2014 - 18:40:06 - [] ----D- C:\Program Files (x86)\Realtek =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Reference Assemblies =>.© O43 - CFD: 27/08/2014 - 17:39:50 - [] ----D- C:\Program Files (x86)\Samsung =>.© O43 - CFD: 18/09/2014 - 10:48:03 - [] ----D- C:\Program Files (x86)\Supercopier O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 27/08/2014 - 15:11:12 - [] ----D- C:\Program Files (x86)\Video mp3 Extractor O43 - CFD: 27/08/2014 - 15:30:07 - [] ----D- C:\Program Files (x86)\VideoLAN =>.© O43 - CFD: 27/08/2014 - 14:11:16 - [] ----D- C:\Program Files (x86)\VS Revo Group O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Defender =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Windows Mail =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Media Player =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Photo Viewer =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Portable Devices =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D- C:\Program Files (x86)\Windows Sidebar =>.© O43 - CFD: 27/08/2014 - 15:42:41 - [] ----D- C:\Program Files (x86)\XnView =>.© O43 - CFD: 27/08/2014 - 09:40:05 - [] ----D- C:\Program Files (x86)\zabkat O43 - CFD: 27/08/2014 - 14:26:30 - [] ----D- C:\Program Files (x86)\ZebHelpProcess =>.© O43 - CFD: 27/08/2014 - 15:54:06 - [] ----D- C:\Program Files (x86)\Common Files\Adobe =>.© O43 - CFD: 27/08/2014 - 14:26:43 - [] ----D- C:\Program Files (x86)\Common Files\Borland Shared =>.© O43 - CFD: 28/08/2014 - 09:04:01 - [] ----D- C:\Program Files (x86)\Common Files\Intel Corporation =>.© O43 - CFD: 27/08/2014 - 20:44:27 - [] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\microsoft shared =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\SpeechEngines =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 27/08/2014 - 16:38:25 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123 Free Solitaire =>.© O43 - CFD: 27/08/2014 - 14:16:08 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks =>.© O43 - CFD: 27/08/2014 - 17:34:17 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/07/2009 - 07:32:38 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.© O43 - CFD: 27/08/2014 - 18:34:45 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmiFoot O43 - CFD: 27/08/2014 - 13:45:27 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics O43 - CFD: 26/08/2014 - 15:33:57 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin O43 - CFD: 27/08/2014 - 15:00:44 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free =>.© O43 - CFD: 27/08/2014 - 17:42:39 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex O43 - CFD: 27/08/2014 - 13:58:13 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID =>.© O43 - CFD: 18/09/2014 - 10:37:58 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT O43 - CFD: 26/08/2014 - 17:05:24 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET O43 - CFD: 27/08/2014 - 09:35:10 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture =>.© O43 - CFD: 27/08/2014 - 16:49:27 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGamePick O43 - CFD: 27/08/2014 - 15:22:30 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake =>.© O43 - CFD: 14/07/2009 - 07:32:38 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 27/08/2014 - 15:57:32 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gmail Backup =>.© O43 - CFD: 28/08/2014 - 09:02:46 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 26/08/2014 - 20:45:49 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 27/08/2014 - 16:41:14 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeux de cartes O43 - CFD: 27/08/2014 - 18:19:43 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3600-4600 Series O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 27/08/2014 - 14:05:33 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.© O43 - CFD: 27/08/2014 - 17:16:07 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application O43 - CFD: 27/08/2014 - 15:03:34 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain O43 - CFD: 27/08/2014 - 17:26:32 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ =>.© O43 - CFD: 27/08/2014 - 16:33:19 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator =>.© O43 - CFD: 27/08/2014 - 15:34:37 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 =>.© O43 - CFD: 27/08/2014 - 15:37:24 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape O43 - CFD: 15/09/2014 - 15:04:10 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pointofix O43 - CFD: 27/08/2014 - 17:40:23 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung =>.© O43 - CFD: 06/09/2014 - 12:04:11 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShellFolderFix O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 14/07/2009 - 17:35:05 - [0] R-H-D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 27/08/2014 - 15:11:12 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video mp3 Extractor O43 - CFD: 27/08/2014 - 15:30:19 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.© O43 - CFD: 27/08/2014 - 15:42:43 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView =>.© O43 - CFD: 27/08/2014 - 09:40:31 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xplorer2 lite O43 - CFD: 27/08/2014 - 14:26:38 - [] ----D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.© O43 - CFD: 27/08/2014 - 15:53:51 - [] ----D- C:\ProgramData\Adobe =>.© O43 - CFD: 30/08/2014 - 09:27:47 - [] ----D- C:\ProgramData\AomeiBR O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Application Data =>.© O43 - CFD: 27/08/2014 - 13:45:34 - [] ----D- C:\ProgramData\Auslogics O43 - CFD: 26/08/2014 - 15:31:27 - [?] -SH-D- C:\ProgramData\Bureau =>.© O43 - CFD: 27/08/2014 - 16:47:17 - [] ----D- C:\ProgramData\BZCKqXX O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Desktop =>.© O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Documents =>.© O43 - CFD: 26/08/2014 - 17:05:24 - [] ----D- C:\ProgramData\ESET O43 - CFD: 27/08/2014 - 14:50:58 - [] ----D- C:\ProgramData\explauncher O43 - CFD: 27/08/2014 - 09:24:43 - [] ----D- C:\ProgramData\FastStone =>.© O43 - CFD: 26/08/2014 - 15:31:27 - [?] -SH-D- C:\ProgramData\Favoris =>.© O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Favorites =>.© O43 - CFD: 27/08/2014 - 15:22:29 - [] ----D- C:\ProgramData\Freemake =>.© O43 - CFD: 28/08/2014 - 09:01:37 - [] ----D- C:\ProgramData\Intel O43 - CFD: 27/08/2014 - 14:50:58 - [] ----D- C:\ProgramData\launcher O43 - CFD: 27/08/2014 - 18:00:47 - [] ----D- C:\ProgramData\Lx_cats O43 - CFD: 27/08/2014 - 14:05:30 - [] ----D- C:\ProgramData\Malwarebytes =>.© O43 - CFD: 29/08/2014 - 11:52:39 - [] ----D- C:\ProgramData\Malwarebytes Anti-Exploit =>.© O43 - CFD: 26/08/2014 - 15:31:27 - [?] -SH-D- C:\ProgramData\Menu Démarrer =>.© O43 - CFD: 14/07/2009 - 05:20:08 - [] -S--D- C:\ProgramData\Microsoft =>.© Microsoft O43 - CFD: 26/08/2014 - 15:31:27 - [?] -SH-D- C:\ProgramData\Modèles =>.© O43 - CFD: 26/08/2014 - 16:49:56 - [] ----D- C:\ProgramData\Mozilla =>.© O43 - CFD: 28/08/2014 - 09:11:33 - [] ----D- C:\ProgramData\newbackup O43 - CFD: 26/08/2014 - 20:46:00 - [] ----D- C:\ProgramData\Oracle =>.© O43 - CFD: 27/08/2014 - 17:42:33 - [] ----D- C:\ProgramData\Package Cache =>.© O43 - CFD: 27/08/2014 - 16:33:25 - [] ----D- C:\ProgramData\PDF Architect 2 O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 26/08/2014 - 20:45:59 - [] ----D- C:\ProgramData\Sun O43 - CFD: 14/07/2009 - 07:08:56 - [?] -SH-D- C:\ProgramData\Templates =>.© O43 - CFD: 28/08/2014 - 10:26:50 - [] ----D- C:\ProgramData\TreeCardGames O43 - CFD: 26/08/2014 - 15:31:27 - [?] -SH-D- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes O43 - CFD: 14/07/2009 - 05:20:08 - [] R---D- C:\ProgramData\Microsoft\Windows\Start Menu\Programs =>.© O43 - CFD: 27/08/2014 - 14:16:06 - [] ----D- C:\Users\Joseph\AppData\Local\2BrightSparks =>.© O43 - CFD: 01/09/2014 - 15:08:39 - [] ----D- C:\Users\Joseph\AppData\Local\Adobe =>.© O43 - CFD: 26/08/2014 - 15:31:36 - [?] -SH-D- C:\Users\Joseph\AppData\Local\Application Data =>.© O43 - CFD: 27/08/2014 - 15:03:14 - [] ----D- C:\Users\Joseph\AppData\Local\Diagnostics O43 - CFD: 27/08/2014 - 14:46:07 - [] ----D- C:\Users\Joseph\AppData\Local\Downloaded Installations O43 - CFD: 27/08/2014 - 12:54:12 - [?] -SH-D- C:\Users\Joseph\AppData\Local\EmieSiteList O43 - CFD: 27/08/2014 - 12:54:12 - [?] -SH-D- C:\Users\Joseph\AppData\Local\EmieUserList O43 - CFD: 26/08/2014 - 17:06:18 - [] ----D- C:\Users\Joseph\AppData\Local\ESET O43 - CFD: 27/08/2014 - 09:23:52 - [] ----D- C:\Users\Joseph\AppData\Local\FastStone =>.© O43 - CFD: 26/08/2014 - 20:32:26 - [] ----D- C:\Users\Joseph\AppData\Local\GmailNotifierPro =>.© O43 - CFD: 18/09/2014 - 12:47:01 - [] ----D- C:\Users\Joseph\AppData\Local\Google O43 - CFD: 26/08/2014 - 15:31:36 - [?] -SH-D- C:\Users\Joseph\AppData\Local\Historique =>.© O43 - CFD: 26/08/2014 - 20:49:19 - [] ----D- C:\Users\Joseph\AppData\Local\Macromedia =>.© O43 - CFD: 26/08/2014 - 15:31:36 - [] ----D- C:\Users\Joseph\AppData\Local\Microsoft =>.© Microsoft O43 - CFD: 29/08/2014 - 18:36:59 - [] ----D- C:\Users\Joseph\AppData\Local\Microsoft Games =>.© Microsoft O43 - CFD: 26/08/2014 - 16:50:04 - [] ----D- C:\Users\Joseph\AppData\Local\Mozilla =>.© O43 - CFD: 27/08/2014 - 13:45:16 - [] ----D- C:\Users\Joseph\AppData\Local\Programs =>.© O43 - CFD: 27/08/2014 - 15:09:25 - [] ----D- C:\Users\Joseph\AppData\Local\RadioSure O43 - CFD: 10/09/2014 - 20:25:44 - [0] ----D- C:\Users\Joseph\AppData\Local\Snap Express O43 - CFD: 26/08/2014 - 15:31:36 - [] ----D- C:\Users\Joseph\AppData\Local\Temp O43 - CFD: 26/08/2014 - 15:31:36 - [?] -SH-D- C:\Users\Joseph\AppData\Local\Temporary Internet Files =>.© O43 - CFD: 15/09/2014 - 18:38:15 - [] ----D- C:\Users\Joseph\AppData\Local\Thunderbird O43 - CFD: 26/08/2014 - 15:31:51 - [] ----D- C:\Users\Joseph\AppData\Local\VirtualStore =>.© O43 - CFD: 30/08/2014 - 09:36:11 - [] ----D- C:\Users\Joseph\AppData\Roaming\2BrightSparks =>.© O43 - CFD: 26/08/2014 - 20:49:19 - [] ----D- C:\Users\Joseph\AppData\Roaming\Adobe =>.© O43 - CFD: 27/08/2014 - 14:54:31 - [] ----D- C:\Users\Joseph\AppData\Roaming\AIMP3 =>.© O43 - CFD: 06/09/2014 - 14:12:49 - [] ----D- C:\Users\Joseph\AppData\Roaming\Audacity =>.© O43 - CFD: 28/08/2014 - 16:07:45 - [] ----D- C:\Users\Joseph\AppData\Roaming\Below O43 - CFD: 27/08/2014 - 14:13:48 - [] ----D- C:\Users\Joseph\AppData\Roaming\CrystalIdea Software O43 - CFD: 26/08/2014 - 17:06:18 - [] ----D- C:\Users\Joseph\AppData\Roaming\ESET O43 - CFD: 27/08/2014 - 09:23:52 - [] ----D- C:\Users\Joseph\AppData\Roaming\FastStone =>.© O43 - CFD: 27/08/2014 - 15:57:52 - [] ----D- C:\Users\Joseph\AppData\Roaming\Gmail Backup =>.© O43 - CFD: 26/08/2014 - 20:32:26 - [] ----D- C:\Users\Joseph\AppData\Roaming\GmailNotifierPro =>.© O43 - CFD: 26/08/2014 - 15:31:55 - [] ----D- C:\Users\Joseph\AppData\Roaming\Identities O43 - CFD: 01/09/2014 - 10:18:44 - [0] ---A-- C:\Users\Joseph\AppData\Roaming\IHUI O43 - CFD: 10/09/2014 - 20:25:59 - [] ----D- C:\Users\Joseph\AppData\Roaming\INB Concept O43 - CFD: 26/08/2014 - 15:33:37 - [] ----D- C:\Users\Joseph\AppData\Roaming\InstallShield =>.© O43 - CFD: 28/08/2014 - 09:03:02 - [] ----D- C:\Users\Joseph\AppData\Roaming\Intel Corporation =>.© O43 - CFD: 27/08/2014 - 18:01:30 - [] ----D- C:\Users\Joseph\AppData\Roaming\Lexmark Productivity Studio O43 - CFD: 29/08/2014 - 13:23:12 - [] ----D- C:\Users\Joseph\AppData\Roaming\LibreOffice =>.© O43 - CFD: 26/08/2014 - 20:49:19 - [] ----D- C:\Users\Joseph\AppData\Roaming\Macromedia =>.© O43 - CFD: 26/08/2014 - 15:31:36 - [] -S--D- C:\Users\Joseph\AppData\Roaming\Microsoft =>.© Microsoft O43 - CFD: 26/08/2014 - 16:50:04 - [] ----D- C:\Users\Joseph\AppData\Roaming\Mozilla =>.© O43 - CFD: 01/09/2014 - 10:22:59 - [] ----D- C:\Users\Joseph\AppData\Roaming\MyImgur O43 - CFD: 27/08/2014 - 17:26:31 - [] ----D- C:\Users\Joseph\AppData\Roaming\Notepad++ =>.© O43 - CFD: 09/09/2014 - 13:39:14 - [] ----D- C:\Users\Joseph\AppData\Roaming\PhotoFiltre 7 =>.© O43 - CFD: 09/09/2014 - 13:38:50 - [0] ----D- C:\Users\Joseph\AppData\Roaming\PhotoScape O43 - CFD: 27/08/2014 - 17:40:15 - [] ----D- C:\Users\Joseph\AppData\Roaming\Samsung =>.© O43 - CFD: 06/09/2014 - 12:04:13 - [] ----D- C:\Users\Joseph\AppData\Roaming\ShellFolderFix O43 - CFD: 27/08/2014 - 09:37:02 - [] ----D- C:\Users\Joseph\AppData\Roaming\TinyPic Uploader O43 - CFD: 01/09/2014 - 10:18:44 - [0] ---A-- C:\Users\Joseph\AppData\Roaming\TQIUYLTS O43 - CFD: 26/08/2014 - 17:23:02 - [] ----D- C:\Users\Joseph\AppData\Roaming\TreeCardGames O43 - CFD: 27/08/2014 - 20:51:11 - [] ----D- C:\Users\Joseph\AppData\Roaming\vlc =>.© O43 - CFD: 27/08/2014 - 20:50:10 - [] ----D- C:\Users\Joseph\AppData\Roaming\XnView =>.© O43 - CFD: 27/08/2014 - 18:39:10 - [] ----D- C:\Users\Joseph\AppData\Roaming\ZHP =>.© ~ 198 Folders found in 1 second(s) ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.79896A78039C9A63C56197843CFBAD0B] - 10/09/2014 - 09:41:04 ---A-- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [1987584] =>.© Microsoft O44 - LFC:[MD5.84E96F4AF8A7748A3DE7C3EBBC6768E5] - 10/09/2014 - 09:47:48 ---A-- . (.Microsoft Corporation - DirectX Media -- Image DirectX Transforms.) -- C:\Windows\System32\dxtmsft.dll [365056] =>.© Microsoft O44 - LFC:[MD5.010DFAF3EF93994B805BAA1493D47973] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - DirectX Media -- DirectX Transform Core.) -- C:\Windows\System32\dxtrans.dll [243200] =>.© Microsoft O44 - LFC:[MD5.1D8C086A39B9794D7131384586811B25] - 10/09/2014 - 09:47:46 ---A-- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [678400] =>.© Microsoft O44 - LFC:[MD5.8D4FCAB2643DFEF68040B70F1EDCCBC5] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [327872] =>.© Microsoft O44 - LFC:[MD5.5074835337862817DB3726558D0908DE] - 10/09/2014 - 09:47:46 ---A-- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [51200] =>.© Microsoft O44 - LFC:[MD5.A3560FAFC1686D5EE9830B33B5C74B66] - 10/09/2014 - 09:47:41 ---A-- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [11769856] =>.© Microsoft O44 - LFC:[MD5.AA595171932ACC79DA9851067DCBDABF] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [32768] =>.© Microsoft O44 - LFC:[MD5.FD96C05DE700F5FD26273D6DDB6495A7] - 10/09/2014 - 09:47:44 ---A-- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2185728] =>.© Microsoft O44 - LFC:[MD5.7C3D593AB1E2F5E5687D97772EF99AC7] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [61952] =>.© Microsoft O44 - LFC:[MD5.297EF1AB73B8FCE76BCA1365C2E49AFC] - 10/09/2014 - 09:47:49 ---A-- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [440320] =>.© Microsoft O44 - LFC:[MD5.42F6F28D4885505F687CAF0459FF9F90] - 10/09/2014 - 09:47:48 ---A-- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [112128] =>.© Microsoft O44 - LFC:[MD5.6A3A809CA7A8F40C89E6F1D301898A66] - 10/09/2014 - 09:47:43 ---A-- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2014208] =>.© Microsoft O44 - LFC:[MD5.77F79126444896B5867E6761490735B8] - 10/09/2014 - 09:47:46 ---A-- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416] =>.© Microsoft O44 - LFC:[MD5.77B7DDF91F3ED2CDB6CF60224EE13433] - 10/09/2014 - 09:47:43 ---A-- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [4232704] =>.© Microsoft O44 - LFC:[MD5.2E2E40E5D92EEA979548E307C5781038] - 10/09/2014 - 09:47:46 ---A-- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [597504] =>.© Microsoft O44 - LFC:[MD5.D603AC77E17E5B9583E382F2EE0381A7] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [43008] =>.© Microsoft O44 - LFC:[MD5.2BD0519015E899A2FF52210CC5875F88] - 03/09/2014 - 14:32:28 ---A-- . (.Microsoft Corporation - Bashkir Keyboard Layout.) -- C:\Windows\System32\KBDBASH.DLL [6656] =>.© Microsoft O44 - LFC:[MD5.45B308F20FEF040BD7321E85F69DF5E2] - 03/09/2014 - 14:32:28 ---A-- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\Windows\System32\KBDRU.DLL [6656] =>.© Microsoft O44 - LFC:[MD5.730B7C639957EA0BF37C1459831A1E19] - 03/09/2014 - 14:32:28 ---A-- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\Windows\System32\KBDRU1.DLL [6656] =>.© Microsoft O44 - LFC:[MD5.72222991598E173BBE1429426926C020] - 03/09/2014 - 14:32:28 ---A-- . (.Microsoft Corporation - Tatar (Legacy) Keyboard Layout.) -- C:\Windows\System32\KBDTAT.DLL [7168] =>.© Microsoft O44 - LFC:[MD5.C7673B3F8BB35221B42D67BF7ADAFDFD] - 03/09/2014 - 14:32:28 ---A-- . (.Microsoft Corporation - Sakha - Russia Keyboard Layout.) -- C:\Windows\System32\KBDYAK.DLL [7168] =>.© Microsoft O44 - LFC:[MD5.1B85FA0D0A93C011B76678733F39DB6C] - 10/09/2014 - 09:41:00 ---A-- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [550912] =>.© Microsoft O44 - LFC:[MD5.06FC8A93A4FA1F42A3D1D06694F2B339] - ---A-- . (...) -- C:\Windows\System32\locale.nls [419992] O44 - LFC:[MD5.074646C5A979DE79133DE4A8530A9C5D] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136] =>.© Microsoft O44 - LFC:[MD5.7BF1CE9240CB9DD27C3E30733176EB8E] - 10/09/2014 - 09:47:42 ---A-- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [17455104] =>.© Microsoft O44 - LFC:[MD5.E3D7B3F64C30994409BDF8E48048A854] - 10/09/2014 - 09:47:48 ---A-- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864] =>.© Microsoft O44 - LFC:[MD5.6DD476318F524D2DCB73AFEB2EE27B4A] - 10/09/2014 - 09:47:48 ---A-- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [61952] =>.© Microsoft O44 - LFC:[MD5.13C2C87C35E52AAB1B439FB2E26DF2DE] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [69632] =>.© Microsoft O44 - LFC:[MD5.88EBB8526981D03C5777AB0A4AEBA8B4] - 10/09/2014 - 09:47:45 ---A-- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1068032] =>.© Microsoft O44 - LFC:[MD5.2413D2216D08FAF7D7178D9E0B481AEB] - 10/09/2014 - 09:43:50 ---A-- . (.Microsoft Corporation - Microsoft DTV-DVD Video Decoder.) -- C:\Windows\System32\msmpeg2vdec.dll [2285056] =>.© Microsoft O44 - LFC:[MD5.CC8F34B345DA638D77BB48C035DA628D] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [164864] =>.© Microsoft O44 - LFC:[MD5.B094390B6B2D0456821384771020870B] - 10/09/2014 - 09:41:00 ---A-- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [22016] =>.© Microsoft O44 - LFC:[MD5.10826DA2FC073702AEAB93AF3D73B066] - 10/09/2014 - 09:41:00 ---A-- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [96768] =>.© Microsoft O44 - LFC:[MD5.A8DDB7ACB122FC36FF0D7C9B3099A380] - 10/09/2014 - 09:41:02 ---A-- . (.Microsoft Corporation - Composant Connexion RemoteApp et Bureau à d.) -- C:\Windows\System32\TSWorkspace.dll [793600] =>.© Microsoft O44 - LFC:[MD5.41010A88B70A2168F801DC19EBD4CB4F] - 10/09/2014 - 09:47:43 ---A-- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1190400] =>.© Microsoft O44 - LFC:[MD5.4F2EDC301EC63F803C0FDB6CC87EDA24] - 10/09/2014 - 09:47:47 ---A-- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [454656] =>.© Microsoft O44 - LFC:[MD5.D58988722C72D265B51A54103DFC2C6F] - 10/09/2014 - 09:47:43 ---A-- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1812992] =>.© Microsoft O44 - LFC:[MD5.5BC0F9317B2D9309A60519BF5DD74093] - ---A-- . (...) -- C:\Windows\cadkasdeinst01e.exe [82072] O44 - LFC:[MD5.00000000000000000000000000000000] - ----D- . (...) -- C:\Windows\ERUNT [0] O44 - LFC:[MD5.00000000000000000000000000000000] - ----D- . (...) -- C:\Windows\Microsoft [0] O44 - LFC:[MD5.57EFDE9777B7A10E15722E811DB56F44] - ---A-- . (...) -- C:\Windows\PFRO.log [1420] O44 - LFC:[MD5.00000000000000000000000000000000] - ----D- . (...) -- C:\Windows\Prefetch [0] O44 - LFC:[MD5.12EBDD712ECDF51877AA010450CB1100] - ---A-- . (...) -- C:\Windows\setupact.log [1064] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - ---A-- . (...) -- C:\Windows\setuperr.log [0] ~ 45 Last Acceded System File scanned in 0 second(s) ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll =>.© Microsoft O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configurat.) -- C:\Windows\System32\scecli.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll =>.© Microsoft O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll =>.© Microsoft ~ 8 Local Security Authority found in 0 second(s) ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\drivers\sermouse.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vga.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\drivers\vgasave.sys (.not file.) =>.© O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\drivers\volmgr.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) -- C:\Windows\System32\drivers\volmgrx.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\ipnat.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\drivers\nsiproxy.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\drivers\rdpencdd.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\drivers\sermouse.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vga.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\drivers\vgasave.sys (.not file.) =>.© O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\drivers\volmgr.sys =>.© Microsoft O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) -- C:\Windows\System32\drivers\volmgrx.sys =>.© Microsoft ~ 13 Safe Boot Control scanned in 0 second(s) ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO: Image File Execution Options - taskmgr.exe . (...) -- "D:\SéCURITé\PROCESS EXPLORER\PROCEXP.EXE" ~ 1 Image File Execution Options scanned in 0 second(s) ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll =>.© Microsoft ~ 1 Control Security Providers scanned in 0 second(s) ---\\ Liste des pilotes démarrés par le système (SDL) (O58) O58 - SDL:[MD5.FA886682CFC5D36718D3E436AACF10B9] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\system32\drivers\afd.sys [497152] =>.© Microsoft O58 - SDL:[MD5.46014EDFDC8AF8733E14947448D122C5] - (ammntdrv) . (...) -- C:\Windows\system32\ammntdrv.sys [151480] O58 - SDL:[MD5.7CD08E63219E00BB206077F5BA708677] - (amwrtdrv) . (...) -- C:\Windows\system32\amwrtdrv.sys [17848] O58 - SDL:[MD5.61583EE3C3A17003C4ACD0475646B4D3] - 18/09/2014-15:48:35 . (.Microsoft Corporation - BLB Drive Driver.) -- C:\Windows\system32\DRIVERS\blbdrive.sys [45056] =>.© Microsoft O58 - SDL:[MD5.F036CE71586E93D94DAB220D7BDF4416] - 18/09/2014-15:48:35 . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\system32\DRIVERS\cdrom.sys [147456] =>.© Microsoft O58 - SDL:[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 18/09/2014-15:48:35 . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\system32\Drivers\dfsc.sys [102400] =>.© Microsoft O58 - SDL:[MD5.13096B05847EC78F0977F2C0F79E9AB3] - 18/09/2014-15:48:35 . (.Microsoft Corporation - System Indexer/Cache Driver.) -- C:\Windows\system32\drivers\discache.sys [40448] =>.© Microsoft O58 - SDL:[MD5.FE96AA1A36E76588C80DF1040286DDE1] - 18/09/2014-15:48:35 . (.ESET - Amon monitor.) -- C:\Windows\system32\DRIVERS\eamonm.sys [239320] O58 - SDL:[MD5.807BA90D47F8885C09E1D6AFBB706E18] - 18/09/2014-15:48:35 . (.ESET - ESET Helper driver.) -- C:\Windows\system32\DRIVERS\ehdrv.sys [168256] O58 - SDL:[MD5.00A81DC02BA17FB4BFCFA026DC47458F] - 18/09/2014-15:48:35 . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\DRIVERS\epfw.sys [220232] O58 - SDL:[MD5.3B085449438B2BCFD09CC84A0B90D1DB] - 18/09/2014-15:48:35 . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120] O58 - SDL:[MD5.1538831CF8AD2979A04C423779465827] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows\system32\DRIVERS\lltdio.sys [60928] =>.© Microsoft O58 - SDL:[MD5.43D0F98E1D56CCDDB0D5254CFF7B356E] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) -- C:\Windows\system32\drivers\luafv.sys [113152] =>.© Microsoft O58 - SDL:[MD5.0EED230E37515A0EAEE3C2E1BC97B288] - 18/09/2014-15:48:35 . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\system32\drivers\mssmbios.sys [32320] =>.© Microsoft O58 - SDL:[MD5.86743D9F5D2B1048062B14B1D84501C4] - 18/09/2014-15:48:35 . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\system32\DRIVERS\netbios.sys [44544] =>.© Microsoft O58 - SDL:[MD5.09594D1089C523423B32A4229263F068] - 18/09/2014-15:48:35 . (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\system32\DRIVERS\netbt.sys [261632] =>.© Microsoft O58 - SDL:[MD5.10E4F746361C8A8511D9935E79F7E70A] - 18/09/2014-15:48:35 . (.Windows (R) Win 7 DDK provider - WFP driver platform.) -- C:\Windows\system32\drivers\netmon_wfp.sys [49880] O58 - SDL:[MD5.E7F5AE18AF4168178A642A9247C63001] - 18/09/2014-15:48:35 . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\drivers\nsiproxy.sys [24576] =>.© Microsoft O58 - SDL:[MD5.68769C3356B3BE5D1C732C97B9A80D6E] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Protected Environment Authentication and Au.) -- C:\Windows\system32\drivers\peauth.sys [651264] =>.© Microsoft O58 - SDL:[MD5.0557CF5A2556BD58E26384169D72438D] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\Windows\system32\DRIVERS\pacer.sys [131584] =>.© Microsoft O58 - SDL:[MD5.77F665941019A1594D887A74F301FA2F] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) -- C:\Windows\system32\DRIVERS\rdbss.sys [309248] =>.© Microsoft O58 - SDL:[MD5.CEA6CC257FC9B7715F1C2B4849286D24] - 18/09/2014-15:48:35 . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\DRIVERS\RDPCDD.sys [7680] =>.© Microsoft O58 - SDL:[MD5.BB5971A4F00659529A5C44831AF22365] - 18/09/2014-15:48:35 . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\drivers\rdpencdd.sys [7680] =>.© Microsoft O58 - SDL:[MD5.216F3FA57533D98E1F74DED70113177A] - 18/09/2014-15:48:35 . (.Microsoft Corporation - RDP Reflector Driver Miniport.) -- C:\Windows\system32\drivers\rdprefmp.sys [8192] =>.© Microsoft O58 - SDL:[MD5.DDC86E4F8E7456261E637E3552E804FF] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) -- C:\Windows\system32\DRIVERS\rspndr.sys [76800] =>.© Microsoft O58 - SDL:[MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - 18/09/2014-15:48:35 . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\DRIVERS\serial.sys [94208] O58 - SDL:[MD5.1B16D0BD9841794A6E0CDE0CEF744ABC] - 18/09/2014-15:48:35 . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\system32\drivers\tcpipreg.sys [45568] =>.© Microsoft O58 - SDL:[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 18/09/2014-15:48:35 . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\system32\DRIVERS\tdx.sys [119296] =>.© Microsoft O58 - SDL:[MD5.561E7E1F06895D78DE991E01DD0FB6E5] - 18/09/2014-15:48:35 . (.Microsoft Corporation - Remote Desktop Server Driver.) -- C:\Windows\system32\drivers\termdd.sys [63360] =>.© Microsoft O58 - SDL:[MD5.121D10ADF79144F2A0130A4A4ABFDC86] - (UimBus) . (...) -- C:\Windows\system32\DRIVERS\UimBus.sys [102664] O58 - SDL:[MD5.9C05A6BE2E0D7A9412D5728C5AEA2C91] - (Uim_DEVIM) . (...) -- C:\Windows\system32\DRIVERS\uim_devim.sys [25992] O58 - SDL:[MD5.48F252C0022B14164199D071E5F9C860] - (Uim_IM) . (...) -- C:\Windows\system32\DRIVERS\uim_im.sys [700296] O58 - SDL:[MD5.53E92A310193CB3C03BEA963DE7D9CFC] - 18/09/2014-15:48:35 . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\drivers\vga.sys [29184] =>.© Microsoft O58 - SDL:[MD5.356AFD78A6ED4457169241AC3965230C] - 18/09/2014-15:48:35 . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windows\system32\DRIVERS\wanarp.sys [88576] =>.© Microsoft O58 - SDL:[MD5.611B23304BF067451A9FDEE01FBDD725] - 18/09/2014-15:48:35 . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) -- C:\Windows\system32\DRIVERS\wfplwf.sys [12800] =>.© Microsoft ~ 35 System Drivers scanned in 0 second(s) ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\ammntdrv.sys (ammntdrv) .(...) - LEGACY_AMMNTDRV O64 - Services: CurCS - C:\Windows\system32\ampa.sys (ampa) .(...) - LEGACY_AMPA O64 - Services: CurCS - C:\Windows\system32\amwrtdrv.sys (amwrtdrv) .(...) - LEGACY_AMWRTDRV O64 - Services: CurCS - Beep (Beep) .(.Microsoft Corporation - Beep Driver.) -- LEGACY_BEEP =>.© Microsoft Corporation O64 - Services: CurCS - C:\Windows\system32\DRIVERS\eamonm.sys (eamonm) .(.ESET - Amon monitor.) -- LEGACY_EAMONM O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) -- LEGACY_EHDRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\epfw.sys (epfw) .(.ESET - ESET Personal Firewall driver.) -- LEGACY_EPFW O64 - Services: CurCS - C:\Windows\system32\DRIVERS\EpfwLWF.sys (EpfwLWF) .(.ESET - Epfw NDIS LightWeight Filter.) -- LEGACY_EPFWLWF O64 - Services: CurCS - C:\Windows\system32\DRIVERS\epfwwfp.sys (epfwwfp) .(.ESET - ESET Personal Firewall driver.) -- LEGACY_EPFWWFP O64 - Services: CurCS - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\drivers\netmon_wfp.sys (netmon_wfp) .(.Windows (R) Win 7 DDK provider - WFP driver platform.) -- LEGACY_NETMON_WFP O64 - Services: CurCS - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR O64 - Services: CurCS - C:\Program Files\Unlocker\UnlockerDriver5.sys (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5 ~ 14 Legacy Keys found in 0 second(s) ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\System32\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ~ 10 File Association Shell Spawning scanned in 1 second(s) ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.© Mozilla O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.© Microsoft O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ~ 8 Start Menu Internet found in 0 second(s) ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: prefs.js [Joseph - hu0ffyx7.default-1409816901358] user_pref("weboftrust.search.ask.display","ask.comwebsearch"); O69 - SBI: prefs.js [Joseph - hu0ffyx7.default-1409816901358] user_pref("weboftrust.search.ask.display","ask.comwebsearch"); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ 3 Search Browser Infection scanned in 0 second(s) ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/09/2014-15:48:32 64704 || Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 18/09/2014-15:48:34 267440 || Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 18/09/2014-15:48:32 29912 || AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd..) - C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe SS - | Demand 18/09/2014-10:51:23 279024 || Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Demand 01/01/1601-02:07:10 0 || @%SystemRoot%\system32\efssvc.dll,-100 (EFS) . (...) - C:\Windows\System32\lsass.exe (.not file.) SR - | Auto 18/09/2014-15:48:32 1343408 || ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe SS - | Disabled 01/01/1601-02:07:10 0 || Télécopie (Fax) . (...) - C:\Windows\system32\fxssvc.exe (.not file.) SR - | Auto 18/09/2014-15:48:33 16232 || Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SS - | Demand 18/09/2014-06:45:22 169752 || Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe SS - | Auto 18/09/2014-15:48:33 29184 || lxdxCATSCustConnectService (lxdxCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\x64\3\lxdxserv.exe SR - | Auto 18/09/2014-15:48:33 594600 || lxdx_device (lxdx_device) . (. .) - C:\Windows\system32\lxdxcoms.exe SS - | Demand 18/09/2014-06:44:40 114288 || Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 01/01/1601-02:07:10 0 || @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) . (...) - C:\Windows\system32\Wat\WatAdminSvc.exe (.not file.) ~ 13 Services scanned in 0 second(s) ---\\ Scan Additionnel (O88 ) Database Version : 13036 (30/03/2014) Clés trouvées (Keys found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 ~ Additionnal Scan: 113977 Items scanned in 3 seconds ---\\ Script de nettoyage avec ZHPFix Script ZHPFix FirewallRaz EmptyPrefetch EmptyTemp EmptyFlash [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified IFEOFix ~ ATTENTION, ce script est donné à titre indicatif, il doit étre validé par un expert diplômé en désinfection. ~ 8 ZHPFix Script Files found in 0 second(s) ~ End of the scan (0/944 lines) in 9 seconds)