impossible supprimée les ligne 10 du rapport deHIJACKTHIS 2015-05-27T14:54:14+00:00

SOSVirus : Dépannage PC Gratuit Forums Aide à la désinfection – Forum Virus Sécurité impossible supprimée les ligne 10 du rapport deHIJACKTHIS

15 sujets de 1 à 15 (sur un total de 74)
  • Auteur
    Messages
  • doubie
    Participant
    Nombre d'articles : 50

    bonjour est-ce-que il y a un gentil personne qui peu résoudre mon problème mon ordinateur est lent et sur firefox j’ai toujours des fenêtre qui s’ouvre comme diriger vers d’autre site voici le rapport avant j’étais spécialiste en décontamination des virus .Sauf suite à un accident ,disons que je suis au ralenti. merci de bien analyser le rapport de HIJACKTHIS merci en principe ce sont les ligne 10-13-14-15-17-18-19

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 10:14:13, on 2015-05-27
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16644)

    FIREFOX: 38.0.1 (x86 fr)
    Boot mode: Normal

    Running processes:
    C:Windowssystem32Dwm.exe
    C:Windowssystem32taskeng.exe
    C:WindowsExplorer.EXE
    C:Windowssttray.exe
    C:Program FilesHPHP Software Updatehpwuschd2.exe
    C:WindowsSOUNDMAN.EXE
    C:Program FilesiTunesiTunesHelper.exe
    C:Program FilesHPHP Officejet 6600BinFaxApplications.exe
    C:Program FilesBullGuard LtdBullGuardBullGuard.exe
    C:Program FilesWindows Sidebarsidebar.exe
    C:Program FilesNokiaNokia SuiteNokiaSuite.exe
    C:Windowssystem32RunDll32.exe
    C:Windowssystem32RunDll32.exe
    C:Program FilesWindows Sidebarsidebar.exe
    C:Windowssystem32wbemunsecapp.exe
    C:Program FilesPC Connectivity SolutionTransportsNclMSBTSrvEx.exe
    C:Program FilesMozilla Firefoxfirefox.exe
    C:UsersfraisinetteDownloadsHijackThis(1).exe

    R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.firefox.com/
    R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
    O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:Program FilesJavajre7binssv.dll
    O2 – BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 – BHO: Windows Live Messenger Companion Helper – {9FDDE16B-836F-4806-AB1F-1455CBEFF289} – C:Program FilesWindows LiveCompanioncompanioncore.dll
    O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:Program FilesJavajre7binjp2ssv.dll
    O3 – Toolbar: (no name) – {CCAC5586-44D7-4c43-B64A-F042461A97D2} – (no file)
    O4 – HKLM..Run: [IgfxTray] “C:Windowssystem32igfxtray.exe”
    O4 – HKLM..Run: [SigmatelSysTrayApp] sttray.exe
    O4 – HKLM..Run: [HP Software Update] C:Program FilesHpHP Software UpdateHPWuSchd2.exe
    O4 – HKLM..Run: [SoundMan] SOUNDMAN.EXE
    O4 – HKLM..Run: [QuickTime Task] “C:Program FilesQuickTimeQTTask.exe” -atboottime
    O4 – HKLM..Run: [iTunesHelper] “C:Program FilesiTunesiTunesHelper.exe”
    O4 – HKLM..Run: [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    O4 – HKLM..Run: [BullGuard] “C:Program FilesBullGuard LtdBullGuardBullGuard.exe” -boot
    O4 – HKLM..Run: [BullGuardUpdate2] c:program filesbullguard ltdbullguardBullGuardUpdate2.exe
    O4 – HKCU..Run: [Sidebar] “C:Program FilesWindows Sidebarsidebar.exe” /autoRun
    O4 – HKCU..Run: [swg] “C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe”
    O4 – HKCU..Run: [NokiaSuite.exe] C:Program FilesNokiaNokia SuiteNokiaSuite.exe -tray
    O4 – HKCU..Run: [GUDelayStartup] “C:Program FilesGlary Utilities 5StartupManager.exe” -delayrun
    O4 – HKCU..Run: [CCleaner Monitoring] “C:Program FilesCCleanerCCleaner.exe” /MONITOR
    O4 – Startup: Alertes de surveillance de l’encre – .lnk = ?
    O4 – Startup: Alertes de surveillance de l’encre – HP Officejet 6600 (Copie 1).lnk = ?
    O8 – Extra context menu item: Download with &Shareaza – res://C:Program FilesShareazaRazaWebHook32.dll/3000
    O9 – Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 – {0000036B-C524-4050-81A0-243669A86B9F} – C:Program FilesWindows LiveCompanioncompanioncore.dll
    O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – (no file)
    O9 – Extra ‘Tools’ menuitem: Console Sun Java – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – (no file)
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra ‘Tools’ menuitem: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: HP Smart Print – {22CC3EBD-C286-43aa-B8E6-06B115F74162} – C:Program FilesHewlett-PackardSmartPrintsmartprintsetup.exe
    O9 – Extra ‘Tools’ menuitem: SmartPrint – {22CC3EBD-C286-43aa-B8E6-06B115F74162} – C:Program FilesHewlett-PackardSmartPrintsmartprintsetup.exe
    O9 – Extra button: Report to BullGuard – {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} – C:Program FilesBullGuard LtdBullGuardAntiphishingIEBGAntiphishingIE.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O10 – Unknown file in Winsock LSP: c:windowssystem32bglsp.dll
    O11 – Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 – DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} – http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:Windowssystem32browseui.dll
    O23 – Service: ArcSoft Connect Daemon (ACDaemon) – ArcSoft Inc. – C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) – Adobe Systems Incorporated – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    O23 – Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) – Adobe Systems Incorporated – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    O23 – Service: @%SystemRoot%system32aelupsvc.dll,-1 (AeLookupSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32Alg.exe,-112 (ALG) – Unknown owner – C:WindowsSystem32alg.exe
    O23 – Service: @%systemroot%system32appinfo.dll,-100 (Appinfo) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: Apple Mobile Device – Apple Inc. – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    O23 – Service: @%SystemRoot%system32audiosrv.dll,-204 (AudioEndpointBuilder) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32audiosrv.dll,-200 (Audiosrv) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32bfe.dll,-1001 (BFE) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32qmgr.dll,-1000 (BITS) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: Service Bonjour (Bonjour Service) – Apple Inc. – C:Program FilesBonjourmDNSResponder.exe
    O23 – Service: @%systemroot%system32browser.dll,-100 (Browser) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: BullGuard backup service (BsBackup) – Unknown owner – C:WindowsSystem32SvcHost.exe
    O23 – Service: BullGuard Behavioural Detection (BsBhvScan) – BullGuard Ltd. – C:Program FilesBullGuard LtdBullGuardBullGuardBhvScanner.exe
    O23 – Service: BullGuard cache service (BsCache) – Unknown owner – C:WindowsSystem32SvcHost.exe
    O23 – Service: BullGuard on-access service (BsFileScan) – Unknown owner – C:WindowsSystem32SvcHost.exe
    O23 – Service: BullGuard firewall service (BsFire) – Unknown owner – C:WindowsSystem32SvcHost.exe
    O23 – Service: BullGuard e-mail monitoring service (BsMailProxy) – Unknown owner – C:WindowsSystem32SvcHost.exe
    O23 – Service: BullGuard Main Service (BsMain) – Unknown owner – C:WindowsSystem32SvcHost.exe
    O23 – Service: BullGuard scanning service (BsScanner) – BullGuard Ltd. – C:Program FilesBullGuard LtdBullGuardBullGuardScanner.exe
    O23 – Service: BullGuard update service (BsUpdate) – BullGuard Ltd. – C:Program FilesBullGuard LtdBullGuardBullGuardUpdate.exe
    O23 – Service: Canon Camera Access Library 8 (CCALib8) – Canon Inc. – C:Program FilesCanonCALCALMAIN.exe
    O23 – Service: @%SystemRoot%System32certprop.dll,-11 (CertPropSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: CFUACProxy_hddv2usb3 – Storage Appliance Corp. – C:ProgramDataClickfreeHDDV2USB3UACProxy.exe
    O23 – Service: @%SystemRoot%system32cryptsvc.dll,-1001 (CryptSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @oleres.dll,-5012 (DcomLaunch) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @dfsrres.dll,-101 (DFSR) – Unknown owner – C:Windowssystem32DFSR.exe
    O23 – Service: @%SystemRoot%system32dhcpcsvc.dll,-100 (Dhcp) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%System32dnsapi.dll,-101 (Dnscache) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32dot3svc.dll,-1102 (dot3svc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32dps.dll,-500 (DPS) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%systemroot%system32eapsvc.dll,-1 (EapHost) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32emdmgmt.dll,-1000 (EMDMgmt) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32wevtsvc.dll,-200 (Eventlog) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @comres.dll,-2450 (EventSystem) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32fdPHost.dll,-100 (fdPHost) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32fdrespub.dll,-100 (FDResPub) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32FntCache.dll,-100 (FontCache) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @gpapi.dll,-112 (gpsvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: Service Google Update (gupdate) (gupdate) – Unknown owner – C:Program FilesGoogleUpdateGoogleUpdate.exe
    O23 – Service: Service Google Update (gupdatem) (gupdatem) – Unknown owner – C:Program FilesGoogleUpdateGoogleUpdate.exe
    O23 – Service: Google Software Updater (gusvc) – Google – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    O23 – Service: @%SystemRoot%System32hidserv.dll,-101 (hidserv) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32kmsvc.dll,-6 (hkmsvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: hpqcxs08 – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: Service HP CUE DeviceDiscovery (hpqddsvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
    O23 – Service: @%SystemRoot%system32ikeext.dll,-501 (IKEEXT) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32IPBusEnum.dll,-102 (IPBusEnum) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32iphlpsvc.dll,-200 (iphlpsvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: Service de l’iPod (iPod Service) – Apple Inc. – C:Program FilesiPodbiniPodService.exe
    O23 – Service: @keyiso.dll,-100 (KeyIso) – Unknown owner – C:Windowssystem32lsass.exe
    O23 – Service: @comres.dll,-2946 (KtmRm) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%systemroot%system32srvsvc.dll,-100 (LanmanServer) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32wkssvc.dll,-100 (LanmanWorkstation) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32lltdres.dll,-1 (lltdsvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32lmhsvc.dll,-101 (lmhosts) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: McciCMService – Alcatel-Lucent – C:Program FilesCommon FilesMotiveMcciCMService.exe
    O23 – Service: @%systemroot%system32mmcss.dll,-100 (MMCSS) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: Mozilla Maintenance Service (MozillaMaintenance) – Mozilla Foundation – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    O23 – Service: @%SystemRoot%system32FirewallAPI.dll,-23090 (MpsSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @comres.dll,-2797 (MSDTC) – Unknown owner – C:WindowsSystem32msdtc.exe
    O23 – Service: @%SystemRoot%system32iscsidsc.dll,-5000 (MSiSCSI) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32msimsg.dll,-27 (msiserver) – Unknown owner – C:Windowssystem32msiexec.exe
    O23 – Service: @%SystemRoot%system32qagentrt.dll,-6 (napagent) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: Net Driver HPZ12 – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) – Unknown owner – C:Windowssystem32lsass.exe
    O23 – Service: @%SystemRoot%system32netman.dll,-109 (Netman) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32netprof.dll,-246 (netprofm) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32nlasvc.dll,-1 (NlaSvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32nsisvc.dll,-200 (nsi) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32p2psvc.dll,-8004 (p2pimsvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32p2psvc.dll,-8006 (p2psvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32pcasvc.dll,-1 (PcaSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32pla.dll,-500 (pla) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32umpnpmgr.dll,-100 (PlugPlay) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: Pml Driver HPZ12 – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32p2psvc.dll,-8002 (PNRPAutoReg) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32p2psvc.dll,-8000 (PNRPsvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32polstore.dll,-5010 (PolicyAgent) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32profsvc.dll,-300 (ProfSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) – Unknown owner – C:Windowssystem32lsass.exe
    O23 – Service: @%SystemRoot%system32qwave.dll,-1 (QWAVE) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%Systemroot%system32rasauto.dll,-200 (RasAuto) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%Systemroot%system32rasmans.dll,-200 (RasMan) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @regsvc.dll,-1 (RemoteRegistry) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: RoxMediaDB9 – Sonic Solutions – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
    O23 – Service: Roxio Hard Drive Watcher 9 (RoxWatch9) – Sonic Solutions – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatch9.exe
    O23 – Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) – Unknown owner – C:Windowssystem32locator.exe
    O23 – Service: @oleres.dll,-5010 (RpcSs) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) – Unknown owner – C:Windowssystem32lsass.exe
    O23 – Service: @%SystemRoot%System32SCardSvr.dll,-1 (SCardSvr) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32schedsvc.dll,-100 (Schedule) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32certprop.dll,-13 (SCPolicySvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32sdrsvc.dll,-107 (SDRSVC) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32seclogon.dll,-7001 (seclogon) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32Sens.dll,-200 (SENS) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: ServiceLayer – Nokia – C:Program FilesPC Connectivity SolutionServiceLayer.exe
    O23 – Service: @%SystemRoot%System32SessEnv.dll,-1026 (SessionEnv) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32shsvcs.dll,-12288 (ShellHWDetection) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:Program FilesSkypeUpdaterUpdater.exe
    O23 – Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) – Unknown owner – C:Windowssystem32SLsvc.exe
    O23 – Service: @%SystemRoot%system32SLUINotify.dll,-103 (SLUINotify) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) – Unknown owner – C:WindowsSystem32snmptrap.exe
    O23 – Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) – Unknown owner – C:WindowsSystem32spoolsv.exe
    O23 – Service: @%systemroot%system32ssdpsrv.dll,-100 (SSDPSRV) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32sstpsvc.dll,-200 (SstpSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32wiaservc.dll,-9 (stisvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: stllssvr – MicroVision Development, Inc. – C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
    O23 – Service: @%SystemRoot%System32swprv.dll,-103 (swprv) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32sysmain.dll,-1000 (SysMain) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32TabSvc.dll,-100 (TabletInputService) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32tapisrv.dll,-10100 (TapiSrv) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32tbssvc.dll,-100 (TBS) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32termsrv.dll,-268 (TermService) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32shsvcs.dll,-8192 (Themes) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%systemroot%system32mmcss.dll,-102 (THREADORDER) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32trkwks.dll,-1 (TrkWks) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%servicingTrustedInstaller.exe,-100 (TrustedInstaller) – Unknown owner – C:WindowsservicingTrustedInstaller.exe
    O23 – Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) – Unknown owner – C:Windowssystem32UI0Detect.exe
    O23 – Service: @%systemroot%system32upnphost.dll,-213 (upnphost) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32dwm.exe,-2000 (UxSms) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32vds.exe,-100 (vds) – Unknown owner – C:WindowsSystem32vds.exe
    O23 – Service: @%systemroot%system32vssvc.exe,-102 (VSS) – Unknown owner – C:Windowssystem32vssvc.exe
    O23 – Service: @%SystemRoot%system32w32time.dll,-200 (W32Time) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32wcncsvc.dll,-3 (wcncsvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32WcsPlugInService.dll,-200 (WcsPlugInService) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%systemroot%system32wdi.dll,-502 (WdiServiceHost) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%systemroot%system32wdi.dll,-500 (WdiSystemHost) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%systemroot%system32webclnt.dll,-100 (WebClient) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32wecsvc.dll,-200 (Wecsvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%System32wercplsupport.dll,-101 (wercplsupport) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32wersvc.dll,-100 (WerSvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%ProgramFiles%Windows DefenderMsMpRes.dll,-103 (WinDefend) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%system32winhttp.dll,-100 (WinHttpAutoProxySvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%Systemroot%system32wbemwmisvc.dll,-205 (Winmgmt) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%Systemroot%system32wsmsvc.dll,-101 (WinRM) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%SystemRoot%System32wlansvc.dll,-257 (Wlansvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) – Unknown owner – C:Windowssystem32wbemWmiApSrv.exe
    O23 – Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) – Unknown owner – C:Program FilesWindows Media Playerwmpnetwk.exe
    O23 – Service: @%SystemRoot%system32wpcsvc.dll,-100 (WPCSvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32wpdbusenum.dll,-100 (WPDBusEnum) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @C:WindowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) – Unknown owner – C:WindowsMicrosoft.NETFrameworkv4.0.30319WPFWPFFontCache_v0400.exe
    O23 – Service: @%SystemRoot%System32wscsvc.dll,-200 (wscsvc) – Unknown owner – C:WindowsSystem32svchost.exe
    O23 – Service: @%systemroot%system32SearchIndexer.exe,-103 (WSearch) – Unknown owner – C:Windowssystem32SearchIndexer.exe
    O23 – Service: @%systemroot%system32wuaueng.dll,-105 (wuauserv) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: @%SystemRoot%system32wudfsvc.dll,-1000 (wudfsvc) – Unknown owner – C:Windowssystem32svchost.exe
    O23 – Service: Zune Network Sharing Service (ZuneNetworkSvc) – Unknown owner – C:Program FilesZuneZuneNss.exe


    End of file – 24202 bytes

    buckhulk
    Participant
    Nombre d'articles : 2398

    Bonjour,

    voici le rapport avant j'étais spécialiste en décontamination des virus .Sauf suite à un accident ,disons que je suis au ralenti.

    :D en effet , hijackthis est complétement dépassé , un ZHPDiag (plus complet) permettrait d’en savoir plus sur ton ordinateur :

    ZHPDiag[/center:3gq0zqgi]

    suis bien les instructions

    1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!

    ZHPDiag (de Nicolas coolman)

    Cliquer sur le Bouton Vert : télécharger en toute sécurité
    Patientez le temps de la préparation du téléchargement
    Puis cliquez sur le Bouton Bleu (téléchargement)

    OU : miroir : ftp://zebulon.fr/ZHPDiag2.exe (Lien direct)

    Si ton système d’exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis “exécuter en tant qu’administrateur”

    a) * Une fois le téléchargement achevé,
    b) * double clique (ou clic droit pour seven , vista et 8 exécuter en tant qu’administrateur) sur ZHPDiag2.exe et suis les instructions.
    c) * L’outil va créer 2 icônes de racourcis : ZHPDiag >> ZHPFix
    d) * Clique droit sur le parchemin
    e) *A l’ouverture le programme te proposes “Rechercher” , “Configurer” , Complet –

    Clique sur “Complet” le scan démarre…….le rapport s’affiche

    Si tu cliques sur Configurer :
    * Des icônes apparaissent en bas de la fenêtre.
    * Clique sur le tournevis en bas à droite et choisis “Tous” puis “OK”

    2)* Maintenant clique sur “Rechercher”.

    * Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
    * Laisse l’outil travailler, il peut être assez long

    3) * Le rapport s’affiche sur ton Bureau une fois terminé !

    une fenêtre peut s’ouvrir à la fin de la recherche :

    Il suffit de cliquer sur :
    le programme s’est installé correctement

    Tu peux fermer ZHPDiag

    IMPORTANT

    Les rapports de diagnostique sont trop long, ils dépassent la taille autorisée par les éditeurs des forums , il faut donc héberger les rapports :

    Hébergement[/center:3gq0zqgi]

    A/ – Héberge le rapport ZHPDiag.txt sur : Paste&Furious et “les captures d’écran sur” : sosUpload

    ou sur cjoint

    B/ – Cliques sur >> Parcourir (ou choisissez un fichier)

    C/ – Cherche le rapport de ZHPDiag que tu viens de faire qui est sur ton bureau

    D/ – Cliques sur >> envoyer le fichier (ou créer le lien)

    E/ – Un lien sera généré, Un lien de cette forme: http://cjoint.com/index.php?file=cjge368/cijSKAP5fU.txt

    F/ – Il te suffit de le poster ici

    :merci2:

    doubie
    Participant
    Nombre d'articles : 50

    si je comprend bien la technologie a évolué le temps que j’enseignais la sécurité OK je t’envoie le rapport
    Merci

    doubie
    Participant
    Nombre d'articles : 50

    comment on met une capture écran dans la réponse merci

    buckhulk
    Participant
    Nombre d'articles : 2398
    si je comprend bien la technologie a évolué le temps que j'enseignais la sécurité OK je t'envoie le rapport

    mdr oui beaucoup …..!

    comment on met une capture écran dans la réponse merci

    capture d'image ou copie d'écran[/center:edd2sztj]

    Voici un tutoriel pour vous apprendre à faire et à montrer une copie/capture d’écran (screenshot).
    Une capture d’écran est une image dont le contenu est celui qui a été affiché à un instant donné sur un écran d’ordinateur, ou de tout autre dispositif d’affichage.

    Vous pouvez faire une capture de tout l’écran ou bien d’une partie de l’écran, pour réaliser un capture d’écran, nous allons utiliser la touche Impécr du clavier, nous verrons également comment montrer une capture d’écran sur un forum par exemple, si la personne qui vous vient en aide vous le demande.

    Pour capturer tout l’écran :

    Il faut simplement appuyer sur la touche Alt + Impécr du clavier.

    Pour capturer une partie de l’écran :

    Sur Win 7 vous avez : Outil capture il suffit de l’ouvrir et choisir ….ou faire une capture totale.
    Sélectionner la partie à capturer.
    Faites la combinaison de touches Alt + Impécr.

    Comme vous l’avez remarqué, rien ne se passe après avoir fait ces manipulations, c’est normal, l’image capturée est en mémoire dans Windows, pour l’utiliser et la coller ou vous voulez, il faut l’enregistrer, nous allons voir comment montrer une capture d’écran.

    1 Une fois la capture réalisée, que faire? :
    2 Ouvrez le logiciel Paint inclus dans Windows. (Menu démarrer – tous les programmes – dossier Acessoires – Paint).
    Ou un autre logiciel comme PhotoFiltre
    3 Une fois Paint ouvert, faites la combinaison de touches Ctrl + V pour coller l’image capturée. (Ou bien menu Edition (clic droit), choisir Coller).
    4 Faites Fichier – Enregistrer sous.
    5 Choisir l’emplacement voulu.
    6 Choisir le nom que vous voulez donner à votre image.
    7 Choisir le type d’extension de votre image. (PNG – JPEG….ETC…, je conseille le format JPEG).
    8 Cliquez sur Enregistrer.

    Dans Paint, vous avez également la possibilité de personnaliser votre image, pour cela utilisez les outils disponibles du logiciel.

    Une fois l’image enregistrée, que faire :

    a Nous allons voir maintenant comment la mettre en ligne, pour pouvoir la montrer à son interlocuteur.

    b Se rendre sur le site Sos Upload sos upload

    c Cliquez sur Choisissez un fichier ou envoyer une image :

    Rechercher l’image ou le fichier sur votre ordinateur

    d Si vous choisissez image, cliquer sur envoyer, sélectionnez la, et cliquez encore une fois sur envoyer.

    e Vous pouvez choisir quel lien mettre :

    h Soit vous “surlignez” le lien, puis clic droit pour le copier dans le presse-papier.

    A Allez ensuite coller le lien dans votre réponse à votre interlocuteur.

    B Envoyez votre réponse.

    exemple :
    https://antimalware.top/img/images/2014/10/09/oeil108357c.gif (j’ai pas complété la balise exprès) sinon cela donne :

    [spoil:edd2sztj][/spoil:edd2sztj]

    ^^

    doubie
    Participant
    Nombre d'articles : 50

    j’ai un problème impossible de Héberger on ma marquerPaste@furlous sauf quand je clic dessus . elle marque la page vous êtes pas membre de sos virus merci
    une partie du rapport Rapport de ZHPDiag v2014.12.27.179 – Nicolas Coolman (2014-12-27)
    ~ Lancé par fraisinette (2015-05-27 15:06:06)
    ~ Facebook : https://www.facebook.com/nicolascoolman1
    ~ Adresse du Forum http://forum.nicolascoolman.fr
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Nouvelle version disponible
    ~ Liste blanche : Désactivée par l’utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox 38.0.1 (Defaut)
    GCIE: Google Chrome v43.0.2357.81

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows Vista (TM) Home Basic, 32-bit Service Pack 2 (Build 6002)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Vista, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : CH4CG
    Windows License : OK
    Windows Automatic Updates : OK

    —\ Logiciels de protection du système

    —\ Logiciels d’optimisation du système
    CCleaner v5.05

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 17 NPAPI
    Adobe Reader X
    Java 7 Update 71

    —\ Informations sur le système

    doubie
    Participant
    Nombre d'articles : 50

    –\ Informations sur le système
    ~ Processor: x86 Family 15 Model 4 Stepping 9, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3061 MB (49% free)
    System Restore: Activé (Enable)
    System drive C: has 15 GB (19%) free of 75 GB

    —\ Mode de connexion au système
    ~ Computer Name: SUPERBABALOU
    ~ User Name: fraisinette
    ~ All Users Names: SophosPureMessage, fraisinette, ASPNET, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersfraisinetteAppDataRoamingZHP
    ~ %AppData% : C:UsersfraisinetteAppDataRoaming
    ~ %Desktop% : C:UsersfraisinetteDesktop
    ~ %Favorites% : C:UsersfraisinetteFavorites
    ~ %LocalAppData% : C:UsersfraisinetteAppDataLocal
    ~ %StartMenu% : C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 15 Go of 75 Go)
    D: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity Center] AntiVirusDisableNotify: OK
    [HKLMSOFTWAREMicrosoftSecurity Center] FirewallDisableNotify: OK
    [HKLMSOFTWAREMicrosoftSecurity Center] UpdatesDisableNotify: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionInternet Settings] WarnOnHTTPSToHTTPRedirect: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: Modified =>Hijacker.Application
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 49 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.2009-04-11 – 01:27:36.) — C:WindowsExplorer.exe [2926592]
    [MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.2008-01-19 – 02:33:37.) — C:WindowsSystem32Wininit.exe [96768]
    [MD5.E38E89A0939A42F5EE4292DFC48772DF] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.2015-04-10 – 10:20:33.) — C:WindowsSystem32wininet.dll [1129472]
    [MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.2009-04-11 – 01:28:13.) — C:WindowsSystem32Winlogon.exe [314368]
    [MD5.F5272A105F59A7B3B345D9D6D87DA7AD] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.2014-05-30 – 01:53:22.) — C:Windowssystem32DriversAFD.sys [273408]
    [MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.2009-04-11 – 01:32:26.) — C:Windowssystem32Driversatapi.sys [19944]
    [MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.2008-01-19 – 00:28:02.) — C:Windowssystem32DriversCdfs.sys [70144]
    [MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.2009-04-10 – 23:39:17.) — C:Windowssystem32DriversCdrom.sys [67072]
    [MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.2011-04-14 – 09:59:03.) — C:Windowssystem32DriversDfsC.sys [75264]
    [MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.2009-04-10 – 23:42:42.) — C:Windowssystem32DriversHDAudBus.sys [561152]
    [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.2008-01-19 – 00:49:18.) — C:Windowssystem32Driversi8042prt.sys [54784]
    [MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.2008-01-19 – 00:56:28.) — C:Windowssystem32DriversIpNat.sys [100864]
    [MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.2011-04-29 – 08:24:40.) — C:Windowssystem32DriversMRxSmb.sys [106496]
    [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.2009-04-10 – 23:45:37.) — C:Windowssystem32DriversnetBT.sys [185856]
    [MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.2013-03-03 – 14:07:52.) — C:Windowssystem32Driversntfs.sys [1082232]
    [MD5.8A79FDF04A73428597E2CAF9D0D67850] – (.Microsoft Corporation – Pilote de port parallèle.) (.2008-01-19 – 00:49:33.) — C:Windowssystem32DriversParport.sys [79360]
    [MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.2008-01-19 – 00:56:34.) — C:Windowssystem32DriversRasl2tp.sys [76288]
    [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.2006-11-02 – 04:03:00.) — C:Windowssystem32Driversrdpdr.sys [242688]
    [MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.2009-04-10 – 23:45:22.) — C:Windowssystem32Driverssmb.sys [66560]
    [MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.2009-04-10 – 23:45:56.) — C:Windowssystem32Driverstdx.sys [72192]
    [MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.2012-08-21 – 06:47:42.) — C:Windowssystem32Driversvolsnap.sys [224640]
    ~ Generic Processes: Scanned in 00mn 01s

    —\ Etat des fichiers cachés (Caché/Total)

    doubie
    Participant
    Nombre d'articles : 50

    –\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 3/641
    ~ Mes musiques (My Musics) : 1/128
    ~ Mes Videos (My Videos) : 1/2
    ~ Mes Favoris (My Favorites) : 1/70
    ~ Mes Documents (My Documents) : 8/141
    ~ Mon Bureau (My Desktop) : 1/15
    ~ Menu demarrer (Programs) : 1/29
    ~ Hidden Files: Scanned in 00mn 03s

    —\ Processus lancés
    [MD5.10EB9773131BB74757F02ADA18F4081C] – (.SigmaTel, Inc. – Sigmatel Audio system tray application.) — C:Windowssttray.exe [303104] [PID.204]
    [MD5.34D296AFC913E302953C70463EF09A48] – (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHPHP Software Updatehpwuschd2.exe [96056] [PID.272]
    [MD5.B70BCC55743C5A5BD7C7C6D6A02BB6F9] – (.Realtek Semiconductor Corp. – Realtek Sound Manager.) — C:WindowsSOUNDMAN.exe [604704] [PID.288]
    [MD5.20769F05B2A6EBF78CF3D82ED0063236] – (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe [157480] [PID.308]
    [MD5.1E13BE110F02F6BD7DFCB5289FA87F5E] – (.Hewlett-Packard Co. – FaxApplications.) — C:Program FilesHPHP Officejet 6600BinFaxApplications.exe [2863720] [PID.420]
    [MD5.CB37432C6D660ED4DB05D7157DB2F0C0] – (.BullGuard Ltd. – BullGuard.) — C:Program FilesBullGuard LtdBullGuardBullGuard.exe [1080616] [PID.436]
    [MD5.2481529EC3A9A030481545B70B119CCB] – (.Nokia – Nokia Suite.) — C:Program FilesNokiaNokia SuiteNokiaSuite.exe [1092448] [PID.904]
    [MD5.4B555106290BD117334E9A08761C035A] – (…) — ystem32RunDll32.exe [0] [PID.1216]
    [MD5.4055F0DFB750F0174D9C81BAB5276B51] – (.Piriform Ltd – CCleaner.) — C:Program FilesCCleanerCCleaner.exe [6276888] [PID.3960]
    [MD5.01D0F2058431E5EB0973E837BBCF810C] – (.Glarysoft Ltd – Glary Utilities 5.) — C:Program FilesGlary Utilities 5Integrator.exe [890144] [PID.4140]
    [MD5.58FBD16C4BB84D9F69C25F30DAA4CE31] – (.Nokia – Microsoft Bluetooth Media Server.) — C:Program FilesPC Connectivity SolutionTransportsNclMSBTSrvEx.exe [158032] [PID.4716]
    [MD5.A623666C8A8EC9A57DCA07915A3F1EC6] – (.Microsoft Corporation – Sauvegarde Microsoft® Windows.) — C:Windowssystem32sdclt.exe [1169408] [PID.3492]
    [MD5.E47AC731D42B2452D4C0BF096DF3DD6E] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8145408] [PID.5640]
    [MD5.944B921EB6E8DBCCC9B456458952A13F] – (.Learnpulse – Screenpresso.) — C:UsersfraisinetteAppDataLocalLearnpulseScreenpressoScreenpresso.exe [11256336] [PID.5828]
    [MD5.6080A176D09435FC8E6E800996656E18] – (.Microsoft Corporation – Console IME.) — C:Windowssystem32conime.exe [69120] [PID.5748]
    [MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.1276]
    [MD5.ADC420616C501B45D26C0FD3EF1E54E4] – (.ArcSoft Inc. – ArcSoft Connect Service.) — C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe [113152] [PID.424]
    [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program FilesCommon FilesAdobeARM1.0armsvc.exe [81088] [PID.2016]
    [MD5.D2B87FC03BE28CD0B33C2B5C1119FD8E] – (.Apple Inc. – MobileDeviceService.) — C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [60744] [PID.1400]
    [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] – (.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe [390504] [PID.476]
    [MD5.4F5BAAF9E7F275FB40A1207111A6A0D8] – (.BullGuard Ltd. – BullGuard Behavioural Detection.) — C:Program FilesBullGuard LtdBullGuardBullGuardBhvScanner.exe [506152] [PID.1768]
    [MD5.BED2A332EFBD93567AFF43448058B0A4] – (.BullGuard Ltd. – BullGuard Scanner.) — C:Program FilesBullGuard LtdBullGuardBullGuardScanner.exe [232744] [PID.2108]
    [MD5.CD735958980B057A4D05A4E8B6ED767B] – (.BullGuard Ltd. – BullGuard Update.) — C:Program FilesBullGuard LtdBullGuardBullGuardUpdate.exe [332584] [PID.2144]
    [MD5.16AC5B763E8661FDC6E33CE84FC1CA94] – (.Storage Appliance Corp. – Clickfree Backup.) — C:ProgramDataClickfreeHDDV2USB3UACProxy.exe [83792] [PID.2304]
    [MD5.20F89E232173985A455BC9A5F70D1166] – (.Canon Inc. – Canon Camera Access Library 8.) — C:Program FilesCanonCALCALMAIN.exe [96341] [PID.3372]
    [MD5.FB7679FD086C60597F8C6929FF66FAC2] – (.Apple Inc. – iPodService Module (32-bit).) — C:Program FilesiPodbiniPodService.exe [540968] [PID.2264]
    [MD5.78F7BB9F4924BE164294C59B8C3FC096] – (.Nokia – ServiceLayer Module.) — C:Program FilesPC Connectivity SolutionServiceLayer.exe [737616] [PID.2924]
    [MD5.5EBE396DB0ED20910A4C51E235539F9F] – (.Nokia – USB Media Server.) — C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe [179024] [PID.3884]
    ~ Processes Running: Scanned in 00mn 03s

    —\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin2.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin3.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin4.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin5.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin6.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin7.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin2.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin3.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin4.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin5.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin6.dll
    P1 – OPN:Opera Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesOperaProgramPluginsnpqtplugin7.dll
    ~ Opera Browser: 14 Scanned in 00mn 00s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersfraisinetteAppDataLocalGoogleChromeUser DataDefaultPreferences

    —\ Liste des dossiers d’extension Google Chrome
    ~ Google Lines Browser: 0 Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    M2 – MFEP: prefs.js [fraisinette – by0xqssn.default-1421728668960en-CA@dictionaries.addons.mozilla.org] [] Canadian English Dictionary v2.0.11 (..)
    M2 – MFEP: prefs.js [fraisinette – by0xqssn.default-1421728668960{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20131118 (..)
    M2 – MFEP: Extension [fraisinette – by0xqssn.default-1421728668960] {cf8452e1-0ddb-44d2-95eb-4cb8e7a35707}.xpi
    M2 – MFEP: Extension [fraisinette – rdwu3ihq.default] {cf8452e1-0ddb-44d2-95eb-4cb8e7a35707}.xpi
    P2 – FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. – Adobe PDF Plug-In For Firefox and Netscape 10.1.14.) — C:Program FilesMozilla FirefoxPluginsnppdf32.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesMozilla FirefoxPluginsnpqtplugin.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesMozilla FirefoxPluginsnpqtplugin2.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesMozilla FirefoxPluginsnpqtplugin3.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesMozilla FirefoxPluginsnpqtplugin4.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program FilesMozilla FirefoxPluginsnpqtplugin5.dll
    P2 – FPN:Firefox Plugin Navigator . (.Yahoo! Inc. – Yahoo! activeX Plug-in Bridge.) — C:Program FilesMozilla FirefoxPluginsnpyaxmpb.dll
    P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:Windowssystem32MacromedFlashNPSWF32_17_0_0_188.dll
    P2 – FPN: [HKLM] [@adobe.com/ShockwavePlayer] – (.Adobe Systems, Inc. – Adobe Shockwave for Director Netscape plug-in, version 12.1.) — C:Windowssystem32AdobeDirectornp32dsw_1210150.dll
    P2 – FPN: [HKLM] [@Apple.com/iTunes,version=1.0] – (…) — C:Program FilesiTunesMozilla Pluginsnpitunes.dll
    P2 – FPN: [HKLM] [@Google.com/GoogleEarthPlugin] – (.Google – GEPlugin.) — C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll =>.Google Inc
    P2 – FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] – (.Oracle Corporation – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:Program FilesJavajre7bindtpluginnpDeployJava1.dll
    P2 – FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] – (.Oracle Corporation – Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) — C:Program FilesJavajre7binplugin2npjp2.dll
    P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.40416.0.) — c:Program FilesMicrosoft Silverlight5.1.40416.0npctrl.dll
    P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
    P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
    P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
    P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
    P2 – FPN: [HKLM] [@microsoft.com/WPF,version=3.5] – (.Microsoft Corporation – Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) — c:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll
    P2 – FPN: [HKLM] [@nokia.com/EnablerPlugin] – (.Pas de propriétaire – Nokia Suite Enabler Plugin.) — C:Program FilesNokiaNokia SuitenpNokiaSuiteEnabler.dll
    P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=3] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.27.5npGoogleUpdate3.dll
    P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=9] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.27.5npGoogleUpdate3.dll
    P2 – FPN: [HKLM] [Adobe Reader] – (.Adobe Systems Inc. – Adobe PDF Plug-In For Firefox and Netscape 10.1.14.) — C:Program FilesAdobeReader 10.0ReaderAIRnppdf32.dll
    P2 – FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] – (.Yahoo! Inc. – Yahoo! activeX Plug-in Bridge.) — C:Program FilesMozilla Firefoxpluginsnpyaxmpb.dll
    P2 – FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] – (.Skype Limited – Facebook Video Calling Plugin.) — C:UsersfraisinetteAppDataLocalFacebookVideoSkypenpFacebookVideoCalling.dll
    P2 – FPN: [HKCU] [facebook.com/fbDesktopPlugin] – (.Facebook, Inc. – Facebook Desktop Plugin.) — C:UsersfraisinetteAppDataLocalFacebookMessenger2.1.4814.0npFbDesktopPlugin.dll
    ~ Firefox Browser: 37 Scanned in 00mn 01s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.firefox.com
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL = http://www.google.com
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com
    R3 – URLSearchHook: Microsoft Url Search Hook – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Facebook, Inc. – Facebook Desktop Plugin.) (No version) — (.not file.)
    R4 – HKCUSOFTWAREMicrosoftInternet ExplorerPhishingFilter,Enabled = 2
    ~ IE Browser: 11 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (1)
    ~ Hosts File: Scanned in 00mn 00s

    doubie
    Participant
    Nombre d'articles : 50

    -\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (1)
    ~ Hosts File: Scanned in 00mn 00s

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program FilesJavajre7binssv.dll
    O2 – BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 – BHO: Windows Live Messenger Companion Helper – {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation – Windows Live Messenger Companion Core.) — C:Program FilesWindows LiveCompanioncompanioncore.dll
    O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program FilesJavajre7binjp2ssv.dll
    ~ BHO: 10 Scanned in 00mn 00s

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: (no name) – [HKLM]{CCAC5586-44D7-4c43-B64A-F042461A97D2} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{71576546-354D-41C9-AAE8-31F2EC22BF0D} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
    O4 – HKLM..Run: [SigmatelSysTrayApp] . (.SigmaTel, Inc. – Sigmatel Audio system tray application.) — C:Windowssttray.exe
    O4 – HKLM..Run: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHpHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Run: [SoundMan] . (.Realtek Semiconductor Corp. – Realtek Sound Manager.) — C:WindowsSOUNDMAN.exe
    O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    O4 – HKLM..Run: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe
    O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [BullGuard] . (.BullGuard Ltd. – BullGuard.) — C:Program FilesBullGuard LtdBullGuardBullGuard.exe
    O4 – HKLM..Run: [BullGuardUpdate2] . (.BullGuard Ltd. – BullGuard Secondary Updater.) — c:program filesbullguard ltdbullguardBullGuardUpdate2.exe
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKCU..Run: [NokiaSuite.exe] . (.Nokia – Nokia Suite.) — C:Program FilesNokiaNokia SuiteNokiaSuite.exe
    O4 – HKCU..Run: [GUDelayStartup] . (.Glarysoft Ltd – Glary Utilities StartupManager.) — C:Program FilesGlary Utilities 5StartupManager.exe
    O4 – HKCU..Run: [CCleaner Monitoring] . (.Piriform Ltd – CCleaner.) — C:Program FilesCCleanerCCleaner.exe =>.Piriform Ltd
    O4 – HKUSS-1-5-21-2700970025-1350270200-1373712304-1000..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-2700970025-1350270200-1373712304-1000..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
    O4 – HKUSS-1-5-21-2700970025-1350270200-1373712304-1000..Run: [NokiaSuite.exe] . (.Nokia – Nokia Suite.) — C:Program FilesNokiaNokia SuiteNokiaSuite.exe
    O4 – HKUSS-1-5-21-2700970025-1350270200-1373712304-1000..Run: [GUDelayStartup] . (.Glarysoft Ltd – Glary Utilities StartupManager.) — C:Program FilesGlary Utilities 5StartupManager.exe
    O4 – HKUSS-1-5-21-2700970025-1350270200-1373712304-1000..Run: [CCleaner Monitoring] . (.Piriform Ltd – CCleaner.) — C:Program FilesCCleanerCCleaner.exe =>.Piriform Ltd
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 – {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation – Windows Live Messenger Companion core resources.) — C:Program FilesWindows LiveCompanioncompanionres.dll
    O9 – Extra button: Console Sun Java – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — Clé orpheline
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: SmartPrint – {22CC3EBD-C286-43aa-B8E6-06B115F74162} . (…) — C:Program FilesHewlett-PackardSmartPrintsmartprint.ico
    O9 – Extra button: Report to BullGuard – {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} . (.BullGuard Ltd. – BullGuard Antiphishing Toolbar Button.) — C:Program FilesBullGuard LtdBullGuardAntiphishingIEBGAntiphishingIE.dll
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program FilesBonjourmdnsNSP.dll
    ~ Winsock: 7 Scanned in 00mn 00s

    —\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 – DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) – http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    ~ Objets ActiveX: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{2F2F8586-7CB3-4F26-9B46-A8BA247A9F9A}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCCSServicesTcpip..{BD727955-ED77-4451-8807-DB8293613C15}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{2F2F8586-7CB3-4F26-9B46-A8BA247A9F9A}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS1ServicesTcpip..{BD727955-ED77-4451-8807-DB8293613C15}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS2ServicesTcpip..{2F2F8586-7CB3-4F26-9B46-A8BA247A9F9A}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCS2ServicesTcpip..{BD727955-ED77-4451-8807-DB8293613C15}: DhcpNameServer = 192.168.0.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlmailhtml – {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation – Windows Live Mail.) — C:Program FilesWindows LiveMailmailcomm.dll =>.Microsoft Corporation
    O18 – Filter: application/x-msdownload – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation – Contrôleur de site Web.) — C:WindowsSystem32webcheck.dll
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l’interface utilisateur du.) — C:WindowsSystem32browseui.dll
    ~ STS/SSO: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. – ArcSoft Connect Service.) – C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    O23 – Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. – MobileDeviceService.) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    O23 – Service: Service Bonjour (Bonjour Service) . (.Apple Inc. – Bonjour Service.) – C:Program FilesBonjourmDNSResponder.exe
    O23 – Service: BullGuard Behavioural Detection (BsBhvScan) . (.BullGuard Ltd. – BullGuard Behavioural Detection.) – C:Program FilesBullGuard LtdBullGuardBullGuardBhvScanner.exe
    O23 – Service: BullGuard scanning service (BsScanner) . (.BullGuard Ltd. – BullGuard Scanner.) – C:Program FilesBullGuard LtdBullGuardBullGuardScanner.exe
    O23 – Service: BullGuard update service (BsUpdate) . (.BullGuard Ltd. – BullGuard Update.) – C:Program FilesBullGuard LtdBullGuardBullGuardUpdate.exe
    O23 – Service: Canon Camera Access Library 8 (CCALib8) . (.Canon Inc. – Canon Camera Access Library 8.) – C:Program FilesCanonCALCALMAIN.exe
    O23 – Service: CFUACProxy_hddv2usb3 (CFUACProxy_hddv2usb3) . (.Storage Appliance Corp. – Clickfree Backup.) – C:ProgramDataClickfreeHDDV2USB3UACProxy.exe
    O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d’installation de Google.) – C:Program FilesGoogleUpdateGoogleUpdate.exe =>.Google Inc
    O23 – Service: Skype Updater (SkypeUpdate) . (.Skype Technologies – Skype Updater Service.) – C:Program FilesSkypeUpdaterUpdater.exe
    ~ Services: 11 Scanned in 00mn 29s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk * ) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [1022152]
    [MD5.00CC35F515079F5F94FABC3AC5C7D363] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe [268464]
    [MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-superbabalou-fraisinette] (.Adobe Systems Incorporated.) — C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [500208]
    [MD5.4055F0DFB750F0174D9C81BAB5276B51] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) — C:Program FilesCCleanerCCleaner.exe [6276888]
    [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000Core] (.Facebook Inc..) — C:UsersfraisinetteAppDataLocalFacebookUpdateFacebookUpdate.exe [138096]
    [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000UA] (.Facebook Inc..) — C:UsersfraisinetteAppDataLocalFacebookUpdateFacebookUpdate.exe [138096]
    [MD5.1E13BE110F02F6BD7DFCB5289FA87F5E] [APT] [FaxArchive_CN1CT1B0KF05RN] (.Hewlett-Packard Co..) — C:Program FilesHPHP Officejet 6600BinFaxApplications.exe [2863720]
    [MD5.7BFB1A76B787DAC7BC648AD3CC7C36D0] [APT] [GlaryInitialize 5] (.Glarysoft Ltd.) — C:Program FilesGlary Utilities 5Initialize.exe [118048]
    [MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program FilesGoogleUpdateGoogleUpdate.exe [107912]
    [MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program FilesGoogleUpdateGoogleUpdate.exe [107912]
    [MD5.01D0F2058431E5EB0973E837BBCF810C] [APT] [GU5SkipUAC] (.Glarysoft Ltd.) — C:Program FilesGlary Utilities 5Integrator.exe [890144]
    [MD5.6D51713A36C0733A4BDD94EAD5A33AD9] [APT] [HPCustParticipation HP Officejet 6600] (.Hewlett-Packard Co..) — C:Program FilesHPHP Officejet 6600BinHPCustPartic.exe [2938984]
    [MD5.00000000000000000000000000000000] [APT] [{1BB63F06-5507-4410-A22C-620CC1D864E4}] (…) — C:Program FilesLes Animaux de Thomasunins000.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{2461AF6F-5EA9-48B6-B955-6E984A967C8F}] (…) — C:UsersfraisinetteDownloadsInstall_FlyGimpPro_fr.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{2931E537-0406-48BD-80BB-284D18E97032}] (…) — D:MONITOR.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{63AD69BD-6B78-414D-A767-3056D1D4422A}] (…) — C:UsersfraisinetteDownloadsShareazaTurboAccelerator_installer.exe (.not file.) [0]
    [MD5.1BBA0F845F3C609CEBAEB8F19522F207] [APT] [{8988E3B6-CFE3-493C-9F1B-F3DD461C7FBC}] (.InstallShield Software Corporation.) — C:Windowssystem32ISUSPM.cpl [73728]
    [MD5.A3C75E5FA30273FF53DB1202BE0E832E] [APT] [{AE44856C-96E6-4AF7-B46C-B7E5FDD2FCAB}] (.Hewlett-Packard Co..) — C:Program FilesHPDigital Imagingbinhpzwiz01.exe [472664]
    [MD5.00000000000000000000000000000000] [APT] [{B37EB7CD-0889-4B42-85F3-D2DB001C5F88}] (…) — C:UsersfraisinetteDownloadsCA_fr_DP54_DL_20080106.exe (.not file.) [0]
    [MD5.A2364BBA6210ABC07F3D726B306941D9] [APT] [{D7F86616-FA8E-4DB6-9FCF-4FB44CAE0F97}] (.Intel Corporation.) — C:Windowssystem32igfxcpl.cpl [94208]
    [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) — C:Program FilesApple Software UpdateSoftwareUpdate.exe [561984]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000Core – (.Facebook Inc..) — C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000Core.job [930]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000Core – (.Facebook Inc..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000Core [930]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000UA – (.Facebook Inc..) — C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000UA.job [952]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000UA – (.Facebook Inc..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-2700970025-1350270200-1373712304-1000UA [952]
    O39 – APT: FaxArchive_CN1CT1B0KF05RN – (.Hewlett-Packard Co..) — C:WindowsTasksFaxArchive_CN1CT1B0KF05RN.job [438]
    O39 – APT: FaxArchive_CN1CT1B0KF05RN – (.Hewlett-Packard Co..) — C:WindowsSystem32TasksFaxArchive_CN1CT1B0KF05RN [438]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1052]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1052]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1056]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1056]
    ~ Scheduled Task: 29 Scanned in 00mn 16s

    doubie
    Participant
    Nombre d'articles : 50

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Internet Explorer – >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Explorer par utilisateur.) — C:Windowssystem32ie4uinit.exe
    O40 – ASIC: Installation Support – {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. – YInstHelper Module.) — C:Program FilesYahoo!CommonYinsthelper.dll
    O40 – ASIC: Microsoft VM – {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (…) — C:Windowssystem32msjava.dll
    O40 – ASIC: Microsoft Windows Media Player 11.0 – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSystem32wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Installation Support – {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. – YInstHelper Module.) — C:Program FilesYahoo!CommonYinsthelper.dll
    O40 – ASIC: Installation Support – {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. – YInstHelper Module.) — C:Program FilesYahoo!CommonYinsthelper.dll
    O40 – ASIC: Microsoft Windows Mail 7 – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program FilesWindows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
    O40 – ASIC: Google Chrome – {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. – Google Chrome Installer.) — C:Program FilesGoogleChromeApplication43.0.2357.81Installerchrmstp.exe
    O40 – ASIC: Installed Component – S-1-5-21-2700970025-1350270200-1373712304-1000 – {ABE57277-678B-4A8A-9D0E-A25E285CCCE7}-1Reg — Not Hexadécimal CLSID
    O40 – ASIC: Installed Component – S-1-5-21-2700970025-1350270200-1373712304-1000 – {ABE57277-678B-4A8A-9D0E-A25E285CCCE7}-2Help — Not Hexadécimal CLSID
    O40 – ASIC: Installed Component – S-1-5-21-2700970025-1350270200-1373712304-1000 – {ABE57277-678B-4A8A-9D0E-A25E285CCCE7}-3Reg — Not Hexadécimal CLSID
    ~ Active Setup: 18 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: (AFW) . (.Agnitum Ltd. – Agnitum Firewall NDIS Driver.) – C:WindowsSystem32DRIVERSafw.sys
    O41 – Driver: (BdAgent) . (.BullGuard Ltd. – BullGuard Security Agent.) – C:WindowsSystem32DRIVERSBdAgent.sys
    O41 – Driver: (BdSpy) . (.BullGuard Ltd. – BullGuard File Monitor.) – C:WindowsSystem32driversBdSpy.sys
    O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
    O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: (GUBootStartup) . (.Glarysoft Ltd – The driver for the Startup Manager tool.) – C:Windowssystem32driversGUBootStartup.sys
    O41 – Driver: (kbdclass) . (.Microsoft Corporation – Pilote de la classe Clavier.) – C:WindowsSystem32DRIVERSkbdclass.sys
    O41 – Driver: (kbdhid) . (.Microsoft Corporation – Pilote de filtre clavier HID.) – C:WindowsSystem32DRIVERSkbdhid.sys
    O41 – Driver: (mouclass) . (.Microsoft Corporation – Pilote de la classe Souris.) – C:WindowsSystem32DRIVERSmouclass.sys
    O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: (netbt) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: (NovaShieldFilterDriver) . (.BullGuard Ltd. – BullGuard Behaviour Monitor.) – C:WindowsSystem32DRIVERSNSKernel.sys
    O41 – Driver: (NovaShieldTDIDriver) . (.BullGuard Ltd. – BullGuard Behaviour Network.) – C:WindowsSystem32DRIVERSNSNetmon.sys
    O41 – Driver: (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (PSched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
    O41 – Driver: (RasAcd) . (.Microsoft Corporation – RAS Automatic Connection Driver.) – C:WindowsSystem32DRIVERSrasacd.sys
    O41 – Driver: (rdbss) . (.Microsoft Corporation – Redirected Drive Buffering SubSystem Driver.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
    O41 – Driver: (RDPENCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32driversrdpencdd.sys
    O41 – Driver: (Serial) . (.Microsoft Corporation – Pilote de périphérique série.) – C:WindowsSystem32DRIVERSserial.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (Smb) . (.Microsoft Corporation – SMB Transport driver.) – C:WindowsSystem32DRIVERSsmb.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
    O41 – Driver: (TermDD) . (.Microsoft Corporation – Terminal Server Driver.) – C:WindowsSystem32DRIVERStermdd.sys
    O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
    O41 – Driver: (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
    O41 – Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation – Winsock2 IFS Layer.) – C:Windowssystem32driversws2ifsl.sys
    ~ Drivers: 81 Scanned in 00mn 01s

    —\ Logiciels installés (O42)
    O42 – Logiciel: 32 Bit HP CIO Components Installer – (.Hewlett-Packard.) [HKLM] — {A80FA752-C491-4ED9-ABF0-4278563160B2}
    O42 – Logiciel: Adobe Community Help – (.Adobe Systems Incorporated.) [HKLM] — chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    O42 – Logiciel: Adobe Community Help – (.Adobe Systems Incorporated.) [HKLM] — {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
    O42 – Logiciel: Adobe Flash Player 17 NPAPI – (.Adobe Systems Incorporated.) [HKLM] — Adobe Flash Player NPAPI
    O42 – Logiciel: Adobe Reader X (10.1.14) – Français – (.Adobe Systems Incorporated.) [HKLM] — {AC76BA86-7AD7-1036-7B44-AA1000000001}
    O42 – Logiciel: Adobe Refresh Manager – (.Adobe Systems Incorporated.) [HKLM] — {AC76BA86-0804-1033-1959-001802114130}
    O42 – Logiciel: Adobe Shockwave Player 12.1 – (.Adobe Systems, Inc..) [HKLM] — Adobe Shockwave Player
    O42 – Logiciel: Apple Application Support (32 bits) – (.Apple Inc..) [HKLM] — {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
    O42 – Logiciel: Apple Mobile Device Support – (.Apple Inc..) [HKLM] — {E1DB0812-2D60-43DB-AE09-6C7027D93B28}
    O42 – Logiciel: Apple Software Update – (.Apple Inc..) [HKLM] — {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
    O42 – Logiciel: ArcSoft MediaImpression – (.ArcSoft.) [HKLM] — {77C71BFE-2598-4DB5-8F7C-0CF81A16DA40}
    O42 – Logiciel: ArcSoft PhotoImpression 4 – (…) [HKLM] — {68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}
    O42 – Logiciel: ArcSoft Print Creations – (.ArcSoft.) [HKLM] — {FD011F34-749C-47E0-BA48-6009412C4789}
    O42 – Logiciel: Bing Bar – (.Microsoft Corporation.) [HKLM] — {3611CA6C-5FCA-4900-A329-6A118123CCFC} =>Toolbar.Bing
    O42 – Logiciel: Bonjour – (.Apple Inc..) [HKLM] — {79155F2B-9895-49D7-8612-D92580E0DE5B}
    O42 – Logiciel: BullGuard Premium Protection – (.BullGuard Ltd..) [HKLM] — BullGuard
    O42 – Logiciel: CCleaner – (.Piriform.) [HKLM] — CCleaner
    O42 – Logiciel: Camera Driver – (…) [HKLM] — {D1B3874F-3057-11D6-B2EA-0050BA18806B}
    O42 – Logiciel: Canon Camera Access Library – (…) [HKLM] — CAL
    O42 – Logiciel: Canon Camera Window DC_DV 6 for ZoomBrowser EX – (…) [HKLM] — CameraWindowDVC6
    O42 – Logiciel: Canon Camera Window MC 6 for ZoomBrowser EX – (…) [HKLM] — CameraWindowMC
    O42 – Logiciel: Canon G.726 WMP-Decoder – (…) [HKLM] — Canon G.726 WMP-Decoder

    doubie
    Participant
    Nombre d'articles : 50

    6 for ZoomBrowser EX – (…) [HKLM] — CameraWindowDVC6
    O42 – Logiciel: Canon Camera Window MC 6 for ZoomBrowser EX – (…) [HKLM] — CameraWindowMC
    O42 – Logiciel: Canon G.726 WMP-Decoder – (…) [HKLM] — Canon G.726 WMP-Decoder
    O42 – Logiciel: Canon MovieEdit Task for ZoomBrowser EX – (…) [HKLM] — MovieEditTask
    O42 – Logiciel: Canon RAW Image Task for ZoomBrowser EX – (…) [HKLM] — RAW Image Task
    O42 – Logiciel: Canon RemoteCapture Task for ZoomBrowser EX – (…) [HKLM] — RemoteCaptureTask
    O42 – Logiciel: Canon Utilities EOS Utility – (…) [HKLM] — EOS Utility
    O42 – Logiciel: Canon Utilities PhotoStitch – (…) [HKLM] — PhotoStitch
    O42 – Logiciel: Canon Utilities ZoomBrowser EX – (…) [HKLM] — ZoomBrowser EX
    O42 – Logiciel: Complément Messenger – (.Microsoft Corporation.) [HKLM] — {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: Dell Resource CD – (.http://support.dell.com.) [HKLM] — {2764CA82-DFB9-4498-AF85-719340BF5305}
    O42 – Logiciel: Facebook Messenger 2.1.4814.0 – (.Facebook.) [HKLM] — {7204BDEE-1A48-4D95-A964-44A9250B439E}
    O42 – Logiciel: Facebook Video Calling 3.1.0.521 – (.Skype Limited.) [HKLM] — {2091F234-EB58-4B80-8C96-8EB78C808CF7}
    O42 – Logiciel: Feedback Tool – (.Microsoft Corporation.) [HKLM] — {13A5E785-5197-4EAD-8EE3-D660271E49BC}
    O42 – Logiciel: French App Name – (.Adobe Systems Incorporated.) [HKLM] — com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    O42 – Logiciel: French App Name – (.Adobe Systems Incorporated.) [HKLM] — {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
    O42 – Logiciel: Glary Utilities 5.25 – (.Glarysoft Ltd.) [HKLM] — Glary Utilities 5
    O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM] — Google Chrome
    O42 – Logiciel: Google Earth Plug-in – (.Google.) [HKLM] — {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} =>.Google Inc
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM] — {18455581-E099-4BA8-BC6B-F34B2F06600C}
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM] — {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM] — {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 – Logiciel: HP FWUpdateEDO2 – (.Hewlett-Packard.) [HKLM] — {415FA9AD-DA10-4ABE-97B6-5051D4795C90}
    O42 – Logiciel: HP Officejet 6600 Aide – (.Hewlett Packard.) [HKLM] — {2FA81482-5570-4CF0-9A10-D61D2F164916} =>.Hewlett-Packard Co
    O42 – Logiciel: HP Photo Creations – (.HP.) [HKLM] — HP Photo Creations
    O42 – Logiciel: HP Photosmart Essential – (.HP.) [HKLM] — {EB21A812-671B-4D08-B974-2A347F0D8F70} =>.Hewlett-Packard Co
    O42 – Logiciel: HP Photosmart.All-In-One Driver Software 8.0 .A – (.HP.) [HKLM] — {282E5AB2-8E47-4571-B6FA-6B512555B557} =>.Hewlett-Packard Co
    O42 – Logiciel: HP Update – (.Hewlett-Packard.) [HKLM] — {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
    O42 – Logiciel: HPDiagnosticAlert – (.Microsoft.) [HKLM] — {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
    O42 – Logiciel: HPOJ6600FWUpdateAlert – (.HP.) [HKLM] — {D8B5B40F-B216-4C0E-B039-F98377CD9FA4}
    O42 – Logiciel: I.R.I.S. OCR – (.HP.) [HKLM] — {CA6BCA2F-EDEB-408F-850B-31404BE16A61}
    O42 – Logiciel: ImpotExpert Updater 2010 – (.Logiciel Dr Tax Software Inc..) [HKLM] — {96F549E9-85D0-4F12-8747-259F6C224E61}
    O42 – Logiciel: Intel(R) Graphics Media Accelerator Driver – (…) [HKLM] — HDMI
    O42 – Logiciel: Java 7 Update 71 – (.Oracle.) [HKLM] — {26A24AE4-039D-4CA4-87B4-2F03217071FF}
    O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM] — {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    O42 – Logiciel: Logiciel de base du périphérique HP Officejet 6600 – (.Hewlett-Packard Co..) [HKLM] — {B15C809A-3420-4400-9948-E61296313DE9} =>.Hewlett-Packard Co
    O42 – Logiciel: MSVC80_x86_v2 – (.Nokia.) [HKLM] — {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
    O42 – Logiciel: MSVC90_x86 – (.Nokia.) [HKLM] — {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: MSXML 4.0 SP2 (KB954430) – (.Microsoft Corporation.) [HKLM] — {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    O42 – Logiciel: MSXML 4.0 SP2 (KB973688) – (.Microsoft Corporation.) [HKLM] — {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    O42 – Logiciel: MSXML 4.0 SP3 Parser (KB2758694) – (.Microsoft Corporation.) [HKLM] — {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
    O42 – Logiciel: MSXML 4.0 SP3 Parser – (.Microsoft Corporation.) [HKLM] — {196467F1-C11F-4F76-858B-5812ADC83B94}
    O42 – Logiciel: MSXML4SP2 – (.Logiciel Dr Tax Software Inc..) [HKLM] — {451BB54C-8B23-4455-8BDC-14FC7D43E056}
    O42 – Logiciel: Mesh Runtime – (.Microsoft Corporation.) [HKLM] — {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
    O42 – Logiciel: Microsoft Antimalware Service FR-FR Language Pack – (.Microsoft Corporation.) [HKLM] — {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
    O42 – Logiciel: Microsoft Fix it Center – (.Microsoft Corporation.) [HKLM] — {B7588D45-AFDC-4C93-9E2E-A100F3554B64}
    O42 – Logiciel: Microsoft SOAP Toolkit 3.0 – (.Microsoft Corporation.) [HKLM] — {BCB4C18A-ACA6-4383-8688-E19933A705DD}
    O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 – Logiciel: Microsoft Works – (.Microsoft Corporation.) [HKLM] — {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
    O42 – Logiciel: Mozilla Firefox 38.0.1 (x86 fr) – (.Mozilla.) [HKLM] — Mozilla Firefox 38.0.1 (x86 fr)
    O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM] — MozillaMaintenanceService
    O42 – Logiciel: MétéoMédia – (.MétéoMédia.) [HKCU] — MétéoMédia
    O42 – Logiciel: Nokia Connectivity Cable Driver – (.Nokia.) [HKLM] — {29373274-977E-413C-A4DE-DC0F8E80C429}
    O42 – Logiciel: Nokia Suite – (.Nokia.) [HKLM] — Nokia Suite
    O42 – Logiciel: Nokia Suite – (.Nokia.) [HKLM] — {88B6F9DE-C80F-4A70-ACF6-BEE933679170}
    O42 – Logiciel: OpenOffice 4.1.1 – (.Apache Software Foundation.) [HKLM] — {121727D5-FDF3-4723-BA57-EB383440ED72}
    O42 – Logiciel: PC Connectivity Solution – (.Nokia.) [HKLM] — {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}
    O42 – Logiciel: Package de pilotes Windows – Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1 – (.Nokia.) [HKLM] — 17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382
    O42 – Logiciel: PowerDVD – (.Dell.) [HKLM] — {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
    O42 – Logiciel: QuickTime 7 – (.Apple Inc..) [HKLM] — {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
    O42 – Logiciel: Realtek AC’97 Audio – (…) [HKLM] — {FB08F381-6533-4108-B7DD-039E11FBC27E}
    O42 – Logiciel: Roxio Creator Audio – (.Roxio.) [HKLM] — {83FFCFC7-88C6-41c6-8752-958A45325C82}
    O42 – Logiciel: Roxio Creator DE – (.Roxio.) [HKLM] — {C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    O42 – Logiciel: Roxio Creator Data – (.Roxio.) [HKLM] — {0D397393-9B50-4c52-84D5-77E344289F87}
    O42 – Logiciel: Roxio Creator Tools – (.Roxio.) [HKLM] — {0394CDC8-FABD-4ed8-B104-03393876DFDF}
    O42 – Logiciel: Roxio Express Labeler – (.Roxio.) [HKLM] — {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    O42 – Logiciel: Roxio MyDVD DE – (.Roxio, Inc..) [HKLM] — {D639085F-4B6E-4105-9F37-A0DBB023E2FB}
    O42 – Logiciel: Roxio Update Manager – (.Roxio.) [HKLM] — {30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    O42 – Logiciel: Screenpresso – (.Learnpulse.) [HKCU] — Screenpresso
    O42 – Logiciel: Segoe UI – (.Microsoft Corp.) [HKLM] — {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
    O42 – Logiciel: SigmaTel Audio – (.SigmaTel.) [HKLM] — {A462213D-EED4-42C2-9A60-7BDD4D4B0B17}
    O42 – Logiciel: Skype™ 7.0 – (.Skype Technologies S.A..) [HKLM] — {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
    O42 – Logiciel: Soap 3.0 Toolkit – (.Your Company Name.) [HKLM] — {2C464EC1-2B0C-4490-9CAC-D4562DD8377A}
    O42 – Logiciel: Sonic Activation Module – (.Sonic Solutions.) [HKLM] — {35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    O42 – Logiciel: Windows Media Player 9 Series Power Toy – Ratings Migration – (…) [HKLM] — RatingsMigration =>.Microsoft Corporation
    O42 – Logiciel: Windows Media Player 9 Series TweakMP PowerToy – (…) [HKLM] — TweakMP9 =>.Microsoft Corporation
    O42 – Logiciel: Windows Mobile Device Updater Component – (.Microsoft Corporation.) [HKLM] — {F2CB8C3C-9C9E-4FAB-9067-655601C5F748}
    O42 – Logiciel: Zune – (.Microsoft Corporation.) [HKLM] — Zune
    O42 – Logiciel: Zune – (.Microsoft Corporation.) [HKLM] — {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}
    O42 – Logiciel: Zune Language Pack (CHT) – (.Microsoft Corporation.) [HKLM] — {A5A53EA8-A11E-49F0-BDF5-AE536426A31A}
    O42 – Logiciel: Zune Language Pack (CSY) – (.Microsoft Corporation.) [HKLM] — {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}
    O42 – Logiciel: Zune Language Pack (DAN) – (.Microsoft Corporation.) [HKLM] — {8B112338-2B08-4851-AF84-E7CAD74CEB32}
    O42 – Logiciel: Zune Language Pack (DEU) – (.Microsoft Corporation.) [HKLM] — {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}
    O42 – Logiciel: Zune Language Pack (ELL) – (.Microsoft Corporation.) [HKLM] — {3589A659-F732-4E65-A89A-5438C332E59D}
    O42 – Logiciel: Zune Language Pack (FIN) – (.Microsoft Corporation.) [HKLM] — {B4870774-5F3A-46D9-9DFE-06FB5599E26B}
    O42 – Logiciel: Zune Language Pack (FRA) – (.Microsoft Corporation.) [HKLM] — {C68D33B1-0204-4EBE-BC45-A6E432B1D13A}
    O42 – Logiciel: Zune Language Pack (HUN) – (.Microsoft Corporation.) [HKLM] — {C6BE19C6-B102-4038-B2A6-1C313872DBB4}
    O42 – Logiciel: Zune Language Pack (IND) – (.Microsoft Corporation.) [HKLM] — {92ECE3F9-591E-4C12-8A62-B9FCE38BF646}
    O42 – Logiciel: Zune Language Pack (ITA) – (.Microsoft Corporation.) [HKLM] — {C5D37FFA-7483-410B-982B-91E93FD3B7DA}
    O42 – Logiciel: Zune Language Pack (KOR) – (.Microsoft Corporation.) [HKLM] — {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}
    O42 – Logiciel: Zune Language Pack (MSL) – (.Microsoft Corporation.) [HKLM] — {76BA306B-2AA0-47C0-AB6B-F313AB56C136}
    O42 – Logiciel: Zune Language Pack (NLD) – (.Microsoft Corporation.) [HKLM] — {6740BCB0-5863-47F4-80F4-44F394DE4FE2}
    O42 – Logiciel: Zune Language Pack (NOR) – (.Microsoft Corporation.) [HKLM] — {5DEFD397-4012-46C3-B6DA-E8013E660772}
    O42 – Logiciel: Zune Language Pack (PLK) – (.Microsoft Corporation.) [HKLM] — {8960A0A1-BB5A-479E-92CF-65AB9D684B43}
    O42 – Logiciel: Zune Language Pack (PTB) – (.Microsoft Corporation.) [HKLM] — {07EEE598-5F21-4B57-B40B-46592625B3D9}
    O42 – Logiciel: Zune Language Pack (PTG) – (.Microsoft Corporation.) [HKLM] — {5C93E291-A1CC-4E51-85C6-E194209FCDB4}
    O42 – Logiciel: Zune Language Pack (RUS) – (.Microsoft Corporation.) [HKLM] — {57C51D56-B287-4C11-9192-EC3C46EF76A4}
    O42 – Logiciel: Zune Language Pack (SVE) – (.Microsoft Corporation.) [HKLM] — {6EB931CD-A7DA-4A44-B74A-89C8EB50086F}
    O42 – Logiciel: iTunes – (.Apple Inc..) [HKLM] — {CE1F04C7-79BC-4219-BE6A-BA490224D4B5}
    O42 – Logiciel: swMSM – (.Adobe Systems, Inc.) [HKLM] — {612C34C7-5E90-47D8-9B5C-0F717DD82726}
    O42 – Logiciel: Étude pour l’amélioration du produit HP Officejet 6600 – (.Hewlett-Packard Co..) [HKLM] — {2FF3972A-368C-441D-B062-AC2FABE531C9} =>.Hewlett-Packard Co
    ~ Logic: 37 Scanned in 00mn 00s

    doubie
    Participant
    Nombre d'articles : 50

    O42 – Logiciel: swMSM – (.Adobe Systems, Inc.) [HKLM] — {612C34C7-5E90-47D8-9B5C-0F717DD82726}
    O42 – Logiciel: Étude pour l’amélioration du produit HP Officejet 6600 – (.Hewlett-Packard Co..) [HKLM] — {2FF3972A-368C-441D-B062-AC2FABE531C9} =>.Hewlett-Packard Co
    ~ Logic: 37 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareAdobe]
    [HKCUSoftwareAgainst Intuition]
    [HKCUSoftwareAlawar]
    [HKCUSoftwareAppDataLowSoftwareAdobe]
    [HKCUSoftwareAppDataLowSoftwareGID]
    [HKCUSoftwareAppDataLowSoftwareGoogle]
    [HKCUSoftwareAppDataLowSoftwareJavaSoft]
    [HKCUSoftwareAppDataLowSoftwareMacromedia]
    [HKCUSoftwareAppDataLowSoftwareYahoo]
    [HKCUSoftwareAppDataLowSoftwarecooliris]
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareApple Computer, Inc.]
    [HKCUSoftwareApple Inc.]
    [HKCUSoftwareArcSoft]
    [HKCUSoftwareAutodesk]
    [HKCUSoftwareAvery Dennison]
    [HKCUSoftwareBitDefender Local Backup]
    [HKCUSoftwareBitdefender]
    [HKCUSoftwareBorland]
    [HKCUSoftwareBrowserTemp]
    [HKCUSoftwareBullGuard Ltd.]
    [HKCUSoftwareBullGuardRescueTool]
    [HKCUSoftwareCanon]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareCyberlink]
    [HKCUSoftwareDell Computer Corporation]
    [HKCUSoftwareDoctor Web]
    [HKCUSoftwareDr Tax]
    [HKCUSoftwareESET]
    [HKCUSoftwareFacebook]
    [HKCUSoftwareFileHippo.com]
    [HKCUSoftwareG DATA]
    [HKCUSoftwareGlarySoft]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareHP Photo Creations]
    [HKCUSoftwareHP]
    [HKCUSoftwareHewlett-Packard]
    [HKCUSoftwareHookNetwork]
    [HKCUSoftwareIDAVLab]
    [HKCUSoftwareIM Providers]
    [HKCUSoftwareInstallShield]
    [HKCUSoftwareIntel]
    [HKCUSoftwareIris]
    [HKCUSoftwareJEDI-VCL]
    [HKCUSoftwareKC Softwares]
    [HKCUSoftwareLake]
    [HKCUSoftwareLowRegistry]
    [HKCUSoftwareMMTWN]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMagnet]
    [HKCUSoftwareMalwarebytes’ Anti-Malware]
    [HKCUSoftwareMotive]
    [HKCUSoftwareMozillaPlugins]
    [HKCUSoftwareMozilla]
    [HKCUSoftwareNetscape]
    [HKCUSoftwareNokia]
    [HKCUSoftwareOpenOffice]
    [HKCUSoftwarePaint.NET]
    [HKCUSoftwarePiriform]
    [HKCUSoftwarePolicies]
    [HKCUSoftwarePuretracks]
    [HKCUSoftwareRadialPoint]
    [HKCUSoftwareRealtek]
    [HKCUSoftwareRogers]
    [HKCUSoftwareRoxio]
    [HKCUSoftwareSecuROM]
    [HKCUSoftwareSkype]
    [HKCUSoftwareSlimWare Utilities Inc]
    [HKCUSoftwareSonic Solutions]
    [HKCUSoftwareSonic]
    [HKCUSoftwareSysinternals]
    [HKCUSoftwareTavultesoft]
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareVisan]
    [HKCUSoftwareWebroot]
    [HKCUSoftwareWinRAR SFX]
    [HKCUSoftwareYahoo]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKLMSoftwareAdobe]
    [HKLMSoftwareAdwCleaner]
    [HKLMSoftwareAppDataLow]
    [HKLMSoftwareApple Computer, Inc.]
    [HKLMSoftwareApple Inc.]
    [HKLMSoftwareArcSoft]
    [HKLMSoftwareAvery Dennison]
    [HKLMSoftwareBorland]
    [HKLMSoftwareBullGuard Ltd.]
    [HKLMSoftwareCXT]
    [HKLMSoftwareCanon]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareCompedia]
    [HKLMSoftwareConexant]
    [HKLMSoftwareCoreSecurity]
    [HKLMSoftwareCyberLink]
    [HKLMSoftwareDebug]
    [HKLMSoftwareDell Computer Corporation]
    [HKLMSoftwareDivXNetworks]
    [HKLMSoftwareDoctor Web]
    [HKLMSoftwareDr Tax]
    [HKLMSoftwareGEAR Software]
    [HKLMSoftwareGlarySoft]
    [HKLMSoftwareGoogle]
    [HKLMSoftwareHP]
    [HKLMSoftwareHewlett-Packard]
    [HKLMSoftwareIDAVLab]
    [HKLMSoftwareIM Providers]
    [HKLMSoftwareInstallShield]
    [HKLMSoftwareInstalledOptions]
    [HKLMSoftwareIntel]
    [HKLMSoftwareJavaSoft]
    [HKLMSoftwareJreMetrics]
    [HKLMSoftwareKCSoftware]
    [HKLMSoftwareKasperskyLab]
    [HKLMSoftwareLogMeIn Rescue]
    [HKLMSoftwareMARS]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMalwarebytes’ Anti-Malware]
    [HKLMSoftwareMicroVision]
    [HKLMSoftwareMotive]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareMozilla]
    [HKLMSoftwareNokia Mobile Phones]
    [HKLMSoftwareNokia]
    [HKLMSoftwareODBC]
    [HKLMSoftwareOpenOffice]
    [HKLMSoftwarePC Connectivity Solution]
    [HKLMSoftwarePCSuite]
    [HKLMSoftwarePiriform]
    [HKLMSoftwarePolicies]
    [HKLMSoftwarePreclick]
    [HKLMSoftwareRadialpoint]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareRocketLife]
    [HKLMSoftwareRogers]
    [HKLMSoftwareRoxio]
    [HKLMSoftwareSafer Networking Limited]
    [HKLMSoftwareSecunia]
    [HKLMSoftwareSigmaTel]
    [HKLMSoftwareSkype]
    [HKLMSoftwareSlimWare Utilities Inc]
    [HKLMSoftwareSonic]
    [HKLMSoftwareSwearware]
    [HKLMSoftwareSymantec]
    [HKLMSoftwareVisan]
    [HKLMSoftwareVolatile]
    [HKLMSoftwareWow6432Node]
    [HKLMSoftwareYahoo]
    [HKLMSoftwareilliminable]
    [HKLMSoftwaremozilla.org]
    ~ Key Software: 314 Scanned in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 2014-06-05 – 16:59:02 – [] —-D C:Program FilesAdobe
    O43 – CFD: 2010-10-27 – 18:46:22 – [] —-D C:Program FilesAdobe Media Player
    O43 – CFD: 2015-01-19 – 18:03:44 – [] —-D C:Program FilesApple Software Update =>.Apple Inc
    O43 – CFD: 2011-02-28 – 20:29:38 – [] —-D C:Program FilesArcSoft
    O43 – CFD: 2013-08-31 – 12:08:36 – [] —-D C:Program FilesAvery Dennison
    O43 – CFD: 2011-10-13 – 15:51:05 – [] —-D C:Program FilesBonjour
    O43 – CFD: 2013-06-27 – 21:32:42 – [] —-D C:Program Filesbrighter child
    O43 – CFD: 2015-05-18 – 20:24:01 – [] —-D C:Program FilesBullGuard Ltd
    O43 – CFD: 2013-04-12 – 14:00:18 – [] —-D C:Program FilesCanon
    O43 – CFD: 2015-05-15 – 11:07:25 – [] —-D C:Program FilesCCleaner
    O43 – CFD: 2009-11-04 – 17:30:09 – [] —-D C:Program FilesCitrix
    O43 – CFD: 2015-04-16 – 03:05:21 – [] —-D C:Program FilesCommon Files
    O43 – CFD: 2014-06-07 – 15:27:01 – [] —-D C:Program FilesCyberLink
    O43 – CFD: 2011-11-12 – 16:02:02 – [] —-D C:Program FilesDIFX
    O43 – CFD: 2014-07-22 – 12:03:29 – [0] —-D C:Program FilesDriverUpdate
    O43 – CFD: 2010-08-24 – 18:10:07 – [] —-D C:Program FilesDrWeb
    O43 – CFD: 2011-03-08 – 15:37:05 – [] —-D C:Program FilesFeedback Tool
    O43 – CFD: 2009-11-04 – 16:21:18 – [] -SH-D C:Program FilesFichiers communs
    O43 – CFD: 2010-10-27 – 17:15:42 – [] —-D C:Program FilesFlyGimp Pro
    O43 – CFD: 2010-09-19 – 13:38:55 – [] —-D C:Program FilesGameTop.com
    O43 – CFD: 2015-05-27 – 09:54:34 – [] —-D C:Program FilesGlary Utilities 5
    O43 – CFD: 2015-05-15 – 11:04:54 – [] —-D C:Program FilesGoogle
    O43 – CFD: 2012-04-28 – 07:26:02 – [] —-D C:Program FilesHewlett-Packard
    O43 – CFD: 2015-03-20 – 14:51:49 – [] —-D C:Program FilesHP
    O43 – CFD: 2014-11-27 – 15:48:07 – [] —-D C:Program FilesHP Photo Creations
    O43 – CFD: 2012-12-23 – 07:06:52 – [] —-D C:Program FilesImpotExpert 2010
    O43 – CFD: 2013-08-31 – 12:09:10 – [] –H-D C:Program FilesInstallShield Installation Information
    O43 – CFD: 2009-11-04 – 17:38:50 – [] —-D C:Program FilesIntel
    O43 – CFD: 2015-05-13 – 04:16:18 – [] —-D C:Program FilesInternet Explorer
    O43 – CFD: 2015-04-14 – 15:53:30 – [] —-D C:Program FilesiPod
    O43 – CFD: 2015-04-14 – 15:55:09 – [] —-D C:Program FilesiTunes
    O43 – CFD: 2015-01-19 – 16:32:50 – [] —-D C:Program FilesJava
    O43 – CFD: 2012-04-28 – 16:48:15 – [] —-D C:Program FilesJeux-Gratuits.com
    O43 – CFD: 2014-02-02 – 13:20:15 – [] —-D C:Program FilesLes Chiffres et les Lettres d’ Antoine
    O43 – CFD: 2010-04-27 – 18:23:57 – [] —-D C:Program FilesMARS
    O43 – CFD: 2014-11-20 – 16:12:57 – [] —-D C:Program FilesMicrosoft
    O43 – CFD: 2012-02-22 – 18:02:08 – [] —-D C:Program FilesMicrosoft Fix it Center
    O43 – CFD: 2006-11-02 – 08:35:51 – [] —-D C:Program FilesMicrosoft Games
    O43 – CFD: 2009-11-04 – 18:51:36 – [] —-D C:Program FilesMicrosoft Office
    O43 – CFD: 2015-05-13 – 04:17:49 – [] —-D C:Program FilesMicrosoft Silverlight
    O43 – CFD: 2011-03-02 – 13:29:48 – [] —-D C:Program FilesMicrosoft SQL Server Compact Edition
    O43 – CFD: 2010-06-14 – 11:08:19 – [] —-D C:Program FilesMicrosoft Works
    O43 – CFD: 2010-09-20 – 12:06:18 – [] —-D C:Program FilesMicrosoft.NET
    O43 – CFD: 2010-08-12 – 03:20:40 – [] —-D C:Program FilesMovie Maker
    O43 – CFD: 2015-05-18 – 12:01:16 – [] —-D C:Program FilesMozilla Firefox
    O43 – CFD: 2015-05-18 – 19:51:39 – [] —-D C:Program FilesMozilla Maintenance Service
    O43 – CFD: 2006-11-02 – 08:35:51 – [] —-D C:Program FilesMSBuild
    O43 – CFD: 2010-08-24 – 19:03:45 – [] —-D C:Program FilesMSSOAP
    O43 – CFD: 2013-01-17 – 17:59:03 – [] —-D C:Program FilesMSXML 4.0
    O43 – CFD: 2015-01-21 – 10:40:15 – [] —-D C:Program FilesNokia
    O43 – CFD: 2015-02-15 – 19:35:26 – [] —-D C:Program FilesOpenOffice 4
    O43 – CFD: 2010-09-20 – 10:28:39 – [] —-D C:Program FilesOpera
    O43 – CFD: 2015-02-14 – 14:20:53 – [0] —-D C:Program FilesPaint.NET
    O43 – CFD: 2015-01-21 – 10:34:03 – [] —-D C:Program FilesPC Connectivity Solution
    O43 – CFD: 2015-01-27 – 17:10:36 – [] —-D C:Program FilesQuickTime
    O43 – CFD: 2006-11-02 – 08:35:51 – [] —-D C:Program FilesReference Assemblies
    O43 – CFD: 2015-02-15 – 15:10:03 – [] —-D C:Program FilesRogers
    O43 – CFD: 2009-11-04 – 19:54:51 – [] —-D C:Program FilesRoxio
    O43 – CFD: 2014-06-05 – 16:59:06 – [] —-D C:Program FilesShareaza
    O43 – CFD: 2009-11-04 – 17:45:06 – [] —-D C:Program FilesSigmaTel
    O43 – CFD: 2015-04-16 – 03:05:22 – [] R—D C:Program FilesSkype
    O43 – CFD: 2006-11-02 – 08:58:18 – [0] –H-D C:Program FilesUninstall Information
    O43 – CFD: 2009-11-08 – 10:13:29 – [] —-D C:Program FilesWindows Calendar
    O43 – CFD: 2009-11-08 – 10:13:27 – [] —-D C:Program FilesWindows Collaboration
    O43 – CFD: 2009-11-08 – 10:13:24 – [] —-D C:Program FilesWindows Defender
    O43 – CFD: 2012-04-11 – 12:07:17 – [] —-D C:Program FilesWindows Live
    O43 – CFD: 2012-04-11 – 03:01:42 – [] —-D C:Program FilesWindows Mail =>.Microsoft Corporation
    O43 – CFD: 2011-04-01 – 07:29:48 – [] —-D C:Program FilesWindows Media Player =>.Microsoft Corporation
    O43 – CFD: 2009-11-04 – 16:21:18 – [] —-D C:Program FilesWindows NT
    O43 – CFD: 2009-11-08 – 10:13:26 – [] —-D C:Program FilesWindows Photo Gallery
    O43 – CFD: 2010-02-15 – 12:09:27 – [] —-D C:Program FilesWindows Portable Devices
    O43 – CFD: 2011-04-01 – 07:29:48 – [] —-D C:Program FilesWindows Sidebar
    O43 – CFD: 2015-01-19 – 20:42:53 – [] —-D C:Program FilesYahoo!
    O43 – CFD: 2015-05-27 – 14:46:41 – [] —-D C:Program FilesZHPDiag =>.Nicolas Coolman
    O43 – CFD: 2014-06-12 – 19:11:51 – [] —-D C:Program FilesZune
    O43 – CFD: 2013-04-27 – 15:40:36 – [] —-D C:Program FilesCommon FilesAdobe
    O43 – CFD: 2015-04-14 – 15:53:28 – [] —-D C:Program FilesCommon FilesApple
    O43 – CFD: 2010-08-02 – 15:09:38 – [] —-D C:Program FilesCommon FilesArcSoft
    O43 – CFD: 2013-08-02 – 10:39:31 – [] —-D C:Program FilesCommon FilesBitDefender
    O43 – CFD: 2012-12-11 – 11:27:26 – [] —-D C:Program FilesCommon FilesBorland Shared
    O43 – CFD: 2015-02-14 – 15:08:47 – [] —-D C:Program FilesCommon FilesBullGuard Ltd
    O43 – CFD: 2013-03-31 – 15:27:07 – [] —-D C:Program FilesCommon FilesCanon
    O43 – CFD: 2011-01-15 – 23:07:24 – [0] —-D C:Program FilesCommon FilesG Data
    O43 – CFD: 2009-11-06 – 15:11:28 – [] —-D C:Program FilesCommon FilesHewlett-Packard

    doubie
    Participant
    Nombre d'articles : 50

    O43 – CFD: 2015-02-14 – 15:08:47 – [] —-D C:Program FilesCommon FilesBullGuard Ltd
    O43 – CFD: 2013-03-31 – 15:27:07 – [] —-D C:Program FilesCommon FilesCanon
    O43 – CFD: 2011-01-15 – 23:07:24 – [0] —-D C:Program FilesCommon FilesG Data
    O43 – CFD: 2009-11-06 – 15:11:28 – [] —-D C:Program FilesCommon FilesHewlett-Packard
    O43 – CFD: 2012-04-29 – 08:55:54 – [] —-D C:Program FilesCommon FilesHP
    O43 – CFD: 2012-02-25 – 09:57:48 – [] —-D C:Program FilesCommon FilesInstallShield
    O43 – CFD: 2011-08-05 – 17:16:41 – [] —-D C:Program FilesCommon Filesmicrosoft shared
    O43 – CFD: 2011-04-29 – 19:11:07 – [] —-D C:Program FilesCommon FilesMotive
    O43 – CFD: 2009-12-11 – 15:37:12 – [] —-D C:Program FilesCommon FilesMSSoap
    O43 – CFD: 2011-11-30 – 16:41:43 – [] —-D C:Program FilesCommon FilesNokia
    O43 – CFD: 2009-11-04 – 19:42:47 – [] —-D C:Program FilesCommon FilesRoxio Shared
    O43 – CFD: 2006-11-02 – 07:18:33 – [] —-D C:Program FilesCommon FilesServices
    O43 – CFD: 2015-04-16 – 03:05:21 – [] —-D C:Program FilesCommon FilesSkype
    O43 – CFD: 2009-11-04 – 19:46:00 – [] —-D C:Program FilesCommon FilesSonic Shared
    O43 – CFD: 2006-11-02 – 07:18:33 – [] —-D C:Program FilesCommon FilesSpeechEngines
    O43 – CFD: 2009-11-04 – 19:44:30 – [] —-D C:Program FilesCommon FilesSureThing Shared
    O43 – CFD: 2013-06-29 – 12:38:04 – [0] —-D C:Program FilesCommon FilesSymantec Shared
    O43 – CFD: 2011-11-09 – 04:00:38 – [] —-D C:Program FilesCommon FilesSystem
    O43 – CFD: 2009-11-06 – 10:07:56 – [] —-D C:Program FilesCommon FilesWindows Live
    O43 – CFD: 2015-01-19 – 18:12:36 – [] —-D C:ProgramData188F1432-103A-4ffb-80F1-36B633C5C9E1
    O43 – CFD: 2014-06-11 – 03:44:17 – [] —-D C:ProgramDataAdobe
    O43 – CFD: 2015-01-19 – 17:58:38 – [] —-D C:ProgramDataApple
    O43 – CFD: 2010-12-25 – 10:03:01 – [] —-D C:ProgramDataApple Computer
    O43 – CFD: 2006-11-02 – 08:59:44 – [] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 2010-12-10 – 21:18:36 – [] —-D C:ProgramDataArcSoft
    O43 – CFD: 2010-05-08 – 07:05:40 – [] —-D C:ProgramDataAutodesk
    O43 – CFD: 2013-08-31 – 12:08:40 – [] —-D C:ProgramDataAvery
    O43 – CFD: 2010-11-17 – 11:36:40 – [] —-D C:ProgramDataAvira
    O43 – CFD: 2015-04-14 – 15:55:10 – [] —-D C:ProgramDataB0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
    O43 – CFD: 2014-06-05 – 16:59:10 – [] —-D C:ProgramDataBell
    O43 – CFD: 2015-05-27 – 15:07:03 – [] —-D C:ProgramDataBullGuard
    O43 – CFD: 2009-11-04 – 16:21:17 – [] -SH-D C:ProgramDataBureau
    O43 – CFD: 2014-06-05 – 16:59:11 – [] —-D C:ProgramDataCanon_Inc_IC
    O43 – CFD: 2012-02-11 – 20:02:37 – [] —-D C:ProgramDataClickfree
    O43 – CFD: 2014-06-05 – 16:59:11 – [] —-D C:ProgramDataCyberLink
    O43 – CFD: 2006-11-02 – 08:59:44 – [] -SH-D C:ProgramDataDesktop
    O43 – CFD: 2006-11-02 – 08:59:44 – [] -SH-D C:ProgramDataDocuments
    O43 – CFD: 2012-02-25 – 15:50:51 – [] —-D C:ProgramDataElectronic Arts
    O43 – CFD: 2011-03-30 – 10:44:50 – [] —-D C:ProgramDataESET
    O43 – CFD: 2009-11-04 – 16:21:17 – [] -SH-D C:ProgramDataFavoris
    O43 – CFD: 2006-11-02 – 08:59:44 – [] -SH-D C:ProgramDataFavorites
    O43 – CFD: 2011-01-15 – 23:08:45 – [] —-D C:ProgramDataG DATA
    O43 – CFD: 2015-04-29 – 21:38:13 – [] —-D C:ProgramDataGlarySoft
    O43 – CFD: 2010-12-24 – 13:04:26 – [] —-D C:ProgramDataGoogle
    O43 – CFD: 2009-11-06 – 14:46:53 – [] —-D C:ProgramDataHewlett-Packard
    O43 – CFD: 2014-11-20 – 16:06:53 – [] —-D C:ProgramDataHP
    O43 – CFD: 2014-11-27 – 15:48:06 – [] —-D C:ProgramDataHP Photo Creations
    O43 – CFD: 2009-11-04 – 19:47:20 – [] —-D C:ProgramDataInstallShield
    O43 – CFD: 2012-12-23 – 08:32:39 – [] —-D C:ProgramDatainstall_clap
    O43 – CFD: 2011-02-15 – 12:17:54 – [] —-D C:ProgramDataKaspersky Lab
    O43 – CFD: 2011-02-15 – 12:09:05 – [] —-D C:ProgramDataKaspersky Lab Setup Files
    O43 – CFD: 2013-01-16 – 10:46:57 – [] —-D C:ProgramDataLGMOBILEAX
    O43 – CFD: 2010-05-11 – 14:29:04 – [] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 2009-11-04 – 16:21:17 – [] -SH-D C:ProgramDataMenu Démarrer
    O43 – CFD: 2015-05-27 – 09:48:44 – [] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 2009-11-04 – 16:21:17 – [] -SH-D C:ProgramDataModèles
    O43 – CFD: 2011-05-03 – 16:58:57 – [] —-D C:ProgramDataMotive
    O43 – CFD: 2012-04-28 – 16:03:31 – [] —-D C:ProgramDataMozilla
    O43 – CFD: 2015-01-21 – 10:42:11 – [] —-D C:ProgramDataNokia
    O43 – CFD: 2012-03-14 – 12:43:31 – [] —-D C:ProgramDataNokiaInstallerCache
    O43 – CFD: 2013-06-30 – 18:10:06 – [] —-D C:ProgramDataNorton
    O43 – CFD: 2013-06-29 – 12:29:20 – [] —-D C:ProgramDataNortonInstaller
    O43 – CFD: 2014-06-07 – 15:33:56 – [0] —-D C:ProgramDataOrigin
    O43 – CFD: 2015-05-18 – 20:22:36 – [] —-D C:ProgramDataPackage Cache
    O43 – CFD: 2014-06-05 – 16:59:16 – [] —-D C:ProgramDataPC Suite
    O43 – CFD: 2014-06-05 – 16:59:16 – [] —-D C:ProgramDataRadialpoint
    O43 – CFD: 2010-10-27 – 18:52:40 – [] —-D C:ProgramDataregid.1986-12.com.adobe
    O43 – CFD: 2014-06-05 – 17:56:31 – [] —-D C:ProgramDataRoxio
    O43 – CFD: 2015-04-16 – 03:05:15 – [] —-D C:ProgramDataSkype
    O43 – CFD: 2009-11-04 – 19:46:06 – [] —-D C:ProgramDataSonic
    O43 – CFD: 2010-06-24 – 12:02:38 – [] —-D C:ProgramDataSpybot – Search & Destroy
    O43 – CFD: 2006-11-02 – 08:59:44 – [] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 2011-05-02 – 18:23:32 – [] —-D C:ProgramDataSun
    O43 – CFD: 2015-01-09 – 18:48:54 – [] —-D C:ProgramDataTavultesoft
    O43 – CFD: 2014-06-07 – 15:17:01 – [] —-D C:ProgramDataTemp
    O43 – CFD: 2006-11-02 – 08:59:44 – [] -SH-D C:ProgramDataTemplates
    O43 – CFD: 2013-01-22 – 15:04:24 – [] —-D C:ProgramDataTrend Micro
    O43 – CFD: 2012-04-28 – 11:05:12 – [] —-D C:ProgramDataVisan
    O43 – CFD: 2009-11-06 – 15:52:51 – [] —-D C:ProgramDataWEBREG
    O43 – CFD: 2010-05-21 – 12:39:52 – [] —-D C:ProgramDataWebroot
    O43 – CFD: 2014-06-06 – 12:39:17 – [] —-D C:ProgramDataWindowsSearch
    O43 – CFD: 2015-01-19 – 20:42:53 – [] —-D C:ProgramDataYahoo!
    O43 – CFD: 2010-12-25 – 10:04:44 – [] —-D C:ProgramData{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    O43 – CFD: 2009-12-25 – 06:04:15 – [] —-D C:ProgramData{755AC846-7372-4AC8-8550-C52491DAA8BD}
    O43 – CFD: 2010-09-20 – 12:20:28 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 2010-09-20 – 12:20:28 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 2010-10-27 – 18:46:22 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe
    O43 – CFD: 2010-08-02 – 15:11:15 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsArcSoft Connect
    O43 – CFD: 2010-08-02 – 15:09:33 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsArcSoft MediaImpression
    O43 – CFD: 2011-03-30 – 13:50:38 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsArcSoft PhotoImpression 4
    O43 – CFD: 2015-05-18 – 20:29:17 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsBullGuard
    O43 – CFD: 2013-04-12 – 14:00:20 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsCanon Utilities
    O43 – CFD: 2009-11-07 – 09:53:50 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsExtras and Upgrades
    O43 – CFD: 2009-11-07 – 09:53:54 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsGames
    O43 – CFD: 2015-04-29 – 21:31:13 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGlary Utilities 5
    O43 – CFD: 2015-05-15 – 11:05:40 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome
    O43 – CFD: 2013-12-11 – 19:06:03 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Earth =>.Google Inc
    O43 – CFD: 2011-11-10 – 21:06:37 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsHasbro Interactive
    O43 – CFD: 2014-11-27 – 15:48:07 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsHP
    O43 – CFD: 2014-08-05 – 20:20:19 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsiCloud
    O43 – CFD: 2014-12-25 – 09:03:58 – [0] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsInstallConverter
    O43 – CFD: 2015-04-14 – 15:55:19 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes
    O43 – CFD: 2015-01-19 – 16:34:18 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
    O43 – CFD: 2006-11-02 – 08:52:53 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 2015-05-13 – 03:09:48 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Silverlight
    O43 – CFD: 2009-12-09 – 04:02:11 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Works
    O43 – CFD: 2011-03-30 – 13:50:38 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMY CAMERA
    O43 – CFD: 2015-01-21 – 10:40:37 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsNokia
    O43 – CFD: 2015-02-15 – 19:38:10 – [] -S–D C:ProgramDataMicrosoftWindowsStart MenuProgramsOpenOffice 4.1.1
    O43 – CFD: 2015-01-27 – 17:10:20 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsQuickTime
    O43 – CFD: 2009-11-04 – 19:46:00 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsRoxio Creator DE
    O43 – CFD: 2015-04-16 – 03:05:26 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
    O43 – CFD: 2014-06-12 – 18:20:13 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 2014-06-12 – 18:20:14 – [] –H-D C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup-Disabled
    O43 – CFD: 2012-04-11 – 12:18:14 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows Live
    O43 – CFD: 2015-05-27 – 14:46:43 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP =>.Nicolas Coolman
    O43 – CFD: 2012-12-21 – 13:20:07 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsZune
    O43 – CFD: 2011-04-14 – 10:27:52 – [] —-D C:UsersfraisinetteAppDataRoamingAdobe
    O43 – CFD: 2010-10-31 – 16:26:32 – [] —-D C:UsersfraisinetteAppDataRoamingAdobe Mini Bridge CS5
    O43 – CFD: 2012-12-05 – 13:39:55 – [] —-D C:UsersfraisinetteAppDataRoamingApple Computer
    O43 – CFD: 2014-02-09 – 18:32:19 – [] —-D C:UsersfraisinetteAppDataRoamingArcSoft
    O43 – CFD: 2010-05-08 – 07:05:41 – [] —-D C:UsersfraisinetteAppDataRoamingAutodesk
    O43 – CFD: 2012-10-23 – 14:34:00 – [] —-D C:UsersfraisinetteAppDataRoamingBell
    O43 – CFD: 2012-10-23 – 14:17:47 – [] —-D C:UsersfraisinetteAppDataRoamingBitZipper
    O43 – CFD: 2014-12-04 – 11:46:02 – [] —-D C:UsersfraisinetteAppDataRoamingBullGuard
    O43 – CFD: 2013-03-31 – 15:17:37 – [] —-D C:UsersfraisinetteAppDataRoamingcanon
    O43 – CFD: 2012-08-06 – 18:31:05 – [] —-D C:UsersfraisinetteAppDataRoamingcom.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
    O43 – CFD: 2010-03-27 – 18:12:29 – [] —-D C:UsersfraisinetteAppDataRoamingCyberLink
    O43 – CFD: 2014-10-06 – 16:23:12 – [] —-D C:UsersfraisinetteAppDataRoamingDiskDefrag
    O43 – CFD: 2012-05-03 – 14:42:31 – [] —-D C:UsersfraisinetteAppDataRoamingEASYTools
    O43 – CFD: 2011-02-28 – 21:26:17 – [] —-D C:UsersfraisinetteAppDataRoamingESET
    O43 – CFD: 2012-05-29 – 15:47:33 – [0] —-D C:UsersfraisinetteAppDataRoamingEurekaLog
    O43 – CFD: 2012-05-01 – 10:15:25 – [] —-D C:UsersfraisinetteAppDataRoamingFastStone
    O43 – CFD: 2010-10-27 – 17:10:14 – [] —-D C:UsersfraisinetteAppDataRoamingFlyGimp Pro
    O43 – CFD: 2015-04-29 – 21:30:59 – [] —-D C:UsersfraisinetteAppDataRoamingGlarySoft
    O43 – CFD: 2009-11-06 – 20:10:36 – [] —-D C:UsersfraisinetteAppDataRoamingGoogle
    O43 – CFD: 2009-11-09 – 16:54:42 – [] —-D C:UsersfraisinetteAppDataRoamingHP
    O43 – CFD: 2014-12-04 – 14:37:30 – [] —-D C:UsersfraisinetteAppDataRoamingHpUpdate
    O43 – CFD: 2009-11-04 – 16:26:26 – [] —-D C:UsersfraisinetteAppDataRoamingIdentities
    O43 – CFD: 2015-05-18 – 12:02:20 – [] —-D C:UsersfraisinetteAppDataRoamingImage Zone Express
    O43 – CFD: 2012-04-28 – 16:30:18 – [] —-D C:UsersfraisinetteAppDataRoamingKC Softwares
    O43 – CFD: 2015-04-20 – 12:04:07 – [] —-D C:UsersfraisinetteAppDataRoamingLearnpulse
    O43 – CFD: 2013-01-18 – 14:48:46 – [0] —-D C:UsersfraisinetteAppDataRoamingLG Electronics
    O43 – CFD: 2009-11-05 – 19:43:38 – [] —-D C:UsersfraisinetteAppDataRoamingMacromedia
    O43 – CFD: 2010-05-11 – 14:29:25 – [] —-D C:UsersfraisinetteAppDataRoamingMalwarebytes
    O43 – CFD: 2012-11-06 – 14:33:20 – [] -S–D C:UsersfraisinetteAppDataRoamingMicrosoft
    O43 – CFD: 2014-02-02 – 15:16:37 – [] —-D C:UsersfraisinetteAppDataRoamingMozilla
    O43 – CFD: 2013-01-19 – 09:28:02 – [] —-D C:UsersfraisinetteAppDataRoamingNokia
    O43 – CFD: 2013-01-19 – 09:28:08 – [] —-D C:UsersfraisinetteAppDataRoamingNokia Suite
    O43 – CFD: 2013-07-30 – 17:46:33 – [] —-D C:UsersfraisinetteAppDataRoamingOpenOffice
    O43 – CFD: 2011-05-02 – 18:29:55 – [] —-D C:UsersfraisinetteAppDataRoamingOpenOffice.org
    O43 – CFD: 2010-07-28 – 17:30:58 – [] —-D C:UsersfraisinetteAppDataRoamingOpera
    O43 – CFD: 2012-02-25 – 15:58:16 – [] —-D C:UsersfraisinetteAppDataRoamingOrigin
    O43 – CFD: 2011-11-30 – 17:02:06 – [] —-D C:UsersfraisinetteAppDataRoamingPC Suite
    O43 – CFD: 2011-04-24 – 12:37:49 – [0] —-D C:UsersfraisinetteAppDataRoamingPeerNetworking
    O43 – CFD: 2012-11-23 – 19:17:12 – [] —-D C:UsersfraisinetteAppDataRoamingPrinter Info Cache
    O43 – CFD: 2010-08-24 – 17:55:14 – [0] —-D C:UsersfraisinetteAppDataRoamingQuickScan
    O43 – CFD: 2011-03-11 – 17:52:59 – [] —-D C:UsersfraisinetteAppDataRoamingRoxio
    O43 – CFD: 2012-03-29 – 13:05:27 – [] R-H-D C:UsersfraisinetteAppDataRoamingSecuROM
    O43 – CFD: 2013-08-24 – 16:02:08 – [] —-D C:UsersfraisinetteAppDataRoamingShareaza
    O43 – CFD: 2014-08-21 – 18:58:10 – [] —-D C:UsersfraisinetteAppDataRoamingSkype
    O43 – CFD: 2010-10-31 – 16:26:31 – [] —-D C:UsersfraisinetteAppDataRoamingStageManager.BD092818F67280F4B42B04877600987F0111B594.1
    O43 – CFD: 2009-11-07 – 16:19:19 – [] —-D C:UsersfraisinetteAppDataRoamingTemplate
    O43 – CFD: 2012-04-28 – 11:16:54 – [] —-D C:UsersfraisinetteAppDataRoamingVisan
    O43 – CFD: 2012-02-14 – 18:09:40 – [] —-D C:UsersfraisinetteAppDataRoamingWindows Live Writer
    O43 – CFD: 2013-12-06 – 11:54:55 – [] —-D C:UsersfraisinetteAppDataRoamingYahoo!
    O43 – CFD: 2015-05-27 – 15:07:49 – [] —-D C:UsersfraisinetteAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 2013-03-31 – 15:37:33 – [0] —-D C:UsersfraisinetteAppDataRoamingZoomBrowser EX
    O43 – CFD: 2015-05-19 – 11:38:53 – [] —-D C:UsersfraisinetteAppDataLocalAdobe
    O43 – CFD: 2009-12-25 – 06:00:46 – [] —-D C:UsersfraisinetteAppDataLocalApple
    O43 – CFD: 2012-05-28 – 17:55:38 – [] —-D C:UsersfraisinetteAppDataLocalApple Computer
    O43 – CFD: 2009-11-04 – 16:25:42 – [] -SH-D C:UsersfraisinetteAppDataLocalApplication Data
    O43 – CFD: 2009-11-04 – 17:29:47 – [] —-D C:UsersfraisinetteAppDataLocalApps
    O43 – CFD: 2010-08-02 – 15:12:16 – [] —-D C:UsersfraisinetteAppDataLocalArcSoft
    O43 – CFD: 2010-05-07 – 16:57:12 – [] —-D C:UsersfraisinetteAppDataLocalAutodesk
    O43 – CFD: 2009-11-04 – 17:30:02 – [] —-D C:UsersfraisinetteAppDataLocalCitrix
    O43 – CFD: 2014-12-23 – 09:32:33 – [] —-D C:UsersfraisinetteAppDataLocalCooliris
    O43 – CFD: 2013-06-28 – 19:46:33 – [] —-D C:UsersfraisinetteAppDataLocalCRE
    O43 – CFD: 2012-12-23 – 13:11:12 – [] —-D C:UsersfraisinetteAppDataLocalCyberLink
    O43 – CFD: 2010-10-27 – 13:06:31 – [0] —-D C:UsersfraisinetteAppDataLocalDeployment
    O43 – CFD: 2012-02-25 – 09:57:59 – [] —-D C:UsersfraisinetteAppDataLocalDownloaded Installations
    O43 – CFD: 2012-02-11 – 19:54:00 – [] —-D C:UsersfraisinetteAppDataLocalElevatedDiagnostics
    O43 – CFD: 2011-02-28 – 21:26:17 – [] —-D C:UsersfraisinetteAppDataLocalESET
    O43 – CFD: 2014-08-09 – 01:27:34 – [] —-D C:UsersfraisinetteAppDataLocalFacebook
    O43 – CFD: 2015-02-10 – 11:56:48 – [] —-D C:UsersfraisinetteAppDataLocalGoogle
    O43 – CFD: 2009-11-04 – 16:25:42 – [] -SH-D C:UsersfraisinetteAppDataLocalHistorique
    O43 – CFD: 2014-11-20 – 12:34:21 – [] —-D C:UsersfraisinetteAppDataLocalHP
    O43 – CFD: 2010-10-27 – 13:06:45 – [] —-D C:UsersfraisinetteAppDataLocalICS
    O43 – CFD: 2010-08-23 – 17:38:48 – [] —-D C:UsersfraisinetteAppDataLocalIsolatedStorage
    O43 – CFD: 2010-04-08 – 14:49:18 – [] —-D C:UsersfraisinetteAppDataLocalK-Meleon
    O43 – CFD: 2015-04-20 – 09:04:49 – [] —-D C:UsersfraisinetteAppDataLocalLearnpulse
    O43 – CFD: 2013-01-18 – 14:48:46 – [0] —-D C:UsersfraisinetteAppDataLocalLG Electronics
    O43 – CFD: 2015-02-13 – 11:17:08 – [] —-D C:UsersfraisinetteAppDataLocalLogMeIn Rescue Applet
    O43 – CFD: 2012-06-13 – 10:32:04 – [] —-D C:UsersfraisinetteAppDataLocalMacromedia
    O43 – CFD: 2012-12-21 – 13:30:02 – [] —-D C:UsersfraisinetteAppDataLocalMicrosoft
    O43 – CFD: 2011-02-18 – 21:12:34 – [] —-D C:UsersfraisinetteAppDataLocalMicrosoft Games
    O43 – CFD: 2009-11-07 – 18:31:33 – [] —-D C:UsersfraisinetteAppDataLocalMozilla
    O43 – CFD: 2013-08-01 – 17:12:00 – [] —-D C:UsersfraisinetteAppDataLocalMétéoMédia
    O43 – CFD: 2011-11-30 – 16:44:02 – [] —-D C:UsersfraisinetteAppDataLocalNokia
    O43 – CFD: 2011-11-12 – 16:17:17 – [0] —-D C:UsersfraisinetteAppDataLocalNokiaAccount
    O43 – CFD: 2010-07-28 – 17:30:58 – [] —-D C:UsersfraisinetteAppDataLocalOpera
    O43 – CFD: 2014-06-12 – 18:58:09 – [] —-D C:UsersfraisinetteAppDataLocalPaint.NET
    O43 – CFD: 2014-03-16 – 17:28:24 – [] —-D C:UsersfraisinetteAppDataLocalPowerDVD DX
    O43 – CFD: 2010-06-14 – 11:10:43 – [0] —-D C:UsersfraisinetteAppDataLocalRoxio
    O43 – CFD: 2011-11-08 – 17:28:23 – [] —-D C:UsersfraisinetteAppDataLocalShareaza
    O43 – CFD: 2014-06-05 – 21:16:40 – [] —-D C:UsersfraisinetteAppDataLocalSlimWare Utilities Inc
    O43 – CFD: 2015-05-27 – 15:05:48 – [] —-D C:UsersfraisinetteAppDataLocaltemp
    O43 – CFD: 2009-11-04 – 16:25:42 – [] -SH-D C:UsersfraisinetteAppDataLocalTemporary Internet Files
    O43 – CFD: 2010-07-25 – 10:44:50 – [0] —-D C:UsersfraisinetteAppDataLocalTrend Micro
    O43 – CFD: 2009-11-09 – 16:54:57 – [] —-D C:UsersfraisinetteAppDataLocalVirtualStore
    O43 – CFD: 2014-09-25 – 14:30:36 – [] —-D C:UsersfraisinetteAppDataLocalWindows Live
    O43 – CFD: 2011-01-21 – 13:29:42 – [] —-D C:UsersfraisinetteAppDataLocalWindows Live Writer
    O43 – CFD: 2006-11-02 – 08:51:30 – [] R—D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 2009-11-04 – 16:26:40 – [] R—D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 2014-06-05 – 17:06:24 – [0] —-D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsDell Accessories
    O43 – CFD: 2013-03-08 – 23:41:05 – [] —-D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsFacebook
    O43 – CFD: 2012-04-28 – 16:47:38 – [] —-D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsJeux-Gratuits.com
    O43 – CFD: 2006-11-02 – 08:47:50 – [] R—D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 2014-06-05 – 17:06:34 – [0] —-D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsMétéoMédia
    O43 – CFD: 2015-04-26 – 19:19:14 – [] R—D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 2014-06-07 – 14:46:44 – [] –H-D C:UsersfraisinetteAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup-Disabled
    ~ 910 Dossier CLSID vide (CLSID Empty Folder)
    ~ Program Folder: 1211 Scanned in 00mn 05s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.32AEC023256F682A02549764F81F811B] – 2015-05-12 – 15:32:44 —A- . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll [12379136]
    O44 – LFC:[MD5.F9B916F2A1CCD005EB4C24CAB469E0A6] – 2015-05-12 – 15:32:47 —A- . (.Microsoft Corporation – Convertisseur Microsoft HTML.) — C:WindowsSystem32html.iec [367616]
    O44 – LFC:[MD5.EAC46E5C1E22DB880D922507BB534867] – 2015-05-12 – 15:32:48 —A- . (.Microsoft Corporation – Navigateur Internet.) — C:WindowsSystem32ieframe.dll [9750528]
    O44 – LFC:[MD5.3BA966C1E38B25E3A870328024CE0E43] – 2015-05-12 – 15:32:49 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript9.dll [1810944]
    O44 – LFC:[MD5.B157A39B96E499FA8550B71AECCA5F43] – 2015-05-12 – 15:32:51 —A- . (.Microsoft Corporation – Internet Shortcut Shell Extension DLL.) — C:WindowsSystem32url.dll [231936]
    O44 – LFC:[MD5.96B2A5B595288AA3D0C31B5F52E486BC] – 2015-05-12 – 15:32:53 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript.dll [718336]
    O44 – LFC:[MD5.F5473F22FF31E87AB65CE80CB5D3889F] – 2015-05-12 – 15:32:53 —A- . (.Microsoft Corporation – Microsoft® HTML Editing Component.) — C:WindowsSystem32mshtmled.dll [73216]
    O44 – LFC:[MD5.B7BDAC132A964E09DEE852A8CBA257FA] – 2015-05-12 – 15:32:53 —A- . (.Microsoft Corporation – Moteur de l’interface utilisateur d’Interne.) — C:WindowsSystem32ieui.dll [176640]
    O44 – LFC:[MD5.E38E89A0939A42F5EE4292DFC48772DF] – 2015-05-12 – 15:32:54 —A- . (.Microsoft Corporation – Extensions Internet pour Win32.) — C:WindowsSystem32wininet.dll [1129472]
    O44 – LFC:[MD5.DF45675D9EDC2B4BF7F5772C45B677A7] – 2015-05-12 – 15:32:55 —A- . (.Microsoft Corporation – Panneau de configuration Internet.) — C:WindowsSystem32inetcpl.cpl [1427968]
    O44 – LFC:[MD5.A85E987F28A070FCD8CC7B19CC785C29] – 2015-05-12 – 15:32:56 —A- . (.Microsoft Corporation – JScript Proxy Auto-Configuration.) — C:WindowsSystem32jsproxy.dll [65024]
    O44 – LFC:[MD5.9EA5CE640128C7505517A0CE65799A1F] – 2015-05-12 – 15:32:57 —A- . (.Microsoft Corporation – Extensions OLE32 pour Win32.) — C:WindowsSystem32urlmon.dll [1139200]
    O44 – LFC:[MD5.4CDA5C5B0F2E0C79BDDBE4C970C6B30A] – 2015-05-12 – 15:32:57 —A- . (.Microsoft Corporation – Outil d’installation sans assistance d’IE 7.) — C:WindowsSystem32ieUnatt.exe [142848]
    O44 – LFC:[MD5.0E4DCF6B4CBCEA9DB49C30C0068AFBDE] – 2015-05-12 – 15:32:57 —A- . (.Microsoft Corporation – Run time utility for Internet Explorer.) — C:WindowsSystem32iertutil.dll [1804288]
    O44 – LFC:[MD5.46C73A08B7138DFB441AF232986B00CA] – 2015-05-12 – 15:32:58 —A- . (.Microsoft Corporation – Hôte des applications HTML de Microsoft(R).) — C:WindowsSystem32mshta.exe [11776]
    O44 – LFC:[MD5.2DE5293B30594E6B00F830C79F064C1C] – 2015-05-12 – 15:32:58 —A- . (.Microsoft Corporation – Microsoft Feeds Manager.) — C:WindowsSystem32msfeeds.dll [607744]
    O44 – LFC:[MD5.3A9A64D4B0FF82BF5DCFEF505E2C3141] – 2015-05-12 – 15:32:58 —A- . (.Microsoft Corporation – Microsoft® MSHTML Typelib.) — C:WindowsSystem32mshtml.tlb [2382848]
    O44 – LFC:[MD5.F2511880009AB153D4BECCB4E0EAAC41] – 2015-05-12 – 15:32:59 —A- . (.Microsoft Corporation – Microsoft Feeds Synchronization.) — C:WindowsSystem32msfeedssync.exe [10752]
    O44 – LFC:[MD5.BCB865F60972F2AFF8F68EF9F8B51D26] – 2015-05-12 – 15:32:59 —A- . (.Microsoft Corporation – Microsoft ® VBScript.) — C:WindowsSystem32vbscript.dll [421888]
    O44 – LFC:[MD5.4348AE88F9D2B6EBC947388B7AB1095C] – 2015-05-12 – 15:32:59 —A- . (.Microsoft Corporation – Synchronisation en arrière-plan des flux Mi.) — C:WindowsSystem32msfeedsbs.dll [41472]
    O44 – LFC:[MD5.4F0A7910FC7D8A66433FA9961EEF8BB5] – 2015-05-13 – 02:11:55 —A- . (.Microsoft Corporation – Applications Services et Contrôleur.) — C:WindowsSystem32services.exe [279552]
    O44 – LFC:[MD5.F4BF196240FA7D6E39F0FD446E1A9FC2] – 2015-05-13 – 02:18:06 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32mrt.exe [137310008]
    O44 – LFC:[MD5.6769322D44A6CCE277649C3EC6940442] – 2015-05-13 – 02:45:13 —A- . (.Microsoft Corporation – WinFX OpenType/CFF Rasterizer.) — C:WindowsSystem32PresentationCFFRasterizerNative_v0300.dll [102608]
    O44 – LFC:[MD5.7417E869AE5AAC3026329E7749698110] – 2015-05-13 – 02:48:59 —A- . (.Microsoft Corporation – Service de cache de police Windows.) — C:WindowsSystem32FntCache.dll [801792]
    O44 – LFC:[MD5.D99970433339F19E402FD585475FF64E] – 2015-05-13 – 02:48:59 —A- . (.Microsoft Corporation – Services de typographie Microsoft DirectX.) — C:WindowsSystem32DWrite.dll [1072640]
    O44 – LFC:[MD5.94EBB43229FEA98C333AB95B2AB4E3AD] – 2015-05-13 – 02:49:00 —A- . (.Microsoft Corporation – Direct3D 10 Runtime.) — C:WindowsSystem32d3d10.dll [1029120]
    O44 – LFC:[MD5.AEE7C58920645BB220494D57624B42D3] – 2015-05-13 – 02:49:00 —A- . (.Microsoft Corporation – Pilote Win32 multi-utilisateurs.) — C:WindowsSystem32win32k.sys [2065408]
    O44 – LFC:[MD5.4DF962B25836D4FDF3FB95F153049C89] – 2015-05-13 – 02:49:01 —A- . (.Microsoft Corporation – Direct3D 10 Rasterizer.) — C:WindowsSystem32d3d10warp.dll [1172480]
    O44 – LFC:[MD5.1CD62FB3EF08C8604C6F6C95F122C2AF] – 2015-05-13 – 02:49:01 —A- . (.Microsoft Corporation – Direct3D 10 Runtime.) — C:WindowsSystem32d3d10core.dll [189952]
    O44 – LFC:[MD5.98015C454056155F0D46F0DE1C72DF6E] – 2015-05-13 – 02:49:01 —A- . (.Microsoft Corporation – Direct3D 10.1 Runtime.) — C:WindowsSystem32d3d10_1core.dll [219648]
    O44 – LFC:[MD5.CBA95FBDE27662FAAA858AE58E0FADE0] – 2015-05-13 – 02:49:01 —A- . (.Microsoft Corporation – Microsoft D2D Library.) — C:WindowsSystem32d2d1.dll [682496]
    O44 – LFC:[MD5.8B6797FD857825E2B92B5FC3E0EDDDBB] – 2015-05-13 – 02:49:02 —A- . (.Microsoft Corporation – Direct3D 10 to Direct3D9 Translation Runtim.) — C:WindowsSystem32d3d10level9.dll [486400]
    O44 – LFC:[MD5.7FA9C752EAE7008D5E9D7BE77D123337] – 2015-05-13 – 02:49:02 —A- . (.Microsoft Corporation – Direct3D 10.1 Runtime.) — C:WindowsSystem32d3d10_1.dll [160768]
    O44 – LFC:[MD5.1F0D502BC5D6182D7A636159C264087A] – 2015-05-13 – 02:57:51 —A- . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll [279040]
    O44 – LFC:[MD5.B4946D278601470982C643F22AF3C32F] – 2015-05-13 – 03:21:01 —A- . (…) — C:WindowsSystem32FNTCACHE.DAT [3710160]
    O44 – LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] – 2015-05-18 – 19:04:24 —A- . (…) — C:Windowsepplauncher.mif [1912]
    O44 – LFC:[MD5.A414E74D8EA0C3E446BF776667D16387] – 2015-05-19 – 10:38:35 —A- . (.Adobe Systems Incorporated – Adobe Flash Player Control Panel Applet.) — C:WindowsSystem32FlashPlayerApp.exe [778416]
    O44 – LFC:[MD5.DE03D52A69F7F73B843C9B93AE034629] – 2015-05-19 – 10:38:35 —A- . (.Adobe Systems Incorporated – Adobe Flash Player Control Panel Applet.) — C:WindowsSystem32FlashPlayerCPLApp.cpl [142512]
    O44 – LFC:[MD5.6A02CA49FA1C0F9D3A570253AA0ABDED] – 2015-05-25 – 09:12:28 —A- . (.BullGuard Ltd. – BullGuard Gaming Monitor.) — C:WindowsSystem32BgGamingMonitor.dll [148024]
    O44 – LFC:[MD5.C2930013DB4C0F20BE9E2408D2D629E2] – 2015-05-25 – 09:12:32 —A- . (.BullGuard Ltd. – BullGuard Winsock Provider.) — C:WindowsSystem32BGLsp.dll [61736]
    O44 – LFC:[MD5.DAC6EC19F7E7C032E7BF24A74510FFF0] – 2015-05-27 – 08:48:34 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.DDF596BB791911EAC6A384B78D2865FF] – 2015-05-27 – 13:55:11 —A- . (…) — C:WindowsWindowsUpdate.log [1558445]
    ~ Files: 44 Scanned in 00mn 44s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
    ~ LSA: 7 Scanned in 00mn 00s

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Volume Manager Extension Driver.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.)

    doubie
    Participant
    Nombre d'articles : 50

    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Volume Manager Extension Driver.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (.Microsoft Corporation – RDP Miniport.) — C:WindowsSystem32Driversrdpencdd.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Volume Manager Extension Driver.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 13 Scanned in 00mn 00s

    —\ Recherche d’infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: Drivers32″vidc.cvid”=”iccvid.dll” . (.Radius Inc. – Codec Cinepak®.) — C:WindowsSystem32iccvid.dll
    O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 3 Scanned in 00mn 01s

    —\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 – SMSR:HKLM…startupregAdobe ARM [Key] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O53 – SMSR:HKLM…startupregAdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
    O53 – SMSR:HKLM…startupregAppleSyncNotifier [Key] . (.Apple Inc. – AppleSyncNotifier.) — C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
    O53 – SMSR:HKLM…startupregAPSDaemon [Key] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O53 – SMSR:HKLM…startupregArcSoft Connection Service [Key] . (.ArcSoft Inc. – ArcSoft Connect Daemon.) — C:Program FilesCommon FilesArcSoftConnection ServiceBinACDaemon.exe
    O53 – SMSR:HKLM…startupregDriver Whiz [Key] . (…) — C:Program FilesDriver WhizDriver WhizDriverWhiz.exe (.not file.)
    O53 – SMSR:HKLM…startupregHP Software Update [Key] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHPHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O53 – SMSR:HKLM…startupregiTunesHelper [Key] . (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe
    O53 – SMSR:HKLM…startupregNokiaSuite.exe [Key] . (.Nokia – Nokia Suite.) — C:Program FilesNokiaNokia SuiteNokiaSuite.exe
    O53 – SMSR:HKLM…startupregPDVDDXSrv [Key] . (.CyberLink Corp. – CyberLink PowerCinema Resident Program.) — C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe
    O53 – SMSR:HKLM…startupregQuickTime Task [Key] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    O53 – SMSR:HKLM…startupregRogers SHS [Key] . (…) — C:Program FilesRogersSelfHealingshs.exe (.not file.)
    O53 – SMSR:HKLM…startupregRoxWatchTray [Key] . (.Sonic Solutions – RoxMMTrayApp Module.) — C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatchTray9.exe =>.Sonic Solutions
    O53 – SMSR:HKLM…startupregSkype [Key] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O53 – SMSR:HKLM…startupregWMPNSCFG [Key] . (.Microsoft Corporation – Application de configuration du service Par.) — C:Program FilesWindows Media PlayerWMPNSCFG.exe =>.Microsoft Corporation
    O53 – SMSR:HKLM…startupregYouCam Service [Key] . (…) — C:Program FilesCyberLinkYouCamYouCamService.exe (.not file.)
    O53 – SMSR:HKLM…startupregZune Launcher [Key] . (.Microsoft Corporation – Zune Auto-Launcher.) — C:Program FilesZuneZuneLauncher.exe
    ~ SMSR Keys: 17 Scanned in 00mn 00s

    —\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – TS Single Sign On Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – TS Single Sign On Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=2
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “DisableRegistryTools”=0
    O55 – MWPS:[HKCU…PoliciesSystem] – “LogonHoursAction”=2
    O55 – MWPS:[HKCU…PoliciesSystem] – “DontDisplayLogonHoursWarnings”=1
    ~ MWPS: 19 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKCU…policiesExplorer] – “NoDriveTypeAutoRun”=145
    O56 – MWPE:[HKCU…policiesExplorer] – “NoDrives”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “BindDirectlyToPropertySetStorage”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “NoDriveTypeAutoRun”=28
    O56 – MWPE:[HKLM…policiesExplorer] – “NoDrives”=0
    ~ MWPE Keys: 5 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:2006-11-02 – 04:51:38 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [420968]
    O58 – SDL:2006-11-02 – 04:51:32 —A- . (.Adaptec, Inc. – Adaptec Windows SATA Storport Driver.) — C:WindowsSystem32Driversadpahci.sys [297576]
    O58 – SDL:2006-11-02 – 04:50:35 —A- . (.Adaptec, Inc. – Adaptec LH Ultra160 Driver (x86).) — C:WindowsSystem32Driversadpu160m.sys [98408]
    O58 – SDL:2006-11-02 – 04:51:00 —A- . (.Adaptec, Inc. – Adaptec StorPort Ultra320 SCSI Driver.) — C:WindowsSystem32Driversadpu320.sys [147048]
    O58 – SDL:2006-11-10 – 14:05:00 —A- . (.Arcsoft, Inc. – Arcsoft(R) ASPI Shell.) — C:WindowsSystem32Driversafc.sys [18688]
    O58 – SDL:2015-02-25 – 06:21:50 —A- . (.Agnitum Ltd. – Agnitum Firewall NDIS Driver.) — C:WindowsSystem32Driversafw.sys [35024]
    O58 – SDL:2015-02-25 – 06:21:50 —A- . (.Agnitum Ltd. – Agnitum Firewall Core Driver.) — C:WindowsSystem32Driversafwcore.sys [340688]
    O58 – SDL:2006-11-21 – 16:24:04 —A- . (.Acer Laboratories Inc. – ALi mini IDE Driver.) — C:WindowsSystem32Driversaliide.sys [14952]
    O58 – SDL:2006-11-02 – 04:50:09 —A- . (.Adaptec, Inc. – Adaptec RAID Storport Driver.) — C:WindowsSystem32Driversarc.sys [67688]
    O58 – SDL:2006-11-02 – 04:50:10 —A- . (.Adaptec, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [67688]
    O58 – SDL:2015-02-25 – 06:21:50 —A- . (.BullGuard Ltd. – BullGuard Security Agent.) — C:WindowsSystem32DriversBdAgent.sys [98608]
    O58 – SDL:2015-02-25 – 06:21:50 —A- . (.BullGuard Ltd. – BullGuard File Monitor.) — C:WindowsSystem32DriversBdSpy.sys [63584]
    O58 – SDL:2006-11-02 – 03:24:45 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) — C:WindowsSystem32DriversBrFiltLo.sys [13568]
    O58 – SDL:2006-11-02 – 03:24:46 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) — C:WindowsSystem32DriversBrFiltUp.sys [5248]
    O58 – SDL:2006-11-02 – 03:25:24 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32DriversBrSerId.sys [71808]
    O58 – SDL:2006-11-02 – 03:24:44 —A- . (.Brother Industries Ltd. – Brother Serial driver (WDM version).) — C:WindowsSystem32DriversBrSerWdm.sys [62336]
    O58 – SDL:2006-11-02 – 03:24:44 —A- . (.Brother Industries Ltd. – Brother USB MDM Driver.) — C:WindowsSystem32DriversBrUsbMdm.sys [12160]
    O58 – SDL:2006-11-02 – 03:24:47 —A- . (.Brother Industries Ltd. – Brother USB Serial Driver.) — C:WindowsSystem32DriversBrUsbSer.sys [11904]
    O58 – SDL:2006-07-24 – 03:00:00 —A- . (.Sonic Solutions – CDR4 CD and DVD Place Holder Driver (see PxHelp).) — C:WindowsSystem32Driverscdr4_xp.sys [2432]
    O58 – SDL:2006-07-24 – 03:00:00 —A- . (.Sonic Solutions – CDRAL Place Holder Driver (see PxHelp).) — C:WindowsSystem32Driverscdralw2k.sys [2560]
    O58 – SDL:2006-11-21 – 16:24:04 —A- . (.CMD Technology, Inc. – CMD PCI IDE Bus Driver.) — C:WindowsSystem32Driverscmdide.sys [16488]
    O58 – SDL:2009-12-14 – 12:44:24 —A- . (.Infowatch – Cryptographic Algorithm Lib Driver..) — C:WindowsSystem32DriversCSCrySec.sys [88632]
    O58 – SDL:2009-12-14 – 12:44:24 —A- . (.Infowatch – Virtual Volume Container Driver (wxp).) — C:WindowsSystem32DriversCSVirtualDiskDrv.sys [39352]
    O58 – SDL:2006-11-02 – 04:50:11 —A- . (.Adaptec, Inc. – Adaptec Ultra SCSI miniport.) — C:WindowsSystem32Driversdjsvs.sys [71272]
    O58 – SDL:2008-01-18 – 23:25:05 —A- . (.Intel Corporation – Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) — C:WindowsSystem32Driverse1e6032.sys [220672]
    O58 – SDL:2006-11-02 – 02:30:54 —A- . (.Intel Corporation – Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) — C:WindowsSystem32DriversE1G60I32.sys [117760]
    O58 – SDL:2006-11-02 – 04:51:34 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [316520]
    O58 – SDL:2011-01-15 – 15:45:45 —A- . (.G Data Software AG – Behavior Blocker.) — C:WindowsSystem32DriversGDBehave.sys [33480]
    O58 – SDL:2011-01-15 – 14:36:21 —A- . (.G DATA Software AG – G DATA WFP Callout Driver.) — C:WindowsSystem32Driversgdwfpcd32.sys [40904]
    O58 – SDL:2012-08-21 – 13:01:22 —A- . (.GEAR Software Inc. – CD DVD Filter.) — C:WindowsSystem32DriversGEARAspiWDM.sys [26840]
    O58 – SDL:2011-01-15 – 15:58:12 —A- . (.G Data Software – G Data Rootkit Detector Driver.) — C:WindowsSystem32DriversGRD.sys [29992]
    O58 – SDL:2015-04-29 – 20:31:02 —A- . (.Glarysoft Ltd – The driver for the Startup Manager tool.) — C:WindowsSystem32DriversGUBootStartup.sys [17472]
    O58 – SDL:2006-11-02 – 04:50:10 —A- . (.Hewlett-Packard Company – Smart Array Storport Driver.) — C:WindowsSystem32DriversHpCISSs.sys [37480]
    O58 – SDL:2006-11-02 – 02:36:45 —A- . (.Intel Corporation – Intel Graphics Miniport Driver.) — C:WindowsSystem32Driversialmnt5.sys [1302492]
    O58 – SDL:2006-11-02 – 04:51:25 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver (base).) — C:WindowsSystem32DriversiaStorV.sys [232040]
    O58 – SDL:2006-12-12 – 18:49:56 —A- . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd32.sys [1476608]
    O58 – SDL:2006-11-02 – 04:50:17 —A- . (.Intel Corp./ICP vortex GmbH – Intel/ICP Raid Storport Driver.) — C:WindowsSystem32Driversiirsp.sys [41576]
    O58 – SDL:2006-11-02 – 04:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WindowsSystem32Driversiteatapi.sys [35944]
    O58 – SDL:2006-11-02 – 04:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WindowsSystem32Driversiteraid.sys [35944]
    O58 – SDL:2006-11-02 – 04:50:04 —A- . (.LSI Logic – LSI Logic Fusion-MPT FC Driver (StorPort).) — C:WindowsSystem32Driverslsi_fc.sys [65640]
    O58 – SDL:2006-11-02 – 04:50:05 —A- . (.LSI Logic – LSI Logic Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [65640]
    O58 – SDL:2006-11-02 – 04:50:10 —A- . (.LSI Logic – LSI Logic Fusion-MPT SCSI Driver (StorPort).) — C:WindowsSystem32Driverslsi_scsi.sys [65640]
    O58 – SDL:2006-11-02 – 04:49:53 —A- . (.LSI Logic Corporation – MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) — C:WindowsSystem32Driversmegasas.sys [28776]
    O58 – SDL:2011-01-15 – 15:45:45 —A- . (.G Data Software AG – Filesystem MiniInterceptor (Mini Filter).) — C:WindowsSystem32DriversMiniIcpt.sys [62024]
    O58 – SDL:2005-03-15 – 16:25:44 —A- . (.Mars Semiconductor Corp. – WDM Driver for USB Dual-Mode Camera.) — C:WindowsSystem32DriversMR97310c.sys [127574]
    O58 – SDL:2006-11-02 – 04:49:59 —A- . (.LSI Logic Corporation – MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) — C:WindowsSystem32DriversMraid35x.sys [33384]
    O58 – SDL:2006-11-02 – 04:50:19 —A- . (.IBM Corporation – IBM ServeRAID Controller Driver.) — C:WindowsSystem32Driversnfrd960.sys [45160]
    O58 – SDL:2015-05-06 – 06:37:52 —A- . (.BullGuard Ltd. – BullGuard Behaviour Monitor.) — C:WindowsSystem32DriversNSKernel.sys [270624]
    O58 – SDL:2015-05-06 – 06:37:52 —A- . (.BullGuard Ltd. – BullGuard Behaviour Network.) — C:WindowsSystem32DriversNSNetmon.sys [21888]
    O58 – SDL:2006-11-02 – 02:36:50 —A- . (.N-trig Innovative Technologies – Pilote intégré de digitalisateur de tablette N-trig.) — C:WindowsSystem32Driversntrigdigi.sys [20608]
    O58 – SDL:2006-11-02 – 04:50:24 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [88680]
    O58 – SDL:2006-11-02 – 04:50:13 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [40040]
    O58 – SDL:2012-10-17 – 14:53:46 —A- . (.Nokia – PCCS Mode Change Filter Driver.) — C:WindowsSystem32Driverspccsmcfd.sys [19072]
    O58 – SDL:2006-07-24 – 03:00:00 —A- . (.Sonic Solutions – Px Engine Device Driver for Windows 2000/XP.) — C:WindowsSystem32Driverspxhelp20.sys [36528]
    O58 – SDL:2006-11-02 – 04:51:45 —A- . (.QLogic Corporation – QLogic Fibre Channel Stor Miniport Driver.) — C:WindowsSystem32Driversql2300.sys [900712]
    O58 – SDL:2006-11-02 – 04:50:35 —A- . (.QLogic Corporation – QLogic iSCSI Storport Miniport Driver.) — C:WindowsSystem32Driversql40xx.sys [106088]
    O58 – SDL:2009-06-18 – 19:45:02 —A- . (.Realtek Semiconductor Corp. – Realtek AC’97 Audio Driver (WDM).) — C:WindowsSystem32DriversRTKVAC.SYS [4172832]
    O58 – SDL:2006-11-02 – 02:30:56 —A- . (.Realtek Semiconductor Corporation – Realtek 10/100 NDIS 5.1 Driver.) — C:WindowsSystem32DriversRtnicxp.sys [47104]
    O58 – SDL:2006-11-02 – 01:37:21 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [20480]
    O58 – SDL:2006-11-02 – 04:50:10 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [38504]
    O58 – SDL:2006-11-02 – 04:50:16 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [71784]
    O58 – SDL:2006-11-22 – 14:56:52 —A- . (.SigmaTel, Inc. – NDRC.) — C:WindowsSystem32Driversstwrt.sys [647680]
    O58 – SDL:2014-07-22 – 10:13:41 —A- . (…) — C:WindowsSystem32DriversSWDUMon.sys [13464]
    O58 – SDL:2006-11-02 – 04:50:05 —A- . (.LSI Logic – LSI Logic 8XX SCSI Miniport Driver.) — C:WindowsSystem32Driverssymc8xx.sys [35944]
    O58 – SDL:2006-11-02 – 04:49:56 —A- . (.LSI Logic – LSI Logic Hi-Perf SCSI Miniport Driver.) — C:WindowsSystem32Driverssym_hi.sys [31848]
    O58 – SDL:2006-11-02 – 04:50:03 —A- . (.LSI Logic – LSI Logic Ultra160 SCSI Miniport Driver.) — C:WindowsSystem32Driverssym_u3.sys [34920]
    O58 – SDL:2010-10-25 – 13:08:39 —A- . (.Trend Micro Inc. – Trend Micro WFP callout Driver (i386-fre).) — C:WindowsSystem32Driverstmwfp.sys [284752]
    O58 – SDL:2015-03-17 – 20:54:56 —A- . (.BitDefender S.R.L. – Trufos Kernel Module.) — C:WindowsSystem32DriversTrufos.sys [408280]
    O58 – SDL:2006-11-02 – 04:51:25 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WindowsSystem32Driversuliahci.sys [235112]
    O58 – SDL:2006-11-02 – 04:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WindowsSystem32Driversulsata.sys [98408]
    O58 – SDL:2006-11-02 – 04:50:45 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WindowsSystem32Driversulsata2.sys [115816]
    O58 – SDL:2012-12-13 – 12:50:38 —A- . (.Apple, Inc. – Apple Mobile Device USB Driver.) — C:WindowsSystem32Driversusbaapl.sys [45056]
    O58 – SDL:2006-11-21 – 16:24:05 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [17512]
    O58 – SDL:2006-11-02 – 04:50:41 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR X86-32.) — C:WindowsSystem32Driversvsmraid.sys [112232]
    O58 – SDL:2006-11-02 – 02:41:53 —A- . (.Conexant Systems, Inc. – HSF_HWB2 WDM driver.) — C:WindowsSystem32DriversVSTBS23.SYS [251904]
    O58 – SDL:2006-11-02 – 02:41:48 —A- . (.Conexant Systems, Inc. – HSF_CNXT driver.) — C:WindowsSystem32DriversVSTCNXT3.SYS [654336]
    O58 – SDL:2006-11-02 – 02:41:50 —A- . (.Conexant Systems, Inc. – HSF_DP driver.) — C:WindowsSystem32DriversVSTDPV3.SYS [987648]
    O58 – SDL:2006-08-24 – 12:49:34 —A- . (.Jungo – WinDriver Device Driver 4.33.) — C:WindowsSystem32Driverswindrvr.sys [164180]
    O58 – SDL:2006-11-02 – 02:09:42 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    O58 – SDL:2006-11-02 – 02:09:45 —A- . (…) — C:WindowsSystem32country.sys [27097]
    O58 – SDL:2006-11-02 – 02:09:41 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
    O58 – SDL:2006-11-02 – 02:09:44 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
    O58 – SDL:2006-11-02 – 02:09:44 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
    O58 – SDL:2006-11-02 – 02:09:29 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
    O58 – SDL:2006-11-02 – 02:09:35 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
    O58 – SDL:2006-11-02 – 02:09:38 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
    O58 – SDL:2006-11-02 – 02:09:40 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
    O58 – SDL:2006-11-02 – 02:09:31 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
    O58 – SDL:2006-11-02 – 02:09:20 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
    O58 – SDL:2006-11-02 – 02:09:23 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
    O58 – SDL:2006-11-02 – 02:09:24 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
    O58 – SDL:2006-11-02 – 02:09:26 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
    O58 – SDL:2006-11-02 – 02:09:22 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
    ~ Drivers: 93 Scanned in 00mn 09s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 2015-05-20 – 15:09:06 —A- . (…) — C:UsersfraisinetteAppDataLocalAdobeAcrobat10.0UserCache.bin [89930]
    O61 – LFC: 2015-05-20 – 15:09:28 —A- . (…) — C:UsersfraisinetteAppDataRoamingBullGuardTuneUpRegBk_2015.05.20.09.52.59_RestoreAll.bat [146]
    O61 – LFC: 2015-05-20 – 15:09:32 —A- . (.Farbar.) — C:UsersfraisinetteDownloadsFRST-OlderVersionFRST.exe [1146880]
    O61 – LFC: 2015-05-26 – 15:09:32 —A- . (.Farbar.) — C:UsersfraisinetteDownloadsFRST-OlderVersionFRST64.exe [2108928]
    O61 – LFC: 2015-05-26 – 15:09:32 —A- . (.Farbar.) — C:UsersfraisinetteDownloadsFRST.exe [1147392]
    O61 – LFC: 2015-05-26 – 15:09:32 —A- . (.Trend Micro Inc..) — C:UsersfraisinetteDownloadsHijackThis(1).exe [388608]
    O61 – LFC: 2015-05-27 – 15:09:24 —A- . (…) — C:UsersfraisinetteAppDataLocaltempNOSEventMessages.dll [1536]
    O61 – LFC: 2015-05-27 – 15:09:28 —A- . (…) — C:UsersfraisinetteAppDataRoamingBullGuardTuneUpRegBk_2015.05.27.10.56.36_RestoreAll.bat [146]
    O61 – LFC: 2015-05-27 – 15:09:28 —A- . (…) — C:UsersfraisinetteAppDataRoamingLearnpulseScreenpressofum.bin [1024]
    O61 – LFC: 2015-05-27 – 15:09:33 —A- . (.Nicolas Coolman.) — C:UsersfraisinetteDownloadsZHPDiag2.exe [6867801] =>.Nicolas Coolman
    ~ 12 Fichiers temporaires (Temporary files)
    ~ 8 Fichiers cookies (Cookies files)
    ~ Files: 10 Scanned in 00mn 28s

    —\ Liste des outils de désinfection (LATC) (O63)

    doubie
    Participant
    Nombre d'articles : 50

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 2015-02-25 – C:WindowsSystem32DRIVERSafw.sys (AFW) .(.Agnitum Ltd. – Agnitum Firewall NDIS Driver.) – LEGACY_AFW
    O64 – Services: CurCS – 2015-02-25 – C:WindowsSystem32DRIVERSafwcore.sys (afwcore) .(.Agnitum Ltd. – Agnitum Firewall Core Driver.) – LEGACY_AFWCORE
    O64 – Services: CurCS – 2015-02-25 – C:WindowsSystem32DRIVERSBdAgent.sys (BdAgent) .(.BullGuard Ltd. – BullGuard Security Agent.) – LEGACY_BDAGENT
    O64 – Services: CurCS – 2015-02-25 – C:WindowsSystem32driversBdSpy.sys (BdSpy) .(.BullGuard Ltd. – BullGuard File Monitor.) – LEGACY_BDSPY
    O64 – Services: CurCS – 2015-04-29 – C:Windowssystem32driversGUBootStartup.sys (GUBootStartup) .(.Glarysoft Ltd – The driver for the Startup Manager tool.) – LEGACY_GUBOOTSTARTUP
    O64 – Services: CurCS – 2015-05-06 – C:WindowsSystem32DRIVERSNSKernel.sys (NovaShieldFilterDriver) .(.BullGuard Ltd. – BullGuard Behaviour Monitor.) – LEGACY_NOVASHIELDFILTERDRIVER
    O64 – Services: CurCS – 2015-05-06 – C:WindowsSystem32DRIVERSNSNetmon.sys (NovaShieldTDIDriver) .(.BullGuard Ltd. – BullGuard Behaviour Network.) – LEGACY_NOVASHIELDTDIDRIVER
    O64 – Services: CurCS – 2006-11-02 – C:WindowsSystem32Driverssecdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) – LEGACY_SECDRV
    O64 – Services: CurCS – 2015-03-17 – C:WindowsSystem32DRIVERSTrufos.sys (Trufos) .(.BitDefender S.R.L. – Trufos Kernel Module.) – LEGACY_TRUFOS
    ~ Legacy: 304 Scanned in 00mn 01s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft (R) Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
    O67 – Shell Spawning: [HKCU..openCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    ~ FASS Keys: 11 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: prefs.js [fraisinette – by0xqssn.default-1421728668960] user_pref(“weboftrust.search.ask.display”, “Ask.com Web Search”);
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] – (Bing) – http://www.bing.com
    O69 – SBI: SearchScopes [HKCU] {D4719AE8-B0A0-48F3-AE79-53B895244E48} – (Wikipédia (fr)) – http://fr.wikipedia.org
    O69 – SBI: SearchScopes [HKCU] {FD59C44B-DCAC-4BF4-BEB2-51C57C35DF54} – (Google) – http://www.google.com
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [24576]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [62976]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [247808]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [40448]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [40448]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [125952]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [576512]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [444928]
    O83 – Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32Audiosrv.dll [316928]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [90624]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire de connexions d’accès distant.) — C:WindowsSystem32rasmans.dll [262144]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [68608]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [47104]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [288256]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [242688]
    O83 – Search Svchost Services: TermService (TermService) . (.Microsoft Corporation – Gestionnaire des connexions distantes Terminal Server.) — C:WindowsSystem32termsrv.dll [449536]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [1933848]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [758784]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [247808]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [200704]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [19968]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [33280]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [111616]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [45056]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [153600]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [57344]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [162304]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [601600]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service de configuration des services Terminal Server.) — C:WindowsSystem32sessenv.dll [84992]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [81920]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [68096]
    ~ Services: 31 Scanned in 00mn 01s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.50686B7E5AD3372521DA5710059AB67D] [SPRF][2011-04-29] (…) — C:ProgramDatabdinstall.bin [482877]
    [MD5.A8B8600F71A0D197C702808024D1B1CD] [SPRF][2015-05-14] (…) — C:UsersfraisinetteAppDataRoamingwklnhst.dat [13962]
    ~ Files: 2 Scanned in 00mn 00s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “C6AC1163ACF500943A92A6111832CCCF” . (.Bing Bar.) — C:WindowsInstaller{3611CA6C-5FCA-4900-A329-6A118123CCFC}icon_installer_ico =>Toolbar.Bing
    ~ Update Products: 1 Scanned in 00mn 00s

    —\ Enumère les données de la clé NameSpace (MNS) (O92)
    O92 – MNS: Disque en ligne BullGuard – {1F25C6E4-E60D-421A-863F-D0C76F6AB211}
    O92 – MNS: Flux de photos – {F0D63F85-37EC-4097-B30D-61B4A8917118}
    ~ MNS: 2 Scanned in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.870B7B3CB085073D79FF5B83B62D0C2A] [WIS][2014-11-20] (.Microsoft Corporation – Bing Bar.) — C:WindowsInstaller10a885.msi [446976] =>Toolbar.Bing
    ~ WIS: 1 Scanned in 00mn 15s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 2015-05-19 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 2012-01-25 192792 | (BBSvc) . (.Microsoft Corporation..) – C:Program FilesMicrosoftBingBar7.1.355.0BBSvc.exe =>Toolbar.Bing
    SS – | Auto 2014-10-19 107912 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 2014-10-19 107912 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 2012-11-20 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 2008-01-19 21504 | C:Program FilesHPDigital Imagingbinhpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) – C:WindowsSystem32svchost.exe
    SS – | Demand 2008-01-19 21504 | C:Program FilesHPDigital Imagingbinhpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) – C:WindowsSystem32svchost.exe
    SS – | Demand 2005-04-04 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
    SS – | Demand 2010-01-27 319488 | (McciCMService) . (.Alcatel-Lucent.) – C:Program FilesCommon FilesMotiveMcciCMService.exe
    SS – | Demand 2015-05-18 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    SS – | Demand 2006-11-05 880640 | (RoxMediaDB9) . (.Sonic Solutions.) – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
    SS – | Demand 2006-11-05 159744 | (RoxWatch9) . (.Sonic Solutions.) – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatch9.exe
    SS – | Auto 2014-12-11 315496 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Demand 2006-09-14 73728 | (stllssvr) . (.MicroVision Development, Inc..) – C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
    SS – | Auto 2008-01-19 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 2010-03-18 113152 | (ACDaemon) . (.ArcSoft Inc..) – C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe
    SR – | Auto 2014-12-19 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    SR – | Auto 2015-01-19 60744 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Demand 2012-01-25 240408 | (BBUpdate) . (.Microsoft Corporation..) – C:Program FilesMicrosoftBingBar7.1.355.0SeaPort.exe =>Toolbar.Bing
    SR – | Auto 2011-08-30 390504 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Auto 2008-01-19 21504 | C:Program FilesBullGuard LtdBullGuardBsBackup.dll (BsBackup) . (.BullGuard Ltd..) – C:WindowsSystem32SvcHost.exe
    SR – | Auto 2015-05-25 506152 | (BsBhvScan) . (.BullGuard Ltd..) – C:Program FilesBullGuard LtdBullGuardBullGuardBhvScanner.exe
    SR – | Auto 2008-01-19 21504 | C:Program FilesBullGuard LtdBullGuardBsCache.dll (BsCache) . (.BullGuard Ltd..) – C:WindowsSystem32SvcHost.exe
    SR – | Auto 2008-01-19 21504 | c:program filesbullguard ltdbullguardBsFileScan.dll (BsFileScan) . (.BullGuard Ltd..) – C:WindowsSystem32SvcHost.exe
    SR – | Auto 2008-01-19 21504 | c:program filesbullguard ltdbullguardBsFire.dll (BsFire) . (.BullGuard Ltd..) – C:WindowsSystem32SvcHost.exe
    SR – | Auto 2008-01-19 21504 | c:program filesbullguard ltdbullguardBsMailProxyBsMailProxy.dll (BsMailProxy) . (.BullGuard Ltd..) – C:WindowsSystem32SvcHost.exe
    SR – | Auto 2008-01-19 21504 | C:Program FilesBullGuard LtdBullGuardBsMain.dll (BsMain) . (.BullGuard Ltd..) – C:WindowsSystem32SvcHost.exe
    SR – | Auto 2015-05-25 232744 | (BsScanner) . (.BullGuard Ltd..) – C:Program FilesBullGuard LtdBullGuardBullGuardScanner.exe
    SR – | Auto 2015-05-25 332584 | (BsUpdate) . (.BullGuard Ltd..) – C:Program FilesBullGuard LtdBullGuardBullGuardUpdate.exe
    SR – | Auto 2006-03-30 96341 | (CCALib8) . (.Canon Inc..) – C:Program FilesCanonCALCALMAIN.exe
    SR – | Auto 2010-12-16 83792 | (CFUACProxy_hddv2usb3) . (.Storage Appliance Corp..) – C:ProgramDataClickfreeHDDV2USB3UACProxy.exe
    SR – | Demand 2015-04-06 540968 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 2008-01-19 21504 | C:Windowssystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 2008-01-19 21504 | C:Windowssystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Demand 2013-04-18 737616 | (ServiceLayer) . (.Nokia.) – C:Program FilesPC Connectivity SolutionServiceLayer.exe
    SR – | Auto 2008-01-19 21504 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 34s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Run by fraisinette at 2015-05-27 15:11:45
    device: opened successfully
    user: MBR read successfully
    Disk trace:
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll pciide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys igdkmd32.sys
    C:Windowssystem32DRIVERSigdkmd32.sys Intel Corporation Intel Graphics Accelerator Drivers for Windows Vista(R)
    1 ntkrnlpa!IofCallDriver[0x82C53936] >> DeviceHarddisk0DR0[0x868EA598]
    3 CLASSPNP[0x83BA58B3] >> ntkrnlpa!IofCallDriver[0x82C53936] >> DeviceIdeIdeDeviceP0T0L0-0[0x85984B98]
    kernel: MBR read successfully
    user & kernel MBR OK
    ~ MBR: 13 Scanned in 00mn 02s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog
    Run by fraisinette at 2015-05-27 15:11:47
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (2014-12-27)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 2

    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{3611CA6C-5FCA-4900-A329-6A118123CCFC}] =>Toolbar.Bing^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerAssociations]:bak_Application =>Hijacker.Agent
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: Modified =>Hijacker.Application^
    C:WindowsInstaller10a885.msi =>Toolbar.Bing^
    ~ Additionnel Scan: 425473 Items scanned in 01mn 37s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 4 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://www.nicolascoolman.fr/blog/ =>Hijacker.Application
    http://www.nicolascoolman.fr/blog/ =>Hijacker.Agent
    ~ MSI: 2 link(s) detected in 00mn 00s

    End of the scan (1559 lines in 07mn 26s)(0)

15 sujets de 1 à 15 (sur un total de 74)
  • Vous devez être connecté pour répondre à ce sujet.