[Résolu] Je sens que j'ai un virus... je le sens

[carooo.a]

Oups ok pas de soucis je vais juste cliquer sur Uninstall alors puis relancer mbam car ne trouve rien de la parti Teatimer ni vaccination malheureusement.

 

Je ferai ensuite la manipulation 4) et 5) de ton message initial.

 

C'est parti!!

 

Merci

[carooo.a]

Petite précision... je l'ai relancé mais en mode normal car ne sais pas comment le lancer en mode sans échec... veux tu m'expliquer? merci

[pear]

Pour démarrer en mode sans échec , au redémarrage on tapote la touche F8.

Si cela ne fonctionne pas( car cela varie avec certains bios) essayez F5 ou F11 ou F10

Description des options de démarrage sans échec
Mode sans échec (SAFEBOOT_OPTION=Minimal) : Cette option utilise un ensemble de pilotes de périphérique et de services minimum pour démarrer Windows.
Mode sans échec avec prise en charge réseau (SAFEBOOT_OPTION=Network) : Cette option utilise un ensemble de pilotes de périphérique et de services minimum pour démarrer Windows, ainsi que les pilotes dont vous avez besoin pour charger la gestion du réseau.
Invite de commandes en mode sans échec (SAFEBOOT_OPTION=Minimal(AlternateShell)) : Cette option est identique à la première (mode sans échec), sauf que c'est Cmd.exe qui démarre à la place de l'Explorateur Windows.
Démarrage en mode VGA : Cette option démarre Windows dans le mode 640 x 480, en utilisant le pilote vidéo actuel (pas Vga.sys).
Ce mode est utile lorsque l'affichage est configuré sur un paramétrage que le moniteur ne peut pas afficher.

Modifié le 5 mai 2014 par pear

[carooo.a]

3) Journal d'examen de l'analyse (qui a finalement fonctionné ) - j'ai dû enlever mes 2 disques durs externes par contre car j'ai l'impression que cela n'aidait pas... aussi - impossible de démarrer mon ordinateur en mode sans echec. Peut-être que je peux faire le même examen pour les 2 disques durs à part?

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 06/05/2014
Heure de l'examen: 09:08:13
Fichier journal:
Administrateur: Oui

Version: 2.00.1.1004
Base de données Malveillants: v2014.05.05.04
Base de données Rootkits: v2014.03.27.01
Licence: Gratuite
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Chameleon: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Nanuq Vancouver

Type d'examen: Examen "Personnalisé"
Résultat: Terminé
Objets analysés: 421211
Temps écoulé: 10 h, 36 min, 13 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Activé(e)
Shuriken: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Clés du Registre: 0
(No malicious items detected)

Valeurs du Registre: 0
(No malicious items detected)

Données du Registre: 0
(No malicious items detected)

Dossiers: 2
PUP.Optional.Conduit.A, C:\Users\Nanuq Vancouver\AppData\Local\Temp\CT3128284, Mis en quarantaine, [ce327b854ab6cb3512872c3c3bc7f40c],
PUP.Optional.Conduit.A, C:\Users\Nanuq Vancouver\AppData\Local\Temp\CT3319415, Mis en quarantaine, [7888cc349d633bc5d7c29fc908facb35],

Fichiers: 10
PUP.Optional.Conduit.A, C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K4BUKJ8N\spstub[1].exe, Mis en quarantaine, [4eb2bc44f40c50b0f8df55c410f1c838],
PUP.Optional.MiniBar.A, C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K4BUKJ8N\minibar-core[1].exe, Mis en quarantaine, [59a7ac54b24ec93737e858ca15eb45bb],
PUP.Optional.Conduit.A, C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V9C07C8J\SPSetup[1].exe, Mis en quarantaine, [bf41d52bee12a759d3c8c853cc3549b7],
PUP.Optional.Conduit.A, C:\Users\Nanuq Vancouver\Downloads\01net_AVG_Antivirus_Free_Edition.exe, Mis en quarantaine, [8977eb15fd03b44c96310e39758c8c74],
PUP.Toolbar.Repacked, C:\Users\Nanuq Vancouver\Downloads\AVGAntivirusFreeEdition_telechargement_01net.exe, Mis en quarantaine, [9b653ec2f40cb7497c18196841bf8f71],
PUP.Optional.Amonetize.A, C:\$Recycle.Bin\S-1-5-21-3867563884-3661236702-3029187394-1000\$R0H8EWR.exe, Mis en quarantaine, [56aab64a51afb54b0497bf82f60a629e],
PUP.Optional.InstalleRex, C:\$Recycle.Bin\S-1-5-21-3867563884-3661236702-3029187394-1000\$ROJPJ3U.exe, Mis en quarantaine, [fa06d22e7f81966a726d9dd628d99868],
PUP.Optional.Amonetize.A, C:\$Recycle.Bin\S-1-5-21-3867563884-3661236702-3029187394-1000\$RXQP9M5.exe, Mis en quarantaine, [37c9c8380cf44eb26d2e5ae7877927d9],
Trojan.Agent.ED, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Show-Password\Show_Password.exe.vir, Mis en quarantaine, [3cc46b95738d9d63313e7cbdfb0660a0],
PUP.Optional.Conduit.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze\.install4j\user\mism.exe.vir, Mis en quarantaine, [c43c38c87b854cb441f48e91f50b10f0],

Secteurs physiques: 0
(No malicious items detected)


(end)

[pear]

 

Peut-être que je peux faire le même examen pour les 2 disques durs à part?

Oui.

[carooo.a]

4) J'ai réinitialisé Firefox et Chrome (pas en mode sans échec)

[carooo.a]

Hello, un rapide message pour te prévenir que je dois m'absenter jusqu'à dimanche soir.... je ne pourrai reprendre mes manipulations qu'à ce moment la... désolé pour ce petit retard et à dimanche ou lundi

[carooo.a]

Et voilà je suis de retour et vais faire les scans nécessaires ce soir! merci de ta patience.

[carooo.a]

Rebonjour! voilà tout a fonctionné.

3) Malwarebytes - examen personnalisé sur mes 2 disques durs externes:

 

journal d'examen

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 17/05/2014
Heure de l'examen: 02:58:55
Fichier journal:
Administrateur: Oui

Version: 2.00.1.1004
Base de données Malveillants: v2014.05.16.15
Base de données Rootkits: v2014.03.27.01
Licence: Gratuite
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Chameleon: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Nanuq Vancouver

Type d'examen: Examen "Personnalisé"
Résultat: Terminé
Objets analysés: 297396
Temps écoulé: 4 h, 57 min, 34 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Activé(e)
Shuriken: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Clés du Registre: 0
(No malicious items detected)

Valeurs du Registre: 0
(No malicious items detected)

Données du Registre: 0
(No malicious items detected)

Dossiers: 0
(No malicious items detected)

Fichiers: 0
(No malicious items detected)

Secteurs physiques: 0
(No malicious items detected)


(end)

 

Journal de protection

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 16/05/2014 21:59:46, SYSTEM, NANUQVANCOUVER, Manual, Malware Database, 2014.5.6.3, 2014.5.16.15,

(end)

 

 

4) - Fait

 

5)Nouveau rapport Zhpdiag - à venir

Modifié le 17 mai 2014 par carooo.a

[carooo.a]

5) - Le rapport ZhpDiag.txt:

 

~ Rapport de ZHPDiag v2014.5.16.65 - Nicolas Coolman (16/05/2014)
~ Lancé par Nanuq Vancouver (17/05/2014 11:10:10)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Blog d'analyse software : http://nicolascoolman.byethost7.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 29.0.1 (Defaut)
GCIE: Google Chrome v34.0.1847.137

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
AVG 2014 v14.0.3950
Malwarebytes Anti-Malware version 2.0.1.1004
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader 9.5.4 - Français
Java 7 Update 55

---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2662 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 196 GB (73%) free of 268 GB

---\\ Mode de connexion au système
~ Computer Name: NANUQVANCOUVER
~ User Name: Nanuq Vancouver
~ All Users Names: Nanuq Vancouver, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nanuq Vancouver\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nanuq Vancouver\AppData\Roaming\
~ %Desktop% : C:\Users\Nanuq Vancouver\Desktop\
~ %Favorites% : C:\Users\Nanuq Vancouver\Favorites\
~ %LocalAppData% : C:\Users\Nanuq Vancouver\AppData\Local\
~ %StartMenu% : C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 196 Go of 268 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 44 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/05/2014 - 18:39:37.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/78
~ Mes musiques (My Musics) : 3/355
~ Mes Videos (My Videos) : 2/6
~ Mes Favoris (My Favorites) : 1/40
~ Mes Documents (My Documents) : 2/257
~ Mon Bureau (My Desktop) : 1/557
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 05s



---\\ Processus lancés
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [PID.1096]
[MD5.321E5E66302AF3D9AD2B5B1C0C660B25] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20924544] [PID.2996]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.exe [228552] [PID.2896]
[MD5.3CB07566302BCEEB898DE270A0BEC175] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352] [PID.2544]
[MD5.A74532DB2CB7AE9BCD5C38A4AF2BF3BE] - (.TOSHIBA - Hotkey Utility.) -- C:\Program Files (x86)\Toshiba\TOSHIBA Applet\THotkey.exe [389120] [PID.3636]
[MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432] [PID.3732]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2980]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3640]
[MD5.86E69581356CA45167EA6986B6E29087] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304560] [PID.4996]
[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848] [PID.5216]
[MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3912]
[MD5.28B02EA673489A4EFBB20A9B302D523C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.3232]
[MD5.317235FAE521626B9EBED5F47A9ED75A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7876096] [PID.5752]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nanuq Vancouver\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [user Data\Default] None
G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [user Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Nanuq Vancouver\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
~ Google Lines Browser: 11 Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 3.13.2.11592.) -- C:\Users\Nanuq Vancouver\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.23.) -- C:\Users\Nanuq Vancouver\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
~ Firefox Browser: 6 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17041 (winblue_gdr.140305-1710)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 18 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 5 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Nanuq Vancouver]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
~ Global Startup: 1 Scanned in 00mn 05s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [smartAudio] . (.Pas de propriétaire - SAIICpl MFC Application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe
O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.)
O4 - HKLM\..\Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.)
O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.)
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe =>.Toshiba Corporation
O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.)
O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\Nanuq Vancouver\AppData\Local\Akamai\netsession_win.exe (.not file.)
O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.Toshiba Corporation
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [THotkey] . (.TOSHIBA - Hotkey Utility.) -- C:\Program Files (x86)\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [Akamai NetSession Interface] C:\Users\Nanuq Vancouver\AppData\Local\Akamai\netsession_win.exe (.not file.)
O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3867563884-3661236702-3029187394-1000\..\RunOnce: [uninstall C:\Users\Nanuq Vancouver\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Ajouter à TOSHIBA Bulletin Board [64Bits] - {97F922BD-8563-4184-87EE-8C4ACA438823} . (...) -- C:\Program Files\TOSHIBA\BulletinBoard\images\pin.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{30124F62-15AD-41B0-B251-82811634BED4}: DhcpNameServer = 64.71.255.205 64.71.255.253
O17 - HKLM\System\CCS\Services\Tcpip\..\{7538E5A0-56E8-429A-930B-41CAE8ACACC9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{30124F62-15AD-41B0-B251-82811634BED4}: DhcpNameServer = 64.71.255.205 64.71.255.253
O17 - HKLM\System\CS1\Services\Tcpip\..\{7538E5A0-56E8-429A-930B-41CAE8ACACC9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{30124F62-15AD-41B0-B251-82811634BED4}: DhcpNameServer = 64.71.255.205 64.71.255.253
O17 - HKLM\System\CS2\Services\Tcpip\..\{7538E5A0-56E8-429A-930B-41CAE8ACACC9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Pare-feu AVG (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) . (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) - C:\Program Files (x86)\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
~ Services: 13 Scanned in 00mn 15s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.7C7E868E1D8096ED08D80FF7712BB9D8] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257712]
[MD5.86E69581356CA45167EA6986B6E29087] [APT] [ConfigFree Startup Programs] (.TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304560]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core] (.Google Inc..) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA] (.Google Inc..) -- C:\Users\Nanuq Vancouver\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.00000000000000000000000000000000] [APT] [{367AC493-6FCD-4D49-B2F8-007D0C78C9FD}] (...) -- C:\Users\Nanuq Vancouver\Downloads\ImageResizerPowertoySetup.exe (.not file.) [0]
[MD5.0DA891CB0703D912CEAFA072F54D002B] [APT] [{6CE6406E-2865-44CE-815D-5D8AD091EC50}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [275568]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1082]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1082]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1086]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1086]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core.job [1066]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000Core [1066]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA.job [1118]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3867563884-3661236702-3029187394-1000UA [1118]
~ Scheduled Task: 15 Scanned in 00mn 13s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (Avgdiska) . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - C:\Windows\System32\DRIVERS\avgdiska.sys
O41 - Driver: (Avgfwfd) . (.AVG Technologies CZ, s.r.o. - AVG Filter Driver.) - C:\Windows\System32\DRIVERS\avgfwd6a.sys
O41 - Driver: (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - C:\Windows\System32\DRIVERS\avgidsdrivera.sys
O41 - Driver: (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys
O41 - Driver: (Avgtdia) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdia.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 75 Scanned in 00mn 12s



---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {EA90572A-D706-112F-F821-D49F337B9A7B}
O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {854E96CC-266C-4873-A50F-CDF5367EE848}
O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {BC06BAEB-6D52-4D69-82EB-56CF1594C6A7}
O42 - Logiciel: Adobe Flash Player 13 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Illustrator CS Tryout - (.Adobe Systems, Inc..) [HKLM][64Bits] -- {85CC6638-C827-40E8-94C7-110A77E7812B} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader 9.5.4 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A95000000001}
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe SVG Viewer
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {AAC5D43E-816D-4C2D-8E51-55FFF35BE301}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {787136D2-F0F8-4625-AA3F-72D7795AC842}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: BS.Player FREE - (.AB Team, d.o.o..) [HKLM][64Bits] -- BSPlayerf
O42 - Logiciel: Bigasoft Audio Converter 3.6.27.4553 - (.Bigasoft Corporation.) [HKLM][64Bits] -- {E6333CE4-9DC0-455C-9D43-E011CE33F5FA}_is1
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {FB90923E-F94F-4343-A084-F0AB39305C8B}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: ETDWare PS/2-X64 8.0.8.0_R01 - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {D952C4F9-2488-3723-84BE-1BFA907DCAC9}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Java 7 Update 55 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217055FF}
O42 - Logiciel: Light Image Resizer 4.3.2.2 - (.ObviousIdea.) [HKLM][64Bits] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.1.1004 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C303EE0-A595-3543-A71A-931C7AC40EDE}
O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16}
O42 - Logiciel: Skype™ 6.14 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{229C190B-7690-40B7-8680-42530179F3E9}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {229C190B-7690-40B7-8680-42530179F3E9}
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {80F696E0-AB85-433E-99E3-8CC6D98CF167}
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {8E9CEA3B-EBD1-439C-A01D-830CB39613C6}
O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22}
O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {24811C12-F4A9-4D0F-8494-A7B8FE46123C}
O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {073B89C3-BA88-41B5-965F-B35A88EAE838}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
O42 - Logiciel: Visual Studio 2008 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F}
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: WMV9/VC-1 Video Playback - (.ATI Technologies Inc..) [HKLM][64Bits] -- {07717286-5B65-DB40-FC03-4C5DD8B8DB20}
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {B8BA155B-1E75-405F-9CB4-8A99615D09DC}
~ Logic: 47 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Avg]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avg]
[HKCU\Software\Azureus] =>P2P.Azureus
[HKCU\Software\BST]
[HKCU\Software\Bigasoft]
[HKCU\Software\Brother]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\EasyBits]
[HKCU\Software\Elantech]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LowRegistry]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\ObviousIdea]
[HKCU\Software\PDFCreator]
[HKCU\Software\Policies]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Skype]
[HKCU\Software\TOSHIBA]
[HKCU\Software\Trolltech]
[HKCU\Software\VCW]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Huawei technologies]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sonic]
[HKLM\Software\Toshiba]
[HKLM\Software\UIU]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Avg Secure Update]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\AviSynth]
[HKLM\Software\Wow6432Node\Azureus] =>P2P.Azureus
[HKLM\Software\Wow6432Node\Bigasoft]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Huawei technologies]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Insyde]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Kodak]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\ObviousIdea]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Preview Systems]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RtWLan]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\TOSHIBA CORPORATION]
[HKLM\Software\Wow6432Node\TOSHIBA]
[HKLM\Software\Wow6432Node\Webteh]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\illiminable]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 236 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/07/2012 - 01:07:20 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 02/08/2011 - 21:07:48 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 15/04/2011 - 05:12:08 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 06/10/2013 - 17:48:31 - [] ----D C:\Program Files (x86)\AVG
O43 - CFD: 09/03/2012 - 02:49:02 - [] ----D C:\Program Files (x86)\AviSynth 2.5
O43 - CFD: 10/07/2012 - 02:31:40 - [] ----D C:\Program Files (x86)\Bigasoft
O43 - CFD: 12/10/2011 - 14:34:38 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 17/05/2014 - 09:43:03 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 09/03/2012 - 03:41:44 - [0] ----D C:\Program Files (x86)\eRightSoft
O43 - CFD: 11/12/2013 - 14:23:24 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 25/07/2012 - 01:07:17 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 02/05/2014 - 19:54:46 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 02/05/2014 - 18:52:32 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 02/05/2014 - 17:03:58 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 04/05/2014 - 18:19:20 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 17/05/2011 - 18:04:43 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 14/04/2011 - 19:55:46 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 14/04/2011 - 20:08:17 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 13/11/2013 - 03:35:38 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 18/04/2011 - 17:04:23 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 04/05/2014 - 11:34:36 - [] ----D C:\Program Files (x86)\Movie Maker 2.6
O43 - CFD: 11/05/2014 - 20:44:38 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 12/05/2014 - 12:03:49 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 08/06/2011 - 02:42:36 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 02/12/2012 - 05:05:07 - [] ----D C:\Program Files (x86)\ObviousIdea
O43 - CFD: 02/05/2011 - 21:11:06 - [] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 02/05/2014 - 18:59:52 - [] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 15/04/2011 - 05:21:46 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 15/04/2011 - 05:23:54 - [] ----D C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/05/2014 - 17:02:00 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 05/05/2014 - 11:23:32 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 27/11/2012 - 15:32:35 - [] ----D C:\Program Files (x86)\SugarSync
O43 - CFD: 03/07/2012 - 05:12:43 - [] ----D C:\Program Files (x86)\Toshiba
O43 - CFD: 02/05/2014 - 13:47:38 - [] ----D C:\Program Files (x86)\TOSHIBA Games
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 19/02/2012 - 23:01:28 - [] ----D C:\Program Files (x86)\Webteh
O43 - CFD: 19/07/2013 - 02:08:18 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/06/2011 - 18:52:06 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/12/2013 - 00:31:26 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 13/06/2011 - 18:52:05 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 13/06/2011 - 18:52:05 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 13/06/2011 - 18:52:06 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 08/06/2011 - 20:54:41 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 17/05/2014 - 11:09:57 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 25/07/2012 - 01:09:11 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 25/07/2012 - 00:51:03 - [] ----D C:\Program Files (x86)\Common Files\Akamai
O43 - CFD: 02/05/2014 - 18:50:36 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 15/04/2011 - 05:12:20 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 17/05/2014 - 09:43:03 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 15/04/2011 - 05:27:52 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 02/05/2014 - 21:12:17 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 02/05/2014 - 17:47:08 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02/05/2014 - 16:00:04 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/05/2011 - 18:03:48 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 03/12/2011 - 17:40:41 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 25/07/2012 - 01:09:31 - [] ----D C:\Program Files (x86)\Common Files\Vbox
O43 - CFD: 15/04/2011 - 05:35:38 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 02/05/2014 - 18:52:35 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 04/05/2013 - 15:18:10 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 02/05/2014 - 18:41:53 - [] ----D C:\ProgramData\Apple
O43 - CFD: 05/05/2011 - 00:05:23 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 15/04/2011 - 05:13:35 - [] ----D C:\ProgramData\ATI
O43 - CFD: 13/11/2013 - 03:15:25 - [] ----D C:\ProgramData\AVG2014
O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 22/06/2013 - 23:43:48 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 17/05/2011 - 18:29:46 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 11/12/2013 - 06:08:18 - [] ----D C:\ProgramData\DatacardService
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 11/12/2013 - 06:06:14 - [] ----D C:\ProgramData\Google
O43 - CFD: 20/12/2011 - 03:39:12 - [] ----D C:\ProgramData\LGMOBILEAX
O43 - CFD: 04/05/2014 - 18:19:15 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 17/05/2014 - 11:08:59 - [] ----D C:\ProgramData\MFAData
O43 - CFD: 05/05/2014 - 11:21:20 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 17/05/2014 - 09:49:42 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 13/11/2013 - 03:34:39 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 14/04/2011 - 19:16:01 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 25/04/2012 - 02:52:49 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 17/05/2011 - 18:35:19 - [] ----D C:\ProgramData\Norton
O43 - CFD: 17/05/2011 - 18:03:14 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 02/05/2014 - 21:12:28 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 02/05/2014 - 16:00:27 - [] ----D C:\ProgramData\Skype
O43 - CFD: 28/06/2011 - 17:34:43 - [] ----D C:\ProgramData\Skype Extras
O43 - CFD: 05/05/2014 - 10:46:46 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 19/11/2010 - 01:33:22 - [] ----D C:\ProgramData\Sun
O43 - CFD: 11/12/2013 - 05:59:29 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 15/04/2011 - 05:33:34 - [] ----D C:\ProgramData\Toshiba
O43 - CFD: 02/05/2014 - 13:46:19 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 08/06/2011 - 20:53:58 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 05/05/2011 - 00:06:06 - [] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 04/09/2012 - 15:33:58 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Adobe
O43 - CFD: 30/12/2011 - 22:29:00 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Apple Computer
O43 - CFD: 14/04/2011 - 19:23:32 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\ATI
O43 - CFD: 06/10/2013 - 17:47:33 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\AVG2014
O43 - CFD: 03/05/2014 - 18:28:02 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Azureus =>P2P.Azureus
O43 - CFD: 05/05/2011 - 17:40:35 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Brother
O43 - CFD: 04/03/2012 - 04:24:45 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\BSplayer
O43 - CFD: 19/02/2012 - 23:01:29 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\BSplayer Pro
O43 - CFD: 24/07/2012 - 02:10:28 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
O43 - CFD: 14/04/2011 - 20:08:19 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Google
O43 - CFD: 14/04/2011 - 19:22:39 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Identities
O43 - CFD: 14/04/2011 - 21:55:30 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 17:35:05 - [0] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Media Center Programs
O43 - CFD: 07/10/2013 - 04:26:52 - [] -S--D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft
O43 - CFD: 06/02/2013 - 03:47:06 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Mozilla
O43 - CFD: 11/03/2013 - 02:59:53 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\ObviousIdea
O43 - CFD: 17/05/2014 - 11:06:05 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Skype
O43 - CFD: 04/07/2011 - 17:37:50 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\skypePM
O43 - CFD: 21/04/2011 - 03:44:45 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Toshiba
O43 - CFD: 05/10/2012 - 03:34:52 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\TuneUp Software
O43 - CFD: 14/04/2011 - 19:23:17 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\WinBatch
O43 - CFD: 05/05/2011 - 00:51:24 - [0] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Windows Live Writer
O43 - CFD: 08/06/2011 - 20:55:38 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\WinRAR
O43 - CFD: 17/05/2014 - 11:11:19 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 24/07/2012 - 02:09:02 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Adobe
O43 - CFD: 03/09/2013 - 22:29:58 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Apple
O43 - CFD: 22/02/2012 - 02:27:49 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Apple Computer
O43 - CFD: 14/04/2011 - 19:16:20 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\Application Data
O43 - CFD: 14/04/2011 - 19:23:32 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\ATI
O43 - CFD: 13/11/2013 - 02:56:52 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Avg2014
O43 - CFD: 13/12/2013 - 02:20:12 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\CrashDumps
O43 - CFD: 08/08/2013 - 23:50:15 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Diagnostics
O43 - CFD: 17/05/2014 - 10:17:34 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\EmieSiteList
O43 - CFD: 17/05/2014 - 10:17:34 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\EmieUserList
O43 - CFD: 11/12/2013 - 06:06:15 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Google
O43 - CFD: 14/04/2011 - 19:16:20 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\Historique
O43 - CFD: 12/06/2012 - 02:37:13 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Macromedia
O43 - CFD: 05/10/2012 - 02:06:03 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\MFAData
O43 - CFD: 04/05/2014 - 11:50:29 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Microsoft
O43 - CFD: 12/08/2011 - 23:01:42 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Microsoft Help
O43 - CFD: 15/10/2013 - 01:10:03 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Mozilla
O43 - CFD: 04/04/2013 - 03:33:05 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Programs
O43 - CFD: 02/05/2014 - 16:00:51 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Skype
O43 - CFD: 17/05/2014 - 11:09:19 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Temp
O43 - CFD: 14/04/2011 - 19:16:20 - [] -SH-D C:\Users\Nanuq Vancouver\AppData\Local\Temporary Internet Files
O43 - CFD: 14/04/2011 - 19:22:13 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Toshiba
O43 - CFD: 15/04/2011 - 03:21:35 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\TOSHIBA_Corporation
O43 - CFD: 09/10/2012 - 20:22:43 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\VirtualStore
O43 - CFD: 02/05/2014 - 17:48:11 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Windows Live
O43 - CFD: 05/05/2011 - 00:51:50 - [] ----D C:\Users\Nanuq Vancouver\AppData\Local\Windows Live Writer
O43 - CFD: 10/05/2014 - 12:41:54 - [0] ----D C:\Users\Nanuq Vancouver\AppData\Local\WMTools Downloaded Files
O43 - CFD: 14/07/2009 - 06:54:32 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/05/2014 - 10:05:43 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/07/2012 - 02:31:46 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft
O43 - CFD: 19/02/2012 - 23:04:22 - [] ----D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BS.Player
O43 - CFD: 14/07/2009 - 06:49:38 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 17/05/2014 - 10:05:43 - [] R---D C:\Users\Nanuq Vancouver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 158 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.AFCA5C1ECEAF948FC815178BC077680E] - 02/05/2014 - 13:07:01 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1424384]
O44 - LFC:[MD5.2C619F6023E3F7A3ABF3475ED2223359] - 02/05/2014 - 13:15:04 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [624128]
O44 - LFC:[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 02/05/2014 - 13:15:10 ---A- . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\Drivers\ntfs.sys [1684928]
O44 - LFC:[MD5.3555BA97171CD153118F73FDCCC8BFDE] - 02/05/2014 - 13:15:12 ---A- . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Drivers\netio.sys [376768]
O44 - LFC:[MD5.E918C0DE5CF2AE6BEDBF387C09627D93] - 02/05/2014 - 13:15:14 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3156480]
O44 - LFC:[MD5.1075AB2C077B415760C0E948856B5126] - 02/05/2014 - 13:15:16 ---A- . (.Microsoft Corporation - DLL du rapport d’erreurs Windows.) -- C:\Windows\System32\wer.dll [484864]
O44 - LFC:[MD5.CD2C20CC3B385A32701F78C0ACBBE9F3] - 02/05/2014 - 13:15:16 ---A- . (.Microsoft Corporation - XML Resources.) -- C:\Windows\System32\msxml3r.dll [2048]
O44 - LFC:[MD5.0D298133C359AB8CB9EB4FA178BF3947] - 02/05/2014 - 13:15:17 ---A- . (.Microsoft Corporation - MSXML 3.0 SP11.) -- C:\Windows\System32\msxml3.dll [1882112]
O44 - LFC:[MD5.8D1196CFBB223621F2C67D45710F25BA] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys [343040]
O44 - LFC:[MD5.18A85013A3E0F7E1755365D287443965] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [53248]
O44 - LFC:[MD5.765A92D428A8DB88B960DA5A8D6089DC] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys [25600]
O44 - LFC:[MD5.12FEB33791920678F8433701C822BCFD] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32\Drivers\usbport.sys [325120]
O44 - LFC:[MD5.DD253AFC3BC6CBA412342DE60C3647F3] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [30720]
O44 - LFC:[MD5.DCA68B0943D6FA415F0C56C92158A83A] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys [99840]
O44 - LFC:[MD5.FFA06EF43987ED0DD42AD59B260C0C78] - 02/05/2014 - 13:15:19 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [7808]
O44 - LFC:[MD5.EA093130471090037BB70A4AF86FAD1B] - 02/05/2014 - 13:15:21 ---A- . (...) -- C:\Windows\System32\locale.nls [420008]
O44 - LFC:[MD5.0F090A77E664CB0F70AB8D3B230B760C] - 02/05/2014 - 13:15:24 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll [13312]
O44 - LFC:[MD5.74959C718FF4594369645F35B7DF19C4] - 02/05/2014 - 13:15:24 ---A- . (.Microsoft Corporation - Émulation 16 bits sur NT64.) -- C:\Windows\System32\ntvdm64.dll [16384]
O44 - LFC:[MD5.2A107B611C91CD256466C58C0D776E9D] - 02/05/2014 - 13:15:25 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [243712]
O44 - LFC:[MD5.7434E01FBCA3CB86539C39412A31D5E1] - 02/05/2014 - 13:15:25 ---A- . (.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\Windows\System32\wow64win.dll [362496]
O44 - LFC:[MD5.D2A513EE880D71BDE7F0257F38B9D019] - 02/05/2014 - 13:15:26 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll [1163264]
O44 - LFC:[MD5.B3222734D80013D2C73841B0C549FA63] - 02/05/2014 - 13:15:34 ---A- . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\Drivers\Diskdump.sys [27584]
O44 - LFC:[MD5.1F34470A484B001CC95B66CFE4753960] - 02/05/2014 - 13:15:34 ---A- . (.Microsoft Corporation - DLL de journalisation des E/S.) -- C:\Windows\System32\iologmsg.dll [2048]
O44 - LFC:[MD5.A3F0BC5897F9D3786A3CB695B163633A] - 02/05/2014 - 13:15:34 ---A- . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys [190912]
O44 - LFC:[MD5.96BB922A0981BC7432C8CF52B5410FE6] - 02/05/2014 - 13:15:35 ---A- . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\Drivers\msiscsi.sys [274880]
O44 - LFC:[MD5.C6AC2C91541D24F9E236A670C0CA793D] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Client Gestion des droits Windows.) -- C:\Windows\System32\msdrm.dll [528384]
O44 - LFC:[MD5.399FC1B75790EE606A6FD9F2FB4C891C] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Desktop Security.) -- C:\Windows\System32\secproc.dll [488448]
O44 - LFC:[MD5.5693212AB2EBCACBBE05EC3A642113E2] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Desktop Security.) -- C:\Windows\System32\secproc_isv.dll [485888]
O44 - LFC:[MD5.03F8F411F118CFDA508E77C747BB05EA] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_ssp.exe [553984]
O44 - LFC:[MD5.B41B1FEDEBBD955B4E25676B42087885] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Services Server S.) -- C:\Windows\System32\secproc_ssp.dll [123392]
O44 - LFC:[MD5.DC6DD779F35BB42E2E76FDFEC565C251] - 02/05/2014 - 13:15:42 ---A- . (.Microsoft Corporation - Windows Rights Management Services Server S.) -- C:\Windows\System32\secproc_ssp_isv.dll [123392]
O44 - LFC:[MD5.1B3741488AA7E237961A29D1E7A44C0A] - 02/05/2014 - 13:15:43 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate.exe [626176]
O44 - LFC:[MD5.17CF3B3F68272BD40C878D4DBAB0EBC9] - 02/05/2014 - 13:15:43 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_isv.exe [658432]
O44 - LFC:[MD5.297926B15AE5390409F1007EB28A8EFB] - 02/05/2014 - 13:15:43 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_ssp_isv.exe [552960]
O44 - LFC:[MD5.C676E5EA388AF7C4C031F56F9B42E362] - 02/05/2014 - 13:16:04 ---A- . (.Microsoft Corporation - Bibliothèque Microsoft D2D.) -- C:\Windows\System32\d2d1.dll [3928064]
O44 - LFC:[MD5.E8710B5DDA963E6BA198DF5FB209E72A] - 02/05/2014 - 13:16:05 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [2565120]
O44 - LFC:[MD5.04F82965C09CBDF646B487E145060301] - 02/05/2014 - 13:16:07 ---A- . (.Microsoft Corporation - Service de configuration automatique WWAN.) -- C:\Windows\System32\wwansvc.dll [228864]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 02/05/2014 - 13:31:16 ---A- . (...) -- C:\Windows\win.ini [478]
O44 - LFC:[MD5.35E1B12C91540C65D1223EE96070367D] - 02/05/2014 - 14:54:21 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [416944]
O44 - LFC:[MD5.9870EC900829595D191BB03C6C48B479] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [83968]
O44 - LFC:[MD5.915D8A9E112C97C90C654F792B6B28B9] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640]
O44 - LFC:[MD5.ADA5C3D49A12CED9F07913DC00E547A8] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - IE plugin image decoder support DLL.) -- C:\Windows\System32\imgutil.dll [48128]
O44 - LFC:[MD5.BB6DEAFAC5F0AAEC37FEAF3F3AA48347] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [774144]
O44 - LFC:[MD5.1FCBE949A67939ADEAE7279E423AA684] - 02/05/2014 - 18:39:24 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll [135680]
O44 - LFC:[MD5.95828D670CFD3B16EE188168E083C3C5] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft®.) -- C:\Windows\System32\mshta.exe [13824]
O44 - LFC:[MD5.72116CC377FF4281B0132C397026D911] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.A3A132CBE48AF0324466469F2CAAE8A2] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [111616]
O44 - LFC:[MD5.E70D4270C43CE6C46841B684315B9EFF] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - IE PNG plugin image decoder.) -- C:\Windows\System32\pngfilt.dll [62464]
O44 - LFC:[MD5.FD61D51199F3FC9EB0023FBF405EAAD0] - 02/05/2014 - 18:39:25 ---A- . (.Microsoft Corporation - Object Control Viewer.) -- C:\Windows\System32\occache.dll [147968]
O44 - LFC:[MD5.1BF215FF4DF6DE10D2F81A2CE85157D2] - 02/05/2014 - 18:39:26 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [139264]
O44 - LFC:[MD5.75AD355828187145A60E3DC7BAF7B0F3] - 02/05/2014 - 18:39:27 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [628736]
O44 - LFC:[MD5.FFF555C177D9F2B79B5C3146BED09FB1] - 02/05/2014 - 18:39:27 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [548352]
O44 - LFC:[MD5.1EA6500C25A80E8BDB65099C509AF993] - 02/05/2014 - 18:39:28 ---A- . (.Microsoft Corporation - Auto-extracteur de fichier CAB Win32.) -- C:\Windows\System32\wextract.exe [143872]
O44 - LFC:[MD5.5BBDBE5EBB49EA7C76A2EE7490A45D68] - 02/05/2014 - 18:39:28 ---A- . (.Microsoft Corporation - Moteur d'installation.) -- C:\Windows\System32\inseng.dll [101376]
O44 - LFC:[MD5.46FD16F9B1924A2EA8CD5C6716CC654F] - 02/05/2014 - 18:39:28 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\System32\iexpress.exe [167424]
O44 - LFC:[MD5.F00AE7B953ABEF1B53FBBA187DFC8238] - 02/05/2014 - 18:39:29 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll [243200]
O44 - LFC:[MD5.9675B272086CF5D22B83B541FAA8D4EA] - 02/05/2014 - 18:39:29 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de licences Microsoft®.) -- C:\Windows\System32\licmgr10.dll [30208]
O44 - LFC:[MD5.1654093C8BD3342997D27B71684ACCE8] - 02/05/2014 - 18:39:29 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2043904]
O44 - LFC:[MD5.C92173481A58935BE15172079CF122B8] - 02/05/2014 - 18:39:30 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [235520]
O44 - LFC:[MD5.EE10AB99A480875E012CA339EC48F02B] - 02/05/2014 - 18:39:30 ---A- . (.Microsoft Corporation - Microsoft ® HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1228800]
O44 - LFC:[MD5.77FBE2E014EFB93FD037FA33AB8C7D6E] - 02/05/2014 - 18:39:30 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [263376]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 02/05/2014 - 18:39:31 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.A3F9A9E46BDDBB8B20B7CF3EEDB990F2] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66048]
O44 - LFC:[MD5.0A9D5716CB1F3AFA73703F39647BB8C2] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - Microsoft Information Card IE Helper.) -- C:\Windows\System32\icardie.dll [81408]
O44 - LFC:[MD5.D6067F7EE060C5D6D79008AD591B4E3B] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [33792]
O44 - LFC:[MD5.3F498856C68725717195C16568FE19D0] - 02/05/2014 - 18:39:31 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [586240]
O44 - LFC:[MD5.3A4FD19F13F8809BA08E9F76C0E38832] - 02/05/2014 - 18:39:32 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [413696]
O44 - LFC:[MD5.C17139EAF939964142C7A1AEEE02DC81] - 02/05/2014 - 18:39:32 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter Data File.) -- C:\Windows\System32\ieapfltr.dat [616104]
O44 - LFC:[MD5.EBAD8A4D048ED257E4A45F6356541F86] - 02/05/2014 - 18:39:32 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [846336]
O44 - LFC:[MD5.964C89BC8A52A260D68C90FDDEB862E2] - 02/05/2014 - 18:39:34 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [38400]
O44 - LFC:[MD5.CE8831D2DCB5803A4CBC8EDCCBBC2A05] - 02/05/2014 - 18:39:34 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx [77312]
O44 - LFC:[MD5.2405D24AA28CCC4CC7E0CC0AE008746F] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - DLL de ressource du composant d'édition HTM.) -- C:\Windows\System32\mshtmler.dll [48640]
O44 - LFC:[MD5.0FBEBD36FEFFEE5AF25FDAEE5E35EE99] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [105984]
O44 - LFC:[MD5.BF25489459C7A762DD7B3186C7E3984D] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [5784064]
O44 - LFC:[MD5.3F547245C78F4847B73EDDFD4A2F7E12] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [752640]
O44 - LFC:[MD5.7446786E7092ABE122D372F95E6ED74B] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [574976]
O44 - LFC:[MD5.A14BB2F5F6457738AAA11367F5172A05] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [13551104]
O44 - LFC:[MD5.5141B67F14E2B6CBB6ADF851ABE364A5] - 02/05/2014 - 18:39:35 ---A- . (.Microsoft Corporation - Sets the date that IE was installed.) -- C:\Windows\System32\SetIEInstalledDate.exe [90112]
O44 - LFC:[MD5.D31AE751B6DACAFD0D7CC99EAE9606C2] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\System32\IEAdvpack.dll [131072]
O44 - LFC:[MD5.E7161E2C66FF9B1E87C30FC9D2497ABB] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [195584]
O44 - LFC:[MD5.E4A6577D74B2439974C8018AB5F1BFEA] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [13312]
O44 - LFC:[MD5.038ABC9BCC86DFF9E181D44E43E2CEBA] - 02/05/2014 - 18:39:36 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll [52224]
O44 - LFC:[MD5.F220BA78AB542C70211D73AE4729B2CD] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2260480]
O44 - LFC:[MD5.32417AE8280276968E5C551ED85D3525] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1400832]
O44 - LFC:[MD5.CB57E934280D346AE0A9B053DAA284C5] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [51200]
O44 - LFC:[MD5.2EBD0C5B090125AECF017C57344C45AB] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Microsoft Line Services library file.) -- C:\Windows\System32\msls31.dll [247808]
O44 - LFC:[MD5.1F8534A19A66275C863DE17645CB2A13] - 02/05/2014 - 18:39:37 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2767360]
O44 - LFC:[MD5.4399857346DD183683332921500046B1] - 02/05/2014 - 18:39:38 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe [86016]
O44 - LFC:[MD5.6F1AF8E1206E92256459E3012C20472A] - 02/05/2014 - 18:39:38 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\jsIntl.dll [942592]
O44 - LFC:[MD5.8F7FBD0177F79727CF945ABDA657A0AC] - 02/05/2014 - 18:39:51 ---A- . (.Microsoft Corporation - ELS Hyphenation Service.) -- C:\Windows\System32\elshyph.dll [235008]
O44 - LFC:[MD5.2D01F001F8E45924E57B7BB77CF96BC2] - 02/05/2014 - 18:52:06 ---A- . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\Windows\System32\IEUDINIT.EXE [28368]
O44 - LFC:[MD5.6E3B5A0461AA3D411B92AFDC740445D2] - 02/05/2014 - 18:52:12 ---A- . (...) -- C:\Windows\IE11_main.log [45558]
O44 - LFC:[MD5.88E61DABC5F22841937A9A3B9BD0FABE] - 04/05/2014 - 10:44:39 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.FD5465B876D55534117963FAAA4B9DFC] - 04/05/2014 - 17:19:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O44 - LFC:[MD5.4A1356200B82B852E137B687F03E8054] - 04/05/2014 - 17:19:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [88280]
O44 - LFC:[MD5.C49915271600CFC2305FAA4271D0002F] - 04/05/2014 - 17:19:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63192]
O44 - LFC:[MD5.A920E1336F9FEA95477763E2CC15891B] - 06/05/2014 - 04:00:47 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [84992]
O44 - LFC:[MD5.A45BFDCFD5864F658289A165E6E0227F] - 06/05/2014 - 05:17:53 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.797E2E5C309AFF76990D5B7AF457EACA] - 06/05/2014 - 05:40:42 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [23544320]
O44 - LFC:[MD5.710FD0E362A1A5C087DB90C1BAC46411] - 06/05/2014 - 12:28:51 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [940032]
O44 - LFC:[MD5.485FB1F3792FF7B5D5EBB99AB870E588] - 09/05/2014 - 07:11:23 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [424448]
O44 - LFC:[MD5.4A795989DF0043973711B666D36D2678] - 09/05/2014 - 07:14:03 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [477184]
O44 - LFC:[MD5.3C9E10D0B809E4ED6E6A6338F3DCA6E4] - 09/05/2014 - 21:03:36 ---A- . (...) -- C:\Windows\PFRO.log [619100]
O44 - LFC:[MD5.82A72E99AA1CF0B04D3B9843CBA3AEC1] - 16/05/2014 - 20:56:48 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [22016]
O44 - LFC:[MD5.8098627D0AA1706D69C5AF3F74332ABB] - 16/05/2014 - 20:56:48 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [29184]
O44 - LFC:[MD5.39312B37C5FE5138F99680A49ACD3AEA] - 16/05/2014 - 20:56:48 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [28160]
O44 - LFC:[MD5.4959DE74643CBC4B83E5BC99486A4FC9] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - DLL capiprovider.) -- C:\Windows\System32\capiprovider.dll [53760]
O44 - LFC:[MD5.BDA8B14AFE99A0C52BFEA64C5AC62171] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - DLL du fournisseur DPAPI.) -- C:\Windows\System32\dpapiprovider.dll [52736]
O44 - LFC:[MD5.9A3C6D8593F29A9F66744A3D4E6309B2] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - DLL du fournisseur d’informations d’identif.) -- C:\Windows\System32\wincredprovider.dll [39936]
O44 - LFC:[MD5.353009DEDF918B2A51414F330CF72DEC] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [95680]
O44 - LFC:[MD5.204F3F58212B3E422C90BD9691A2DF28] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [31232]
O44 - LFC:[MD5.C072064F95579C0D6D86AF5B3DC53192] - 16/05/2014 - 20:56:49 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [136192]
O44 - LFC:[MD5.692E9886B2A475684F7E3294BF66E97D] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - DLL adprovider.) -- C:\Windows\System32\adprovider.dll [56832]
O44 - LFC:[MD5.9D942180B5B6CE1C882B9CC54EA1F275] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - DLL du fournisseur cng.) -- C:\Windows\System32\cngprovider.dll [57344]
O44 - LFC:[MD5.CF13522172342AD8196B329C15D68E23] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - DLL du fournisseur du service de gestion d’.) -- C:\Windows\System32\dimsroam.dll [44544]
O44 - LFC:[MD5.1C2D8E18AA8FD50CD04C15CC27F7F5AB] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [155072]
O44 - LFC:[MD5.481F70241D4EA038BB02590A30F15A23] - 16/05/2014 - 20:56:50 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [340992]
O44 - LFC:[MD5.851BB346CD59D9B3BC8854384C7DD5C3] - 16/05/2014 - 20:56:51 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [424960]
O44 - LFC:[MD5.26AF184300C0868D854D5A3092234E24] - 16/05/2014 - 20:56:51 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [210944]
O44 - LFC:[MD5.B6D8C1202DACA028AD94BDA2795CBBE9] - 16/05/2014 - 20:56:51 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [86528]
O44 - LFC:[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\winlogon.exe [455168]
O44 - LFC:[MD5.89EF1CE0CE43AB8F55247D746739A321] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - Dialogue du Sélecteur d’objet.) -- C:\Windows\System32\objsel.dll [722944]
O44 - LFC:[MD5.E2A483E796D5FC7E447725FD01D98FA0] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [314880]
O44 - LFC:[MD5.6B47CF5C27865DDF6680E4D834FBE34F] - 16/05/2014 - 20:56:53 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [5550016]
O44 - LFC:[MD5.B19C8390A1D641B9AC4490D4828A7B5E] - 16/05/2014 - 20:56:55 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [728064]
O44 - LFC:[MD5.9358149234A4F3FE00CF5C2096DC1652] - 16/05/2014 - 20:56:57 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1460736]
O44 - LFC:[MD5.427015D56DF17241F634611557146C57] - 16/05/2014 - 21:00:56 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll [14175744]
O44 - LFC:[MD5.AB4A6DF750EBCAEAC12E1E7BF72BBCA2] - 17/05/2014 - 08:36:15 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [93223848]
O44 - LFC:[MD5.6140163BFE9D8F2DFDBA088ED5521C13] - 17/05/2014 - 09:19:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O44 - LFC:[MD5.2BC5E29B4CC59AD90CBB3AC6CB0EDFEE] - 17/05/2014 - 10:04:34 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1FD3B7F48FC7C5380026EF5FC1B8CC24] - 17/05/2014 - 10:04:38 ---A- . (...) -- C:\Windows\setupact.log [43115]
O44 - LFC:[MD5.BA87D1171BF4FCBAE30FD7CB8B2B29CE] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [6444]
O44 - LFC:[MD5.6A83E09BB3BADE2637BC477A6F18270C] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfc009.dat [1344416]
O44 - LFC:[MD5.165600E11E349F3D5A50B440F9474EA3] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [1548104]
O44 - LFC:[MD5.705BB04C4955557B989E70CA3FF5E438] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfh009.dat [1933516]
O44 - LFC:[MD5.90F27B83DB5B16AF47BF1FBA9619B6F8] - 17/05/2014 - 10:07:36 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [4901098]
O44 - LFC:[MD5.CF022D2C32B96B77731B7A78A2BEE784] - 17/05/2014 - 10:10:32 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1168962]
~ Files: 139 Scanned in 00mn 40s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1931AC9FA157114C6FD7693A2F26AB30] - 03/05/2014 - 14:09:13 ---A- - C:\Windows\Prefetch\AZUREUS.EXE-997C5496.pf =>P2P.Azureus
~ Prefetcher: 1 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{ab11be50-00b8-11e3-b56b-00266cb4e253}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{e77dddcc-fea0-11e2-8097-00266cb4e253}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{e77dddd6-fea0-11e2-8097-00266cb4e253}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:10/11/2010 - 03:34:04 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [8013312]
O58 - SDL:10/11/2010 - 02:18:54 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [287232]
O58 - SDL:27/03/2014 - 21:14:24 ---A- . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) -- C:\Windows\System32\Drivers\avgdiska.sys [153368]
O58 - SDL:26/09/2013 - 09:44:54 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Filter Driver.) -- C:\Windows\System32\Drivers\avgfwd6a.sys [57144]
O58 - SDL:18/04/2014 - 14:01:30 ---A- . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver..) -- C:\Windows\System32\Drivers\avgidsdrivera.sys [237336]
O58 - SDL:27/03/2014 - 21:14:26 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Driver.) -- C:\Windows\System32\Drivers\avgidsha.sys [192792]
O58 - SDL:27/03/2014 - 21:07:10 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\Windows\System32\Drivers\avgldx64.sys [236824]
O58 - SDL:27/03/2014 - 21:05:02 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) -- C:\Windows\System32\Drivers\avgloga.sys [324376]
O58 - SDL:31/03/2014 - 15:06:26 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\Windows\System32\Drivers\avgmfx64.sys [130840]
O58 - SDL:27/03/2014 - 21:03:16 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\Windows\System32\Drivers\avgrkx64.sys [32536]
O58 - SDL:31/03/2014 - 15:20:54 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\Windows\System32\Drivers\avgtdia.sys [274200]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:21/10/2010 - 19:37:46 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys [1306240]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:11/11/2010 - 17:58:54 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [137512]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:07/07/2009 - 14:51:42 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\Windows\System32\Drivers\FwLnk.sys [9216]
O58 - SDL:21/08/2012 - 12:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:28/07/2010 - 23:25:10 ---A- . (.Initio Corporation - Initio Default Vendor Specific Device Driver.) -- C:\Windows\System32\Drivers\ivusb.sys [29720]
O58 - SDL:27/09/2010 - 20:24:42 ---A- . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x64.sys [76912]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:03/04/2014 - 08:50:58 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:03/04/2014 - 08:51:04 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [88280]
O58 - SDL:17/05/2014 - 09:19:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:03/04/2014 - 08:51:16 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63192]
O58 - SDL:10/05/2011 - 16:06:14 ---A- . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\Drivers\netaapl64.sys [22528]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:22/06/2009 - 22:06:38 ---A- . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\Drivers\PGEffect.sys [35008]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:31/03/2010 - 16:10:18 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\Drivers\rtl8187B.sys [450048]
O58 - SDL:01/04/2010 - 19:01:10 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8187Se.sys [442368]
O58 - SDL:23/07/2010 - 14:43:52 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192ce.sys [1088616]
O58 - SDL:02/07/2010 - 14:14:00 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192se.sys [1111144]
O58 - SDL:08/04/2010 - 15:07:58 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl819xp.sys [612352]
O58 - SDL:08/10/2010 - 16:49:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys [243712]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:31/07/2009 - 01:22:04 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys [27784]
O58 - SDL:14/07/2009 - 20:31:18 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [26840]
O58 - SDL:13/12/2012 - 18:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
~ Drivers: 73 Scanned in 00mn 10s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/05/2014 - 11:13:14 ---A- . (.Adobe Systems Incorporated.) -- C:\Users\Nanuq Vancouver\AppData\Local\Temp\{8675E723-2086-4099-8C51-8843BFDA78E8}\InstallFlashPlayer.exe [17938608]
~ 322 Fichiers temporaires (Temporary files)
~ 92 Fichiers cookies (Cookies files)
~ Files: 1 Scanned in 00mn 59s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 10/11/2010 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgdiska.sys (Avgdiska) .(.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - LEGACY_AVGDISKA
O64 - Services: CurCS - 26/09/2013 - C:\Windows\System32\DRIVERS\avgfwd6a.sys (Avgfwfd) .(.AVG Technologies CZ, s.r.o. - AVG Filter Driver.) - LEGACY_AVGFWFD
O64 - Services: CurCS - 18/04/2014 - C:\Windows\System32\DRIVERS\avgidsdrivera.sys (AVGIDSDriver) .(.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - LEGACY_AVGIDSDRIVER
O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgidsha.sys (AVGIDSHA) .(.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHA
O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgldx64.sys (Avgldx64) .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX64
O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgloga.sys (Avgloga) .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGA
O64 - Services: CurCS - 31/03/2014 - C:\Windows\System32\DRIVERS\avgmfx64.sys (Avgmfx64) .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX64
O64 - Services: CurCS - 27/03/2014 - C:\Windows\System32\DRIVERS\avgrkx64.sys (Avgrkx64) .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX64
O64 - Services: CurCS - 31/03/2014 - C:\Windows\System32\DRIVERS\avgtdia.sys (Avgtdia) .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIA
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 87 Scanned in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.51C9589DFC3D276C350D3D95B758FCAC] [sPRF][14/04/2011] (...) -- C:\ProgramData\ezsidmv.dat [56]
~ Files: 1 Scanned in 00mn 00s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Azureus_RASAPI32 =>P2P.Azureus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Azureus_RASMANCS =>P2P.Azureus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASAPI32 =>P2P.Azureus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASMANCS =>P2P.Azureus
~ BTK: 317 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 02/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 14/04/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/04/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/11/2010 203776 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 03/04/2014 1473280 | (avgfws) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
SR - | Auto 18/04/2014 3645456 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 27/03/2014 291912 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 31/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 28/01/2010 249200 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
SR - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 12/03/2010 34816 | (TAPPSRV) . (.TOSHIBA Corp..) - C:\Program Files (x86)\Toshiba\TOSHIBA Applet\TAPPSRV.exe
SR - | Demand 01/07/2010 51576 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation
SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\windows\system32\TODDSrv.exe
SR - | Auto 28/09/2010 489384 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Demand 05/02/2010 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 23s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Nanuq Vancouver at 17/05/2014 11:14:59
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Nanuq Vancouver at 17/05/2014 11:15:01
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13045 - (16/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 3

C:\Users\Nanuq Vancouver\AppData\Roaming\Azureus =>P2P.Azureus^
[HKCU\Software\Azureus] =>P2P.Azureus^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Azureus] =>P2P.Azureus^
~ Additionnel Scan: 293742 Items scanned in 01mn 14s



---\\ Récapitulatif des détections trouvées sur votre station

~ MSI: 1 link(s) detected in 00mn 00s



End of the scan (1290 lines in 06mn 13s)(0)