~ Rapport de ZHPDiag v2015.5.31.53 - Nicolas Coolman  (31/05/15)
~ Lancé par Jean-Claude (02/06/15 17:03:52)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox 35.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)

---\\ Logiciels de protection du système
AVG 2015 v15.0.5961

---\\ Logiciels d'optimisation du système
CCleaner v4.14

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader 7.0 - Français
Java 7 Update 80

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2039 MB (83% free)
System Restore: Activé (Enable)
System drive C: has 32 GB (80%) free of 39 GB

---\\ Mode de connexion au système
~ Computer Name: JEAN-4C82FF09E8
~ User Name: Jean-Claude
~ All Users Names: SUPPORT_388945a0, Jean-Claude, HelpAssistant, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Jean-Claude\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Jean-Claude\Application Data\
~ %Desktop% : C:\Documents and Settings\Jean-Claude\Bureau\
~ %Favorites% : C:\Documents and Settings\Jean-Claude\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Jean-Claude\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 32 Go of 39 Go)
D: Hard drive, Flash drive, Thumb drive (Free 7 Go of 39 Go)
E: Hard drive, Flash drive, Thumb drive (Free 9 Go of 35 Go)
F: Hard drive, Flash drive, Thumb drive (Free 6 Go of 36 Go)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.2A7BD330924252A2FD80344FC949BB72] - (.Microsoft Corporation - Explorateur Windows.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.4E958B97EFC3D801F49283D1820F48B7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\wininet.dll [660480]
[MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/08/04 - 21:59:44.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.3FCC124B6E08EE0E9351F717DD136939] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.07/01/05 - 16:07:18.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [138752]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.19/08/04 - 14:56:40.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451456]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/08/04 - 23:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.19/08/04 - 10:54:52.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.02/03/06 - 07:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 27/1080
~ Mon Bureau (My Desktop) : 0/64
~ Menu demarrer (Programs) : 1/27
~ Hidden Files:  Scanned in 00mn 01s



---\\ Processus lancés
[MD5.FE8BF780BED8D892F67AA70550F51D2C] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe   [311792] [PID.2016]
[MD5.6DF66EBD30E8F693A99C903CD4C645F4] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe   [182696] [PID.136]
[MD5.B3C9D712962DB83C280D0C4AAC8963A8] - (.Sunbelt Software, Inc. - Sunbelt Firewall Service.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe   [1365288] [PID.464]
[MD5.44FCD222D8A4BCFF2C944C081AEAD78C] - (.Microsoft Corporation - Microsoft IntelliPoint.) -- C:\Program Files\Microsoft Hardware\Mouse\point32.exe   [176128] [PID.1584]
[MD5.A1D2D4B24D82CBB5F089D8697DF6E07D] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2015\avgui.exe   [3745744] [PID.1628]
[MD5.3CAADDDA144B326B0111C07E0FEE56F3] - (.Sunbelt Software, Inc. - Sunbelt Firewall GUI.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe   [1705256] [PID.2780]
[MD5.53E4F2D6BAF86F3422C4FBBA36BDD12C] - (.Microsoft Corporation - Rappel d'activation de Windows.) -- C:\WINDOWS\system32\wpabaln.exe   [32256] [PID.3172]
[MD5.F3198BA5BA8CC86D3F2DEA8C2ACA7385] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8212992] [PID.3476]
~ Processes Running:  Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Jean-Claude - sl3hwoul.default] www.google.ca
M2 - MFEP: prefs.js [Jean-Claude - sl3hwoul.default\donottrackplus@abine.com] [] Blur (Formerly DoNotTrackMe) v4.5.1334 (..)
M2 - MFEP: Extension [Jean-Claude - sl3hwoul.default] donottrackplus@abine.com
M2 - MFEP: Extension [Jean-Claude - sl3hwoul.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi  =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.80.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.80.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.80.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
~ Firefox Browser: 15 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Oracle Corporation - Next Generation Java Plug-in 10.80.2 for Mozilla browsers.) (No version) -- (.not file.)
~ IE Browser: 7 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 6 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [POINTER] point32.exe 
O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2015\avgui.exe 
O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe 
O4 - HKCU\..\Run: [TClockEx] . (.Dale Nurden - TClockEx loader.) -- C:\Program Files\TClockEx\TCLOCKEX.exe 
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-21-2025429265-790525478-1801674531-1004\..\Run: [TClockEx] . (.Dale Nurden - TClockEx loader.) -- C:\Program Files\TClockEx\TCLOCKEX.exe 
~ Application:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) . (.Sunbelt Software, Inc. - Sunbelt Firewall Service.) - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
~ Services: 4 Scanned in 00mn 16s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart) (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
~ BEX: 2 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe  =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe  =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf  =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe  =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0  r79.) -- C:\WINDOWS\system32\macromed\flash\flash.ocx
O40 - ASIC: Installed Component - S-1-5-21-2025429265-790525478-1801674531-1004 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 18 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver:  (Avgdiskx) . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
O41 - Driver:  (AVGIDSDriverl) . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys
O41 - Driver:  (AVGIDSShim) . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Loader.) - C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
O41 - Driver:  (Avgldx86) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\WINDOWS\system32\DRIVERS\avgldx86.sys
O41 - Driver:  (Avgtdix) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\WINDOWS\system32\DRIVERS\avgtdix.sys
O41 - Driver:  (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver:  (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver:  (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\drivers\InCDPass.sys
O41 - Driver:  (incdrm) . (.Nero AG - Nero MRW Filter Driver.) - C:\WINDOWS\system32\drivers\InCDRm.sys
O41 - Driver:  (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver:  (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver:  (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver:  (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver:  (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver:  (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver:  (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver:  (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver:  (SbFw) . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) - C:\WINDOWS\system32\drivers\SbFw.sys
O41 - Driver:  (sbhips) . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall Host Intrusion Pr.) - C:\WINDOWS\system32\drivers\sbhips.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver:  (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 87 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM] -- AVG
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM] -- {0780EB87-F021-4721-ABFA-DE1396D0131D}
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM] -- {3BCF99C2-B4B7-473B-A49A-D03D810AF8B8}
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader 7.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A70000000000}
O42 - Logiciel: Attansic Giga Ethernet Utility - (...) [HKLM] -- {1F698102-5739-441E-96F0-74F4EA540F06}
O42 - Logiciel: Attansic L1 Gigabit Ethernet Driver - (...) [HKLM] -- AtcL1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Directory Lister v0.9 - (.KRKSoft.) [HKLM] -- Directory Lister_is1
O42 - Logiciel: FastStone Capture 5.3 (French) - (.FastStone Soft.) [HKLM] -- FastStone Capture
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: Java 7 Update 80 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217080FF}
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {8DA83EA6-E731-4722-958D-613399AE1033}
O42 - Logiciel: Quick Cribbage 3.3 (remove only) - (...) [HKLM] -- Quick Cribbage 3.3
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.80 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Sunbelt Personal Firewall - (.Sunbelt Software.) [HKLM] -- {82B1150E-9B37-49FC-83EB-D52197D900D0}
O42 - Logiciel: TClockEx - (...) [HKLM] -- TClockEx_is1
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player  =>.VideoLAN
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Windows Media Format Runtime - (...) [HKLM] -- Windows Media Format Runtime
~ Logic: 37 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ASUS]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Avg]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Sunbelt Software]
[HKCU\Software\TClockEx]
[HKCU\Software\VSRevoGroup]
[HKLM\Software\ASUS]
[HKLM\Software\Adobe]
[HKLM\Software\Attansic]
[HKLM\Software\Audible]
[HKLM\Software\Avg]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sunbelt Software]
[HKLM\Software\TClockEx]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\ahead]
[HKLM\Software\mozilla.org]
~ Key Software: 113 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/05/15 - 20:10:57 - [] ----D C:\Program Files\7-Zip
O43 - CFD: 24/05/15 - 21:32:26 - [] ----D C:\Program Files\Adobe
O43 - CFD: 24/05/15 - 17:56:30 - [] ----D C:\Program Files\Attansic
O43 - CFD: 25/05/15 - 17:51:56 - [] ----D C:\Program Files\AVG
O43 - CFD: 25/05/15 - 19:42:34 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 24/05/15 - 17:06:30 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 24/05/15 - 22:10:03 - [] ----D C:\Program Files\Directory Lister
O43 - CFD: 24/05/15 - 21:55:16 - [] ----D C:\Program Files\FastStone Capture
O43 - CFD: 02/06/15 - 16:24:31 - [] ----D C:\Program Files\Fichiers communs
O43 - CFD: 24/05/15 - 17:56:29 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/05/15 - 17:49:02 - [] ----D C:\Program Files\Intel
O43 - CFD: 24/05/15 - 18:54:46 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 02/06/15 - 16:21:02 - [] ----D C:\Program Files\Java
O43 - CFD: 24/05/15 - 17:06:00 - [] ----D C:\Program Files\Messenger
O43 - CFD: 24/05/15 - 17:09:24 - [] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 24/05/15 - 19:25:31 - [] ----D C:\Program Files\Microsoft Hardware
O43 - CFD: 24/05/15 - 21:20:03 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 24/05/15 - 17:07:07 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 26/05/15 - 14:17:29 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 26/05/15 - 14:42:36 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 24/05/15 - 21:19:54 - [] ----D C:\Program Files\MSECache
O43 - CFD: 24/05/15 - 17:05:12 - [] ----D C:\Program Files\MSN
O43 - CFD: 24/05/15 - 17:05:55 - [] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 24/05/15 - 20:37:42 - [] ----D C:\Program Files\Nero
O43 - CFD: 24/05/15 - 17:07:23 - [] ----D C:\Program Files\NetMeeting
O43 - CFD: 24/05/15 - 17:06:04 - [] ----D C:\Program Files\Online Services
O43 - CFD: 24/05/15 - 17:07:19 - [] ----D C:\Program Files\Outlook Express  =>.Microsoft Corporation
O43 - CFD: 24/05/15 - 22:36:16 - [] ----D C:\Program Files\Quick Cribbage 3.3
O43 - CFD: 24/05/15 - 17:53:28 - [] ----D C:\Program Files\Realtek
O43 - CFD: 24/05/15 - 17:08:09 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 25/05/15 - 19:20:01 - [] ----D C:\Program Files\Sunbelt Software
O43 - CFD: 24/05/15 - 22:47:29 - [] ----D C:\Program Files\TClockEx
O43 - CFD: 24/05/15 - 17:15:11 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 24/05/15 - 20:37:02 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 24/05/15 - 22:24:12 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 24/05/15 - 20:37:33 - [] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 24/05/15 - 17:05:46 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 24/05/15 - 17:08:11 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 24/05/15 - 17:09:24 - [] ----D C:\Program Files\xerox
O43 - CFD: 02/06/15 - 16:45:51 - [] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 24/05/15 - 21:35:12 - [] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 24/05/15 - 20:39:58 - [] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 24/05/15 - 17:53:19 - [] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 24/05/15 - 21:20:02 - [] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 24/05/15 - 17:07:18 - [] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 24/05/15 - 11:49:52 - [] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 24/05/15 - 17:07:22 - [] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 24/05/15 - 11:49:49 - [] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 24/05/15 - 17:06:48 - [] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 24/05/15 - 21:35:10 - [] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 25/05/15 - 17:54:19 - [] ----D C:\Documents and Settings\All Users\Application Data\AVG2015
O43 - CFD: 25/05/15 - 17:49:25 - [] --H-D C:\Documents and Settings\All Users\Application Data\Common Files
O43 - CFD: 02/06/15 - 14:39:01 - [] ----D C:\Documents and Settings\All Users\Application Data\MFAData
O43 - CFD: 24/05/15 - 17:09:07 - [] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 25/05/15 - 20:02:21 - [] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 24/05/15 - 20:37:42 - [] ----D C:\Documents and Settings\All Users\Application Data\Nero
O43 - CFD: 24/05/15 - 20:10:57 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip
O43 - CFD: 24/05/15 - 17:06:04 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 24/05/15 - 17:56:30 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Attansic
O43 - CFD: 25/05/15 - 17:53:53 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVG
O43 - CFD: 25/05/15 - 19:42:34 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 24/05/15 - 22:10:03 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Directory Lister
O43 - CFD: 31/05/15 - 14:51:22 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 24/05/15 - 21:55:16 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\FastStone Capture
O43 - CFD: 02/06/15 - 16:21:17 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
O43 - CFD: 24/05/15 - 17:06:04 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 24/05/15 - 20:39:56 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 7 Essentials
O43 - CFD: 24/05/15 - 17:09:12 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 25/05/15 - 19:20:03 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Sunbelt Software
O43 - CFD: 24/05/15 - 22:47:29 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TClockEx
O43 - CFD: 24/05/15 - 20:37:20 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 02/06/15 - 16:45:51 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP  =>.Nicolas Coolman
O43 - CFD: 26/05/15 - 17:18:39 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\Adobe
O43 - CFD: 24/05/15 - 21:40:13 - [0] ----D C:\Documents and Settings\Jean-Claude\Application Data\AdobeUM
O43 - CFD: 24/05/15 - 20:50:14 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\Ahead
O43 - CFD: 25/05/15 - 17:54:31 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\AVG2015
O43 - CFD: 24/05/15 - 21:56:27 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\FastStone
O43 - CFD: 24/05/15 - 17:15:13 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\Identities
O43 - CFD: 26/05/15 - 01:32:37 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\Macromedia
O43 - CFD: 24/05/15 - 19:28:35 - [] -S--D C:\Documents and Settings\Jean-Claude\Application Data\Microsoft
O43 - CFD: 25/05/15 - 20:05:37 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\Mozilla
O43 - CFD: 25/05/15 - 21:56:58 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\Sun
O43 - CFD: 25/05/15 - 17:53:53 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\TuneUp Software
O43 - CFD: 24/05/15 - 21:02:04 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\vlc
O43 - CFD: 02/06/15 - 17:03:56 - [] ----D C:\Documents and Settings\Jean-Claude\Application Data\ZHP  =>.Nicolas Coolman
O43 - CFD: 24/05/15 - 21:39:36 - [] ----D C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\Adobe
O43 - CFD: 24/05/15 - 20:39:57 - [] ----D C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\Ahead
O43 - CFD: 25/05/15 - 17:54:29 - [] ----D C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\Avg2015
O43 - CFD: 25/05/15 - 17:49:25 - [] ----D C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\MFAData
O43 - CFD: 24/05/15 - 19:28:36 - [] ----D C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\Microsoft
O43 - CFD: 25/05/15 - 20:05:30 - [] ----D C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\Mozilla
O43 - CFD: 25/05/15 - 21:58:33 - [] ----D C:\Documents and Settings\Jean-Claude\Local Settings\Application Data\Sun
O43 - CFD: 24/05/15 - 17:15:14 - [] R---D C:\Documents and Settings\Jean-Claude\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 24/05/15 - 11:49:23 - [] R---D C:\Documents and Settings\Jean-Claude\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 24/05/15 - 22:36:16 - [] ----D C:\Documents and Settings\Jean-Claude\Menu Démarrer\Programmes\Quick Cribbage 3.3
O43 - CFD: 24/05/15 - 22:24:13 - [] ----D C:\Documents and Settings\Jean-Claude\Menu Démarrer\Programmes\Revo Uninstaller
~ Program Folder: 96 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 01/06/15 - 14:00:50 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini   [69]
O44 - LFC:[MD5.55DDF4E6900A798011099AA7DAB0CF8B] - 01/06/15 - 14:17:15 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [216]
O44 - LFC:[MD5.D9728860F11B9CE9551D6769D717AEC1] - 01/06/15 - 14:17:15 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.7230A230B79F145703D63F7FAD541145] - 02/06/15 - 13:49:14 ---A- . (...) -- C:\WINDOWS\ModemLog_Dell Data Fax Modem.txt   [15182]
O44 - LFC:[MD5.899A5FFCD1DE269FB9AB0A25203D301E] - 02/06/15 - 13:57:08 ---A- . (...) -- C:\WINDOWS\setupapi.log   [474642]
O44 - LFC:[MD5.EDE6E499451101D92660117485878885] - 02/06/15 - 14:14:25 ---A- . (...) -- C:\DelFix.txt   [887]
O44 - LFC:[MD5.32D0358E3CD6FF7B25D1442F704879C3] - 02/06/15 - 15:10:34 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI   [991946]
O44 - LFC:[MD5.ADFB88A4F37EB8C71C828F2909CF643F] - 02/06/15 - 15:10:34 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat   [58732]
O44 - LFC:[MD5.EA7EDF50D6DE9280EB07E1C92B4F39E4] - 02/06/15 - 15:10:34 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat   [71452]
O44 - LFC:[MD5.6030C6C4325AFA28BAACDBA4EC19A183] - 02/06/15 - 15:10:34 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat   [392432]
O44 - LFC:[MD5.662F2FBAEA53B82C5535ACA0031AC2F2] - 02/06/15 - 15:10:34 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat   [458560]
O44 - LFC:[MD5.5A45D87728C47E12B64D3B25B5EEE94C] - 02/06/15 - 15:21:06 ---A- . (.Oracle Corporation - Java Control Panel.) -- C:\WINDOWS\system32\javacpl.cpl   [145408]
O44 - LFC:[MD5.88651044108E995F9801E35D2582491C] - 02/06/15 - 15:21:06 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\system32\java.exe   [176040]
O44 - LFC:[MD5.64E2BB67EA740860510DCC5C2B6FFA2D] - 02/06/15 - 15:21:06 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\system32\javaw.exe   [176040]
O44 - LFC:[MD5.2B4493BB1F94580C41DEF972EA9A887E] - 02/06/15 - 15:21:06 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\WINDOWS\system32\javaws.exe   [272808]
O44 - LFC:[MD5.B587EDF4DFCFD99C014AD589EF12C7EE] - 02/06/15 - 15:21:08 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\system32\WindowsAccessBridge.dll   [96680]
O44 - LFC:[MD5.1233553F70359B02A00111F489B9D329] - 02/06/15 - 15:48:27 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt   [26152]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 02/06/15 - 15:49:33 -S-A- . (...) -- C:\WINDOWS\bootstat.dat   [2048]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/06/15 - 15:49:41 ---A- . (...) -- C:\WINDOWS\0.log   [0]
O44 - LFC:[MD5.405C5465633B217A213E3829D4B15130] - 02/06/15 - 15:55:25 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log   [218243]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 10:48:41 ---A- . (...) -- C:\WINDOWS\setuperr.log   [0]
O44 - LFC:[MD5.8AEC89C7CC076ED378BAA4DAB7CB09E2] - 24/05/15 - 10:49:29 ---A- . (.Microsoft Corporation - Bloc-notes.) -- C:\WINDOWS\NOTEPAD.EXE   [70656]
O44 - LFC:[MD5.D8E9624BBE3E2E408611C86A1FB95745] - 24/05/15 - 10:49:29 ---A- . (.Microsoft Corporation - Pages de propriétés pour les périphériques.) -- C:\WINDOWS\system32\storprop.dll   [76800]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 24/05/15 - 10:49:30 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP   [3072]
O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 24/05/15 - 10:49:30 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT   [1896]
O44 - LFC:[MD5.838B4D32094DDD689044B3E4307F7E19] - 24/05/15 - 10:49:30 ---A- . (.Microsoft Corporation - Battery Class Installer.) -- C:\WINDOWS\system32\batt.dll   [8704]
O44 - LFC:[MD5.DA090A1AD995DB0716293E029E6198E5] - 24/05/15 - 10:49:30 ---A- . (.Microsoft Corporation - Gestionnaire des tâches.) -- C:\WINDOWS\TASKMAN.EXE   [15872]
O44 - LFC:[MD5.50708DAA1B1CBB7D6AC1CF8F56A24410] - 24/05/15 - 10:49:30 ---A- . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\WINDOWS\system32\Drivers\irenum.sys   [11264]
O44 - LFC:[MD5.1E9B88D340481EDA7A9BF53A949E1F42] - 24/05/15 - 10:49:33 ---A- . (.Digi International - DGSETUP DLL.) -- C:\WINDOWS\system32\dgsetup.dll   [86044]
O44 - LFC:[MD5.7AE4CDB4AD25A08B711ECC5BE12EF3D7] - 24/05/15 - 10:49:33 ---A- . (.Digi International, Inc. - Digi RealPort® Driver Upgrade.) -- C:\WINDOWS\system32\dgrpsetu.dll   [176157]
O44 - LFC:[MD5.F899213C79DEE079DCE1EE730D82594F] - 24/05/15 - 10:49:33 ---A- . (.Equinox Systems Inc. - Co-installeur série multiport Equinox.) -- C:\WINDOWS\system32\EqnClass.Dll   [103424]
O44 - LFC:[MD5.A6011889A0F23EA2BFC9CCDEC11DF553] - 24/05/15 - 10:49:33 ---A- . (.Microsoft Corporation - Co-installateur de classe Infrarouge.) -- C:\WINDOWS\system32\irclass.dll   [13312]
O44 - LFC:[MD5.FA511331A48B582A7D584FC2408E8C1A] - 24/05/15 - 10:49:33 ---A- . (.Perle Systems Ltd. - Specialix MPS NT Upgrade CoInstaller.) -- C:\WINDOWS\system32\spxcoins.dll   [24661]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 24/05/15 - 10:49:34 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls   [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 24/05/15 - 10:49:35 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls   [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 24/05/15 - 10:49:35 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls   [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 24/05/15 - 10:49:35 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls   [66082]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 24/05/15 - 10:49:35 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls   [66594]
O44 - LFC:[MD5.615DDBB5CBBAE8301C1E7FA95F1E66A3] - 24/05/15 - 10:49:35 R--A- . (.Microsoft Corporation - Albania Keyboard Layout.) -- C:\WINDOWS\system32\KBDAL.DLL   [6656]
O44 - LFC:[MD5.552221E92D6BF55F8358B927F00696C3] - 24/05/15 - 10:49:35 R--A- . (.Microsoft Corporation - Serbian_Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdycl.dll   [6656]
O44 - LFC:[MD5.5B46568257EE49714564511D58E0DE53] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Croatian/Slovenian Keyboard Layout.) -- C:\WINDOWS\system32\kbdcr.dll   [6656]
O44 - LFC:[MD5.36E68E02AF2206FC4A8C73CAEABE1FB0] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Czech Keyboard Layout.) -- C:\WINDOWS\system32\kbdcz.dll   [7168]
O44 - LFC:[MD5.AFA30A44ED11A5F9A059A2767AB6A81A] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Czech_101 Keyboard Layout.) -- C:\WINDOWS\system32\kbdcz1.dll   [6656]
O44 - LFC:[MD5.90535C13EB54E1F2C95478F1B99DCCEB] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Czech_Programmer's Keyboard Layout.) -- C:\WINDOWS\system32\kbdcz2.dll   [6656]
O44 - LFC:[MD5.F3D1EEC756847C70E65335E8CA1AE64B] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Hungarian 101-key Keyboard Layout.) -- C:\WINDOWS\system32\kbdhu1.dll   [5632]
O44 - LFC:[MD5.CF92D95B5CB6649CB9D7E8D7616487A7] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Hungarian Keyboard Layout.) -- C:\WINDOWS\system32\kbdhu.dll   [6656]
O44 - LFC:[MD5.D199B05901C2407FC0F87444A24A4F3C] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Polish Keyboard Layout.) -- C:\WINDOWS\system32\kbdpl.dll   [6656]
O44 - LFC:[MD5.897663C8606357A8E86E57CDEA8EE219] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Polish Programmer's Keyboard Layout.) -- C:\WINDOWS\system32\kbdpl1.dll   [5632]
O44 - LFC:[MD5.C2E62748C875A310A6D5B10498238A68] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Romanian Keyboard Layout.) -- C:\WINDOWS\system32\kbdro.dll   [5632]
O44 - LFC:[MD5.DCCE231E5BDF1401AC0F770EE16902AA] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Slovak Keyboard Layout.) -- C:\WINDOWS\system32\kbdsl.dll   [6656]
O44 - LFC:[MD5.93033C3EA80FB24B198B24DDECA07D4A] - 24/05/15 - 10:49:36 R--A- . (.Microsoft Corporation - Slovak(QWERTY) Keyboard Layout.) -- C:\WINDOWS\system32\kbdsl1.dll   [6656]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 24/05/15 - 10:49:38 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS   [66082]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 24/05/15 - 10:49:38 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls   [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 24/05/15 - 10:49:38 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls   [66594]
O44 - LFC:[MD5.BBB6C3346064C6AECEE6AD9F144B1AEA] - 24/05/15 - 10:49:38 R--A- . (.Microsoft Corporation - Estonia Keyboard Layout.) -- C:\WINDOWS\system32\kbdest.dll   [6144]
O44 - LFC:[MD5.C047165ED75FF85DB5A89EFEE3DA1133] - 24/05/15 - 10:49:38 R--A- . (.Microsoft Corporation - Latvia Keyboard Layout.) -- C:\WINDOWS\system32\kbdlv.dll   [6144]
O44 - LFC:[MD5.27D72BCF2B495FCDA073DBA5F189D7A1] - 24/05/15 - 10:49:38 R--A- . (.Microsoft Corporation - Latvia-QWERTY Keyboard Layout.) -- C:\WINDOWS\system32\kbdlv1.dll   [6144]
O44 - LFC:[MD5.F5B3B152A1D2752BC88928EB1E031B7E] - 24/05/15 - 10:49:38 R--A- . (.Microsoft Corporation - Lithuania Keyboard Layout.) -- C:\WINDOWS\system32\kbdlt.dll   [5632]
O44 - LFC:[MD5.AF05A41DBD1B0424B5CB47092152C7F6] - 24/05/15 - 10:49:38 R--A- . (.Microsoft Corporation - Lithuanian Keyboard Layout.) -- C:\WINDOWS\system32\kbdlt1.dll   [5632]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 24/05/15 - 10:49:40 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS   [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 24/05/15 - 10:49:40 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls   [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 24/05/15 - 10:49:40 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls   [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 24/05/15 - 10:49:40 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls   [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 24/05/15 - 10:49:40 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls   [66082]
O44 - LFC:[MD5.1E81E1F3D5ACB3371CF73C1DE8F800BF] - 24/05/15 - 10:49:40 R--A- . (.Microsoft Corporation - Greek IBM 220 Keyboard Layout.) -- C:\WINDOWS\system32\kbdhe220.dll   [5632]
O44 - LFC:[MD5.D26533FDF72381947F823882BBA4A196] - 24/05/15 - 10:49:40 R--A- . (.Microsoft Corporation - Greek IBM 220 Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdhela2.dll   [6144]
O44 - LFC:[MD5.AC81A176BA35D1D7A5CD53137F3160FE] - 24/05/15 - 10:49:40 R--A- . (.Microsoft Corporation - Greek IBM 319 Keyboard Layout.) -- C:\WINDOWS\system32\kbdhe319.dll   [5632]
O44 - LFC:[MD5.F2312B8A76FD584ACD1D956688BEB6F8] - 24/05/15 - 10:49:40 R--A- . (.Microsoft Corporation - Greek IBM 319 Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdhela3.dll   [6656]
O44 - LFC:[MD5.83C99B438B3D6DBE7B838DA783E173AC] - 24/05/15 - 10:49:40 R--A- . (.Microsoft Corporation - Greek Keyboard Layout.) -- C:\WINDOWS\system32\kbdhe.dll   [5632]
O44 - LFC:[MD5.A93447C87DDB6B1945F1F5F87EAB68DC] - 24/05/15 - 10:49:40 R--A- . (.Microsoft Corporation - Greek_Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdgkl.dll   [6144]
O44 - LFC:[MD5.90CC52E8B52F0EC3A41D14FFBE789324] - 24/05/15 - 10:49:40 R--A- . (.Microsoft Corporation - Greek_Polytonic Keyboard Layout.) -- C:\WINDOWS\system32\kbdhept.dll   [8192]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 24/05/15 - 10:49:42 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS   [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 24/05/15 - 10:49:42 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls   [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 24/05/15 - 10:49:42 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls   [66082]
O44 - LFC:[MD5.A1FA7A83F9D98D84419A8E64286284F4] - 24/05/15 - 10:49:42 R--A- . (.Microsoft Corporation - Belarusian Keyboard Layout.) -- C:\WINDOWS\system32\kbdblr.dll   [5632]
O44 - LFC:[MD5.1DF6E4758611E1328567BFE4D1B28E27] - 24/05/15 - 10:49:42 R--A- . (.Microsoft Corporation - Bulgarian Keyboard Layout.) -- C:\WINDOWS\system32\kbdbu.dll   [5632]
O44 - LFC:[MD5.95D9106D39AB410A7F7EE513F181F84C] - 24/05/15 - 10:49:42 R--A- . (.Microsoft Corporation - Kazak_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdkaz.dll   [5632]
O44 - LFC:[MD5.B6E962B7AC1CB4A78876953D369BE6DD] - 24/05/15 - 10:49:42 R--A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\WINDOWS\system32\kbdru1.dll   [5632]
O44 - LFC:[MD5.C6F23BC1411E91C179B0635893BB40A1] - 24/05/15 - 10:49:42 R--A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\WINDOWS\system32\kbdru.dll   [5632]
O44 - LFC:[MD5.E5D4673C83271FEEE1ED73E1E281A42B] - 24/05/15 - 10:49:42 R--A- . (.Microsoft Corporation - Serbian_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdycc.dll   [5632]
O44 - LFC:[MD5.3DDE3DC57C54452A313DC20F3019F8E3] - 24/05/15 - 10:49:42 R--A- . (.Microsoft Corporation - Ukrainian Keyboard Layout.) -- C:\WINDOWS\system32\kbdur.dll   [5632]
O44 - LFC:[MD5.0304318F189E3CC4A99FCCCB0A68147F] - 24/05/15 - 10:49:43 R--A- . (.Microsoft Corporation - Azerbaijan_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdaze.dll   [5632]
O44 - LFC:[MD5.1696413C242327A0AF8AF8E5CBD8AE04] - 24/05/15 - 10:49:43 R--A- . (.Microsoft Corporation - Kyrgyz Keyboard Layout.) -- C:\WINDOWS\system32\kbdkyr.dll   [5632]
O44 - LFC:[MD5.6AEDBCEE8C0475B10A5C244A35572737] - 24/05/15 - 10:49:43 R--A- . (.Microsoft Corporation - Mongolian Keyboard Layout.) -- C:\WINDOWS\system32\kbdmon.dll   [5632]
O44 - LFC:[MD5.F2D1EEF5ADCD5995C015AB3CB15C9415] - 24/05/15 - 10:49:43 R--A- . (.Microsoft Corporation - Tatar_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdtat.dll   [5632]
O44 - LFC:[MD5.4F9CFFBF05831BB81833FC64A5329C36] - 24/05/15 - 10:49:43 R--A- . (.Microsoft Corporation - Uzbek_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbduzb.dll   [5632]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 24/05/15 - 10:49:45 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls   [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 24/05/15 - 10:49:45 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls   [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 24/05/15 - 10:49:45 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls   [66594]
O44 - LFC:[MD5.712A218557F99D136735E0545E5AE223] - 24/05/15 - 10:49:45 R--A- . (.Microsoft Corporation - Azeri-Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdazel.dll   [5632]
O44 - LFC:[MD5.188E56B70419D8353B8D4F3E381D9E52] - 24/05/15 - 10:49:45 R--A- . (.Microsoft Corporation - Turkish F Keyboard Layout.) -- C:\WINDOWS\system32\kbdtuf.dll   [6144]
O44 - LFC:[MD5.5D569F2951F878EF01D7723DC08682E9] - 24/05/15 - 10:49:45 R--A- . (.Microsoft Corporation - Turkish Q Keyboard Layout.) -- C:\WINDOWS\system32\kbdtuq.dll   [6144]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 24/05/15 - 10:49:47 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls   [66082]
O44 - LFC:[MD5.6CB7A2636E405A96F44A4BDBC9866417] - 24/05/15 - 10:50:34 ---A- . (.Microsoft Corporation - DLL de l'interface utilisateur USB.) -- C:\WINDOWS\system32\usbui.dll   [77312]
O44 - LFC:[MD5.39E9B873299CCFC827241BCCFC03BE76] - 24/05/15 - 10:51:12 ---A- . (.Conexant - Modem.) -- C:\WINDOWS\system32\Drivers\HCF_MSFT.sys   [908000]
O44 - LFC:[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - 24/05/15 - 10:51:36 ---A- . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\system32\Drivers\redbook.sys   [58496]
O44 - LFC:[MD5.BBA013D455C7CD9D8C42E8C7CC7418F9] - 24/05/15 - 10:52:14 ---A- . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll   [21504]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 10:52:18 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log   [0]
O44 - LFC:[MD5.D9F724AA26C010A217C97606B160ED68] - 24/05/15 - 10:52:21 ---A- . (.Microsoft Corporation - AudStub Driver.) -- C:\WINDOWS\system32\Drivers\audstub.sys   [3072]
O44 - LFC:[MD5.DB0A38D17DA48E5BE6A4AF812A165FE7] - 24/05/15 - 11:00:16 ---A- . (...) -- C:\WINDOWS\regopt.log   [7062]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 11:02:59 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt   [0]
O44 - LFC:[MD5.4350F3BC4A0860FED7640FF06797EA2A] - 24/05/15 - 16:04:34 ---A- . (...) -- C:\WINDOWS\cmsetacl.log   [200]
O44 - LFC:[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - 24/05/15 - 16:04:49 ---A- . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys   [196864]
O44 - LFC:[MD5.A540A99C281D933F3D69D55E48727F47] - 24/05/15 - 16:04:49 ---A- . (.Microsoft Corporation - Terminal Server Driver.) -- C:\WINDOWS\system32\Drivers\termdd.sys   [40840]
O44 - LFC:[MD5.A81D924553C8AD9F287ED34FE644EF3D] - 24/05/15 - 16:04:52 ---A- . (.Microsoft Corporation - Application d'assistance du composant de lo.) -- C:\WINDOWS\system32\mmfutil.dll   [17920]
O44 - LFC:[MD5.C7340BA5ACE2D36969B707D332B9959F] - 24/05/15 - 16:04:52 ---A- . (.Microsoft Corporation - Composant logiciel enfichable WMI.) -- C:\WINDOWS\system32\cmprops.dll   [191488]
O44 - LFC:[MD5.16405B6A2815B24F7DC0BE44041FEE2C] - 24/05/15 - 16:04:52 ---A- . (.Microsoft Corporation - WMI Snapins.) -- C:\WINDOWS\system32\servdeps.dll   [56320]
O44 - LFC:[MD5.F6CF3CCCF34A5B446EE3661291607874] - 24/05/15 - 16:04:52 ---A- . (.Microsoft Corporation - Windows Product Activation Configuration WM.) -- C:\WINDOWS\system32\licwmi.dll   [58880]
O44 - LFC:[MD5.6EE019E8ABA21E7E50A91FD93284B9CC] - 24/05/15 - 16:04:59 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\clbcatq.dll   [501248]
O44 - LFC:[MD5.EFBA82A76F02A74E14DB3070F8F7C045] - 24/05/15 - 16:05:00 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comsvcs.dll   [1251840]
O44 - LFC:[MD5.B767A93B5E6BCDC1F52E6A6364B16962] - 24/05/15 - 16:05:00 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comuid.dll   [540160]
O44 - LFC:[MD5.D41851430DF07C232975C3F281BAD18C] - 24/05/15 - 16:05:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\catsrv.dll   [229888]
O44 - LFC:[MD5.BC1549A97450A0397CDBEDFF574EEC41] - 24/05/15 - 16:05:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\catsrvut.dll   [628224]
O44 - LFC:[MD5.59FB81B6B82B8B1D4EB2D9054702D3DB] - 24/05/15 - 16:05:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\catsrvps.dll   [85504]
O44 - LFC:[MD5.86621B81D34BCFEDFE0E112D9D0D61F5] - 24/05/15 - 16:05:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\clbcatex.dll   [110080]
O44 - LFC:[MD5.BFEE39106023902B98BF8F3841FBA255] - 24/05/15 - 16:05:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\colbact.dll   [62464]
O44 - LFC:[MD5.11CA338B8765DB8E2D1B459F2CFAD147] - 24/05/15 - 16:05:03 ---A- . (.Microsoft Corporation - MS DTC console program.) -- C:\WINDOWS\system32\msdtc.exe   [6144]
O44 - LFC:[MD5.EAC01A79C39C38C048A89EE8A8413D2E] - 24/05/15 - 16:05:03 ---A- . (.Microsoft Corporation - MS DTC helper APIs DLL.) -- C:\WINDOWS\system32\xolehlp.dll   [11776]
O44 - LFC:[MD5.E6E09726C96EF85C61A1A5FF72709DD6] - 24/05/15 - 16:05:03 ---A- . (.Microsoft Corporation - MS DTC log manager DLL.) -- C:\WINDOWS\system32\msdtclog.dll   [58880]
O44 - LFC:[MD5.FA8AC88E96F4D9685E5608914A470547] - 24/05/15 - 16:05:04 ---A- . (.Microsoft Corporation - MS DTC OLE Transactions interface proxy DLL.) -- C:\WINDOWS\system32\msdtcprx.dll   [425472]
O44 - LFC:[MD5.4DCB1FDA70DC44227450371C4140E307] - 24/05/15 - 16:05:04 ---A- . (.Microsoft Corporation - MS DTC transaction manager DLL.) -- C:\WINDOWS\system32\msdtctm.dll   [949248]
O44 - LFC:[MD5.E38558F3810EA16F136E5D230AB25111] - 24/05/15 - 16:05:04 ---A- . (.Microsoft Corporation - Microsoft database support DLL for Oracle.) -- C:\WINDOWS\system32\mtxoci.dll   [90112]
O44 - LFC:[MD5.8895C9FDB6D64A3149B89625CE7BE7F6] - 24/05/15 - 16:05:05 ---A- . (.Microsoft Corporation - Configuration Backend Interface.) -- C:\WINDOWS\system32\cfgbkend.dll   [39424]
O44 - LFC:[MD5.51A6AF2B6E133AE61C1B092E5709B878] - 24/05/15 - 16:05:05 ---A- . (.Microsoft Corporation - DLL Interface to TermDD Device Driver.) -- C:\WINDOWS\system32\icaapi.dll   [11264]
O44 - LFC:[MD5.43545DA951FC35426177EEB230F2BCA0] - 24/05/15 - 16:05:05 ---A- . (.Microsoft Corporation - MS DTC administrative component DLL.) -- C:\WINDOWS\system32\msdtcuiu.dll   [161280]
O44 - LFC:[MD5.5CEDA4A82F07576B57BD554E20238F1B] - 24/05/15 - 16:05:05 ---A- . (.Microsoft Corporation - RDP Clip Monitor.) -- C:\WINDOWS\system32\rdpclip.exe   [62464]
O44 - LFC:[MD5.34AC1C3ABE1C605155EFA8489750D83B] - 24/05/15 - 16:05:05 ---A- . (.Microsoft Corporation - Utilitaire d'interrogation de processus.) -- C:\WINDOWS\system32\qprocess.exe   [20992]
O44 - LFC:[MD5.D2D52012C5A3CD41FEC0F090A8E47EE7] - 24/05/15 - 16:05:06 ---A- . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe   [44544]
O44 - LFC:[MD5.F35A23E5B6413F93CCCA0D05D00183FB] - 24/05/15 - 16:05:06 ---A- . (.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bu.) -- C:\WINDOWS\system32\sessmgr.exe   [142336]
O44 - LFC:[MD5.45384AF17729DFF68D3B2028E73A1F7D] - 24/05/15 - 16:05:06 ---A- . (.Microsoft Corporation - Pilote multimédia du service Terminal Serve.) -- C:\WINDOWS\system32\rdpsnd.dll   [19968]
O44 - LFC:[MD5.45A63EA8C1C28A917294343903CCAD51] - 24/05/15 - 16:05:06 ---A- . (.Microsoft Corporation - RDP Extension DLL.) -- C:\WINDOWS\system32\rdpwsx.dll   [87176]
O44 - LFC:[MD5.73C956A793E208E8BC3274277AC8C7DC] - 24/05/15 - 16:05:06 ---A- . (.Microsoft Corporation - RDSHost Client Module.) -- C:\WINDOWS\system32\rdchost.dll   [147968]
O44 - LFC:[MD5.78F90C3E230AD122BCB116ABAD5FEFE9] - 24/05/15 - 16:05:06 ---A- . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\system32\termsrv.dll   [297984]
O44 - LFC:[MD5.72D638651BAD29EB0A50DD7A359375B9] - 24/05/15 - 16:05:07 ---A- . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\WINDOWS\system32\mstsc.exe   [411648]
O44 - LFC:[MD5.0CA210AD79718BC8782115F4EC2A891D] - 24/05/15 - 16:05:07 ---A- . (.Microsoft Corporation - Extension du Panneau de configuration Sessi.) -- C:\WINDOWS\system32\remotepg.dll   [61952]
O44 - LFC:[MD5.ABEB93B3D5F4C6DC311C06A14E7BCA70] - 24/05/15 - 16:05:07 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop TSRDP Session Add-.) -- C:\WINDOWS\system32\rdsaddin.exe   [13824]
O44 - LFC:[MD5.230B7B30AC2743ED15330AC9E22C4801] - 24/05/15 - 16:05:07 ---A- . (.Microsoft Corporation - RDSHost Server Module.) -- C:\WINDOWS\system32\rdshost.exe   [67072]
O44 - LFC:[MD5.B202B160C128CCB5265082A94EE01A6C] - 24/05/15 - 16:05:07 ---A- . (.Microsoft Corporation - Terminal Services ActiveX Client.) -- C:\WINDOWS\system32\mstscax.dll   [655360]
O44 - LFC:[MD5.A872087165C51FBB9C7E89E519BDFD00] - 24/05/15 - 16:05:08 ---A- . (.Microsoft Corporation - Fournisseur d'infrastructure WMI de configu.) -- C:\WINDOWS\system32\tscfgwmi.dll   [94208]
O44 - LFC:[MD5.38D437CF2D98965F239B0ABCD66DCB0F] - 24/05/15 - 16:05:08 ---A- . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys   [12040]
O44 - LFC:[MD5.D4F5643D7714EF499AE9527FDCD50894] - 24/05/15 - 16:05:08 ---A- . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only,.) -- C:\WINDOWS\system32\Drivers\rdpwd.sys   [139400]
O44 - LFC:[MD5.ED0580AF02502D00AD8C4C066B156BE9] - 24/05/15 - 16:05:08 ---A- . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys   [21896]
O44 - LFC:[MD5.C67937DA97E44DBE434E5A7D88D24383] - 24/05/15 - 16:05:09 ---A- . (.Microsoft Corporation - Afficheur de l'album Windows NT.) -- C:\WINDOWS\system32\clipbrd.exe   [104448]
O44 - LFC:[MD5.911829180298A89E133E202B64DBD349] - 24/05/15 - 16:05:09 ---A- . (.Microsoft Corporation - Paint.) -- C:\WINDOWS\system32\mspaint.exe   [347648]
O44 - LFC:[MD5.944419D42F5FCE620EC3E69BA4DF2E76] - 24/05/15 - 16:05:09 ---A- . (.Microsoft Corporation - Spider.) -- C:\WINDOWS\system32\spider.exe   [539136]
O44 - LFC:[MD5.0C4AE4BFBB9B9F85F4764DA6A0A1223F] - 24/05/15 - 16:05:10 ---A- . (.Hilgraeve, Inc. - Bibliothèque d'applications HyperTerminal.) -- C:\WINDOWS\system32\hypertrm.dll   [352256]
O44 - LFC:[MD5.40A3DF0E95FD9BF24575BF003E20EE99] - 24/05/15 - 16:05:11 ---A- . (.Microsoft Corporation - Accessoires du magnétophone.) -- C:\WINDOWS\system32\sndrec32.exe   [133120]
O44 - LFC:[MD5.FEAF27FC249F274857F2CDE9EFCABF20] - 24/05/15 - 16:05:11 ---A- . (.Microsoft Corporation - Assistant Accessibilité Microsoft.) -- C:\WINDOWS\system32\accwiz.exe   [189952]
O44 - LFC:[MD5.9A4667254D80B86051D8D5578BA7CA9E] - 24/05/15 - 16:05:11 ---A- . (.Microsoft Corporation - DLL du Panneau de configuration.) -- C:\WINDOWS\system32\access.cpl   [71680]
O44 - LFC:[MD5.189D417E26D4BC4CE3DB53FAD46EBAC6] - 24/05/15 - 16:05:11 ---A- . (.Microsoft Corporation - Media Player.) -- C:\WINDOWS\system32\mplay32.exe   [124928]
O44 - LFC:[MD5.2CE7B1EEB99C14032C0E2201B004F80E] - 24/05/15 - 16:05:30 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc   [63488]
O44 - LFC:[MD5.C5C7EB692A20043694A83CD534ECD1F1] - 24/05/15 - 16:05:34 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comsnap.dll   [147456]
O44 - LFC:[MD5.CAB1F12E9F21B654A5798A6120AE52E7] - 24/05/15 - 16:05:34 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\stclient.dll   [54272]
O44 - LFC:[MD5.9B826D2A266D2AF6925639BA162CB1CF] - 24/05/15 - 16:05:36 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comaddin.dll   [25600]
O44 - LFC:[MD5.91C2A53F8A0B8D627AA617FC54FC4542] - 24/05/15 - 16:05:36 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comrepl.dll   [82432]
O44 - LFC:[MD5.B3C23C7313DD63FF5C77BEE44113D71D] - 24/05/15 - 16:05:36 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\dcomcnfg.exe   [5120]
O44 - LFC:[MD5.7BB5E15AED9FDA88DF53AD1690A3D719] - 24/05/15 - 16:05:36 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\mtxdm.dll   [20480]
O44 - LFC:[MD5.40706C18F19FC865D8862B68711D919B] - 24/05/15 - 16:05:36 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\mtxex.dll   [4096]
O44 - LFC:[MD5.64D0CFCF1BF3E80BE8AD0F6F2D114C76] - 24/05/15 - 16:05:36 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\mtxlegih.dll   [25088]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 24/05/15 - 16:05:37 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h   [768]
O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 24/05/15 - 16:05:37 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini   [3914]
O44 - LFC:[MD5.4701BA735D535D9F46AB2A285610A04B] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Extension de configuration de connexion Ter.) -- C:\WINDOWS\system32\rdpcfgex.dll   [4608]
O44 - LFC:[MD5.2CA1060C5CF9C03B865977F12123C3F8] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Modem Connection Driver.) -- C:\WINDOWS\system32\cdmodem.dll   [15872]
O44 - LFC:[MD5.9C847DF5E1F783716032977AE4559CCC] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Registry Initializer.) -- C:\WINDOWS\system32\regini.exe   [33792]
O44 - LFC:[MD5.CEBA968375EE0B55094FFBA03EE69BAF] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Utilitaire d'interrogation Terminal Server.) -- C:\WINDOWS\system32\qappsrv.exe   [17408]
O44 - LFC:[MD5.B1D3D78F35E85E7481A9651BB11394B0] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Utilitaire de contrôle à distance de sessio.) -- C:\WINDOWS\system32\shadow.exe   [15360]
O44 - LFC:[MD5.8A6A5D2505D1BF424EAFD38D76D6C0E9] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Utilitaire de déconnexion de session.) -- C:\WINDOWS\system32\logoff.exe   [15872]
O44 - LFC:[MD5.25900127DAE605546899D80EA6AE61FB] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Utilitaire de gestion des sessions de requê.) -- C:\WINDOWS\system32\qwinsta.exe   [22528]
O44 - LFC:[MD5.31BF3B4C0D04EC84684F58D14F521426] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Utilitaire de message.) -- C:\WINDOWS\system32\msg.exe   [22528]
O44 - LFC:[MD5.946B7A66354D385D9242F9AFC1CAC7C0] - 24/05/15 - 16:05:37 ---A- . (.Microsoft Corporation - Utilitaire de réinitialisation de session.) -- C:\WINDOWS\system32\rwinsta.exe   [16384]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 24/05/15 - 16:05:38 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h   [3286]
O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 24/05/15 - 16:05:38 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini   [27768]
O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 24/05/15 - 16:05:38 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd   [1263]
O44 - LFC:[MD5.EA682C022F7204CC8E8C9EF5DCE29356] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - Jeu Démineur du pack Entertainment.) -- C:\WINDOWS\system32\winmine.exe   [119808]
O44 - LFC:[MD5.043D073DFF5E3AD85FDA67D8C30F4305] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - Jeu FreeCell du pack Entertainment.) -- C:\WINDOWS\system32\freecell.exe   [55808]
O44 - LFC:[MD5.DDCA854934C0D4EF46E8E093F3446ABF] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - La Dame de Pique en réseau.) -- C:\WINDOWS\system32\mshearts.exe   [128000]
O44 - LFC:[MD5.E167CEBDBADE82F4A6E30BBAF495800B] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - Utilitaire d'arrêt de processus des service.) -- C:\WINDOWS\system32\tskill.exe   [16896]
O44 - LFC:[MD5.3861B0195ACDCD8F1187C37617C090C4] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - Utilitaire d'arrêt du système.) -- C:\WINDOWS\system32\tsshutdn.exe   [17408]
O44 - LFC:[MD5.8F0514EF34C2A69036CC55F91F903168] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - Utilitaire de connexion de session.) -- C:\WINDOWS\system32\tscon.exe   [15360]
O44 - LFC:[MD5.C2E457CCCC8691F3194D12E4F5E70EA4] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - Utilitaire de déconnexion de session.) -- C:\WINDOWS\system32\tsdiscon.exe   [14848]
O44 - LFC:[MD5.C05B691CC2328DB5456AECD616E81970] - 24/05/15 - 16:05:38 ---A- . (.Microsoft Corporation - Utilitaire de réinitialisation des services.) -- C:\WINDOWS\system32\reset.exe   [10240]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 24/05/15 - 16:05:39 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce   [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 24/05/15 - 16:05:39 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce   [24006]
O44 - LFC:[MD5.CACA53644879416250C9BFA6A109E3D8] - 24/05/15 - 16:05:39 ---A- . (.Microsoft Corporation - Applet du jeu Solitaire.) -- C:\WINDOWS\system32\sol.exe   [57344]
O44 - LFC:[MD5.5911F4AE105C7469636F7ADCEA35349F] - 24/05/15 - 16:05:39 ---A- . (.Microsoft Corporation - Application Calculatrice de Windows.) -- C:\WINDOWS\system32\calc.exe   [115200]
O44 - LFC:[MD5.0DD55909896EF797C9E5E12662CD3BDF] - 24/05/15 - 16:05:39 ---A- . (.Microsoft Corporation - Table des caractères.) -- C:\WINDOWS\system32\charmap.exe   [80896]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp   [65978]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp   [1272]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\Tasse à café.bmp   [17062]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce   [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce   [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce   [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\system32\korean.uce   [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce   [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 24/05/15 - 16:05:40 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce   [93702]
O44 - LFC:[MD5.C525A8A367F9641ABB8FF32C96BD08A4] - 24/05/15 - 16:05:40 ---A- . (.Microsoft Corporation - DLL des noms UNICODE pour UCE.) -- C:\WINDOWS\system32\getuname.dll   [634880]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp   [26582]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Jour de pêche.bmp   [17336]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp   [65832]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Plume.bmp   [16730]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp   [17362]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Rivière Sumida.bmp   [26680]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp   [65954]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 24/05/15 - 16:05:41 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp   [9522]
O44 - LFC:[MD5.E7EF0C8FE4CAE6B9CA990D5B15A079CE] - 24/05/15 - 16:05:46 ---A- . (.Microsoft Corporation - Contrôles de mesure.) -- C:\WINDOWS\system32\avmeter.dll   [16384]
O44 - LFC:[MD5.2A99260794224489F29B628717B7947E] - 24/05/15 - 16:05:46 ---A- . (.Microsoft Corporation - Conversation pour Windows NT.) -- C:\WINDOWS\system32\winchat.exe   [35840]
O44 - LFC:[MD5.128CEA94B381C19C655AA18DA74ECA0A] - 24/05/15 - 16:05:46 ---A- . (.Microsoft Corporation - Numéroteur TAPI 3.0 et Visualisateur de con.) -- C:\WINDOWS\system32\avtapi.dll   [232960]
O44 - LFC:[MD5.F7B2FA971A70A335F92785DEF9478B62] - 24/05/15 - 16:05:46 ---A- . (.Microsoft Corporation - Wave Manipulation Component.) -- C:\WINDOWS\system32\avwav.dll   [73216]
O44 - LFC:[MD5.520A03D1F113D251EFBFA00C164F2087] - 24/05/15 - 16:05:47 ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- C:\WINDOWS\system32\hticons.dll   [44544]
O44 - LFC:[MD5.831347571C0F5006CE3913D32F21AB69] - 24/05/15 - 16:05:47 ---A- . (.Microsoft Corporation - Contrôle du volume.) -- C:\WINDOWS\system32\sndvol32.exe   [139264]
O44 - LFC:[MD5.AF68D5BB112D56D00835252C76D2D871] - 24/05/15 - 16:05:55 ---A- . (.Microsoft Corporation - Windows Write.) -- C:\WINDOWS\system32\write.exe   [5632]
O44 - LFC:[MD5.DADB3267CF9AA47E7EF8BBF043FBC4B8] - 24/05/15 - 16:06:21 ---A- . (...) -- C:\WINDOWS\sessmgr.setup.log   [1022]
O44 - LFC:[MD5.66D0300AEE5E5403F398570D109C5189] - 24/05/15 - 16:06:24 ---A- . (...) -- C:\WINDOWS\DtcInstall.log   [133]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 24/05/15 - 16:06:29 ---A- . (...) -- C:\WINDOWS\vb.ini   [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 24/05/15 - 16:06:29 ---A- . (...) -- C:\WINDOWS\vbaddin.ini   [37]
O44 - LFC:[MD5.724157DC3B332A03F1E0A02002E2AF94] - 24/05/15 - 16:06:36 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat   [21892]
O44 - LFC:[MD5.8CDE69FAECCF6B388D3C57B1CFC322DC] - 24/05/15 - 16:06:44 ---A- . (.Microsoft Corporation - Bibliothèque de l'Assistant Connexion Inter.) -- C:\WINDOWS\system32\inetcfg.dll   [282624]
O44 - LFC:[MD5.B1ADEF63C0EBDF5DF8BAF680A2602B25] - 24/05/15 - 16:06:45 ---A- . (.Microsoft Corporation - Assistant Connexion Internet.) -- C:\WINDOWS\system32\icwphbk.dll   [65536]
O44 - LFC:[MD5.A8081009F0CD81BB1BEB601D9C854249] - 24/05/15 - 16:06:45 ---A- . (.Microsoft Corporation - Fichier DLL d'interface du Planificateur de.) -- C:\WINDOWS\system32\mstask.dll   [281600]
O44 - LFC:[MD5.58EF495E6AABFA17260D6BC52E6D91BE] - 24/05/15 - 16:06:45 ---A- . (.Microsoft Corporation - Fichier d'installation du Planificateur de.) -- C:\WINDOWS\system32\mstinit.exe   [12288]
O44 - LFC:[MD5.A65E74CC5831CED5762AA16033ED20EE] - 24/05/15 - 16:06:45 ---A- . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll   [193024]
O44 - LFC:[MD5.DAB648BE9173972358262A2B28028FB2] - 24/05/15 - 16:06:45 ---A- . (.Microsoft Corporation - Numéroteur automatique de l'Assistant Conne.) -- C:\WINDOWS\system32\icwdial.dll   [73728]
O44 - LFC:[MD5.02AA315851C56729EF0ACEC7DAECCE19] - 24/05/15 - 16:06:45 ---A- . (.Microsoft Corporation - Processus d'abonnement à Internet.) -- C:\WINDOWS\system32\isign32.dll   [86016]
O44 - LFC:[MD5.224F34477C26157A3A6C239D24A5748C] - 24/05/15 - 16:06:47 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll   [678400]
O44 - LFC:[MD5.DA30A7F4D6997B5E351A60955636E649] - 24/05/15 - 16:06:48 ---A- . (.Microsoft Corporation - Ressources API de Microsoft Internet Messag.) -- C:\WINDOWS\system32\inetres.dll   [50688]
O44 - LFC:[MD5.C0F6FB08291FFA5F1BABBC646075A102] - 24/05/15 - 16:06:49 ---A- . (.Microsoft Corporation - Gestionnaire de comptes Internet.) -- C:\WINDOWS\system32\msoeacct.dll   [252928]
O44 - LFC:[MD5.FAC0EB3FFE654F42E404F504E1C48424] - 24/05/15 - 16:06:49 ---A- . (.Microsoft Corporation - Microsoft Outlook Express RT Lib.) -- C:\WINDOWS\system32\msoert2.dll   [105984]
O44 - LFC:[MD5.897FA903C150718CBFF5C7927818AF03] - 24/05/15 - 16:06:51 ---A- . (.Microsoft Corporation - Dll de l'utilitaire de conférence.) -- C:\WINDOWS\system32\msconf.dll   [69632]
O44 - LFC:[MD5.5B219F99CF6D5BE05A6C6E86C38CB7CE] - 24/05/15 - 16:06:51 ---A- . (.Microsoft Corporation - Partage de Bureau à distance NetMeeting.) -- C:\WINDOWS\system32\mnmsrvc.exe   [32768]
O44 - LFC:[MD5.324AC9F40BE8AB02851EE2026F837027] - 24/05/15 - 16:06:52 ---A- . (.Intel Corporation - ISR Debug 32-bit Engine.) -- C:\WINDOWS\system32\isrdbg32.dll   [32768]
O44 - LFC:[MD5.1AC0ED43D237AF323F4530C77DE3A5F9] - 24/05/15 - 16:06:52 ---A- . (.Microsoft Corporation - Application Sharing Display Driver.) -- C:\WINDOWS\system32\mnmdd.dll   [34560]
O44 - LFC:[MD5.0BB2CDC0DC9B84E74A338A5D823FB085] - 24/05/15 - 16:06:52 ---A- . (.Microsoft Corporation - Bibliothèque NMMKCERT.) -- C:\WINDOWS\system32\nmmkcert.dll   [28672]
O44 - LFC:[MD5.ED962A6102E8D33A9C5D732AA8E363AE] - 24/05/15 - 16:06:52 ---A- . (.Microsoft Corporation - Pilote ICM Microsoft H.261.) -- C:\WINDOWS\system32\msh261.drv   [188416]
O44 - LFC:[MD5.4E2F2A188C1478830B8B62CAFAE901E3] - 24/05/15 - 16:06:52 ---A- . (.Microsoft Corporation - User Location Services Component Module.) -- C:\WINDOWS\system32\ils.dll   [81920]
O44 - LFC:[MD5.6D07061C5844AD1E5A17EAFE38757BA2] - 24/05/15 - 16:06:53 ---A- . (.Microsoft Corporation - Bibliothèque d'opérations Restauration du s.) -- C:\WINDOWS\system32\srrstr.dll   [241664]
O44 - LFC:[MD5.0813F8C059FB469331AD0773D0B692D1] - 24/05/15 - 16:06:53 ---A- . (.Microsoft Corporation - Dll du client SR.) -- C:\WINDOWS\system32\srclient.dll   [67584]
O44 - LFC:[MD5.9C3E2FF9A3FEE2D9AB2C2ADA7FE20106] - 24/05/15 - 16:06:53 ---A- . (.Microsoft Corporation - Filter Library.) -- C:\WINDOWS\system32\fltlib.dll   [16896]
O44 - LFC:[MD5.5808F02C5F5DB4A1EC0ADD31333D9A13] - 24/05/15 - 16:06:53 ---A- . (.Microsoft Corporation - Filter Manager Control Program.) -- C:\WINDOWS\system32\fltMc.exe   [22528]
O44 - LFC:[MD5.157754F0DF355A9E0A6F54721914F9C6] - 24/05/15 - 16:06:53 ---A- . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) -- C:\WINDOWS\system32\Drivers\fltMgr.sys   [124800]
O44 - LFC:[MD5.B52181023B827ACDA36C1B76751EBFFD] - 24/05/15 - 16:06:53 ---A- . (.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) -- C:\WINDOWS\system32\Drivers\sr.sys   [73600]
O44 - LFC:[MD5.CE978404558CE2D82896AC2032F06DBF] - 24/05/15 - 16:06:53 ---A- . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll   [171008]
O44 - LFC:[MD5.C9E9A9970213976A63995ADEE51D967D] - 24/05/15 - 16:06:59 ---A- . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\racpldlg.dll   [43520]
O44 - LFC:[MD5.070778E2ADED521BAD36D78232BF7E2D] - 24/05/15 - 16:06:59 ---A- . (.Microsoft Corporation - Contrôles Fichier/Ouvrir et Enregistrer de.) -- C:\WINDOWS\system32\safrcdlg.dll   [43520]
O44 - LFC:[MD5.E8B41F5744D5E53613200D7A2046DC68] - 24/05/15 - 16:06:59 ---A- . (.Microsoft Corporation - Gestionnaire du bureau du centre d'Aide Mic.) -- C:\WINDOWS\system32\safrdm.dll   [29696]
O44 - LFC:[MD5.3A917FB927BE2D1A490F72880DB3F994] - 24/05/15 - 16:06:59 ---A- . (.Microsoft Corporation - Microsoft Help Center Session Resolver.) -- C:\WINDOWS\system32\safrslv.dll   [45568]
O44 - LFC:[MD5.5D31C0E5412443436F43F6FBFB179F14] - 24/05/15 - 16:07:08 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\WINDOWS\system32\wuapi.dll   [432640]
O44 - LFC:[MD5.9BA5C8389EE32671F5AD9730F22C772C] - 24/05/15 - 16:07:08 ---A- . (.Microsoft Corporation - Background Intelligent Transfer Service 2.0.) -- C:\WINDOWS\system32\bitsprx3.dll   [7168]
O44 - LFC:[MD5.3284E27F384AB2E4CC4F714172A72171] - 24/05/15 - 16:07:08 ---A- . (.Microsoft Corporation - Background Intelligent Transfer Service Pro.) -- C:\WINDOWS\system32\bitsprx2.dll   [8192]
O44 - LFC:[MD5.1F7B4420A19B2AA204F1719E0E2BDF0A] - 24/05/15 - 16:07:08 ---A- . (.Microsoft Corporation - Background Intelligent Transfer Service Pro.) -- C:\WINDOWS\system32\qmgrprxy.dll   [18944]
O44 - LFC:[MD5.659F7B6C502051BFA37910614B225548] - 24/05/15 - 16:07:08 ---A- . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll   [382464]
O44 - LFC:[MD5.6BF33E4F69EDE11D9C383B261BA84859] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Client Mise à jour automatique Windows Upda.) -- C:\WINDOWS\system32\wuauclt1.exe   [168960]
O44 - LFC:[MD5.FC21787F32E3793A4C7C02D2BFAA5AE0] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Mises à jour automatiques.) -- C:\WINDOWS\system32\wuauclt.exe   [112640]
O44 - LFC:[MD5.E4C871841C1897766496071FB2842033] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Moteur de mises à jour automatique Windows.) -- C:\WINDOWS\system32\wuaueng1.dll   [184320]
O44 - LFC:[MD5.AC17D8A46803848538871265B8546BCF] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Panneau de configuration Mises à jour autom.) -- C:\WINDOWS\system32\wuaucpl.cpl   [163840]
O44 - LFC:[MD5.7140A61D74542E00D55AC900D1AE1796] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Plug-in Interface utilisateur du client Mis.) -- C:\WINDOWS\system32\wucltui.dll   [114176]
O44 - LFC:[MD5.048A60F995F6ED01B0297B9D40F3E2D6] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Windows Update AutoUpdate Engine.) -- C:\WINDOWS\system32\wuaueng.dll   [1134592]
O44 - LFC:[MD5.A01A65BEA57E71DE6AFB80940D3E1F77] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll   [6656]
O44 - LFC:[MD5.DE87E9382776CE6220F8DF652F0CA8FA] - 24/05/15 - 16:07:09 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\WINDOWS\system32\wups.dll   [36864]
O44 - LFC:[MD5.2711191D372BF168ECD66E82F9DF500C] - 24/05/15 - 16:07:10 ---A- . (.Microsoft Corporation - Windows Update Web Control.) -- C:\WINDOWS\system32\wuweb.dll   [120320]
O44 - LFC:[MD5.13D8419CD73E6D14FE093A0066E36F18] - 24/05/15 - 16:07:19 ---A- . (.Microsoft Corporation - Internet Connection Wizard.) -- C:\WINDOWS\system32\icfgnt5.dll   [16384]
O44 - LFC:[MD5.D1560FE3CB700340235BECDE227C271E] - 24/05/15 - 16:07:22 ---A- . (.Microsoft Corporation - Ressources du gestionnaire de comptes Micro.) -- C:\WINDOWS\system32\acctres.dll   [72192]
O44 - LFC:[MD5.34A92A72CC0E0653828344DB5378B1E0] - 24/05/15 - 16:07:23 ---A- . (.Microsoft Corporation - Codec Microsoft G.723.1 pour MSACM.) -- C:\WINDOWS\system32\msg723.acm   [118784]
O44 - LFC:[MD5.8014838B3025DDFF6C476FCC7C18CD82] - 24/05/15 - 16:07:24 ---A- . (.Microsoft Corporation - DLL d'enregistrement d'événements NetMeetin.) -- C:\WINDOWS\system32\nmevtmsg.dll   [12288]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 24/05/15 - 16:07:30 ---A- . (...) -- C:\WINDOWS\desktop.ini   [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 24/05/15 - 16:07:30 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini   [2]
O44 - LFC:[MD5.CE45BE933AA8CF23B3469FE761C27A32] - 24/05/15 - 16:07:30 -SH-- . (...) -- C:\WINDOWS\winnt.bmp   [49102]
O44 - LFC:[MD5.CE45BE933AA8CF23B3469FE761C27A32] - 24/05/15 - 16:07:31 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp   [49102]
O44 - LFC:[MD5.D935270C569D1E4F224F861AB0559E1E] - 24/05/15 - 16:07:33 ---A- . (.Microsoft Corporation - Async Trace DLL.) -- C:\WINDOWS\system32\atrace.dll   [11264]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 24/05/15 - 16:08:15 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 24/05/15 - 16:08:15 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 24/05/15 - 16:08:15 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 24/05/15 - 16:08:15 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 24/05/15 - 16:08:15 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 24/05/15 - 16:08:15 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest   [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 24/05/15 - 16:08:20 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest   [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 24/05/15 - 16:08:20 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest   [488]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 24/05/15 - 16:08:58 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI   [4205]
O44 - LFC:[MD5.662BD5F1A693F710F066BAF92FED394A] - 24/05/15 - 16:08:58 ---A- . (.Microsoft Corporation - Extended MAPI 1.0 for Windows NT.) -- C:\WINDOWS\system32\mapi32.dll   [112128]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 24/05/15 - 16:09:07 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb   [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 24/05/15 - 16:09:07 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb   [23392]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 16:09:10 ---A- . (...) -- C:\AUTOEXEC.BAT   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 16:09:10 ---A- . (...) -- C:\CONFIG.SYS   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 16:09:10 ---A- . (...) -- C:\WINDOWS\control.ini   [0]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 24/05/15 - 16:09:10 ---A- . (...) -- C:\WINDOWS\system32\CONFIG.NT   [3072]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 16:09:10 RSHA- . (...) -- C:\IO.SYS   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/05/15 - 16:09:10 RSHA- . (...) -- C:\MSDOS.SYS   [0]
O44 - LFC:[MD5.E5C5FA9E2DC4FFC65CCC3DAF8D530A4C] - 24/05/15 - 16:09:21 ---A- . (...) -- C:\WINDOWS\KB911164.log   [6612]
O44 - LFC:[MD5.C4A9EC1648BC1FE63A00645DFF1D69D9] - 24/05/15 - 16:10:56 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf   [261]
O44 - LFC:[MD5.3758A0D7B39E2E0FD95CA73573C08521] - 24/05/15 - 16:11:00 ---A- . (...) -- C:\WINDOWS\imsins.BAK   [4382]
O44 - LFC:[MD5.A21A6DD54EE6864D09DFA184A8B0DA2D] - 24/05/15 - 16:15:14 ---A- . (...) -- C:\WINDOWS\OEWABLog.txt   [833]
O44 - LFC:[MD5.C2A6683C9FF46AA70E2C2092B008EDC7] - 24/05/15 - 16:45:17 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS   [10288]
O44 - LFC:[MD5.09FD8ED5F933D2605D1670DF00FD73BD] - 24/05/15 - 16:45:35 ---A- . (...) -- C:\WINDOWS\Ascd_tmp.ini   [11192]
O44 - LFC:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 24/05/15 - 16:45:39 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys   [5810]
O44 - LFC:[MD5.48BA23373D43BDCD0CEAC891AF7B7226] - 24/05/15 - 16:51:59 R--A- . (...) -- C:\WINDOWS\system32\IScrNB.bmp   [121232]
O44 - LFC:[MD5.437BF10C6C6712A26D3F7E3EC24E8EC1] - 24/05/15 - 16:51:59 R--A- . (.Intel(R) Corporation - Intel(R) Graphics Media Accelerator Driver.) -- C:\WINDOWS\system32\igxpun.exe   [397312]
O44 - LFC:[MD5.6C96979632FB45592D97F012073065DA] - 24/05/15 - 16:51:59 R--A- . (.Microsoft Corporation - Driver Install Frameworks for API library m.) -- C:\WINDOWS\system32\difxapi.dll   [309760]
O44 - LFC:[MD5.CB52FDF0B373EEF6CAAB11AE6F435891] - 24/05/15 - 16:52:00 R--A- . (...) -- C:\WINDOWS\system32\IScrNBR.bmp   [121232]
O44 - LFC:[MD5.B21D647F6D9003ACA10AFE3BA9448BE4] - 24/05/15 - 16:52:20 R--A- . (...) -- C:\WINDOWS\system32\igfxCoIn_v4670.dll   [192512]
O44 - LFC:[MD5.7F206FE4E83301C9A93ACDBE5B119F8A] - 24/05/15 - 16:52:20 R--A- . (...) -- C:\WINDOWS\system32\igmedkrn.dll   [459664]
O44 - LFC:[MD5.DE4C5379216ACE6197B77D0D6C6C8D8A] - 24/05/15 - 16:52:20 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.cpa   [524850]
O44 - LFC:[MD5.54EABEC05A84181FCEDD7F974850116C] - 24/05/15 - 16:52:20 R--A- . (...) -- C:\WINDOWS\system32\igxpxa32.vp   [929]
O44 - LFC:[MD5.765CB03717D62E6F7C9F0D42D6420BE3] - 24/05/15 - 16:52:20 R--A- . (...) -- C:\WINDOWS\system32\igxpxk32.vp   [58704]
O44 - LFC:[MD5.DEC32BD91B70228A925F5C110A5D60E6] - 24/05/15 - 16:52:20 R--A- . (...) -- C:\WINDOWS\system32\igxpxs32.vp   [22416]
O44 - LFC:[MD5.B50FF948476475E8132B1D7C699BC655] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - Component GHAL Driver.) -- C:\WINDOWS\system32\igxpdv32.dll   [1304320]
O44 - LFC:[MD5.E0E4E399CCD1046BABD60B6ECB6F8FDF] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - DirectDraw(R) Driver for Intel(R) Graphics.) -- C:\WINDOWS\system32\igxpdx32.dll   [2076160]
O44 - LFC:[MD5.1C6C690E2EC7E97E19855163E6D8D7FE] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - Intel Graphics 2D Driver.) -- C:\WINDOWS\system32\igxpgd32.dll   [140288]
O44 - LFC:[MD5.EF1C0F7EDBF7073EC94ED498DB98CA26] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - Intel Graphics 2D Rotation Driver.) -- C:\WINDOWS\system32\igxprd32.dll   [48128]
O44 - LFC:[MD5.85D42B7F0DD406ADF5E3EC7659A279EC] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\Drivers\igxpmp32.sys   [1109568]
O44 - LFC:[MD5.9A3ED78396D63D25EF562FC343A25707] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - OpenGL(R) Device Driver for Intel(R) Graphi.) -- C:\WINDOWS\system32\ig4dev32.dll   [1208320]
O44 - LFC:[MD5.70A84515357139C93E63EEF41786B6BE] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - OpenGL(R) Driver for Intel(R) Graphics Acce.) -- C:\WINDOWS\system32\ig4icd32.dll   [2416640]
O44 - LFC:[MD5.E3E579C599E1B4D38C16D318875B319E] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - hccutils Module.) -- C:\WINDOWS\system32\hccutils.dll   [81920]
O44 - LFC:[MD5.61FF610F012F052EDDA9325597C716B7] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe   [114688]
O44 - LFC:[MD5.65FA49D506223BD5C8FB89CBAAAFF357] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe   [98304]
O44 - LFC:[MD5.7B16DCEC7F1B0ABDE60A6AB1B24E4E8D] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxcfg Module.) -- C:\WINDOWS\system32\igfxcfg.exe   [450560]
O44 - LFC:[MD5.B2663ABCF727AF6E4067BF32B185BADC] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxcpl Module.) -- C:\WINDOWS\system32\igfxcpl.cpl   [94208]
O44 - LFC:[MD5.4B47BA91830ABDFDD30A528438E17473] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll   [155648]
O44 - LFC:[MD5.C06C22C5576B8D2C090FD1DB59CE5796] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxdo Module.) -- C:\WINDOWS\system32\igfxdo.dll   [98304]
O44 - LFC:[MD5.93EC04308F1867B07D6892C55FE26BA4] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\system32\igfxexps.dll   [23552]
O44 - LFC:[MD5.6551283C7600486856A283C982E0BB9D] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\system32\igfxext.exe   [110592]
O44 - LFC:[MD5.6550276C34FEF1F490FD2207D89555EE] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxpph Module.) -- C:\WINDOWS\system32\igfxpph.dll   [163840]
O44 - LFC:[MD5.9D4711C093D77208F1CB1933FECBD7BB] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrara.lrc   [143360]
O44 - LFC:[MD5.86C678EE0EA45957EED5BBE309AA1436] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrchs.lrc   [98304]
O44 - LFC:[MD5.1D5FE47950686434DC29C3C3B732045B] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrcht.lrc   [98304]
O44 - LFC:[MD5.3F3DF65B1479F4DB0B1D0A68AB667CDF] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrcsy.lrc   [159744]
O44 - LFC:[MD5.115E31A25F285AD9AD0C4DF116652F91] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrdan.lrc   [159744]
O44 - LFC:[MD5.42F4AC2398BFCAF0A2CE5D08B07A9D4A] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrdeu.lrc   [176128]
O44 - LFC:[MD5.7C3DE0619FA73F828518B293E90E1A6F] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrell.lrc   [176128]
O44 - LFC:[MD5.F3240E67E1CBDDFBCC3040FE93747A8E] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrenu.lrc   [155648]
O44 - LFC:[MD5.D0A983DC2E821E62BC36D05A71A44BD5] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxresp.lrc   [172032]
O44 - LFC:[MD5.79376515E279D71BC7FFDEBC5C4C4842] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrfin.lrc   [159744]
O44 - LFC:[MD5.6475BA6B557B6683B30A789D7AD9EE93] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrfra.lrc   [167936]
O44 - LFC:[MD5.7512B8931E4AD0906962E4890C9F7AFC] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrheb.lrc   [139264]
O44 - LFC:[MD5.B9FE5EA1997DCCF8445F7A2E793A151B] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrhun.lrc   [167936]
O44 - LFC:[MD5.D3AAC923F90407301E9D845B08B03694] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrita.lrc   [172032]
O44 - LFC:[MD5.B33D83E9247F4A2091A4A6BD43ED1BB3] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrjpn.lrc   [114688]
O44 - LFC:[MD5.747D8E45435F8EA87E07D625F371FDE2] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrkor.lrc   [114688]
O44 - LFC:[MD5.1213BCFA4B00B749534AB074080949D1] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrnld.lrc   [172032]
O44 - LFC:[MD5.B4A1024BA3D8276100B9BB9740B2C276] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrnor.lrc   [159744]
O44 - LFC:[MD5.2096A2F3F8CA671109D4A4CD7740B10E] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrplk.lrc   [163840]
O44 - LFC:[MD5.2DA3250771D92E179F2E18302F814D19] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrptb.lrc   [163840]
O44 - LFC:[MD5.1BE70CA5CB61C51A9F802CE5EAB3B4AA] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrptg.lrc   [163840]
O44 - LFC:[MD5.D5A4C0CDD03855E21FFE0CC199573801] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrrus.lrc   [163840]
O44 - LFC:[MD5.497824DD94BE88D34E4B1E7FC5B4419D] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrsve.lrc   [159744]
O44 - LFC:[MD5.C2D188E3F9251090B0912581DB37C472] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrtha.lrc   [147456]
O44 - LFC:[MD5.310DD9CE721B7CEB1E95602B7729F604] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrtrk.lrc   [155648]
O44 - LFC:[MD5.05D1DFBDED09A8BB5CBE48578D5DB00C] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxress Module.) -- C:\WINDOWS\system32\igfxress.dll   [3276800]
O44 - LFC:[MD5.A94B905A382AE949433FC5EBA198CF99] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.dll   [43520]
O44 - LFC:[MD5.D069F97810C4F4F19F6683DF571C15E5] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe   [188416]
O44 - LFC:[MD5.16C70B5E04AA12FC9F12E23B98D4A3EC] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - igfxzoom Module.) -- C:\WINDOWS\system32\igfxzoom.exe   [106496]
O44 - LFC:[MD5.1C12649A3E8F818B5881D3EE29502F04] - 24/05/15 - 16:52:20 R--A- . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe   [94208]
O44 - LFC:[MD5.6C96979632FB45592D97F012073065DA] - 24/05/15 - 16:52:20 R--A- . (.Microsoft Corporation - Driver Install Frameworks for API library m.) -- C:\WINDOWS\system32\difx32.dll   [309760]
O44 - LFC:[MD5.A68949AEAC340D2C8D0167D498B4DB84] - 24/05/15 - 16:53:23 R---- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) -- C:\WINDOWS\RtlExUpd.dll   [499712]
O44 - LFC:[MD5.EC05E964058693D1F71D1B5506B5CF09] - 24/05/15 - 16:53:29 R---- . (.RealTek Semicoductor Corp. - RealTek AlcWzrd Application.) -- C:\WINDOWS\alcwzrd.exe   [2808832]
O44 - LFC:[MD5.C76445E155590D42F47EA86F9C2D7C2B] - 24/05/15 - 16:53:29 R---- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\system32\ALSndMgr.cpl   [299008]
O44 - LFC:[MD5.8B4CBBA1EA526830C7F97E7822E2493A] - 24/05/15 - 16:53:31 R---- . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\Alcmtr.exe   [69632]
O44 - LFC:[MD5.D3FB45B90F195FE86D9949A4B62CBBD6] - 24/05/15 - 16:53:35 R---- . (.Realtek Semiconductor Corp. - Realtek Audio Microphone Calibration.) -- C:\WINDOWS\MicCal.exe   [2157568]
O44 - LFC:[MD5.E0ADE8DDBD57F3953E569F8554744B37] - 24/05/15 - 16:53:37 R---- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe   [16062464]
O44 - LFC:[MD5.001AACA6ED0E6B00FC5B8FAF74977E81] - 24/05/15 - 16:53:51 R---- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\system32\Drivers\RtkHDAud.sys   [4405248]
O44 - LFC:[MD5.0EC019FE4712A63978112E6D8E36C9AE] - 24/05/15 - 16:53:54 R---- . (.Realtek Semiconductor Corp. - Realtek Audio Control Panel.) -- C:\WINDOWS\RTLCPL.exe   [9709568]
O44 - LFC:[MD5.B65820B8FA0A520205246E508D9CBADA] - 24/05/15 - 16:54:01 R---- . (.Realtek Semiconductor Corp. - Driver Update and remove for Windows x64 or.) -- C:\WINDOWS\RtlUpd.exe   [1191936]
O44 - LFC:[MD5.F64D1364B1332E8E5B9B96AFFC9EE118] - 24/05/15 - 16:54:01 R---- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\system32\RTSndMgr.cpl   [282624]
O44 - LFC:[MD5.C74B86642F131D76C0EDE673FDF137B2] - 24/05/15 - 16:54:03 R---- . (.Realtek Semiconductor Corp. - Realtek Voice  Manager.) -- C:\WINDOWS\SkyTel.exe   [2879488]
O44 - LFC:[MD5.0D034E8C4F88C5B2B0C1AF3CF438CC4F] - 24/05/15 - 16:54:05 R---- . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SoundMan.exe   [86016]
O44 - LFC:[MD5.D47DA486B24599C55BDE7A1FDFCC16BF] - 24/05/15 - 16:54:10 ---A- . (.Microsoft Corporation - Update RunOnce Service.) -- C:\WINDOWS\system32\spupdsvc.exe   [22752]
O44 - LFC:[MD5.CAE484C73CF805E6030C60E231631EA0] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\FaxSetup.log   [20941]
O44 - LFC:[MD5.FB180E8D8C2C30450099797FF5248C80] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\KB888111.log   [4488]
O44 - LFC:[MD5.C34365F8A6E0C912959797F8C345B778] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\comsetup.log   [17628]
O44 - LFC:[MD5.403BB4B6AD94D7055C92EC7D42ED4879] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\iis6.log   [1699]
O44 - LFC:[MD5.2EC9211083AABB6D7A81BDCFDFB7A3CF] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\imsins.log   [1374]
O44 - LFC:[MD5.0518839024FCE55EDE145E3310413FED] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\msgsocm.log   [1180]
O44 - LFC:[MD5.806D8E9DB722EC7446B6D9428CD61A91] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log   [8900]
O44 - LFC:[MD5.6A622D46A584635F8650C6E757D94CED] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\ocgen.log   [17601]
O44 - LFC:[MD5.F5D1683D776F3AC318B9AAB898694035] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\ocmsn.log   [1227]
O44 - LFC:[MD5.71E3E1B0568C9677E1CBFC211DDFF58A] - 24/05/15 - 16:54:17 ---A- . (...) -- C:\WINDOWS\tsoc.log   [10685]
O44 - LFC:[MD5.FF86422268DE771D571E123EB7092C6A] - 24/05/15 - 16:54:34 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Descrambler Filter.) -- C:\WINDOWS\system32\Drivers\drmk.sys   [60288]
O44 - LFC:[MD5.53012F8E822452D977240A15DC7BF9A2] - 24/05/15 - 16:54:34 ---A- . (.Microsoft Corporation - User CSA Library.) -- C:\WINDOWS\system32\ksuser.dll   [4096]
O44 - LFC:[MD5.8114CE39147EF96699CCCF6EB2371E06] - 24/05/15 - 16:54:34 ---A- . (.Microsoft Corporation - WDM Streaming ActiveMovie Proxy.) -- C:\WINDOWS\system32\ksproxy.ax   [130048]
O44 - LFC:[MD5.13E75FEF9DFEB08EEDED9D0246E1F448] - 24/05/15 - 16:54:41 ---A- . (.Microsoft Corporation - MS Proxy Clock.) -- C:\WINDOWS\system32\Drivers\MSPCLOCK.sys   [5376]
O44 - LFC:[MD5.AE431A8DD3C1D0D0610CDBAC16057AD0] - 24/05/15 - 16:54:42 ---A- . (.Microsoft Corporation - MS KS Server.) -- C:\WINDOWS\system32\Drivers\MSKSSRV.sys   [7552]
O44 - LFC:[MD5.1988A33FF19242576C3D0EF9CE785DA7] - 24/05/15 - 16:54:42 ---A- . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\WINDOWS\system32\Drivers\MSPQM.sys   [4992]
O44 - LFC:[MD5.650AD082D46BAC0E64C9C0E0928492FD] - 24/05/15 - 16:54:43 ---A- . (.Microsoft Corporation - System Audio WDM Filter.) -- C:\WINDOWS\system32\Drivers\sysaudio.sys   [60800]
O44 - LFC:[MD5.D93CAD07C5683DB066B0B2D2D3790EAD] - 24/05/15 - 16:54:44 ---A- . (.Microsoft Corporation - Kernel Mode Audio Mixer.) -- C:\WINDOWS\system32\Drivers\kmixer.sys   [171776]
O44 - LFC:[MD5.841F385C6CFAF66B58FBD898722BB4F0] - 24/05/15 - 16:54:44 ---A- . (.Microsoft Corporation - Microsoft Acoustic Echo Canceller.) -- C:\WINDOWS\system32\Drivers\aec.sys   [142464]
O44 - LFC:[MD5.1ED4DBBAE9F5D558DBBA4CC450E3EB2E] - 24/05/15 - 16:54:44 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Audio Descrambler Filt.) -- C:\WINDOWS\system32\Drivers\drmkaud.sys   [2944]
O44 - LFC:[MD5.94ABC808FC4B6D7D2BBF42B85E25BB4D] - 24/05/15 - 16:54:45 ---A- . (.Microsoft Corporation - Microsoft GS Wavetable Synthesizer.) -- C:\WINDOWS\system32\Drivers\swmidi.sys   [54272]
O44 - LFC:[MD5.A6F881284AC1150E37D9AE47FF601267] - 24/05/15 - 16:54:48 ---A- . (.Microsoft Corporation - Microsoft Kernel DLS Synthesizer.) -- C:\WINDOWS\system32\Drivers\DMusic.sys   [52864]
O44 - LFC:[MD5.2797F33EBF50466020C430EE4F037933] - 24/05/15 - 16:54:49 ---A- . (.Microsoft Corporation - MMSYSTEM Wave/Midi API mapper.) -- C:\WINDOWS\system32\Drivers\wdmaud.sys   [82944]
O44 - LFC:[MD5.8E186B8F23295D1E42C573B82B80D548] - 24/05/15 - 16:54:50 ---A- . (.Microsoft Corporation - Microsoft Kernel Audio Splitter.) -- C:\WINDOWS\system32\Drivers\splitter.sys   [6400]
O44 - LFC:[MD5.43C3571EADA5BC1EDEAD7CA22AD66F30] - 24/05/15 - 16:54:50 R---- . (...) -- C:\WINDOWS\system32\ChCfg.exe   [49152]
O44 - LFC:[MD5.77D2378D86A4070BB3AFCB28757D80A6] - 24/05/15 - 16:54:54 ---A- . (...) -- C:\RHDSetup.log   [501]
O44 - LFC:[MD5.85084277BC241C20901F2263FD951B84] - 24/05/15 - 16:54:54 ---A- . (...) -- C:\WINDOWS\audio.log   [206]
O44 - LFC:[MD5.03AEDB8817797455BCE2774448BA0251] - 24/05/15 - 16:54:55 ---A- . (...) -- C:\WINDOWS\Ascd_log.ini   [11510]
O44 - LFC:[MD5.6475BA6B557B6683B30A789D7AD9EE93] - 24/05/15 - 16:56:00 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxres.dll   [167936]
O44 - LFC:[MD5.6D0634CEBBFF7F428DD816706F5AA1FB] - 24/05/15 - 16:56:07 ---A- . (...) -- C:\WINDOWS\system32\BuzzingBee.wav   [146650]
O44 - LFC:[MD5.E2FA75ADE398C9A44815B11CC141105C] - 24/05/15 - 16:56:07 ---A- . (...) -- C:\WINDOWS\system32\LoopyMusic.wav   [940794]
O44 - LFC:[MD5.6238B322CEC1FB3B036F657C576AFCC4] - 24/05/15 - 16:56:31 ---A- . (...) -- C:\WINDOWS\atcl01setup.log   [180]
O44 - LFC:[MD5.4D689ED3049947F311330488E1C055C9] - 24/05/15 - 16:56:34 R--A- . (.Attansic Technology corporation. - Attansic L1 Gigabit Ethernet Controller ndi.) -- C:\WINDOWS\system32\Drivers\atl01_xp.sys   [35840]
O44 - LFC:[MD5.E55CC100B4A18F8A0A6CB853B99EECA0] - 24/05/15 - 16:56:38 ---A- . (...) -- C:\WINDOWS\LAN.log   [174]
O44 - LFC:[MD5.7AA99EC89AA2B368E38BC3F4CFC989DC] - 24/05/15 - 18:25:45 ---A- . (...) -- C:\WINDOWS\setupact.log   [205199]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 24/05/15 - 19:37:30 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx   [316640]
O44 - LFC:[MD5.181D24CF0DC1A14EDA74805D063C0B78] - 24/05/15 - 20:10:48 ---A- . (...) -- C:\WINDOWS\wmsetup.log   [16769]
O44 - LFC:[MD5.30E5C74DD4D2359FA50145065C3878F1] - 24/05/15 - 20:24:29 ---A- . (...) -- C:\WINDOWS\system32\FNTCACHE.DAT   [109400]
O44 - LFC:[MD5.F01B8409A11C319E3C5B9DD418676D2C] - 25/05/15 - 18:20:05 ---A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall NDIS Intermediate.) -- C:\WINDOWS\system32\Drivers\SbFwIm.sys   [65576]
O44 - LFC:[MD5.419883201CA9AD697CCFB8FC46DD6F78] - 25/05/15 - 18:20:05 R--A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) -- C:\WINDOWS\system32\Drivers\SbFw.sys   [270888]
O44 - LFC:[MD5.1D79ACE19F30E92AA69D08B404F17245] - 25/05/15 - 18:20:10 ---A- . (...) -- C:\WINDOWS\system32\sdkinst.log   [2136]
O44 - LFC:[MD5.A414E74D8EA0C3E446BF776667D16387] - 25/05/15 - 21:16:35 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerApp.exe   [778416]
O44 - LFC:[MD5.DE03D52A69F7F73B843C9B93AE034629] - 25/05/15 - 21:16:35 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl   [142512]
O44 - LFC:[MD5.E7AC910639AEC34DB93C7E9F7A655865] - 31/05/15 - 13:29:06 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl   [2278]
O44 - LFC:[MD5.45DD4CE5B7407D7D22D7F201B4F10CC1] - 31/05/15 - 13:29:11 ---A- . (...) -- C:\WINDOWS\setuplog.txt   [960762]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 31/05/15 - 13:51:23 ---A- . (...) -- C:\WINDOWS\system.ini   [227]
O44 - LFC:[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] - 31/05/15 - 13:51:23 ---A- . (...) -- C:\WINDOWS\win.ini   [477]
O44 - LFC:[MD5.D3BCEE679ED4285FFB025FC71C1F073B] - 31/05/15 - 13:51:23 -SH-- . (...) -- C:\boot.ini   [216]
~ Files: 413 Scanned in 00mn 10s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2015\avgnsx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2015\avgnsx.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2015\avgdiagex.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2015\avgdiagex.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2015\avgmfapx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2015\avgmfapx.exe
O47 - AAKE:Key Export SP - "C:\Program Files\AVG\AVG2015\avgemcx.exe" [Enabled] .(.AVG Technologies CZ, s.r.o..) -- C:\Program Files\AVG\AVG2015\avgemcx.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
~ Keys Export: 7 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll
~ LSA: 6 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ CSB: 21 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
~ TDSD: 12 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\CTFMON.EXE  [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds  [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray  [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\InCD  [Key] . (.Nero AG - InCD.) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck  [Key] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\Persistence  [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\SecurDisc  [Key] . (.Nero AG - NBH.) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
~ SMSR Keys: 10 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ MWPS: 5 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ MWPE Keys: 1 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:12/08/04 - 21:56:20 R--A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys   [5810]
O58 - SDL:10/10/06 - 06:33:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS   [10288]
O58 - SDL:30/10/06 - 22:10:06 R--A- . (.Attansic Technology corporation. - Attansic L1 Gigabit Ethernet Controller ndis miniport driver.) -- C:\WINDOWS\system32\Drivers\atl01_xp.sys   [35840]
O58 - SDL:11/03/15 - 11:13:46 ---A- . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) -- C:\WINDOWS\system32\Drivers\avgdiskx.sys   [132576]
O58 - SDL:27/04/15 - 12:19:26 ---A- . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver..) -- C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys   [211424]
O58 - SDL:07/05/15 - 12:52:06 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Driver.) -- C:\WINDOWS\system32\Drivers\avgidshx.sys   [191968]
O58 - SDL:14/05/15 - 12:49:12 ---A- . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Loader Driver.) -- C:\WINDOWS\system32\Drivers\avgidsshimx.sys   [29664]
O58 - SDL:15/04/15 - 12:05:06 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\WINDOWS\system32\Drivers\avgldx86.sys   [206816]
O58 - SDL:07/05/15 - 12:52:08 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) -- C:\WINDOWS\system32\Drivers\avglogx.sys   [290272]
O58 - SDL:07/05/15 - 12:52:04 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\WINDOWS\system32\Drivers\avgmfx86.sys   [166880]
O58 - SDL:20/03/15 - 11:18:22 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\WINDOWS\system32\Drivers\avgrkx86.sys   [35808]
O58 - SDL:04/05/15 - 13:15:06 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\WINDOWS\system32\Drivers\avgtdix.sys   [213984]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys   [262528]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\Drivers\cpqdap01.sys   [11776]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys   [800256]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys   [154496]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys   [5888]
O58 - SDL:23/08/01 - 12:19:04 ---A- . (.Conexant - Modem.) -- C:\WINDOWS\system32\Drivers\HCF_MSFT.sys   [908000]
O58 - SDL:07/01/05 - 16:07:18 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudbus.sys   [138752]
O58 - SDL:07/01/05 - 16:07:16 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys   [145920]
O58 - SDL:14/08/06 - 12:00:00 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\Drivers\igxpmp32.sys   [1109568]
O58 - SDL:12/02/07 - 11:14:42 ---A- . (.Nero AG - InCD File System Driver.) -- C:\WINDOWS\system32\Drivers\InCDfs.sys   [112384]
O58 - SDL:12/02/07 - 11:17:24 ---A- . (.Nero AG - Ahead RW Filter Driver.) -- C:\WINDOWS\system32\Drivers\InCDPass.sys   [31360]
O58 - SDL:12/02/07 - 11:14:52 ---A- . (.Nero AG - InCD File System Recognizer.) -- C:\WINDOWS\system32\Drivers\InCDrec.sys   [10624]
O58 - SDL:12/02/07 - 11:17:40 ---A- . (.Nero AG - Nero MRW Filter Driver.) -- C:\WINDOWS\system32\Drivers\InCDRm.sys   [33792]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\nikedrv.sys   [12032]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys   [17792]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\Drivers\rio8drv.sys   [12032]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\riodrv.sys   [12032]
O58 - SDL:20/12/06 - 11:00:00 R---- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\Drivers\RtkHDAud.sys   [4405248]
O58 - SDL:31/10/08 - 06:09:06 R--A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) -- C:\WINDOWS\system32\Drivers\SbFw.sys   [270888]
O58 - SDL:21/06/08 - 03:54:54 ---A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall NDIS Intermediate driver.) -- C:\WINDOWS\system32\Drivers\SbFwIm.sys   [65576]
O58 - SDL:21/06/08 - 03:54:54 R--A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall Host Intrusion Prevention Driver.) -- C:\WINDOWS\system32\Drivers\sbhips.sys   [66600]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys   [27440]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\Drivers\tsbvcap.sys   [21376]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys   [58112]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys   [27097]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys   [4912]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys   [42809]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys   [42537]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys   [27916]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys   [29146]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys   [29370]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys   [29274]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys   [29146]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys   [34000]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys   [34560]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys   [35648]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys   [35424]
O58 - SDL:02/03/06 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys   [34560]
~ Drivers: 51 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/06/15 - 17:04:30 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Jean-Claude\Bureau\ZHPDiag2.exe   [6880236]  =>.Nicolas Coolman
O61 - LFC: 01/06/15 - 17:04:30 ---A- . (.Oracle Corporation.) -- C:\Documents and Settings\Jean-Claude\Bureau\jre-7u80-windows-i586.exe   [29509544]
O61 - LFC: 02/06/15 - 17:04:30 ---A- . (...) -- C:\Documents and Settings\Jean-Claude\Bureau\AdwCleaner.exe   [2231296]
O61 - LFC: 02/06/15 - 17:04:30 ---A- . (...) -- C:\Documents and Settings\Jean-Claude\Mes documents\AdwCleaner.exe   [2231296]
O61 - LFC: 02/06/15 - 17:04:30 ---A- . (.Farbar.) -- C:\Documents and Settings\Jean-Claude\Bureau\FRST.exe   [1147392]
O61 - LFC: 02/06/15 - 17:04:30 ---A- . (.Farbar.) -- C:\Documents and Settings\Jean-Claude\Mes documents\FRST.exe   [1147392]
O61 - LFC: 26/05/15 - 17:04:30 ---A- . (...) -- C:\Documents and Settings\Jean-Claude\Bureau\delfix_1.010.exe   [781312]
O61 - LFC: 26/05/15 - 17:04:30 ---A- . (...) -- C:\Documents and Settings\Jean-Claude\Mes documents\delfix_1.010.exe   [781312]
~ 80 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 8 Scanned in 00mn 01s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 11/03/15 - C:\WINDOWS\system32\DRIVERS\avgdiskx.sys (Avgdiskx)  .(.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - LEGACY_AVGDISKX
O64 - Services: CurCS - 27/04/15 - C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys (AVGIDSDriverl)  .(.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - LEGACY_AVGIDSDRIVERL
O64 - Services: CurCS - 07/05/15 - C:\WINDOWS\system32\DRIVERS\avgidshx.sys (AVGIDSHX)  .(.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHX
O64 - Services: CurCS - 14/05/15 - C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys (AVGIDSShim)  .(.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Loader.) - LEGACY_AVGIDSSHIM
O64 - Services: CurCS - 15/04/15 - C:\WINDOWS\system32\DRIVERS\avgldx86.sys (Avgldx86)  .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX86
O64 - Services: CurCS - 07/05/15 - C:\WINDOWS\system32\DRIVERS\avglogx.sys (Avglogx)  .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGX
O64 - Services: CurCS - 07/05/15 - C:\WINDOWS\system32\DRIVERS\avgmfx86.sys (Avgmfx86)  .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX86
O64 - Services: CurCS - 20/03/15 - C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (Avgrkx86)  .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX86
O64 - Services: CurCS - 04/05/15 - C:\WINDOWS\system32\DRIVERS\avgtdix.sys (Avgtdix)  .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIX
O64 - Services: CurCS - 18/05/15 - C:\Program Files\AVG\AVG2015\avgwdsvc.exe (avgwd)  .(.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - LEGACY_AVGWD
O64 - Services: CurCS - 12/02/07 - C:\WINDOWS\system32\drivers\InCDFs.sys (InCDfs)  .(.Nero AG - InCD File System Driver.) - LEGACY_INCDFS
O64 - Services: CurCS - 02/06/15 - C:\Program Files\Java\jre7\bin\jqs.exe (JavaQuickStarterService)  .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 31/10/08 - C:\WINDOWS\system32\drivers\SbFw.sys (SbFw)  .(.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) - LEGACY_SBFW
O64 - Services: CurCS - 21/06/08 - C:\WINDOWS\system32\drivers\sbhips.sys (sbhips)  .(.Sunbelt Software, Inc. - Sunbelt Personal Firewall Host Intrusion Pr.) - LEGACY_SBHIPS
O64 - Services: CurCS - 31/10/08 - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe (SPF4)  .(.Sunbelt Software, Inc. - Sunbelt Firewall Service.) - LEGACY_SPF4
~ Legacy: 112 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (...) -- C:\WINDOWS\system32\appmgmts.dll   [0]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll   [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll   [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll   [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll   [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll   [111616]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll   [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll   [243200]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll   [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll   [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll   [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll   [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll   [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll   [247808]  =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll   [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll   [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll   [174080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll   [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll   [193024]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll   [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll   [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll   [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll   [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll   [246272]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll   [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll   [177664]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll   [359936]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll   [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll   [81408]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll   [129536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll   [382464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll   [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll   [38912]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll   [25088]
~ Services: 37 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D56605A4F5CE2DBEBA1540304827B394] [SPRF][02/06/15] (.Pas de propriétaire - AdwCleaner.) -- C:\Documents and Settings\Jean-Claude\Bureau\AdwCleaner.exe   [2231296]
[MD5.3F47FD31780598559932A5E03BD398E9] [SPRF][25/05/15] (.AVG Technologies - AVG Setup Self-Extractor based on 7-Zip.) -- C:\Documents and Settings\Jean-Claude\Bureau\avg_free_x86_all_2015_ltst_222.exe   [174924496]
[MD5.A61A24E28CE5E961941D61C1D342AC39] [SPRF][11/06/14] (.Piriform Ltd - CCleaner Installer.) -- C:\Documents and Settings\Jean-Claude\Bureau\ccsetup414.exe   [4748896]
[MD5.E0C27AAD0A97444BB001C0F2B976A6EA] [SPRF][26/05/15] (.Pas de propriétaire - Aut2Exe.) -- C:\Documents and Settings\Jean-Claude\Bureau\delfix_1.010.exe   [781312]
[MD5.133F7B376B27929169D60B5E4509C5E9] [SPRF][29/01/14] (.Mozilla - Firefox.) -- C:\Documents and Settings\Jean-Claude\Bureau\Firefox Setup 26.0.exe   [24182536]
[MD5.9092FCB541457C31C5DC433D72353146] [SPRF][07/04/15] (...) -- C:\Documents and Settings\Jean-Claude\Bureau\Firefox Setup 35.0.1.exe   [40014424]
[MD5.1B353E4B6C6725528156B8B535A7A053] [SPRF][02/06/15] (.Farbar - Farbar Recovery Scan Tool.) -- C:\Documents and Settings\Jean-Claude\Bureau\FRST.exe   [1147392]
[MD5.C36196754C2B8A996B932AA6E8CDD047] [SPRF][25/05/15] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 17.0 r0.) -- C:\Documents and Settings\Jean-Claude\Bureau\install_flash_player_17_plugin.exe   [18169520]
[MD5.2EFC9F32E4267782B11D63D2F128A363] [SPRF][23/02/15] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Documents and Settings\Jean-Claude\Bureau\jre-7u75-windows-i586.exe   [29469096]
[MD5.F2FD417B6D5C7FFC501C7632CC811C3E] [SPRF][01/06/15] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Documents and Settings\Jean-Claude\Bureau\jre-7u80-windows-i586.exe   [29509544]
[MD5.65F849C58624569A4207DDCD2599F632] [SPRF][12/11/14] (.Sunbelt Software - Setup Launcher.) -- C:\Documents and Settings\Jean-Claude\Bureau\sunbelt-personal-firewall-ex-kerio_sunbelt_personal_firewall_ex_kerio_4.6.1861_francais_11071.exe   [6000608]
[MD5.395E3D8335D1D36BA30026C9B53D71D4] [SPRF][01/06/15] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Documents and Settings\Jean-Claude\Bureau\ZHPDiag2.exe   [6880236]
~ Files: 12 Scanned in 00mn 07s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 18/05/15 3438544 |  (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2015\avgidsagent.exe
SS - | Demand 02/03/06 225280 |  (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Disabled 12/02/07 924160 |  (InCDsrv) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
SS - | Disabled 23/01/15 114800 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 05/01/07 774144 |  (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Disabled 23/12/06 262144 |  (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
SS - | Disabled 31/10/08 95528 |  (SbPF.Launcher) . (.Sunbelt Software, Inc..) - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
SR - | Auto 18/05/15 311792 |  (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
SR - | Auto 02/06/15 182696 |  (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 31/10/08 1365288 |  (SPF4) . (.Sunbelt Software, Inc..) - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
~ Services:  Scanned in 00mn 10s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Jean-Claude at 02/06/15 17:05:44
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 
1 ntkrnlpa!IofCallDriver[0x804EEEB8] >> \Device\Harddisk0\DR0[0x89D89AB8]
3 CLASSPNP[0xBA0E905B] >> ntkrnlpa!IofCallDriver[0x804EEEB8] >> \Device\00000068[0x89D8B948]
5 ACPI[0xB9F7E620] >> ntkrnlpa!IofCallDriver[0x804EEEB8] >> \Device\Ide\IdeDeviceP2T0L0-16[0x89DCE940]
kernel: MBR read successfully
user & kernel MBR OK 
malicious code @ sector 0x12a14c00 size 0x1e8 !
copy of MBR has been found in sector 62 !
~ MBR: 15 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Jean-Claude at 02/06/15 17:05:47
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/15)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

~ Additionnel Scan: 117489 Items scanned in 00mn 18s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/  =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/  =>.Image File Execution Options (IFEO) (O50)
~ AMI: 5 Scanned in 00mn 00s



End of the scan (1307 lines in 02mn 18s)(0.4)