Aller au contenu

carooo.a

Membres
  • Compteur de contenus

    51
  • Inscription

  • Dernière visite

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Sexe
    Female

carooo.a's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. Parfait tout à l'air donc ok rien ne semble à signaler sur cbslog. J'attends bien pour Hosts. pour les programmes que tu m'as fait télécharger du coup je les garde ou les supprime? encore merci!
  2. 2)Cela n'a pas fonctionné... Microsoft Windows [version 6.1.7601] Copyright © 2009 Microsoft Corporation. Tous droits réservés. C:\windows\system32>findstr /c:"[sR]" %windir%\Logs\CBS\CBS.log > %userprofile%\ Desktop\sfcdetails.txt FINDSTR : Impossible d'ouvrir Vancouver\Desktop\sfcdetails.txt C:\windows\system32> dernière question: une fois que tout sera finis et que je saurai pour Host que fais je de: - Malwarebytes -SFTGC -mBAM
  3. Pour host du coup j'attends ou je ne le fais pas du tout... ?
  4. je viens de faire delfix. je finis tout et complete ce sujet. encore merci!! j'ai peut-être encore 2 ou 3 questions avant de le fermer. je te tiens au courant dans les 48h.
  5. Pas de soucis j'attendrai je viens d'installer sur firefox les 2 extensions que tu me recomendais ainsi que Wot. Je continue
  6. Hello, j'ai voulu installer hosts mais le lien semble obsolète. Je n'ose plus trop aller fouiller sur le web après tout ce que j'ai lu sur les PUP merci d'avance.
  7. Hello, J'ai réinitialisé mon navigateur. Je vais lire toutes tes recommandations sur les pubs itempestives et Delfixe. en attendant voici 2 minis bugs que je peux constater depuis un certains temps en plus des pubs itempestives: Lenteur... même si j'essaye de le garder le plus vide possible, mon presse papier qui ne fonctionne pas! je m'en suis rendue compte lorsque j'essayais de l'utiliser avec les rapports des scans ou sur ci-joint.com. autre chose bizzard: lorsque je fais une recherche google... en historique ou en suggestions genre il apparait des mots/phrases en arabes ou hindie je ne sais pas trop c'est vraiment bizzard.
  8. Voici le rapport SFTGC http://cjoint.com/?DErrtILg0WL
  9. Hello, voici le contenu du rapport ZHPFixReport.txt : Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014 Fichier d'export Registre : Run by Nanuq Vancouver at 17/05/2014 16:51:04 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée (00mn 30s) Dossier Prefetcher vidé Réparation des raccourcis navigateur ========== Clés du Registre ========== SUPPRIMÉ: HKCU\Software\Conduit SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS Branche de Base de Registres IFEO non infectée ! ========== Valeurs du Registre ========== SUPPRIMÉ RunValue: Akamai NetSession Interface SUPPRIMÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} SUPPRIMÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP SUPPRIMÉ: FirewallRaz (Public) : {568478EF-A249-4A20-AF5D-DF277F4A5360} SUPPRIMÉ: FirewallRaz (Public) : {7B2D8D61-A425-458B-871A-51FB97566605} SUPPRIMÉ: FirewallRaz (Public) : {DD3979D6-BB84-4EE7-9746-0603F2DBA93D} SUPPRIMÉ: FirewallRaz (Public) : {67F1350A-D201-487F-BA90-E7BB92512936} SUPPRIMÉ: FirewallRaz (Public) : {863BFA6A-3F67-4C2C-971C-69BC2B5E28F8} SUPPRIMÉ: FirewallRaz (Public) : {AA76E863-8652-4386-9858-C590A01A733B} SUPPRIMÉ: FirewallRaz (Public) : {655854E3-AC68-4A86-833A-8DA8B2057ECB} SUPPRIMÉ: FirewallRaz (Public) : {CDBEFB1B-1798-4EE3-AF15-76548E548344} SUPPRIMÉ: FirewallRaz (Public) : {8951BF7F-D79B-4B77-A260-036CC78A50B1} SUPPRIMÉ: FirewallRaz (Public) : {26CDD79C-AD70-422F-A8CB-83E5760E8D7E} SUPPRIMÉ: FirewallRaz (Public) : {EA523E4C-30CA-46FC-B3BB-EBAD0242380A} SUPPRIMÉ: FirewallRaz (Public) : {BAEB3AA2-BC9B-4C1E-B34A-018510F59BAD} SUPPRIMÉ: FirewallRaz (Public) : {EFE17E2A-CBCF-414D-A52B-802778F81047} SUPPRIMÉ: FirewallRaz (Public) : {5B3DE19F-717C-4965-A588-A98F80FECA6E} SUPPRIMÉ: FirewallRaz (Public) : {6F65B6D6-923E-4479-BA05-98B1E44DA519} SUPPRIMÉ: FirewallRaz (Public) : {0878BADE-4C30-45EA-BE14-855749C146BE} SUPPRIMÉ: FirewallRaz (Private) : {1BCDA62F-4010-4738-ABFE-7589467915AB} SUPPRIMÉ: FirewallRaz (Private) : {99378913-7F0B-4161-9D7C-C5D770191ABB} SUPPRIMÉ: FirewallRaz (Private) : {A7891990-C93B-4D3A-B00A-7BC5AAD2F13B} SUPPRIMÉ: FirewallRaz (Private) : {180D41BA-47AC-4D53-B7E1-9EE6823BB18D} SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{3B46C5B4-9453-46E1-BA53-CF51CB3D131A}C:\users\nanuq vancouver\appdata\local\akamai\netsession_win.exe SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{14E292FF-AC11-4A20-B0FF-DA6BF75D2B61}C:\users\nanuq vancouver\appdata\local\akamai\netsession_win.exe SUPPRIMÉ: FirewallRaz (Private) : {12B6A80B-753C-4B90-96FC-45EF5323F9CA} SUPPRIMÉ: FirewallRaz (Private) : {F89E3E5F-C8C2-43CE-8501-87D44E65FAC4} SUPPRIMÉ: FirewallRaz (Public) : {ADB2998C-8B13-4FE8-B20C-9259E6B55441} SUPPRIMÉ: FirewallRaz (Public) : {05F65712-67F6-4AC3-B08D-853633E7CCC1} SUPPRIMÉ: FirewallRaz (Public) : {DACB47A1-D00F-48C1-9237-34EE6646F62D} SUPPRIMÉ: FirewallRaz (Public) : {623CD345-17AA-4A58-8C14-F32228C750F8} SUPPRIMÉ: FirewallRaz (Public) : {833CFAF6-06C4-4981-9C9E-FE485C0CD85B} SUPPRIMÉ: FirewallRaz (Public) : {065C4486-7DCB-48AF-ACDA-6DE03E73E733} SUPPRIMÉ: FirewallRaz (Private) : {4493C5CF-2559-4F2A-AC61-CFAB7E074C5A} SUPPRIMÉ: FirewallRaz (Private) : {8B9BA36F-0C10-4995-8CD7-D5BA5C2FDE6B} ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Flash Cookies (0) SUPPRIMÉS Temporaires Windows (1266) ========== Fichiers ========== SUPPRIMÉ: c:\windows\ie11_main.log SUPPRIMÉ: c:\users\nanuq vancouver\appdata\local\temp\{8675e723-2086-4099-8c51-8843bfda78e8}\installflashplayer.exe SUPPRIMÉS Flash Cookies (0) (0 octets) SUPPRIMÉS Temporaires Windows (318) (268 896 793 octets) ========== Fichier HOSTS ========== Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus. ========== Tache planifiée ========== SUPPRIMÉ: {367AC493-6FCD-4D49-B2F8-007D0C78C9FD} ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 6 : Clés du Registre 49 : Valeurs du Registre 3 : Dossiers 4 : Fichiers 1 : Fichier HOSTS 1 : Tache planifiée 1 : Restauration Système End of clean in 02mn 30s ========== Chemin de fichier rapport ========== C:\Users\Nanuq Vancouver\AppData\Roaming\ZHP\ZHPFix[R1].txt - 17/05/2014 16:51:37 [5159]
  10. 5) - Le rapport ZhpDiag.txt: ~ Rapport de ZHPDiag v2014.5.16.65 - Nicolas Coolman (16/05/2014) ~ Lancé par Nanuq Vancouver (17/05/2014 11:10:10) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Blog d'analyse software : http://nicolascoolman.byethost7.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17107 MFIE: Mozilla Firefox 29.0.1 (Defaut) GCIE: Google Chrome v34.0.1847.137 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ---\\ Logiciels de protection du système AVG 2014 v14.0.3950 Malwarebytes Anti-Malware version 2.0.1.1004 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 13 Plugin Adobe Reader 9.5.4 - Français Java 7 Update 55 ---\\ Informations sur le système ~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 2662 MB (39% free) System Restore: Activé (Enable) System drive C: has 196 GB (73%) free of 268 GB ---\\ Mode de connexion au système ~ Computer Name: NANUQVANCOUVER ~ User Name: Nanuq Vancouver ~ All Users Names: Nanuq Vancouver, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Nanuq Vancouver\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Nanuq Vancouver\AppData\Roaming\ ~ %Desktop% : C:\Users\Nanuq Vancouver\Desktop\ ~ %Favorites% : C:\Users\Nanuq Vancouver\Favorites\ ~ %LocalAppData% : C:\Users\Nanuq Vancouver\AppData\Local\ ~ %StartMenu% : C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 196 Go of 268 Go) D: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 44 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/05/2014 - 18:39:37.) -- C:\Windows\System32\wininet.dll [2260480] [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/78 ~ Mes musiques (My Musics) : 3/355 ~ Mes Videos (My Videos) : 2/6 ~ Mes Favoris (My Favorites) : 1/40 ~ Mes Documents (My Documents) : 2/257 ~ Mon Bureau (My Desktop) : 1/557 ~ Menu demarrer (Programs) : 1/30 ~ Hidden Files: Scanned in 00mn 05s ---\\ Processus lancés [MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [PID.1096] [MD5.321E5E66302AF3D9AD2B5B1C0C660B25] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20924544] [PID.2996] [MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.exe [228552] [PID.2896] [MD5.3CB07566302BCEEB898DE270A0BEC175] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352] [PID.2544] [MD5.A74532DB2CB7AE9BCD5C38A4AF2BF3BE] - (.TOSHIBA - Hotkey Utility.) -- C:\Program Files (x86)\Toshiba\TOSHIBA Applet\THotkey.exe [389120] [PID.3636] [MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432] [PID.3732] [MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2980] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3640] [MD5.86E69581356CA45167EA6986B6E29087] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304560] [PID.4996] [MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848] [PID.5216] [MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3912] [MD5.28B02EA673489A4EFBB20A9B302D523C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3232] [MD5.317235FAE521626B9EBED5F47A9ED75A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7876096] [PID.5752] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Nanuq Vancouver\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé) ---\\ Liste des dossiers d'extension Google Chrome G2 - EXT: C:\Users\Nanuq Vancouver\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet] ~ Google Lines Browser: 11 Scanned in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 3.13.2.11592.) -- C:\Users\Nanuq Vancouver\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.23.) -- C:\Users\Nanuq Vancouver\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll ~ Firefox Browser: 6 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17041 (winblue_gdr.140305-1710)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 18 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll ~ BHO: 5 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\QuickLaunch [Nanuq Vancouver]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus ~ Global Startup: 1 Scanned in 00mn 05s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [smartAudio] . (.Pas de propriétaire - SAIICpl MFC Application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.) O4 - HKLM\..\Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.) O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.) O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.) O4 - HKLM\..\Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.) O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe =>.Toshiba Corporation O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.) O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.) O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\Nanuq Vancouver\AppData\Local\Akamai\netsession_win.exe (.not file.) O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation O4 - HKCU\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.Toshiba Corporation O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [THotkey] . (.TOSHIBA - Hotkey Utility.) -- C:\Program Files (x86)\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [Akamai NetSession Interface] C:\Users\Nanuq Vancouver\AppData\Local\Akamai\netsession_win.exe (.not file.) O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.) O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.) O9 - Extra button: Ajouter à TOSHIBA Bulletin Board [64Bits] - {97F922BD-8563-4184-87EE-8C4ACA438823} . (...) -- C:\Program Files\TOSHIBA\BulletinBoard\images\pin.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{30124F62-15AD-41B0-B251-82811634BED4}: DhcpNameServer = 64.71.255.205 64.71.255.253 O17 - HKLM\System\CCS\Services\Tcpip\..\{7538E5A0-56E8-429A-930B-41CAE8ACACC9}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{30124F62-15AD-41B0-B251-82811634BED4}: DhcpNameServer = 64.71.255.205 64.71.255.253 O17 - HKLM\System\CS1\Services\Tcpip\..\{7538E5A0-56E8-429A-930B-41CAE8ACACC9}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{30124F62-15AD-41B0-B251-82811634BED4}: DhcpNameServer = 64.71.255.205 64.71.255.253 O17 - HKLM\System\CS2\Services\Tcpip\..\{7538E5A0-56E8-429A-930B-41CAE8ACACC9}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Pare-feu AVG (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) . (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) - C:\Program Files (x86)\Toshiba\TOSHIBA Applet\TAPPSRV.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe ~ Services: 13 Scanned in 00mn 15s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sdnclean64.exe) - File not found ~ BEX: 2 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.7C7E868E1D8096ED08D80FF7712BB9D8] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257712] [MD5.86E69581356CA45167EA6986B6E29087] [APT] [ConfigFree Startup Programs] (.TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304560] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core] (.Google Inc..) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA] (.Google Inc..) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [MD5.00000000000000000000000000000000] [APT] [{367AC493-6FCD-4D49-B2F8-007D0C78C9FD}] (...) -- C:\Users\Nanuq Vancouver\Downloads\ImageResizerPowertoySetup.exe (.not file.) [0] [MD5.0DA891CB0703D912CEAFA072F54D002B] [APT] [{6CE6406E-2865-44CE-815D-5D8AD091EC50}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [275568] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1082] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1082] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1086] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1086] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core.job [1066] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core [1066] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA.job [1118] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA [1118] ~ Scheduled Task: 15 Scanned in 00mn 13s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 10 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (Avgdiska) . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - C:\Windows\System32\DRIVERS\avgdiska.sys O41 - Driver: (Avgfwfd) . (.AVG Technologies CZ, s.r.o. - AVG Filter Driver.) - C:\Windows\System32\DRIVERS\avgfwd6a.sys O41 - Driver: (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - C:\Windows\System32\DRIVERS\avgidsdrivera.sys O41 - Driver: (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys O41 - Driver: (Avgtdia) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdia.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 75 Scanned in 00mn 12s ---\\ Logiciels installés (O42) O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {EA90572A-D706-112F-F821-D49F337B9A7B} O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- AVG O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {854E96CC-266C-4873-A50F-CDF5367EE848} O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {BC06BAEB-6D52-4D69-82EB-56CF1594C6A7} O42 - Logiciel: Adobe Flash Player 13 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Illustrator CS Tryout - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {85CC6638-C827-40E8-94C7-110A77E7812B} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Reader 9.5.4 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A95000000001} O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe SVG Viewer O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {AAC5D43E-816D-4C2D-8E51-55FFF35BE301} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {787136D2-F0F8-4625-AA3F-72D7795AC842} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: BS.Player FREE - (.AB Team, d.o.o..) [HKLM][64Bits] -- BSPlayerf O42 - Logiciel: Bigasoft Audio Converter 3.6.27.4553 - (.Bigasoft Corporation.) [HKLM][64Bits] -- {E6333CE4-9DC0-455C-9D43-E011CE33F5FA}_is1 O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {FB90923E-F94F-4343-A084-F0AB39305C8B} O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA O42 - Logiciel: ETDWare PS/2-X64 8.0.8.0_R01 - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {D952C4F9-2488-3723-84BE-1BFA907DCAC9} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Java 7 Update 55 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217055FF} O42 - Logiciel: Light Image Resizer 4.3.2.2 - (.ObviousIdea.) [HKLM][64Bits] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1 O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.1.1004 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C303EE0-A595-3543-A71A-931C7AC40EDE} O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0.1 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {111EE7DF-FC45-40C7-98A7-753AC46B12FB} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16} O42 - Logiciel: Skype™ 6.14 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C2A276E3-154E-44DC-AAF1-FFDD7FD30E35} O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{229C190B-7690-40B7-8680-42530179F3E9} O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {229C190B-7690-40B7-8680-42530179F3E9} O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {80F696E0-AB85-433E-99E3-8CC6D98CF167} O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F} O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F} O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38} O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38} O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {8E9CEA3B-EBD1-439C-A01D-830CB39613C6} O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22} O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C} O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {24811C12-F4A9-4D0F-8494-A7B8FE46123C} O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {073B89C3-BA88-41B5-965F-B35A88EAE838} O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E} O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02} O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6F3C8901-EBD3-470D-87F8-AC210F6E5E02} O42 - Logiciel: Visual Studio 2008 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F} O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484} O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} O42 - Logiciel: WMV9/VC-1 Video Playback - (.ATI Technologies Inc..) [HKLM][64Bits] -- {07717286-5B65-DB40-FC03-4C5DD8B8DB20} O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {B8BA155B-1E75-405F-9CB4-8A99615D09DC} ~ Logic: 47 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AC3Filter] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Avg] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Avg] [HKCU\Software\Azureus] =>P2P.Azureus [HKCU\Software\BST] [HKCU\Software\Bigasoft] [HKCU\Software\Brother] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\EasyBits] [HKCU\Software\Elantech] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LowRegistry] [HKCU\Software\Macromedia] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Norton] [HKCU\Software\ODBC] [HKCU\Software\ObviousIdea] [HKCU\Software\PDFCreator] [HKCU\Software\Policies] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Skype] [HKCU\Software\TOSHIBA] [HKCU\Software\Trolltech] [HKCU\Software\VCW] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\ej-technologies] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cnxt_Uiu_Parms] [HKLM\Software\Conexant] [HKLM\Software\Cyberlink] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\Huawei technologies] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Sonic] [HKLM\Software\Toshiba] [HKLM\Software\UIU] [HKLM\Software\Wow6432Node\AMD] [HKLM\Software\Wow6432Node\ATI Technologies] [HKLM\Software\Wow6432Node\ATI] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Atheros Communications Inc.] [HKLM\Software\Wow6432Node\Avg Secure Update] [HKLM\Software\Wow6432Node\Avg] [HKLM\Software\Wow6432Node\AviSynth] [HKLM\Software\Wow6432Node\Azureus] =>P2P.Azureus [HKLM\Software\Wow6432Node\Bigasoft] [HKLM\Software\Wow6432Node\Bunndle] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\Huawei technologies] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Insyde] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Kodak] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\MimarSinan] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\ObviousIdea] [HKLM\Software\Wow6432Node\PDFCreator] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Preview Systems] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\RtWLan] [HKLM\Software\Wow6432Node\Safer Networking Limited] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\TOSHIBA CORPORATION] [HKLM\Software\Wow6432Node\TOSHIBA] [HKLM\Software\Wow6432Node\Webteh] [HKLM\Software\Wow6432Node\WinRAR] [HKLM\Software\Wow6432Node\Windows] [HKLM\Software\Wow6432Node\ej-technologies] [HKLM\Software\Wow6432Node\illiminable] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] ~ Key Software: 236 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 25/07/2012 - 01:07:20 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 02/08/2011 - 21:07:48 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 15/04/2011 - 05:12:08 - [] ----D C:\Program Files (x86)\ATI Technologies O43 - CFD: 06/10/2013 - 17:48:31 - [] ----D C:\Program Files (x86)\AVG O43 - CFD: 09/03/2012 - 02:49:02 - [] ----D C:\Program Files (x86)\AviSynth 2.5 O43 - CFD: 10/07/2012 - 02:31:40 - [] ----D C:\Program Files (x86)\Bigasoft O43 - CFD: 12/10/2011 - 14:34:38 - [] ----D C:\Program Files (x86)\Bonjour O43 - CFD: 17/05/2014 - 09:43:03 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 09/03/2012 - 03:41:44 - [0] ----D C:\Program Files (x86)\eRightSoft O43 - CFD: 11/12/2013 - 14:23:24 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 25/07/2012 - 01:07:17 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 02/05/2014 - 19:54:46 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 02/05/2014 - 18:52:32 - [] ----D C:\Program Files (x86)\iTunes O43 - CFD: 02/05/2014 - 17:03:58 - [] ----D C:\Program Files (x86)\Java O43 - CFD: 04/05/2014 - 18:19:20 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 17/05/2011 - 18:04:43 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 14/04/2011 - 19:55:46 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 14/04/2011 - 20:08:17 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 13/11/2013 - 03:35:38 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 18/04/2011 - 17:04:23 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 04/05/2014 - 11:34:36 - [] ----D C:\Program Files (x86)\Movie Maker 2.6 O43 - CFD: 11/05/2014 - 20:44:38 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 12/05/2014 - 12:03:49 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 08/06/2011 - 02:42:36 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 02/12/2012 - 05:05:07 - [] ----D C:\Program Files (x86)\ObviousIdea O43 - CFD: 02/05/2011 - 21:11:06 - [] ----D C:\Program Files (x86)\PDFCreator O43 - CFD: 02/05/2014 - 18:59:52 - [] ----D C:\Program Files (x86)\QuickTime O43 - CFD: 15/04/2011 - 05:21:46 - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 15/04/2011 - 05:23:54 - [] ----D C:\Program Files (x86)\Realtek WLAN Driver O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 02/05/2014 - 17:02:00 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 05/05/2014 - 11:23:32 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2 O43 - CFD: 27/11/2012 - 15:32:35 - [] ----D C:\Program Files (x86)\SugarSync O43 - CFD: 03/07/2012 - 05:12:43 - [] ----D C:\Program Files (x86)\Toshiba O43 - CFD: 02/05/2014 - 13:47:38 - [] ----D C:\Program Files (x86)\TOSHIBA Games O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 19/02/2012 - 23:01:28 - [] ----D C:\Program Files (x86)\Webteh O43 - CFD: 19/07/2013 - 02:08:18 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 13/06/2011 - 18:52:06 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 18/12/2013 - 00:31:26 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 13/06/2011 - 18:52:05 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 13/06/2011 - 18:52:05 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 13/06/2011 - 18:52:06 - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 08/06/2011 - 20:54:41 - [] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 17/05/2014 - 11:09:57 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 25/07/2012 - 01:09:11 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 25/07/2012 - 00:51:03 - [] ----D C:\Program Files (x86)\Common Files\Akamai O43 - CFD: 02/05/2014 - 18:50:36 - [] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 15/04/2011 - 05:12:20 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 17/05/2014 - 09:43:03 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 15/04/2011 - 05:27:52 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 02/05/2014 - 21:12:17 - [] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 02/05/2014 - 17:47:08 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 02/05/2014 - 16:00:04 - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 17/05/2011 - 18:03:48 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 03/12/2011 - 17:40:41 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 25/07/2012 - 01:09:31 - [] ----D C:\Program Files (x86)\Common Files\Vbox O43 - CFD: 15/04/2011 - 05:35:38 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 02/05/2014 - 18:52:35 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 04/05/2013 - 15:18:10 - [] ----D C:\ProgramData\Adobe O43 - CFD: 02/05/2014 - 18:41:53 - [] ----D C:\ProgramData\Apple O43 - CFD: 05/05/2011 - 00:05:23 - [] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 15/04/2011 - 05:13:35 - [] ----D C:\ProgramData\ATI O43 - CFD: 13/11/2013 - 03:15:25 - [] ----D C:\ProgramData\AVG2014 O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 22/06/2013 - 23:43:48 - [] --H-D C:\ProgramData\CanonBJ O43 - CFD: 17/05/2011 - 18:29:46 - [] --H-D C:\ProgramData\Common Files O43 - CFD: 11/12/2013 - 06:08:18 - [] ----D C:\ProgramData\DatacardService O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 11/12/2013 - 06:06:14 - [] ----D C:\ProgramData\Google O43 - CFD: 20/12/2011 - 03:39:12 - [] ----D C:\ProgramData\LGMOBILEAX O43 - CFD: 04/05/2014 - 18:19:15 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 17/05/2014 - 11:08:59 - [] ----D C:\ProgramData\MFAData O43 - CFD: 05/05/2014 - 11:21:20 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 17/05/2014 - 09:49:42 - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 13/11/2013 - 03:34:39 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 25/04/2012 - 02:52:49 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 17/05/2011 - 18:35:19 - [] ----D C:\ProgramData\Norton O43 - CFD: 17/05/2011 - 18:03:14 - [] ----D C:\ProgramData\NortonInstaller O43 - CFD: 02/05/2014 - 21:12:28 - [0] ----D C:\ProgramData\Oracle O43 - CFD: 02/05/2014 - 16:00:27 - [] ----D C:\ProgramData\Skype O43 - CFD: 28/06/2011 - 17:34:43 - [] ----D C:\ProgramData\Skype Extras O43 - CFD: 05/05/2014 - 10:46:46 - [] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 19/11/2010 - 01:33:22 - [] ----D C:\ProgramData\Sun O43 - CFD: 11/12/2013 - 05:59:29 - [0] ----D C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 15/04/2011 - 05:33:34 - [] ----D C:\ProgramData\Toshiba O43 - CFD: 02/05/2014 - 13:46:19 - [] ----D C:\ProgramData\WildTangent O43 - CFD: 08/06/2011 - 20:53:58 - [0] ----D C:\ProgramData\WinZip O43 - CFD: 05/05/2011 - 00:06:06 - [] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} O43 - CFD: 04/09/2012 - 15:33:58 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Adobe O43 - CFD: 30/12/2011 - 22:29:00 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Apple Computer O43 - CFD: 14/04/2011 - 19:23:32 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\ATI O43 - CFD: 06/10/2013 - 17:47:33 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\AVG2014 O43 - CFD: 03/05/2014 - 18:28:02 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Azureus =>P2P.Azureus O43 - CFD: 05/05/2011 - 17:40:35 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Brother O43 - CFD: 04/03/2012 - 04:24:45 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\BSplayer O43 - CFD: 19/02/2012 - 23:01:29 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\BSplayer Pro O43 - CFD: 24/07/2012 - 02:10:28 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 14/04/2011 - 20:08:19 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Google O43 - CFD: 14/04/2011 - 19:22:39 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Identities O43 - CFD: 14/04/2011 - 21:55:30 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - 17:35:05 - [0] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Media Center Programs O43 - CFD: 07/10/2013 - 04:26:52 - [] -S--D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft O43 - CFD: 06/02/2013 - 03:47:06 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Mozilla O43 - CFD: 11/03/2013 - 02:59:53 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\ObviousIdea O43 - CFD: 17/05/2014 - 11:06:05 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Skype O43 - CFD: 04/07/2011 - 17:37:50 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\skypePM O43 - CFD: 21/04/2011 - 03:44:45 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Toshiba O43 - CFD: 05/10/2012 - 03:34:52 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\TuneUp Software O43 - CFD: 14/04/2011 - 19:23:17 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\WinBatch O43 - CFD: 05/05/2011 - 00:51:24 - [0] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Windows Live Writer O43 - CFD: 08/06/2011 - 20:55:38 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\WinRAR O43 - CFD: 17/05/2014 - 11:11:19 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 24/07/2012 - 02:09:02 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Adobe O43 - CFD: 03/09/2013 - 22:29:58 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Apple O43 - CFD: 22/02/2012 - 02:27:49 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Apple Computer O43 - CFD: 14/04/2011 - 19:16:20 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\Application Data O43 - CFD: 14/04/2011 - 19:23:32 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\ATI O43 - CFD: 13/11/2013 - 02:56:52 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Avg2014 O43 - CFD: 13/12/2013 - 02:20:12 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\CrashDumps O43 - CFD: 08/08/2013 - 23:50:15 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Diagnostics O43 - CFD: 17/05/2014 - 10:17:34 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\EmieSiteList O43 - CFD: 17/05/2014 - 10:17:34 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\EmieUserList O43 - CFD: 11/12/2013 - 06:06:15 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Google O43 - CFD: 14/04/2011 - 19:16:20 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\Historique O43 - CFD: 12/06/2012 - 02:37:13 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Macromedia O43 - CFD: 05/10/2012 - 02:06:03 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\MFAData O43 - CFD: 04/05/2014 - 11:50:29 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Microsoft O43 - CFD: 12/08/2011 - 23:01:42 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Microsoft Help O43 - CFD: 15/10/2013 - 01:10:03 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Mozilla O43 - CFD: 04/04/2013 - 03:33:05 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Programs O43 - CFD: 02/05/2014 - 16:00:51 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Skype O43 - CFD: 17/05/2014 - 11:09:19 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Temp O43 - CFD: 14/04/2011 - 19:16:20 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\Temporary Internet Files O43 - CFD: 14/04/2011 - 19:22:13 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Toshiba O43 - CFD: 15/04/2011 - 03:21:35 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\TOSHIBA_Corporation O43 - CFD: 09/10/2012 - 20:22:43 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\VirtualStore O43 - CFD: 02/05/2014 - 17:48:11 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Windows Live O43 - CFD: 05/05/2011 - 00:51:50 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Windows Live Writer O43 - CFD: 10/05/2014 - 12:41:54 - [0] ----D C:\Users\Nanuq Vancouver\AppData\Local\WMTools Downloaded Files O43 - CFD: 14/07/2009 - 06:54:32 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/05/2014 - 10:05:43 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 10/07/2012 - 02:31:46 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft O43 - CFD: 19/02/2012 - 23:04:22 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BS.Player O43 - CFD: 14/07/2009 - 06:49:38 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 17/05/2014 - 10:05:43 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ~ Program Folder: 158 Scanned in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.AFCA5C1ECEAF948FC815178BC077680E] - 02/05/2014 - 13:07:01 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1424384] O44 - LFC:[MD5.2C619F6023E3F7A3ABF3475ED2223359] - 02/05/2014 - 13:15:04 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [624128] O44 - LFC:[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 02/05/2014 - 13:15:10 ---A- . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\Drivers\ntfs.sys [1684928] O44 - LFC:[MD5.3555BA97171CD153118F73FDCCC8BFDE] - 02/05/2014 - 13:15:12 ---A- . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Drivers\netio.sys [376768] O44 - LFC:[MD5.E918C0DE5CF2AE6BEDBF387C09627D93] - 02/05/2014 - 13:15:14 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3156480] O44 - LFC:[MD5.1075AB2C077B415760C0E948856B5126] - 02/05/2014 - 13:15:16 ---A- . (.Microsoft Corporation - DLL du rapport d’erreurs Windows.) -- C:\Windows\System32\wer.dll [484864] O44 - LFC:[MD5.CD2C20CC3B385A32701F78C0ACBBE9F3] - 02/05/2014 - 13:15:16 ---A- . (.Microsoft Corporation - XML Resources.) -- C:\Windows\System32\msxml3r.dll [2048] O44 - LFC:[MD5.0D298133C359AB8CB9EB4FA178BF3947] - 02/05/2014 - 13:15:17 ---A- . (.Microsoft Corporation - MSXML 3.0 SP11.) -- C:\Windows\System32\msxml3.dll [1882112] O44 - LFC:[MD5.8D1196CFBB223621F2C67D45710F25BA] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys [343040] O44 - LFC:[MD5.18A85013A3E0F7E1755365D287443965] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [53248] O44 - LFC:[MD5.765A92D428A8DB88B960DA5A8D6089DC] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys [25600] O44 - LFC:[MD5.12FEB33791920678F8433701C822BCFD] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\Drivers\usbport.sys [325120] O44 - LFC:[MD5.DD253AFC3BC6CBA412342DE60C3647F3] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [30720] O44 - LFC:[MD5.DCA68B0943D6FA415F0C56C92158A83A] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys [99840] O44 - LFC:[MD5.FFA06EF43987ED0DD42AD59B260C0C78] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [7808] O44 - LFC:[MD5.EA093130471090037BB70A4AF86FAD1B] - 02/05/2014 - 13:15:21 ---A- . (...) -- C:\Windows\System32\locale.nls [420008] O44 - LFC:[MD5.0F090A77E664CB0F70AB8D3B230B760C] - 02/05/2014 - 13:15:24 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll [13312] O44 - LFC:[MD5.74959C718FF4594369645F35B7DF19C4] - 02/05/2014 - 13:15:24 ---A- . (.Microsoft Corporation - Émulation 16 bits sur NT64.) -- C:\Windows\System32\ntvdm64.dll [16384] O44 - LFC:[MD5.2A107B611C91CD256466C58C0D776E9D] - 02/05/2014 - 13:15:25 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [243712] O44 - LFC:[MD5.7434E01FBCA3CB86539C39412A31D5E1] - 02/05/2014 - 13:15:25 ---A- . (.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\Windows\System32\wow64win.dll [362496] O44 - LFC:[MD5.D2A513EE880D71BDE7F0257F38B9D019] - 02/05/2014 - 13:15:26 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll [1163264] O44 - LFC:[MD5.B3222734D80013D2C73841B0C549FA63] - 02/05/2014 - 13:15:34 ---A- . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\Drivers\Diskdump.sys [27584] O44 - LFC:[MD5.1F34470A484B001CC95B66CFE4753960] - 02/05/2014 - 13:15:34 ---A- . (.Microsoft Corporation - DLL de journalisation des E/S.) -- C:\Windows\System32\iologmsg.dll [2048] O44 - LFC:[MD5.A3F0BC5897F9D3786A3CB695B163633A] - 02/05/2014 - 13:15:34 ---A- . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys [190912] O44 - LFC:[MD5.96BB922A0981BC7432C8CF52B5410FE6] - 02/05/2014 - 13:15:35 ---A- . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\Drivers\msiscsi.sys [274880] O44 - LFC:[MD5.C6AC2C91541D24F9E236A670C0CA793D] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Client Gestion des droits Windows.) -- C:\Windows\System32\msdrm.dll [528384] O44 - LFC:[MD5.399FC1B75790EE606A6FD9F2FB4C891C] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Desktop Security.) -- C:\Windows\System32\secproc.dll [488448] O44 - LFC:[MD5.5693212AB2EBCACBBE05EC3A642113E2] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Desktop Security.) -- C:\Windows\System32\secproc_isv.dll [485888] O44 - LFC:[MD5.03F8F411F118CFDA508E77C747BB05EA] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_ssp.exe [553984] O44 - LFC:[MD5.B41B1FEDEBBD955B4E25676B42087885] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Services Server S.) -- C:\Windows\System32\secproc_ssp.dll [123392] O44 - LFC:[MD5.DC6DD779F35BB42E2E76FDFEC565C251] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Services Server S.) -- C:\Windows\System32\secproc_ssp_isv.dll [123392] O44 - LFC:[MD5.1B3741488AA7E237961A29D1E7A44C0A] - 02/05/2014 - 13:15:43 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate.exe [626176] O44 - LFC:[MD5.17CF3B3F68272BD40C878D4DBAB0EBC9] - 02/05/2014 - 13:15:43 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_isv.exe [658432] O44 - LFC:[MD5.297926B15AE5390409F1007EB28A8EFB] - 02/05/2014 - 13:15:43 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_ssp_isv.exe [552960] O44 - LFC:[MD5.C676E5EA388AF7C4C031F56F9B42E362] - 02/05/2014 - 13:16:04 ---A- . (.Microsoft Corporation - Bibliothèque Microsoft D2D.) -- C:\Windows\System32\d2d1.dll [3928064] O44 - LFC:[MD5.E8710B5DDA963E6BA198DF5FB209E72A] - 02/05/2014 - 13:16:05 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [2565120] O44 - LFC:[MD5.04F82965C09CBDF646B487E145060301] - 02/05/2014 - 13:16:07 ---A- . (.Microsoft Corporation - Service de configuration automatique WWAN.) -- C:\Windows\System32\wwansvc.dll [228864] O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 02/05/2014 - 13:31:16 ---A- . (...) -- C:\Windows\win.ini [478] O44 - LFC:[MD5.35E1B12C91540C65D1223EE96070367D] - 02/05/2014 - 14:54:21 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [416944] O44 - LFC:[MD5.9870EC900829595D191BB03C6C48B479] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [83968] O44 - LFC:[MD5.915D8A9E112C97C90C654F792B6B28B9] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640] O44 - LFC:[MD5.ADA5C3D49A12CED9F07913DC00E547A8] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - IE plugin image decoder support DLL.) -- C:\Windows\System32\imgutil.dll [48128] O44 - LFC:[MD5.BB6DEAFAC5F0AAEC37FEAF3F3AA48347] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [774144] O44 - LFC:[MD5.1FCBE949A67939ADEAE7279E423AA684] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll [135680] O44 - LFC:[MD5.95828D670CFD3B16EE188168E083C3C5] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft®.) -- C:\Windows\System32\mshta.exe [13824] O44 - LFC:[MD5.72116CC377FF4281B0132C397026D911] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096] O44 - LFC:[MD5.A3A132CBE48AF0324466469F2CAAE8A2] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [111616] O44 - LFC:[MD5.E70D4270C43CE6C46841B684315B9EFF] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - IE PNG plugin image decoder.) -- C:\Windows\System32\pngfilt.dll [62464] O44 - LFC:[MD5.FD61D51199F3FC9EB0023FBF405EAAD0] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - Object Control Viewer.) -- C:\Windows\System32\occache.dll [147968] O44 - LFC:[MD5.1BF215FF4DF6DE10D2F81A2CE85157D2] - 02/05/2014 - 18:39:26 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [139264] O44 - LFC:[MD5.75AD355828187145A60E3DC7BAF7B0F3] - 02/05/2014 - 18:39:27 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [628736] O44 - LFC:[MD5.FFF555C177D9F2B79B5C3146BED09FB1] - 02/05/2014 - 18:39:27 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [548352] O44 - LFC:[MD5.1EA6500C25A80E8BDB65099C509AF993] - 02/05/2014 - 18:39:28 ---A- . (.Microsoft Corporation - Auto-extracteur de fichier CAB Win32.) -- C:\Windows\System32\wextract.exe [143872] O44 - LFC:[MD5.5BBDBE5EBB49EA7C76A2EE7490A45D68] - 02/05/2014 - 18:39:28 ---A- . (.Microsoft Corporation - Moteur d'installation.) -- C:\Windows\System32\inseng.dll [101376] O44 - LFC:[MD5.46FD16F9B1924A2EA8CD5C6716CC654F] - 02/05/2014 - 18:39:28 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\System32\iexpress.exe [167424] O44 - LFC:[MD5.F00AE7B953ABEF1B53FBBA187DFC8238] - 02/05/2014 - 18:39:29 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll [243200] O44 - LFC:[MD5.9675B272086CF5D22B83B541FAA8D4EA] - 02/05/2014 - 18:39:29 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de licences Microsoft®.) -- C:\Windows\System32\licmgr10.dll [30208] O44 - LFC:[MD5.1654093C8BD3342997D27B71684ACCE8] - 02/05/2014 - 18:39:29 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2043904] O44 - LFC:[MD5.C92173481A58935BE15172079CF122B8] - 02/05/2014 - 18:39:30 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [235520] O44 - LFC:[MD5.EE10AB99A480875E012CA339EC48F02B] - 02/05/2014 - 18:39:30 ---A- . (.Microsoft Corporation - Microsoft ® HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1228800] O44 - LFC:[MD5.77FBE2E014EFB93FD037FA33AB8C7D6E] - 02/05/2014 - 18:39:30 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [263376] O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 02/05/2014 - 18:39:31 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284] O44 - LFC:[MD5.A3F9A9E46BDDBB8B20B7CF3EEDB990F2] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66048] O44 - LFC:[MD5.0A9D5716CB1F3AFA73703F39647BB8C2] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - Microsoft Information Card IE Helper.) -- C:\Windows\System32\icardie.dll [81408] O44 - LFC:[MD5.D6067F7EE060C5D6D79008AD591B4E3B] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [33792] O44 - LFC:[MD5.3F498856C68725717195C16568FE19D0] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [586240] O44 - LFC:[MD5.3A4FD19F13F8809BA08E9F76C0E38832] - 02/05/2014 - 18:39:32 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [413696] O44 - LFC:[MD5.C17139EAF939964142C7A1AEEE02DC81] - 02/05/2014 - 18:39:32 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter Data File.) -- C:\Windows\System32\ieapfltr.dat [616104] O44 - LFC:[MD5.EBAD8A4D048ED257E4A45F6356541F86] - 02/05/2014 - 18:39:32 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [846336] O44 - LFC:[MD5.964C89BC8A52A260D68C90FDDEB862E2] - 02/05/2014 - 18:39:34 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [38400] O44 - LFC:[MD5.CE8831D2DCB5803A4CBC8EDCCBBC2A05] - 02/05/2014 - 18:39:34 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx [77312] O44 - LFC:[MD5.2405D24AA28CCC4CC7E0CC0AE008746F] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - DLL de ressource du composant d'édition HTM.) -- C:\Windows\System32\mshtmler.dll [48640] O44 - LFC:[MD5.0FBEBD36FEFFEE5AF25FDAEE5E35EE99] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [105984] O44 - LFC:[MD5.BF25489459C7A762DD7B3186C7E3984D] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [5784064] O44 - LFC:[MD5.3F547245C78F4847B73EDDFD4A2F7E12] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [752640] O44 - LFC:[MD5.7446786E7092ABE122D372F95E6ED74B] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [574976] O44 - LFC:[MD5.A14BB2F5F6457738AAA11367F5172A05] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [13551104] O44 - LFC:[MD5.5141B67F14E2B6CBB6ADF851ABE364A5] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Sets the date that IE was installed.) -- C:\Windows\System32\SetIEInstalledDate.exe [90112] O44 - LFC:[MD5.D31AE751B6DACAFD0D7CC99EAE9606C2] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\System32\IEAdvpack.dll [131072] O44 - LFC:[MD5.E7161E2C66FF9B1E87C30FC9D2497ABB] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [195584] O44 - LFC:[MD5.E4A6577D74B2439974C8018AB5F1BFEA] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [13312] O44 - LFC:[MD5.038ABC9BCC86DFF9E181D44E43E2CEBA] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll [52224] O44 - LFC:[MD5.F220BA78AB542C70211D73AE4729B2CD] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2260480] O44 - LFC:[MD5.32417AE8280276968E5C551ED85D3525] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1400832] O44 - LFC:[MD5.CB57E934280D346AE0A9B053DAA284C5] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [51200] O44 - LFC:[MD5.2EBD0C5B090125AECF017C57344C45AB] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Microsoft Line Services library file.) -- C:\Windows\System32\msls31.dll [247808] O44 - LFC:[MD5.1F8534A19A66275C863DE17645CB2A13] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2767360] O44 - LFC:[MD5.4399857346DD183683332921500046B1] - 02/05/2014 - 18:39:38 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe [86016] O44 - LFC:[MD5.6F1AF8E1206E92256459E3012C20472A] - 02/05/2014 - 18:39:38 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\jsIntl.dll [942592] O44 - LFC:[MD5.8F7FBD0177F79727CF945ABDA657A0AC] - 02/05/2014 - 18:39:51 ---A- . (.Microsoft Corporation - ELS Hyphenation Service.) -- C:\Windows\System32\elshyph.dll [235008] O44 - LFC:[MD5.2D01F001F8E45924E57B7BB77CF96BC2] - 02/05/2014 - 18:52:06 ---A- . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\Windows\System32\IEUDINIT.EXE [28368] O44 - LFC:[MD5.6E3B5A0461AA3D411B92AFDC740445D2] - 02/05/2014 - 18:52:12 ---A- . (...) -- C:\Windows\IE11_main.log [45558] O44 - LFC:[MD5.88E61DABC5F22841937A9A3B9BD0FABE] - 04/05/2014 - 10:44:39 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.FD5465B876D55534117963FAAA4B9DFC] - 04/05/2014 - 17:19:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.4A1356200B82B852E137B687F03E8054] - 04/05/2014 - 17:19:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [88280] O44 - LFC:[MD5.C49915271600CFC2305FAA4271D0002F] - 04/05/2014 - 17:19:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63192] O44 - LFC:[MD5.A920E1336F9FEA95477763E2CC15891B] - 06/05/2014 - 04:00:47 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [84992] O44 - LFC:[MD5.A45BFDCFD5864F658289A165E6E0227F] - 06/05/2014 - 05:17:53 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864] O44 - LFC:[MD5.797E2E5C309AFF76990D5B7AF457EACA] - 06/05/2014 - 05:40:42 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [23544320] O44 - LFC:[MD5.710FD0E362A1A5C087DB90C1BAC46411] - 06/05/2014 - 12:28:51 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [940032] O44 - LFC:[MD5.485FB1F3792FF7B5D5EBB99AB870E588] - 09/05/2014 - 07:11:23 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [424448] O44 - LFC:[MD5.4A795989DF0043973711B666D36D2678] - 09/05/2014 - 07:14:03 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [477184] O44 - LFC:[MD5.3C9E10D0B809E4ED6E6A6338F3DCA6E4] - 09/05/2014 - 21:03:36 ---A- . (...) -- C:\Windows\PFRO.log [619100] O44 - LFC:[MD5.82A72E99AA1CF0B04D3B9843CBA3AEC1] - 16/05/2014 - 20:56:48 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [22016] O44 - LFC:[MD5.8098627D0AA1706D69C5AF3F74332ABB] - 16/05/2014 - 20:56:48 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [29184] O44 - LFC:[MD5.39312B37C5FE5138F99680A49ACD3AEA] - 16/05/2014 - 20:56:48 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [28160] O44 - LFC:[MD5.4959DE74643CBC4B83E5BC99486A4FC9] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - DLL capiprovider.) -- C:\Windows\System32\capiprovider.dll [53760] O44 - LFC:[MD5.BDA8B14AFE99A0C52BFEA64C5AC62171] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - DLL du fournisseur DPAPI.) -- C:\Windows\System32\dpapiprovider.dll [52736] O44 - LFC:[MD5.9A3C6D8593F29A9F66744A3D4E6309B2] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - DLL du fournisseur d’informations d’identif.) -- C:\Windows\System32\wincredprovider.dll [39936] O44 - LFC:[MD5.353009DEDF918B2A51414F330CF72DEC] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [95680] O44 - LFC:[MD5.204F3F58212B3E422C90BD9691A2DF28] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [31232] O44 - LFC:[MD5.C072064F95579C0D6D86AF5B3DC53192] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [136192] O44 - LFC:[MD5.692E9886B2A475684F7E3294BF66E97D] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - DLL adprovider.) -- C:\Windows\System32\adprovider.dll [56832] O44 - LFC:[MD5.9D942180B5B6CE1C882B9CC54EA1F275] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - DLL du fournisseur cng.) -- C:\Windows\System32\cngprovider.dll [57344] O44 - LFC:[MD5.CF13522172342AD8196B329C15D68E23] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - DLL du fournisseur du service de gestion d’.) -- C:\Windows\System32\dimsroam.dll [44544] O44 - LFC:[MD5.1C2D8E18AA8FD50CD04C15CC27F7F5AB] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [155072] O44 - LFC:[MD5.481F70241D4EA038BB02590A30F15A23] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [340992] O44 - LFC:[MD5.851BB346CD59D9B3BC8854384C7DD5C3] - 16/05/2014 - 20:56:51 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [424960] O44 - LFC:[MD5.26AF184300C0868D854D5A3092234E24] - 16/05/2014 - 20:56:51 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [210944] O44 - LFC:[MD5.B6D8C1202DACA028AD94BDA2795CBBE9] - 16/05/2014 - 20:56:51 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [86528] O44 - LFC:[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\winlogon.exe [455168] O44 - LFC:[MD5.89EF1CE0CE43AB8F55247D746739A321] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - Dialogue du Sélecteur d’objet.) -- C:\Windows\System32\objsel.dll [722944] O44 - LFC:[MD5.E2A483E796D5FC7E447725FD01D98FA0] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [314880] O44 - LFC:[MD5.6B47CF5C27865DDF6680E4D834FBE34F] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [5550016] O44 - LFC:[MD5.B19C8390A1D641B9AC4490D4828A7B5E] - 16/05/2014 - 20:56:55 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [728064] O44 - LFC:[MD5.9358149234A4F3FE00CF5C2096DC1652] - 16/05/2014 - 20:56:57 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1460736] O44 - LFC:[MD5.427015D56DF17241F634611557146C57] - 16/05/2014 - 21:00:56 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll [14175744] O44 - LFC:[MD5.AB4A6DF750EBCAEAC12E1E7BF72BBCA2] - 17/05/2014 - 08:36:15 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [93223848] O44 - LFC:[MD5.6140163BFE9D8F2DFDBA088ED5521C13] - 17/05/2014 - 09:19:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512] O44 - LFC:[MD5.2BC5E29B4CC59AD90CBB3AC6CB0EDFEE] - 17/05/2014 - 10:04:34 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.1FD3B7F48FC7C5380026EF5FC1B8CC24] - 17/05/2014 - 10:04:38 ---A- . (...) -- C:\Windows\setupact.log [43115] O44 - LFC:[MD5.BA87D1171BF4FCBAE30FD7CB8B2B29CE] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [6444] O44 - LFC:[MD5.6A83E09BB3BADE2637BC477A6F18270C] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfc009.dat [1344416] O44 - LFC:[MD5.165600E11E349F3D5A50B440F9474EA3] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [1548104] O44 - LFC:[MD5.705BB04C4955557B989E70CA3FF5E438] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfh009.dat [1933516] O44 - LFC:[MD5.90F27B83DB5B16AF47BF1FBA9619B6F8] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [4901098] O44 - LFC:[MD5.CF022D2C32B96B77731B7A78A2BEE784] - 17/05/2014 - 10:10:32 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1168962] ~ Files: 139 Scanned in 00mn 40s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.1931AC9FA157114C6FD7693A2F26AB30] - 03/05/2014 - 14:09:13 ---A- - C:\Windows\Prefetch\AZUREUS.EXE-997C5496.pf =>P2P.Azureus ~ Prefetcher: 1 Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll ~ LSA: 8 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{ab11be50-00b8-11e3-b56b-00266cb4e253}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{e77dddcc-fea0-11e2-8097-00266cb4e253}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) O51 - MPSK:{e77dddd6-fea0-11e2-8097-00266cb4e253}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440] O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904] O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128] O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856] O58 - SDL:10/11/2010 - 03:34:04 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [8013312] O58 - SDL:10/11/2010 - 02:18:54 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [287232] O58 - SDL:27/03/2014 - 21:14:24 ---A- . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) -- C:\Windows\System32\Drivers\avgdiska.sys [153368] O58 - SDL:26/09/2013 - 09:44:54 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Filter Driver.) -- C:\Windows\System32\Drivers\avgfwd6a.sys [57144] O58 - SDL:18/04/2014 - 14:01:30 ---A- . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver..) -- C:\Windows\System32\Drivers\avgidsdrivera.sys [237336] O58 - SDL:27/03/2014 - 21:14:26 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Driver.) -- C:\Windows\System32\Drivers\avgidsha.sys [192792] O58 - SDL:27/03/2014 - 21:07:10 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\Windows\System32\Drivers\avgldx64.sys [236824] O58 - SDL:27/03/2014 - 21:05:02 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) -- C:\Windows\System32\Drivers\avgloga.sys [324376] O58 - SDL:31/03/2014 - 15:06:26 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\Windows\System32\Drivers\avgmfx64.sys [130840] O58 - SDL:27/03/2014 - 21:03:16 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\Windows\System32\Drivers\avgrkx64.sys [32536] O58 - SDL:31/03/2014 - 15:20:54 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\Windows\System32\Drivers\avgtdia.sys [274200] O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480] O58 - SDL:21/10/2010 - 19:37:46 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys [1306240] O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488] O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:11/11/2010 - 17:58:54 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [137512] O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016] O58 - SDL:07/07/2009 - 14:51:42 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\Windows\System32\Drivers\FwLnk.sys [9216] O58 - SDL:21/08/2012 - 12:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240] O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112] O58 - SDL:28/07/2010 - 23:25:10 ---A- . (.Initio Corporation - Initio Default Vendor Specific Device Driver.) -- C:\Windows\System32\Drivers\ivusb.sys [29720] O58 - SDL:27/09/2010 - 20:24:42 ---A- . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x64.sys [76912] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:03/04/2014 - 08:50:58 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:03/04/2014 - 08:51:04 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [88280] O58 - SDL:17/05/2014 - 09:19:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736] O58 - SDL:03/04/2014 - 08:51:16 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63192] O58 - SDL:10/05/2011 - 16:06:14 ---A- . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\Drivers\netaapl64.sys [22528] O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264] O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352] O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272] O58 - SDL:22/06/2009 - 22:06:38 ---A- . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\Drivers\PGEffect.sys [35008] O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816] O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592] O58 - SDL:31/03/2010 - 16:10:18 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\Drivers\rtl8187B.sys [450048] O58 - SDL:01/04/2010 - 19:01:10 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8187Se.sys [442368] O58 - SDL:23/07/2010 - 14:43:52 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192ce.sys [1088616] O58 - SDL:02/07/2010 - 14:14:00 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192se.sys [1111144] O58 - SDL:08/04/2010 - 15:07:58 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl819xp.sys [612352] O58 - SDL:08/10/2010 - 16:49:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys [243712] O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584] O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:31/07/2009 - 01:22:04 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys [27784] O58 - SDL:14/07/2009 - 20:31:18 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [26840] O58 - SDL:13/12/2012 - 18:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872] ~ Drivers: 73 Scanned in 00mn 10s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 17/05/2014 - 11:13:14 ---A- . (.Adobe Systems Incorporated.) -- C:\Users\Nanuq Vancouver\AppData\Local\Temp\{8675E723-2086-4099-8C51-8843BFDA78E8}\InstallFlashPlayer.exe [17938608] ~ 322 Fichiers temporaires (Temporary files) ~ 92 Fichiers cookies (Cookies files) ~ Files: 1 Scanned in 00mn 59s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 10/11/2010 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgdiska.sys (Avgdiska) .(.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - LEGACY_AVGDISKA O64 - Services: CurCS - 26/09/2013 - C:\Windows\System32\DRIVERS\avgfwd6a.sys (Avgfwfd) .(.AVG Technologies CZ, s.r.o. - AVG Filter Driver.) - LEGACY_AVGFWFD O64 - Services: CurCS - 18/04/2014 - C:\Windows\System32\DRIVERS\avgidsdrivera.sys (AVGIDSDriver) .(.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - LEGACY_AVGIDSDRIVER O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgidsha.sys (AVGIDSHA) .(.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHA O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgldx64.sys (Avgldx64) .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX64 O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgloga.sys (Avgloga) .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGA O64 - Services: CurCS - 31/03/2014 - C:\Windows\System32\DRIVERS\avgmfx64.sys (Avgmfx64) .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX64 O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgrkx64.sys (Avgrkx64) .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX64 O64 - Services: CurCS - 31/03/2014 - C:\Windows\System32\DRIVERS\avgtdia.sys (Avgtdia) .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIA O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV ~ Legacy: 87 Scanned in 00mn 01s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 00mn 01s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.51C9589DFC3D276C350D3D95B758FCAC] [sPRF][14/04/2011] (...) -- C:\ProgramData\ezsidmv.dat [56] ~ Files: 1 Scanned in 00mn 00s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Azureus_RASAPI32 =>P2P.Azureus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Azureus_RASMANCS =>P2P.Azureus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASAPI32 =>P2P.Azureus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASMANCS =>P2P.Azureus ~ BTK: 317 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 02/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 14/04/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 14/04/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 11/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/11/2010 203776 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 03/04/2014 1473280 | (avgfws) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe SR - | Auto 18/04/2014 3645456 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe SR - | Auto 27/03/2014 291912 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe SR - | Auto 31/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 28/01/2010 249200 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe SR - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 12/03/2010 34816 | (TAPPSRV) . (.TOSHIBA Corp..) - C:\Program Files (x86)\Toshiba\TOSHIBA Applet\TAPPSRV.exe SR - | Demand 01/07/2010 51576 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\windows\system32\TODDSrv.exe SR - | Auto 28/09/2010 489384 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe SR - | Demand 05/02/2010 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 23s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Nanuq Vancouver at 17/05/2014 11:14:59 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Nanuq Vancouver at 17/05/2014 11:15:01 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13045 - (16/05/2014) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 3 C:\Users\Nanuq Vancouver\AppData\Roaming\Azureus =>P2P.Azureus^ [HKCU\Software\Azureus] =>P2P.Azureus^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKLM\Software\Wow6432Node\Azureus] =>P2P.Azureus^ ~ Additionnel Scan: 293742 Items scanned in 01mn 14s ---\\ Récapitulatif des détections trouvées sur votre station ~ MSI: 1 link(s) detected in 00mn 00s End of the scan (1290 lines in 06mn 13s)(0)
  11. Rebonjour! voilà tout a fonctionné. 3) Malwarebytes - examen personnalisé sur mes 2 disques durs externes: journal d'examen Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 17/05/2014 Heure de l'examen: 02:58:55 Fichier journal: Administrateur: Oui Version: 2.00.1.1004 Base de données Malveillants: v2014.05.16.15 Base de données Rootkits: v2014.03.27.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Chameleon: Désactivé(e) Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Nanuq Vancouver Type d'examen: Examen "Personnalisé" Résultat: Terminé Objets analysés: 297396 Temps écoulé: 4 h, 57 min, 34 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Shuriken: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 0 (No malicious items detected) Valeurs du Registre: 0 (No malicious items detected) Données du Registre: 0 (No malicious items detected) Dossiers: 0 (No malicious items detected) Fichiers: 0 (No malicious items detected) Secteurs physiques: 0 (No malicious items detected) (end) Journal de protection Malwarebytes Anti-Malware www.malwarebytes.org Update, 16/05/2014 21:59:46, SYSTEM, NANUQVANCOUVER, Manual, Malware Database, 2014.5.6.3, 2014.5.16.15, (end) 4) - Fait 5)Nouveau rapport Zhpdiag - à venir
  12. Et voilà je suis de retour et vais faire les scans nécessaires ce soir! merci de ta patience.
  13. Hello, un rapide message pour te prévenir que je dois m'absenter jusqu'à dimanche soir.... je ne pourrai reprendre mes manipulations qu'à ce moment la... désolé pour ce petit retard et à dimanche ou lundi
  14. 4) J'ai réinitialisé Firefox et Chrome (pas en mode sans échec)
×
×
  • Créer...