Répondre à : Clef usb transforme dossiers en raccourcis 2016-09-08T13:21:41+00:00
Dakapi
Participant
Post count: 11

Rapport ZHPdiag début

[spoiler:msd0ibb0]Rapport de ZHPDiag v2013.11.26.56 – Nicolas Coolman (26/11/2013)
~ Lancé par Daniel (27/11/2013 16:17:00)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user

—\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 24.0
GCIE: Google Chrome v31.0.1650.57 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

—\ Logiciels d'optimisation du système
CCleaner v4.06 =>Piriform Ltd

—\ Logiciels de partage PeerToPeer
eMule

—\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

—\ Informations sur le système
~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3061 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 62 GB (13%) free of 466 GB

—\ Mode de connexion au système
~ Computer Name: DANIEL-PC
~ User Name: Daniel
~ All Users Names: UpdatusUser, HomeGroupUser$, Daniel, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d'environnement
~ System Unit : C:
~ %AppZHP% : C:UsersDanielAppDataRoamingZHP
~ %AppData% : C:UsersDanielAppDataRoaming
~ %Desktop% : C:UsersDanielDesktop
~ %Favorites% : C:UsersDanielFavorites
~ %LocalAppData% : C:UsersDanielAppDataLocal
~ %StartMenu% : C:UsersDanielAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 62 Go of 466 Go)
D: Hard drive, Flash drive, Thumb drive (Free 53 Go of 279 Go)
E: CD-ROM drive (Free 0 Go of 3 Go)
F: Floppy drive, Flash card reader, USB Key (Free 14 Go of 14 Go)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)

—\ Etat du Centre de Sécurité Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 06:30:54.) — C:WindowsExplorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:14:45.) — C:WindowsSystem32Wininit.exe [96256]
[MD5.5FD4335DCD343D0FEA9FA6B18ED408D9] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.12/10/2013 – 08:03:50.) — C:WindowsSystem32wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 13:17:54.) — C:WindowsSystem32Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 13:21:24.) — C:WindowsSystem32sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 01:48:58.) — C:Windowssystem32DriversAFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 09:38:10.) — C:Windowssystem32DriversCdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 09:42:32.) — C:Windowssystem32DriversDfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 10:59:29.) — C:Windowssystem32DriversHDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 00:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:17:22.) — C:Windowssystem32DriversMRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 09:39:44.) — C:Windowssystem32DriversnetBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 14:45:29.) — C:Windowssystem32Driversntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 00:45:35.) — C:Windowssystem32DriversParport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 00:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 00:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 09:39:17.) — C:Windowssystem32Driverstdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 13:30:16.) — C:Windowssystem32Driversvolsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/72
~ Mes musiques (My Musics) : 1/4791
~ Mes Videos (My Videos) : 1/18
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 2/45495
~ Mon Bureau (My Desktop) : 1/87
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 01mn 15s

—\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe [532040] [PID.2548]
[MD5.8DB62562AA6BB35DCFE4F8DB83AA380C] – (.Microsoft Corporation – IType.exe.) — c:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe [1105616] [PID.2760]
[MD5.B8EADA2A80E7A2260559E7DB0199F6A5] – (.Microsoft Corporation – IPoint.exe.) — c:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe [1685200] [PID.3296]
[MD5.9AF8DBF008241E0B48B228A9219337E7] – (.ASUSTeK – ASUSTeKRCAppl.) — C:Program FilesASUSP7131Remote ControlP7131RemoteAppl.exe [65536] [PID.3636]
[MD5.CC59622DB1F46F1D253C5CA2949C89A6] – (.Space Sciences Laboratory – BOINC Manager for Windows.) — C:Program FilesBOINCboincmgr.exe [3663024] [PID.2580]
[MD5.3E038E2C97F63E8CE539746F5E81E4FA] – (.Space Sciences Laboratory – BOINC System Tray for Windows.) — C:Program FilesBOINCboinctray.exe [70832] [PID.2776]
[MD5.C374EE8DE8267DB4206393237B6E940A] – (.Adobe Systems Incorporated – Adobe Creative Cloud.) — C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe [2236816] [PID.3072]
[MD5.10E89F598469C60D8C87A8218089A87D] – (.Akamai Technologies, Inc. – Akamai NetSession Client.) — C:UsersDanielAppDataLocalAkamainetsession_win.exe [4489472] [PID.3420]
[MD5.6B06FF37263E4B3978FD358F610FAB92] – (.Hewlett-Packard Co. – ScanToPCActivationApp.) — C:Program FilesHPHP Officejet 6700BinScanToPCActivationApp.exe [1804648] [PID.3516]
[MD5.D1AB72DB2BEDD2F255D35DA3DA0D4B16] – (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe [141824] [PID.3540]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] – (…) — ystem32RunDll32.exe [0] [PID.3604]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] – (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program FilesMicrosoft OfficeOffice14ONENOTEM.exe [228552] [PID.3836]
[MD5.6D530E8E65A57B45AB9CAD69E4220B53] – (.Hewlett-Packard Co. – HPNetworkCommunicator.) — C:Program FilesHPHP Officejet 6700binHPNetworkCommunicator.exe [643944] [PID.4080]
[MD5.84B50C4B417C4B2C4F199BC438D8B270] – (.Space Sciences Laboratory – BOINC client.) — C:Program FilesBOINCboinc.exe [930992] [PID.2820]
[MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] – (.NVIDIA Corporation – NVIDIA Settings.) — C:Program FilesNVIDIA CorporationDisplaynvtray.exe [1821984] [PID.3832]
[MD5.D3242FF9E28EAFC77EACB2B8956724C3] – (.Adobe Systems Incorporated – Adobe CEP Service Manager.) — C:Program FilesCommon FilesAdobeCEPServiceManager4CEPServiceManager.exe [1039240] [PID.700]
[MD5.84F821143BAC636723043F284C2FDA75] – (.Pas de propriétaire – Core Sync.) — C:Program FilesAdobeAdobe Creative CloudCoreSyncCoreSync.exe [4578672] [PID.1380]
[MD5.D7D5768B8A697FCBAEE2CFE137070F02] – (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe [770736] [PID.5136]
[MD5.BB4F6465EEB9ACAA5C60C36983740219] – (.Google Inc. – Google Toolbar Broker.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbarUser_32.exe [310352] [PID.5180] =>Toolbar.Google
[MD5.39A26778EC10928572664729F8FEA7DE] – (.Adobe Systems Incorporated – Adobe® Flash® Player Installer/Uninstaller.) — C:Windowssystem32MacromedFlashFlashUtil32_11_9_900_117_ActiveX.exe [829832] [PID.5796]
[MD5.9E237EB754D86D63B1E39AD3D97292FA] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8253952] [PID.2816]
[MD5.4860944ABF2F8EAB74039A3A132B9995] – (.Microsoft Corporation – Écran de veille photos Windows Live.) — C:WindowsWLXPGSS.scr [302448] [PID.1176]
[MD5.E4284FCF99FEA13A7E1836F87AE356F6] – (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 311.0.) — C:Windowssystem32nvvsvc.exe [639776] [PID.784]
[MD5.5A19667A580B1CE886EAF968B9743F45] – (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) — C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe [383264] [PID.808]
[MD5.8619BE54EC51A74A2C3F82B313AB445E] – (.NVIDIA Corporation – NVIDIA User Experience Driver Component.) — C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe [873248] [PID.1576]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program FilesCommon FilesAdobeARM1.0armsvc.exe [65640] [PID.1848]
[MD5.1778EBA872274C1226D869CD9486847E] – (.InterVideo Inc. – Capture Device Service.) — C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe [198168] [PID.1868]
[MD5.4F9A19ED19FFFCD985A598C660546E80] – (.Intel Corporation – Intel® PROSet Monitoring Service.) — C:Windowssystem32IProsetMonitor.exe [133280] [PID.1956]
[MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe [418376] [PID.116]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe [701512] [PID.344]
[MD5.543A4EF0923BF70D126625B034EF25AF] – (.Protexis Inc. – PsiService PsiService.) — c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [189728] [PID.652]
[MD5.19470745C30A26C4196256470404BB30] – (…) — C:Program FilesASUSP7131Remote ControlRCService.exe [61440] [PID.1132]
[MD5.CF7B0E597C1F34E528285495721DEEE9] – (.Google Inc. – Google Crash Handler.) — C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe [237960] [PID.3676]
~ Processes Running: Scanned in 00mn 02s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersDanielAppDataLocalGoogleChromeUser DataDefaultPreferences
G2 – GCE: Preference [User DataDefault] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.17.1.2.1 (Désactivé) =>Toolbar.AVGSearch
~ Google Browser: 15 Legitimates Filtered in 00mn 05s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride =
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 23

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSDesktop [Public]: Consommables HP Officejet 6700.lnk . (.Hewlett-Packard Co. – DesktopSureSupply.) — C:Program FilesHPHP Officejet 6700BinhpqDTSS.exe =>.Hewlett-Packard Co
O4 – GSDesktop [Public]: eID Viewer.lnk . (.FedICT – eID Viewer.) — C:Program FilesBelgium Identity CardEidViewereID Viewer.exe
O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSDesktop [Public]: Google Docs.lnk . (.Google – Google Drive.) — C:Program FilesGoogleDrivegoogledrivesync.exe
O4 – GSDesktop [Public]: Google Sheets.lnk . (.Google – Google Drive.) — C:Program FilesGoogleDrivegoogledrivesync.exe
O4 – GSDesktop [Public]: Google Slides.lnk . (.Google – Google Drive.) — C:Program FilesGoogleDrivegoogledrivesync.exe
O4 – GSDesktop [Public]: HP ePrintCenter – HP Officejet 6700.lnk . (.Google – Google Earth.) — C:Program FilesHPHP Officejet 6700ePrintCenterShortcut.url =>.Google Inc
O4 – GSDesktop [Public]: HP Officejet 6700.lnk . (.Hewlett-Packard Co. – HP Printer Software.) — C:Program FilesHPHP Officejet 6700BinHP Officejet 6700.exe =>.Hewlett-Packard Co
O4 – GSDesktop [Public]: Inkscape.lnk . (.inkscape.org – Inkscape.) — C:Program FilesInkscapeinkscape.exe
O4 – GSDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O4 – GSDesktop [Public]: Speccy.lnk . (.Piriform Ltd – Speccy.) — C:Program FilesSpeccySpeccy.exe
O4 – GSProgram [Public]: Inkscape.lnk . (.inkscape.org – Inkscape.) — C:Program FilesInkscapeinkscape.exe
O4 – GSProgram [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O4 – GSQuickLaunch [UpdatusUser]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch [Daniel]: Artisteer 4.lnk . (.ExtenSoft – Artisteer.) — C:Program FilesArtisteer 4binArtisteer.exe
O4 – GSQuickLaunch [Daniel]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch [Daniel]: Inkscape.lnk . (.inkscape.org – Inkscape.) — C:Program FilesInkscapeinkscape.exe
O4 – GSQuickLaunch [Daniel]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSTaskBar [Daniel]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSProgram [Daniel]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSSystemTools [Daniel]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSDesktop [Daniel]: ArchiFacile.lnk . (…) — C:UsersDanielDownloadsArchiFacile.exe
O4 – GSDesktop [Daniel]: Artisteer 4.lnk . (.ExtenSoft – Artisteer.) — C:Program FilesArtisteer 4binArtisteer.exe
O4 – GSDesktop [Daniel]: Audacity.lnk . (.The Audacity Team – Audacity®, the Free, Cross-Platform Sound E.) — C:Program FilesAudacityaudacity.exe =>.The Audacity Team
O4 – GSDesktop [Daniel]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. – Video Editor.) — C:Program FilesAVS4YOUAVSVideoEditorAVSVideoEditor.exe
O4 – GSDesktop [Daniel]: Calculator.lnk . (.Microsoft Corporation – Calculatrice de Windows.) — C:Windowssystem32calc.exe =>.Microsoft Corporation
O4 – GSDesktop [Daniel]: Dreamweaver.lnk . (.Adobe Systems, Inc. – Adobe Dreamweaver CC.) — C:Program FilesAdobeAdobe Dreamweaver CCDreamweaver.exe
O4 – GSDesktop [Daniel]: EdgeAnimate.lnk . (.Adobe Systems, Incorporated – Adobe Edge Animate.) — C:Program FilesAdobeAdobe Edge Animate CCEdgeAnimate.exe
O4 – GSDesktop [Daniel]: FileZilla.lnk . (.FileZilla Project – FileZilla FTP Client.) — C:Program FilesFileZilla FTP Clientfilezilla.exe
O4 – GSDesktop [Daniel]: Fireworks.lnk . (.Adobe Systems Incorporated – Adobe Fireworks CS6.) — C:Program FilesAdobeAdobe Fireworks CS6Fireworks.exe
O4 – GSDesktop [Daniel]: geek.exe – Raccourci.lnk . (.Geek Uninstaller Software – Geek Unіnstaller.) — C:UsersDanielDownloadsgeekgeek.exe
O4 – GSDesktop [Daniel]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP – GNU Image Manipulation Program.) — C:Program FilesGIMP 2bingimp-2.8.exe
O4 – GSDesktop [Daniel]: Illustrator.lnk . (.Adobe Systems Inc. – Adobe Illustrator CC.) — C:Program FilesAdobeAdobe Illustrator CCSupport FilesContentsWindowsIllustrator.exe
O4 – GSDesktop [Daniel]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSDesktop [Daniel]: Microsoft Word 2010.lnk . (…) — C:WindowsInstaller{90140000-003D-0000-0000-0000000FF1CE}wordicon.exe
O4 – GSDesktop [Daniel]: Nero – Burning Rom.lnk . (…) — C:WindowsInstaller{A4D7B764-4140-11D4-88EB-0050DA3579C0}_4F17E5CE3D74_48FA_AD81_4AC0C484FCD7.exe
O4 – GSDesktop [Daniel]: Notepad++.lnk . (.Don HO don.h@free.fr – Notepad++ : a free (GNU) source code editor.) — C:Program FilesNotepad++notepad++.exe
O4 – GSDesktop [Daniel]: Photoshop.lnk . (.Adobe Systems, Incorporated – Adobe Photoshop CC.) — C:Program FilesAdobeAdobe Photoshop CCPhotoshop.exe
O4 – GSDesktop [Daniel]: Snipping Tool.lnk . (.Microsoft Corporation – Outil Capture.) — C:Windowssystem32SnippingTool.exe =>.Microsoft Corporation
O4 – GSDesktop [Daniel]: WampServer.lnk . (.Aestan Software – Aestan Tray Menu.) — C:wampwampmanager.exe
O4 – GSDesktop [Daniel]: Windows Live Mail.lnk . (.Microsoft Corporation – Windows Live Mail.) — C:Program FilesWindows LiveMailwlmail.exe =>.Microsoft Corporation
O4 – GSDesktop [Daniel]: ZHPFix.lnk . (.Nicolas Coolman – ZHPDiag Setup.) — C:Program FilesZHPDiagZHPFixZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 176 Legitimates Filtered in 00mn 17s

—\ Applications lancées au démarrage du sytème (O4)
O4 – GSStartup [Daniel]: Alertes de surveillance de l'encre – HP Officejet 6700 (réseau).lnk . (.Hewlett-Packard Co. – Print Driver Status Business Logic.) — C:Program FilesHPHP Officejet 6700binHPStatusBL.dll =>.Hewlett-Packard Co
O4 – GSStartup [Daniel]: OneNote 2010 – Capture d’écran et lancement.lnk . (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program FilesMicrosoft OfficeOffice14ONENOTEM.exe =>.Microsoft Corporation
O4 – HKLM..Run: [P7131Appl] . (.ASUSTeK – ASUSTeKRCAppl.) — C:Program FilesASUSP7131Remote ControlP7131RemoteAppl.exe
O4 – HKLM..Run: [NeroCheck] . (.Ahead Software Gmbh – NeroCheck.) — C:Windowssystem32NeroCheck.exe
O4 – HKLM..Run: [boincmgr] . (.Space Sciences Laboratory – BOINC Manager for Windows.) — C:Program FilesBOINCboincmgr.exe
O4 – HKLM..Run: [boinctray] . (.Space Sciences Laboratory – BOINC System Tray for Windows.) — C:Program FilesBOINCboinctray.exe
O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated – Adobe Creative Cloud.) — C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe
O4 – HKLM..Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated – Adobe CS6 Service Manager.) — C:Program FilesCommon FilesAdobeCS6ServiceManagerCS6ServiceManager.exe
O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}] C:UsersDanielAppDataLocalTempcis18EF.exe (.not file.)
O4 – HKLM..Run: [OutpostMonitor] . (.Agnitum Ltd. – Outpost User Interface.) — C:Program FilesAgnitumOutpost Security Suite Proop_mon.exe
O4 – HKCU..Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. – Akamai NetSession Client.) — C:UsersDanielAppDataLocalAkamainetsession_win.exe
O4 – HKCU..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengerMsnMsgr.exe
O4 – HKCU..Run: [HP Officejet 6700 (NET)] . (.Hewlett-Packard Co. – ScanToPCActivationApp.) — C:Program FilesHPHP Officejet 6700BinScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
O4 – HKCU..Run: [flashmemory] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. – Akamai NetSession Client.) — C:UsersDanielAppDataLocalAkamainetsession_win.exe
O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengerMsnMsgr.exe
O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [HP Officejet 6700 (NET)] . (.Hewlett-Packard Co. – ScanToPCActivationApp.) — C:Program FilesHPHP Officejet 6700BinScanToPCActivationApp.exe =>.Hewlett-Packard Co
O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe =>Toolbar.Google
O4 – HKUSS-1-5-21-1915439914-2980993570-1999574232-1000..Run: [flashmemory] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 – Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 – {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation – Windows Live Messenger Companion core resources.) — C:Program FilesWindows LiveCompanioncompanionres.dll
O9 – Extra button: &Envoyer à OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~2Office14ONBttnIE.dll =>.Microsoft Corporation
O9 – Extra button: Notes &liées OneNote – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~2Office14ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 – DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} ((no name)) – https://oas.support.microsoft.com/ActiveX/MSDcode.cab” onclick=”window.open(this.href);return false;
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) – http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab” onclick=”window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: NameServer = 8.26.56.26,156.154.70.22
O17 – HKLMSystemCCSServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: NameServer = 8.26.56.26,156.154.70.22
O17 – HKLMSystemCS1ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS2ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: NameServer = 8.26.56.26,156.154.70.22
O17 – HKLMSystemCS2ServicesTcpip..{D5D4AAEF-1B16-47CF-8CCB-B633A14647EA}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Windows Live Album Download Protocol Handle.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O18 – Filter: text/xml – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – AppInit_DLLs: . (.Agnitum Ltd. – Outpost Hooking Module.) – C:Program FilesAgnitumOutpost Security Suite Prowl_hook.dll
~ AppInit DLL: Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: RCSERVICE (RCSERVICE) . (…) – C:Program FilesASUSP7131Remote ControlRCService.exe
O23 – Service: (vToolbarUpdater17.1.2) . (…) – C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater17.1.2ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
~ Services: 12 Legitimates Filtered in 00mn 17s

—\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{6E06B62D-F063-4BC1-BEF1-068B1ACA37A2}] (…) — C:Program FilesComodoCOMODO Internet Securitycmdinstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8D967302-BCF9-4BC8-A399-2CB1B1B0F609}] (…) — C:ADOBE CS2 V.9Adobe_CS2_KeyGenCrack Activation Photoshop CS2 Fr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{930FAA61-9393-4879-88BD-3FEB8958F3F2}] (…) — E:ADOBE CS2 V.9Crack Activation Photoshop CS2 Fr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A9D320A4-CBCA-43C3-9E5B-6C8AF4392C2D}] (…) — E:ADOBE CS2 V.9Adobe(R) Photoshop(R) CS2Crack Activation Photoshop CS2 Fr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CF33EFED-1CFF-4C90-ADB4-92E8AF300596}] (…) — C:Program FilesComodoCOMODOCOMODO Internet Securitycmdinstall.exe (.not file.) [0]
[MD5.1502DC9C274924A6D8025D30BA7A221C] [APT] [{F73BEBE7-8F29-485C-AE10-E28B6AACA272}] (.FedICT.) — C:Program FilesBelgium Identity CardEidViewereID Viewer.exe [10737869]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 12s

—\ Logiciels installés (O42)
O42 – Logiciel: Pizzicato 3.6 – (…) [HKLM] — Pizzicato 3.6
~ Logic: 14 Legitimates Filtered in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareARPEGE]
[HKLMSoftwareARPEGE]
[HKLMSoftwareYouyan]
~ Key Software: 285 Legitimates Filtered in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 19/06/2013 – 12:37:47 – [0,258] —-D C:Program FilesBeID Minidriver
O43 – CFD: 18/09/2012 – 18:41:29 – [1,163] —-D C:Program FilesImageGrab
O43 – CFD: 1/10/2012 – 10:10:18 – [52,583] —-D C:Program FilesPizzicato 3.x
O43 – CFD: 16/11/2013 – 23:23:42 – [2,159] —-D C:ProgramDataPrivacyware
O43 – CFD: 9/10/2013 – 15:00:57 – [0] -SH-D C:ProgramData{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 – CFD: 30/04/2013 – 08:07:07 – [0] —-D C:UsersDanielAppDataRoamingEhuz
O43 – CFD: 30/04/2013 – 08:07:06 – [0] —-D C:UsersDanielAppDataRoamingItcyd
O43 – CFD: 13/11/2013 – 16:48:42 – [0,009] —-D C:UsersDanielAppDataRoamingMicrosoftWindowsStart MenuPrograms3Dsex
~ 915 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1173 Legitimates Filtered in 01mn 54s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.2E5BC4BA91DC1119D7F497727092BCE7] – 16/11/2013 – 18:21:32 —A- . (…) — C:WindowsSystem32Driverssfi.dat [1474832]
O44 – LFC:[MD5.ED280A0EA3CC38F3CBBC747ACFBEF47D] – 17/11/2013 – 09:54:28 —A- . (…) — C:Windowstransp.gif [49]
O44 – LFC:[MD5.7CD5907FB7144BC183D1CD15BCD8F680] – 17/11/2013 – 09:55:08 —A- . (.VirusBuster Kft. – VirusBuster Loader SYS for Windows NT/2000/.) — C:WindowsSystem32DriversVBEngNT.sys [266872]
O44 – LFC:[MD5.3D6C79A2099B7E8CEE90EF3031BF3DCD] – 22/11/2013 – 18:18:21 —A- . (…) — C:WindowsODBC.INI [28]
O44 – LFC:[MD5.4CB317C311FC08DF4B1A05AE7496A7FD] – 27/11/2013 – 16:18:44 –HA- . (…) — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14832]
O44 – LFC:[MD5.4CB317C311FC08DF4B1A05AE7496A7FD] – 27/11/2013 – 16:18:44 –HA- . (…) — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14832]
~ Files: 53 Legitimates Filtered in 00mn 04s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.7820442553078F065B13D7E392D9BBB2] – 25/11/2013 – 14:33:38 —A- – C:WindowsPrefetchEDGEANIMATE.EXE-2001F246.pf
O45 – LFCP:[MD5.4C0603DCDE44573C26673CBBADAE4294] – 25/11/2013 – 14:41:02 —A- – C:WindowsPrefetchRECUVA.EXE-1A090312.pf
O45 – LFCP:[MD5.046B695C74BD04360DB76CFBC10DEB7D] – 27/11/2013 – 14:59:01 —A- – C:WindowsPrefetchGO.EXE-0A7DE786.pf
O45 – LFCP:[MD5.4F5791CA9F18DAC1EC15F34A3B99357A] – 27/11/2013 – 15:59:46 —A- – C:WindowsPrefetchP7131REMOTEAPPL.EXE-EFB79FB8.pf
O45 – LFCP:[MD5.C4310483CE71083405090ADF305E0136] – 27/11/2013 – 15:59:55 —A- – C:WindowsPrefetchBOINC.EXE-E1EE3F64.pf
O45 – LFCP:[MD5.2C5E432C4EAEA4394AE72ED189E82DA1] – 27/11/2013 – 15:59:55 —A- – C:WindowsPrefetchVPROT.EXE-B916796C.pf
O45 – LFCP:[MD5.25EC97738994DB3D0AB2F15A02FD5ED9] – 27/11/2013 – 16:12:25 —A- – C:WindowsPrefetchBOINCMGR.EXE-9FA32D7A.pf
O45 – LFCP:[MD5.D21E892591208B1BA60D0601C5850BB6] – 27/11/2013 – 16:12:25 —A- – C:WindowsPrefetchBOINCTRAY.EXE-EEAC685C.pf
O45 – LFCP:[MD5.9C48D1ED4EE53BB4C165112B9F05A3FC] – 27/11/2013 – 16:12:30 —A- – C:WindowsPrefetchCREATIVE CLOUD.EXE-C158B143.pf
O45 – LFCP:[MD5.E732CD1C10FF0F4A8A357E37F0268EB5] – 27/11/2013 – 16:12:46 —A- – C:WindowsPrefetchBOINC.SCR-2C83D02F.pf
O45 – LFCP:[MD5.BED77D1650DD1B93509A7719C5D9700A] – 27/11/2013 – 16:12:46 —A- – C:WindowsPrefetchBOINCSCR.EXE-0FD6C3C4.pf
O45 – LFCP:[MD5.397A75B62F80A51BEC8DDA2360FE8B39] – 27/11/2013 – 16:13:03 —A- – C:WindowsPrefetchCORESYNC.EXE-060792B2.pf
O45 – LFCP:[MD5.C90D3BAB3EFD249DB447CD301FBCE44B] – 27/11/2013 – 16:25:12 —A- – C:WindowsPrefetchWLXPGSS.SCR-B6681400.pf
~ Prefetcher: 140 Legitimates Filtered in 00mn 00s

—\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 – MPSK:{2674e3df-b621-11e1-9258-806e6f6e6963}AutoRuncommand. (.Pas de propriétaire – nBrowser.) — E:start.exe
~ Keys: Scanned in 00mn 06s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] – 14/07/2009 – 02:20:28 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [453712]
O58 – SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] – 13/07/2009 – 23:54:14 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [26624]
O58 – SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] – 14/07/2009 – 02:19:04 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [21072]
O58 – SDL:[MD5.36565318396A9D0A880687D1BB9C7F79] – 16/04/2010 – 13:59:44 —A- . (.Syntek – Syntek USB 2.0 Video Mini Driver.) — C:WindowsSystem32DriversStkCMini.sys [1521544]
O58 – SDL:[MD5.77F0BE3C6A752837482C1942E8B8BDAF] – 26/03/2010 – 15:43:32 —A- . (.Syntek America Inc. – Syntek USB 2.0 Video Pipeline Driver.) — C:WindowsSystem32DriversStkCPipe.sys [13874824]
O58 – SDL:[MD5.5F8DBD5586A13C22100AF5FB20E2E6F6] – 3/05/2009 – 15:04:10 —A- . (…) — C:WindowsSystem32DriversStkCSF.sys [197648]
O58 – SDL:[MD5.7CD5907FB7144BC183D1CD15BCD8F680] – 20/11/2012 – 13:52:20 —A- . (.VirusBuster Kft. – VirusBuster Loader SYS for Windows NT/2000/XP.) — C:WindowsSystem32DriversVBEngNT.sys [266872]
O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 13/07/2009 – 22:40:41 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
O58 – SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] – 13/07/2009 – 22:40:44 —A- . (…) — C:WindowsSystem32country.sys [27097]
O58 – SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] – 13/07/2009 – 22:40:40 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
O58 – SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
O58 – SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
O58 – SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] – 13/07/2009 – 22:40:23 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
O58 – SDL:[MD5.CF9ED169FF86D935E47999E82359E898] – 13/07/2009 – 22:40:31 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
O58 – SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] – 13/07/2009 – 22:40:35 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
O58 – SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] – 13/07/2009 – 22:40:39 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
O58 – SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] – 13/07/2009 – 22:40:27 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
O58 – SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] – 13/07/2009 – 22:40:11 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
O58 – SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] – 13/07/2009 – 22:40:15 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
O58 – SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] – 13/07/2009 – 22:40:17 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
O58 – SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] – 13/07/2009 – 22:40:19 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
O58 – SDL:[MD5.D86B6435729231C171432B4E77801BDB] – 13/07/2009 – 22:40:13 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 38s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.Spotlight-V100.lnk [547]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.TemporaryItems.lnk [547]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.Trashes.lnk [533]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.fseventsd.lnk [537]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpa.lnk [1415]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaAqua – Barbie Girl.lnk [553]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaChangement_Formulaire.lnk [1417]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaChansons.lnk [533]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaCours 2 DIP.lnk [1405]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaCover letter.lnk [1403]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaCurriculum Vitae.lnk [1411]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 3.lnk [1389]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 4.lnk [1389]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 5.lnk [1389]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 6.lnk [1389]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDIP 7.lnk [1389]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDROIT SOCIAL IMPRIMER TOUT + RELIER.lnk [615]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDark Horses- Katy Perry ft.lnk [599]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDiapositive 1.lnk [1425]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDiapositive 3 octobre.lnk [1425]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDocument s24 octobres 2013.lnk [581]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit de sécurité sociale.lnk [1437]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit des suretés.lnk [1417]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit fiscal ASSISTANT.lnk [1427]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit fiscal et comptable.lnk [1437]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaDroit international privé .lnk [1439]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFOUND.000.lnk [754]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFOUND.001.lnk [754]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFOUND.002.lnk [754]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaFuture Ft Miley Cyrus – Real & True (Snippet).lnk [627]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaInterview .lnk [1395]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaInterview Anglais.lnk [1409]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaKaty Perry – Roar (Lyric Video).lnk [587]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaKaty Perry – Walking On Air (Audio).lnk [599]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaLady Gaga – Do What U Want – Lyric video.lnk [621]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaMaster cours enregistrés.lnk [573]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaMiley Cyrus – Maybe You're Right (Audio).lnk [609]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaMiley Cyrus – Someone Else (Audio).lnk [593]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaPUBLIC INTERNATION LAW .lnk [1433]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaRecycled.lnk [533]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaSpice Girls – Wannabe – Lyrics.lnk [585] =>Adware.AddLyrics
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpadocument.lnk [1391]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpadzenet.lnk [529]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpahoraire examen IMPRIMER.lnk [1429]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaiCampus.lnk [555]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpaiDroit fiscal et comptable.lnk [1439]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpakogki.lnk [527]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpamichael.lnk [531]
O61 – LFC: 24/11/2013 – 16:36:47 —A- . (…) — C:UsersDanielDocumentsclefpamyfolder.lnk [533]
O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpaSURETE BEST.lnk [1399]
O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpaTP Sureté.lnk [1397]
O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpatogethara.lnk [535]
O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~$CHAUFFOUR EXCEL CALCUL.lnk [1429]
O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~$immoweb.lnk [1391]
O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~WRL0001.lnk [1389]
O61 – LFC: 24/11/2013 – 16:36:48 —A- . (…) — C:UsersDanielDocumentsclefpa~WRL0005.lnk [1389]
O61 – LFC: 24/11/2013 – 16:36:51 —A- . (…) — C:UsersDanielDocumentsDEMANDE ESTIMATION.docx [39328]
O61 – LFC: 24/11/2013 – 16:37:56 —A- . (…) — C:UsersDanielDocumentsEvaluationsDEMANDE ESTIMATION.docx [39346]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.eot [38899]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.svg [166979]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.ttf [77944]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCallibraffitiCalligraffiti-webfont.woff [42868]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.eot [23625]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.svg [53628]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.ttf [40400]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsFloranteFLORLI__-webfont.woff [25188]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.eot [19886]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.svg [62308]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.ttf [40276]
O61 – LFC: 24/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsKingthingsKingthings_Calligraphica_2-webfont.woff [23284]
O61 – LFC: 24/11/2013 – 16:43:04 —A- . (…) — C:UsersDanielDocumentsWebdesignerBanner 2.zip [238658]
O61 – LFC: 24/11/2013 – 16:50:05 —A- . (…) — C:UsersDanielDownloadsPIL_Course_Outline_2013-2014_REV.docx [56948]
O61 – LFC: 24/11/2013 – 16:51:54 -SHA- . (…) — C:UsersDanielThumbs.db [15872]
O61 – LFC: 25/11/2013 – 16:37:23 —A- . (…) — C:UsersDanielDocumentsEdge5XCLI.lnk [746]
O61 – LFC: 25/11/2013 – 16:37:23 —A- . (…) — C:UsersDanielDocumentsEdgeParisedge_includesedge.2.0.1.min.js [115474]
O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2.an [11159]
O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2.html [530]
O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2_edge.js [31869]
O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2_edgeActions.js [1780]
O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisParis2_edgePreload.js [11183]
O61 – LFC: 25/11/2013 – 16:37:24 —A- . (…) — C:UsersDanielDocumentsEdgeParisedge_includesjquery-1.7.1.min.js [93871]
O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.eot [31830]
O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.svg [99027]
O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.ttf [76364]
O61 – LFC: 25/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusAmadeus-webfont.woff [37216]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsAmadeusstylesheet.css [405]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.eot [31399]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.svg [117680]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.ttf [61600]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnecac_champagne-webfont.woff [33844]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsChampagnestylesheet.css [427]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.eot [13237]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.svg [26900]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.ttf [32156]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiateSF_Collegiate-webfont.woff [14432]
O61 – LFC: 25/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrefontsCollegiatestylesheet.css [427]
O61 – LFC: 25/11/2013 – 16:43:19 —A- . (…) — C:UsersDanielDocumentsWebdesignerBarbarinExercice question au client pour la rédaction cdc ifosup.docx [26596]
O61 – LFC: 25/11/2013 – 16:48:35 —A- . (…) — C:UsersDanielDownloadsdes_13-11-22.zip [575359]
O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreafrique.html [2897]
O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreamerique.html [2900]
O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreantartique.html [2903]
O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreasie.html [2913]
O61 – LFC: 26/11/2013 – 16:40:43 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreeurope.html [2913]
O61 – LFC: 26/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembreindex.html [2963]
O61 – LFC: 26/11/2013 – 16:40:44 —A- . (…) — C:UsersDanielDocumentsNathalieDevoir 22 novembrestylepolices.css [3855]
O61 – LFC: 26/11/2013 – 16:40:54 —A- . (…) — C:UsersDanielDocumentspartition musiqueles fugitifs thème n°2 thème de jeanne2.zip [4096691]
O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpde 1 a 100 for.php [176]
O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpdiv 1 a 100.php [218]
O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpdiv 1 a 100.txt [225]
O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpfor n.php [317]
O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpfor.php [290]
O61 – LFC: 26/11/2013 – 16:43:24 —A- . (…) — C:UsersDanielDocumentsWebdesignerBruno Martindbsitephpmultiplication.php [231]
O61 – LFC: 27/11/2013 – 16:29:54 —A- . (…) — C:UsersDanielAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [261354]
O61 – LFC: 27/11/2013 – 16:29:58 —A- . (…) — C:UsersDanielAppDataLocalGoogleChromeUser DataLocal State [47327]
O61 – LFC: 27/11/2013 – 16:29:59 —A- . (…) — C:UsersDanielAppDataLocalGoogleToolbar Bookmarks_bookmarks [3794]
O61 – LFC: 27/11/2013 – 16:29:59 —A- . (…) — C:UsersDanielAppDataLocalGoogleToolbar Cache7.5.4601.54frtranslate_element.js.content [2381]
O61 – LFC: 27/11/2013 – 16:33:15 —A- . (…) — C:UsersDanielAppDataRoamingZHPLog.txt [19038] =>.Nicolas Coolman
O61 – LFC: 27/11/2013 – 16:33:15 —A- . (…) — C:UsersDanielAppDataRoamingZHPTestsZHPDiag.txt [2845] =>.Nicolas Coolman
O61 – LFC: 27/11/2013 – 16:42:07 —A- . (…) — C:UsersDanielDocumentssos.docx [13723]
O61 – LFC: 27/11/2013 – 16:43:19 —A- . (.Barmarin Gérard.) — C:UsersDanielDocumentsWebdesignerBarbarincahier-des-charges-vide-exercice-Ifosup-2013-2014.doc [601088]
O61 – LFC: 27/11/2013 – 16:48:03 –HA- . (…) — C:UsersDanielDocuments~$sos.docx [162]
~ 42 Fichiers temporaires (Temporary files)
~ Files: 337 Legitimates Filtered in 22mn 07s

—\ Fichiers Alternate Data Stream (ADS) (O62)
O62 – ADS:Alternate Data Stream File – C:WindowsSystem3234CoInstaller.dll:Zone.Identifier
O62 – ADS:Alternate Data Stream File – C:WindowsSystem32Drivers3xHybrid.sys:Zone.Identifier
~ ADS: Scanned in 00mn 05s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.) [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 20/11/2012 – C:Windowssystem32driversVBEngNT.sys (VBEngNT) .(.VirusBuster Kft. – VirusBuster Loader SYS for Windows NT/2000/.) – LEGACY_VBENGNT
~ Legacy: 83 Legitimates Filtered in 00mn 01s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} – (Yahoo! Search) – http://us.search.yahoo.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {B8E088E3-8A00-4E37-A441-128B48F0496E} – (IMVU Inc Customized Web Search) – http://search.conduit.com” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 – Search Svchost Services: winmgmt (winmgmt) . (…) — C:Program Filesbqdo1t7v.plz [0]

~ Services: 32 Legitimates Filtered in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][20/04/2013] (…) — C:ProgramDatayIh5P5.dat [0]
[MD5.C59BDF3C0E8F946A6D9E8E3934485830] [SPRF][22/11/2013] (…) — C:UsersDanielAppDataLocalTempQuarantine.exe [355225]
[MD5.9514AB89D37EFEFE607E06D99DA2608C] [SPRF][5/10/2013] (.Tracker Software Products Ltd – PDF-XChange PDF Viewer Setup.) — C:UsersDanielDesktop156-PDF_XChange_Viewer-v2.0.50-mid215-l-ax86.exe [13205912]
[MD5.AFAFA655CC59872129A32CDE4F60F2DE] [SPRF][27/11/2013] (…) — C:UsersDanielDesktopadwcleaner.exe [1091882]
[MD5.D33DC34F754DFA47C58526DF26045180] [SPRF][14/09/2012] (.Paul Glagla – ImageGrab de Paul Glagla.) — C:UsersDanielDesktopimagegrab_50fr.exe [2210816]
~ Files: 11 Legitimates Filtered in 00mn 01s[/spoiler:msd0ibb0]