~ Rapport de ZHPDiag v2013.11.11.25 - Nicolas Coolman (11/11/2013) ~ Lancé par Dan (12/11/2013 07:34:58) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16721 MFIE: Mozilla Firefox 25.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 7QJB7 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v8.0.1497.0 Malwarebytes Anti-Malware version 1.75.0.1300 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader XI Java 7 Update 45 ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3828 MB (53% free) System Restore: Activé (Enable) System drive C: has 72 GB (58%) free of 125 GB ---\\ Mode de connexion au système ~ Computer Name: DAN-PC ~ User Name: Dan ~ All Users Names: HomeGroupUser$, Dan, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Dan\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Dan\AppData\Roaming\ ~ %Desktop% : C:\Users\Dan\Desktop\ ~ %Favorites% : C:\Users\Dan\Favorites\ ~ %LocalAppData% : C:\Users\Dan\AppData\Local\ ~ %StartMenu% : C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 72 Go of 125 Go) D: Hard drive, Flash drive, Thumb drive (Free 234 Go of 466 Go) E: Hard drive, Flash drive, Thumb drive (Free 146 Go of 323 Go) F: CD-ROM drive (Not Inserted) G: Floppy drive, Flash card reader, USB Key (Free 10 Go of 15 Go) I: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 49 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Favoris (My Favorites) : 1/34 ~ Mes Documents (My Documents) : 1/768 ~ Mon Bureau (My Desktop) : 1/12 ~ Menu demarrer (Programs) : 1/30 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3872] =>Toolbar.Google [MD5.15759892AB41078E8AFB77EC14FB94C1] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168] [PID.3308] [MD5.69D10A8ED7E28F6425C68AB7A9564FD9] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1289296] [PID.3212] [MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.3276] [MD5.DD7DAE4E8F169D1FF4511FC292FF6FF6] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.3436] [MD5.BE97C2604AD07E66ADC3D34029214536] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [288336] [PID.4860] [MD5.EF01D104449CC654FDCF423C92BD8846] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.4784] [MD5.2A43A30EF7FCFD1284F8C3318B784A68] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.5188] [MD5.EB68851F020D35293EADAADEB18B8220] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe [1862536] [PID.5224] [MD5.0248882379D37F3DC3EA1C721803B645] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8202752] [PID.5600] [MD5.9330941C8F6DF417F6DBBE998DB6687E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1440] [MD5.27C93735C6584F2725965EC4D609A7D0] - (.Egis Technology Inc. - Pas de description.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe [3367792] [PID.1548] [MD5.1C67B44907B90DC43E2CF540DBB6E320] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056] [PID.1832] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1864] [MD5.55F6F3E0DF82E0113082852347BF2C16] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [325200] [PID.1936] [MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [1150496] [PID.2020] [MD5.64C7429D0BD8C65AE9FD366D01C37C10] - (.Egis Technology Inc. - BASVC.exe.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3456880] [PID.1336] [MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144] [PID.1608] [MD5.5B3CE960C62DBE864BE9A0BD043A3E30] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368] [PID.1788] [MD5.B5071E15D4C3F5EF5018AFF7E85A85E5] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640] [PID.2068] [MD5.D955D5DE998DB2476BF0892BE3A96C26] - (.O2Micro International - O2 Flash Memory Service.) -- C:\Windows\system32\DRIVERS\o2flash.exe [65536] [PID.2096] [MD5.F12A68ED55053940CADD59CA5E3468DD] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904] [PID.2256] [MD5.7CB9F0FDD730F4A4ECF6CDE15EA12E8A] - (.Acer Incorporated - Raw Socket Service.) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640] [PID.2288] [MD5.E4FAD21646088D79F8889B6531396ACF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2348] [MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [240160] [PID.2440] [MD5.41118D920B2B268C0ADC36421248CDCF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240] [PID.5856] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 0 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\ui8qnj1b.default\prefs.js M0 - MFSP: prefs.js [Dan - ui8qnj1b.default] http://www.google.fr P2 - FPN:Firefox Plugin Navigator . (.Macromedia, Inc. - Macromedia Shockwave for Director Netscape plug-in, version 8.5.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np32dsw.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.05.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ~ Firefox Browser: 19 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 ~ IE Browser: 16 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: WsSVRIEHelper [64Bits] - {54F73992-6549-4369-9A0D-84FD310A464A} . (.Aimersoft Software Co., Ltd. - Aimersoft Video Converter Ultimate Plugin.) -- C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRIEPlugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d’aide de l’Assistant de connexion au compte Microsoft [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline ~ BHO: 9 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Aimersoft Video Converter Ultimate.lnk . (.Aimersoft Software - Aimersoft Video Converter.) -- C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\AiVCUSplash.exe O4 - GS\Desktop [Public]: EaseUS Partition Master 9.2.2(JPM).lnk . (...) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EPMStartLoader.exe O4 - GS\Desktop [Public]: Encyclopédie 2003.lnk . (.Microsoft Corporation - Microsoft Encarta 2003.) -- C:\Program Files (x86)\Microsoft Encarta\Encyclopédie 2003\encarta.exe O4 - GS\Desktop [Public]: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - GS\Desktop [Public]: SpeedUpMyPC.lnk . (.SpeedUpMyPC - Uniblue SpeedUpMyPC.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe =>Rogue.SpeedUpMyPC O4 - GS\Desktop [Public]: tous les 7 jours Malwarebytes 5 mn.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Microsoft AutoRoute 2002.lnk . (...) -- C:\Windows\Installer\{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}\_81CFF245D823_4DBB_AB6F_B2DE5ADB4464.exe O4 - GS\Program [Public]: Microsoft Money.lnk . (.Microsoft(R) Corporation - Microsoft Money.) -- C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe O4 - GS\Program [Public]: Microsoft Office Word Viewer 2003.lnk . (...) -- C:\Windows\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe O4 - GS\Program [Public]: Microsoft Picture It! Photo 7.0.lnk . (.Microsoft Corporation - Picture It! 7.0.) -- C:\Program Files (x86)\Microsoft Picture It! 7\Pip.exe O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.) O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation O4 - GS\QuickLaunch [Dan]: Aimersoft Video Converter Ultimate.lnk . (.Aimersoft Software - Aimersoft Video Converter Ultimate.) -- C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\VideoConverterUltimate.exe O4 - GS\QuickLaunch [Dan]: EaseUS Partition Master 9.2.2.lnk . (...) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EPMStartLoader.exe O4 - GS\QuickLaunch [Dan]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [Dan]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation O4 - GS\QuickLaunch [Dan]: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - GS\QuickLaunch [Dan]: Samsung Story Album Viewer.lnk . (...) -- C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe O4 - GS\QuickLaunch [Dan]: SpeedUpMyPC.lnk . (.SpeedUpMyPC - Uniblue SpeedUpMyPC.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe =>Rogue.SpeedUpMyPC O4 - GS\TaskBar [Dan]: ACDSee Pro 3.lnk . (.Macrovision Corporation - InstallShield.) -- C:\Windows\Installer\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}\ACDSeeDesktopShortcu_F99F74B4972B4B06B8936B3B0DB0128B.exe O4 - GS\TaskBar [Dan]: Canon Solution Menu.lnk . (.CANON INC. - CNSLMAIN.) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe O4 - GS\TaskBar [Dan]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar [Dan]: Microsoft Money.lnk . (.Microsoft(R) Corporation - Microsoft Money.) -- C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe O4 - GS\TaskBar [Dan]: Microsoft Office Excel 2003.lnk . (...) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe O4 - GS\TaskBar [Dan]: Microsoft Office Word 2003.lnk . (...) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe O4 - GS\TaskBar [Dan]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar [Dan]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation O4 - GS\TaskBar [Dan]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\TaskBar [Dan]: Panorama Maker 4.lnk . (.ArcSoft, Inc. - ArcSoft Panorama Maker.) -- C:\Program Files (x86)\ArcSoft\Software Suite\Panorama Maker 4\PMK.exe O4 - GS\TaskBar [Dan]: SILKYPIX Developer Studio 3.1 SE.lnk . (.Ichikawa Soft Laboratory - SILKYPIX Developer Studio 3.1 SE.) -- C:\Program Files (x86)\ISL\SILKYPIX Developer Studio 3.1 SE\SILKYPIX_DS_3SE.exe O4 - GS\TaskBar [Dan]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\TaskBar [Dan]: Total Commander.lnk . (.C. Ghisler & Co. - Total Commander 32 bit version internationa.) -- C:\totalcmd\TOTALCMD.exe O4 - GS\TaskBar [Dan]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\Program [Dan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Program [Dan]: Webplayer.lnk . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe O4 - GS\Accessories [Dan]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O4 - GS\Accessories [Dan]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [Dan]: Run.lnk - Clé orpheline O4 - GS\Accessories [Dan]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\SystemTools [Dan]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SystemTools [Dan]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation O4 - GS\Desktop [Dan]: adwcleaner.exe - Stop Antivirus.lnk . (...) -- D:\Téléchargements\adwcleaner.exe O4 - GS\Desktop [Dan]: Webplayer.lnk . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_481820CA410C366184E158.exe O4 - GS\Desktop [Dan]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [Dan]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman ~ Global Startup: 78 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTrayLauncher.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Wow6432Node\Run: [BrowserPlugInHelper] . (...) -- C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-516337347-4083560862-3161475633-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-516337347-4083560862-3161475633-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-21-516337347-4083560862-3161475633-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Quick-Launch Area [64Bits] - {10954C80-4F0F-11d3-B17C-00C0DFE39736} . (...) -- C:\Program Files (x86)\Acer Bio Protection\IETag.ico O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 9 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{90084561-A5A0-42A8-9977-039D560DA0A6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{26FE4ACE-CB9D-4600-8142-A2F08F7E563A}: DhcpDomain = acer.com.tw O17 - HKLM\System\CS1\Services\Tcpip\..\{90084561-A5A0-42A8-9977-039D560DA0A6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{26FE4ACE-CB9D-4600-8142-A2F08F7E563A}: DhcpDomain = acer.com.tw O17 - HKLM\System\CS2\Services\Tcpip\..\{90084561-A5A0-42A8-9977-039D560DA0A6}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{26FE4ACE-CB9D-4600-8142-A2F08F7E563A}: DhcpDomain = acer.com.tw O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (...) -- ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: EgisTec Service (IGBASVC) . (.Egis Technology Inc. - BASVC.exe.) - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: O2FLASH (O2FLASH) . (.O2Micro International - O2 Flash Memory Service.) - C:\Windows\System32\DRIVERS\o2flash.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: Raw Socket Service (RS_Service) . (.Acer Incorporated - Raw Socket Service.) - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Intel(R) Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe ~ Services: 20 Scanned in 00mn 04s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Acer Registration Data Sending.job [340] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedUpMyPC.job [278] =>Rogue.SpeedUpMyPC [MD5.C234BC05EF8320ABBF1AA04B95886E16] [APT] [Acer Registration Data Sending] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Registration\GREG.exe [2846240] [MD5.82C362A81EE4E441CD85260C8E9E708A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [251784] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664] [MD5.9AF9B85440048DE7BCED4A52A62C417A] [APT] [SpeedUpMyPC] (.SpeedUpMyPC.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe [395608] =>Rogue.SpeedUpMyPC [MD5.00000000000000000000000000000000] [APT] [{0A756DBA-E088-47BA-9393-343FB28BC40A}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{1322FF5A-64F2-4052-850D-28EFFCC84295}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{134592C5-B3CD-42EE-B88B-2C264E655E35}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{1665A3C5-2C99-4B7A-9672-47FA0E0C45C0}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{1800AFE2-0B28-403B-8757-285B5EC849FC}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{191DBEA1-D2E9-4012-8300-B8491C5F5346}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{1FEA9679-5894-419E-8C8C-1170B42C3462}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{22EDFC52-BCC5-466F-BE88-34E37932D537}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{2C2788E5-96F0-4798-BEC6-E3F94E8F6A67}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{2F2735C9-CCB5-4F2C-B507-6C7C27FCE1DA}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{34BFB9DF-91D5-4BBF-A666-FF1CC331F64A}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{35C8EC7A-4B19-47EA-AF26-2DF968AC7513}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{38E7C5B5-7CB8-4D1A-B243-6D3EB8305639}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{3D658ED0-8DD8-4A67-BB9E-94B172BB34F5}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{3E27B6FC-769A-48ED-AD19-436BBC158391}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4C6F2F0E-50CE-4FE9-BF00-F1FB8BF8A2DE}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4FD2CC51-5480-4874-AD8B-2C4564C1E7FD}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{511CAF61-ECED-449A-97E0-F529D563F503}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{529CD919-1B0B-4778-B960-8A5DD826DC8D}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{57D6C318-80BB-46E3-9143-5045524CFBD8}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{5DD752B8-02B7-4FE6-8FCA-E40B659B5B47}] (...) -- G:\T‚l‚chargements\OfficePro Norton + (Lionel)\Daemon tools\daemon347.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{6A65D6F6-232A-4F45-8709-84651AED8BF3}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7636FD6A-ED53-42D5-BD1C-FFC6E79E174C}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7C80A226-8E07-4553-83DD-DB49634E4EDB}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7F8B369D-16CF-4351-B190-EC1E82849C71}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8467DD3E-BE3C-4F97-B7F8-660703C0CB01}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8586CF6C-5B06-423C-B98C-215EF700AD7D}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{860FB60C-82A0-48ED-8B5E-745F5148ADFF}] (...) -- G:\T‚l‚chargements\OfficePro Norton + (Lionel)\Daemon tools\daemon347.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8A995D15-A2DF-4748-A2C7-D45410CDC67B}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8E2E28FE-FEF9-407C-8CFD-115A435E4A2E}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{9077AF60-66B8-4962-B2FE-0E3508AEDC6E}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{97F52B5A-9ECC-4F0B-B36C-56D7FEE865FC}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{9CD9692A-6550-4B37-B149-6308CF133456}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A4F930A5-BAF5-4C16-8B83-E636629C537A}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A593718E-CD8C-4572-A5C5-CF9648015450}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{B1DEB284-3ADA-4DE5-9FE1-DB65952F475B}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{B2E8CDE9-B24B-48DF-9FF2-982A9205118F}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{B93D4E4F-E051-4453-81F5-EEBDB4067E33}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{CE9FAC76-D31E-4A65-8ACF-94ADFA158402}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D26BDF51-B012-40BD-BC34-04EF262550D9}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D9ECE9AC-6322-4049-A33B-9004C478E34A}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DAF4A241-E445-4595-9B2A-51609360625C}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DB78937A-6D48-49BF-A13A-3C4B5B35B643}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DD90D88E-D863-4B4D-8D90-4418429BBA19}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DDA17E77-A1C8-4E44-91CE-C11E6757D58E}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DDC6DF5F-2F1D-438D-9C58-E67F7D2AE826}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{EEB6FFBC-6476-47CA-B8C1-91D788AA598F}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F32D60DB-A8F1-4887-B2DA-7D5C3535957C}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F6D1B2EF-D0CC-4018-8466-2A644D40D01F}] (...) -- D:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{FB78BE8F-DD9B-4BF2-B9F9-601C4DE74F19}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{FE76F9F7-1C57-45D4-8ABF-9933146D3A00}] (...) -- F:\Money97\INSTALL.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] ~ Scheduled Task: 64 Scanned in 00mn 05s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 10 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 75 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: ACDSee Pro 3 - (.ACD Systems International Inc..) [HKLM][64Bits] -- {1B280FAF-AE10-4E31-A41A-DB3917D651DC} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5AE0838D-19B1-5D12-5FE8-E6503B2C8716} O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corp..) [HKLM][64Bits] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: Acer Arcade Movie - (.CyberLink Corp..) [HKLM][64Bits] -- {B906C11A-D193-4143-9FA7-E2EE8A5A8F21} O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121} O42 - Logiciel: Acer Bio Protection - (.Egis Technology Inc..) [HKLM][64Bits] -- InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5} O42 - Logiciel: Acer Crystal Eye Webcam - (.Suyin Optronics Corp.) [HKLM][64Bits] -- {7760D94E-B1B5-40A0-9AA0-ABF942108755} O42 - Logiciel: Acer PowerSmart Manager - (.Acer Incorporated.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964} O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Registration O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Screensaver O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA} O42 - Logiciel: Acer VCM - (.Acer Incorporated.) [HKLM][64Bits] -- {047F790A-7A2A-4B6A-AD02-38092BA63DAC} O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {52E225FC-FCB4-41F7-837B-6E37FB05BD7B} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Aimersoft Video Converter Ultimate(Build 5.6.0.1) - (.Aimersoft Software.) [HKLM][64Bits] -- Aimersoft Video Converter Ultimate_is1 O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} O42 - Logiciel: Amazonia - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: ArcSoft Software Suite - (.ArcSoft.) [HKLM][64Bits] -- {497A1721-088F-41EF-8876-B43C9DA5528B} O42 - Logiciel: Archiveur WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: Backup Manager Advance - (.NewTech Infosystems.) [HKLM][64Bits] -- {30075A70-B5D2-440B-AFA3-FB2021740121} O42 - Logiciel: Canon IJ Network Scan Utility - (...) [HKLM][64Bits] -- Canon_IJ_Network_Scan_UTILITY O42 - Logiciel: Canon IJ Network Tool - (...) [HKLM][64Bits] -- Canon_IJ_Network_UTILITY O42 - Logiciel: Canon MP Navigator EX 2.0 - (...) [HKLM][64Bits] -- MP Navigator EX 2.0 O42 - Logiciel: Canon MP620 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (...) [HKLM][64Bits] -- Easy-PhotoPrint EX O42 - Logiciel: Canon Utilities My Printer - (...) [HKLM][64Bits] -- CanonMyPrinter O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM][64Bits] -- CanonSolutionMenu O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {4BCBC4D0-1D88-462D-809E-506F34EA11C0} O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100} O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} O42 - Logiciel: EaseUS Partition Master 9.2.2 - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master_is1 O42 - Logiciel: Encyclopédie Microsoft Encarta 2003 - (.Microsoft Corporation.) [HKLM][64Bits] -- {03460014-3975-4267-9F39-1DC4745090B7} O42 - Logiciel: Enregistrement utilisateur de Canon MP620 series - (...) [HKLM][64Bits] -- Enregistrement utilisateur de Canon MP620 series =>.Canon Inc O42 - Logiciel: Extension Système de Microsoft Money - (.Microsoft.) [HKLM][64Bits] -- {02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7} O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173} O42 - Logiciel: Fingerprint Solution - (.Egis Technology Inc..) [HKLM][64Bits] -- {E09664BB-BB08-45FA-87D1-33EAB0E017F5} O42 - Logiciel: First Class Flurry - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410} O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Granny In Paradise - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697} O42 - Logiciel: Haali Media Splitter - (...) [HKLM][64Bits] -- HaaliMkx O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380} O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- Identity Card O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Intel(R) Turbo Boost Technology Driver - (.Intel Corporation.) [HKLM][64Bits] -- {D6C630BF-8DBB-4042-8562-DC9A52CB6E7E} O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM][64Bits] -- LManager O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM][64Bits] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MediaShow Espresso - (.CyberLink Corp..) [HKLM][64Bits] -- {4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3} O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477} O42 - Logiciel: Microsoft AutoRoute 2002 - (.Microsoft.) [HKLM][64Bits] -- {F7F2DC0A-C22E-49AD-AD37-797309A54E7B} O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM][64Bits] -- Money2005b O42 - Logiciel: Microsoft Picture It! Photo 7.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {369B36BE-3D64-4641-9AEA-808D436FE132} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Works 7.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {64D114CE-4234-45C2-B60A-2B07D5A48F72} O42 - Logiciel: Moniteur de la technologie Intel® Turbo Boost - (.Intel.) [HKLM][64Bits] -- {39F4C6F9-618A-4E5B-8FB2-6BD661174E32} O42 - Logiciel: Mozilla Firefox 25.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 25.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Mozilla Thunderbird 24.1.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 24.1.0 (x86 fr) =>.Mozilla Corporation O42 - Logiciel: MyTomTom 3.2.0.1220 - (.TomTom.) [HKLM][64Bits] -- MyTomTom O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- InstallShield_{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768} O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0D7CD0D9-4A88-4A63-8F91-3F4E8F371768} O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403} O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} O42 - Logiciel: Nuvoton CIR Device Drivers - (.Nuvoton Technology Corporation.) [HKLM][64Bits] -- {FBC79D04-051E-4367-8051-1DB0C893FBE0} O42 - Logiciel: O2Micro 1394 OHCI Compliant Host Controller Driver - (.O2Micro International LTD..) [HKLM][64Bits] -- InstallShield_{AFC44A23-E6A8-4625-B6B1-23D438525D59} O42 - Logiciel: O2Micro 1394 OHCI Compliant Host Controller Driver - (.O2Micro International LTD..) [HKLM][64Bits] -- {AFC44A23-E6A8-4625-B6B1-23D438525D59} O42 - Logiciel: O2Micro Flash Memory Card Windows Driver - (.O2Micro International LTD..) [HKLM][64Bits] -- InstallShield_{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249} O42 - Logiciel: O2Micro Flash Memory Card Windows Driver - (.O2Micro International LTD..) [HKLM][64Bits] -- {5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249} O42 - Logiciel: OutlookAddInNet3Setup - (.Samsung.) [HKLM][64Bits] -- {5B4383F2-37EE-4E97-AD81-F5FF76F286DA} O42 - Logiciel: PHOTOfunSTUDIO 6.5 BD Edition - (.Panasonic Corporation.) [HKLM][64Bits] -- {AD5B7E20-00E1-4B7B-84DC-53F5CEFFA367} O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {232F1B14-7126-491F-AC8C-6123BA58FDE2} =>PUP.QuickShare O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} O42 - Logiciel: SILKYPIX Developer Studio 3.1 SE - (.Ichikawa Soft Laboratory.) [HKLM][64Bits] -- InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Story Album Viewer - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F} O42 - Logiciel: Samsung Story Album Viewer - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {698BBAD8-B116-495D-B879-0F07A533E57F} O42 - Logiciel: Shockwave - (...) [HKLM][64Bits] -- Shockwave O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: Sélecteur d'installation de Microsoft Works Suite 2003 - (...) [HKLM][64Bits] -- Works2003Setup O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {99072AB4-D795-44D5-9D65-E3C9F8322C97} O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: Total Commander (Remove or Repair) - (...) [HKLM][64Bits] -- Totalcmd O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM][64Bits] -- Unlocker O42 - Logiciel: Visual Studio C++ 10.0 Runtime - (.TomTom International B.V..) [HKLM][64Bits] -- {4412F224-3849-4461-A3E9-DEEF8D252790} O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E} O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Welcome Center O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) - (.Broadcom.) [HKLM][64Bits] -- DFEA59689C004DFD0378309F3A583EA32D78A1B3 O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) - (.Broadcom.) [HKLM][64Bits] -- 6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1 O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM][64Bits] -- 3BA80AB4C7E9F8497C115C844953A3D4BEB84D21 O42 - Logiciel: avast! Free Antivirus v8.0.1497.0 - (.AVAST Software.) [HKLM][64Bits] -- avast O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM][64Bits] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} ~ Logic: 180 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ACD Systems] [HKCU\Software\AIVCUPlugin] [HKCU\Software\ATI] [HKCU\Software\AVAST Software] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\ArcSoft] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\Disc Soft] [HKCU\Software\Dritek] [HKCU\Software\EaseUS] [HKCU\Software\EpmNewsInfo] [HKCU\Software\Ghisler] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\OEM] [HKCU\Software\Panasonic] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\RtkPCEE3sMsg] [HKCU\Software\Samsung] [HKCU\Software\Sonix] [HKCU\Software\Synaptics] [HKCU\Software\TomTom] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WSVCUPlugin] [HKCU\Software\Widcomm] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\WsAudio_Device] [HKCU\Software\ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ ƒEƒBƒU[ƒh‚Ő¶¬‚³‚ꂽƒ[ƒJƒ‹ ƒAƒvƒŠƒP[ƒVƒ‡ƒ“] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Acer] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cyberlink] [HKLM\Software\EgisTec] [HKLM\Software\EnigmaSoftwareGroup] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nuvoton Technology Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OemSetup] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SAMSUNG] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\Synaptics] [HKLM\Software\Waves Audio] [HKLM\Software\Widcomm] [HKLM\Software\Wow6432Node\ACD Systems] [HKLM\Software\Wow6432Node\ATI Technologies] [HKLM\Software\Wow6432Node\ATI] [HKLM\Software\Wow6432Node\AVAST Software] [HKLM\Software\Wow6432Node\Acer Arcade InstantOn SM83_CP] [HKLM\Software\Wow6432Node\Acer Incorporated] [HKLM\Software\Wow6432Node\Acer] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\AimersoftSysMenuDATA] [HKLM\Software\Wow6432Node\Aimersoft] [HKLM\Software\Wow6432Node\America Online] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\ArcSoft] [HKLM\Software\Wow6432Node\Atheros Communications Inc.] [HKLM\Software\Wow6432Node\Canon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\Disc Soft] [HKLM\Software\Wow6432Node\Dritek] [HKLM\Software\Wow6432Node\EASEUS] [HKLM\Software\Wow6432Node\EgisTec IPS] [HKLM\Software\Wow6432Node\EgisTec] [HKLM\Software\Wow6432Node\Ghisler] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\ISL] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\MShowEspresso_Upgrade] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\McAfeeInstaller] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\NewTech Infosystems] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OEM] [HKLM\Software\Wow6432Node\Oberon Media] [HKLM\Software\Wow6432Node\Panasonic] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\SiteAdvisor] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Suyin Optronics Corp] [HKLM\Software\Wow6432Node\TomTom] [HKLM\Software\Wow6432Node\Uniblue] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WinRAR] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] ~ Key Software: 210 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 17/09/2013 - 08:48:30 - [96,111] ----D C:\Program Files (x86)\ACD Systems O43 - CFD: 12/03/2010 - 08:44:16 - [61,662] ----D C:\Program Files (x86)\Acer O43 - CFD: 16/09/2013 - 13:09:02 - [257,384] ----D C:\Program Files (x86)\Acer Arcade Deluxe O43 - CFD: 16/09/2013 - 12:43:14 - [106,273] ----D C:\Program Files (x86)\Acer Bio Protection O43 - CFD: 21/09/2013 - 06:54:30 - [761,575] ----D C:\Program Files (x86)\Acer GameZone O43 - CFD: 21/09/2013 - 06:10:35 - [122,533] ----D C:\Program Files (x86)\Adobe O43 - CFD: 16/10/2013 - 11:01:41 - [120,997] ----D C:\Program Files (x86)\Aimersoft O43 - CFD: 18/09/2013 - 13:57:06 - [2,316] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 16/09/2013 - 13:04:26 - [0] ----D C:\Program Files (x86)\ArcadeIO O43 - CFD: 18/09/2013 - 14:17:47 - [139,170] ----D C:\Program Files (x86)\ArcSoft O43 - CFD: 16/09/2013 - 11:55:47 - [81,626] ----D C:\Program Files (x86)\ATI Technologies O43 - CFD: 18/09/2013 - 08:39:18 - [296,172] ----D C:\Program Files (x86)\Canon O43 - CFD: 02/11/2013 - 21:23:31 - [436,678] ----D C:\Program Files (x86)\Common Files O43 - CFD: 16/09/2013 - 13:06:43 - [0,429] ----D C:\Program Files (x86)\Cyberlink O43 - CFD: 20/09/2013 - 08:50:11 - [26,838] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 18/09/2013 - 15:29:16 - [86,434] ----D C:\Program Files (x86)\EaseUS O43 - CFD: 16/09/2013 - 13:04:11 - [2,975] ----D C:\Program Files (x86)\EgisTec IPS O43 - CFD: 12/03/2010 - 08:31:02 - [46,839] ----D C:\Program Files (x86)\EgisTec MyWinLocker O43 - CFD: 12/03/2010 - 08:25:22 - [20,905] ----D C:\Program Files (x86)\eSobi O43 - CFD: 16/09/2013 - 18:04:57 - [67,177] ----D C:\Program Files (x86)\Google O43 - CFD: 16/09/2013 - 13:06:06 - [5,036] ----D C:\Program Files (x86)\Haali O43 - CFD: 02/11/2013 - 21:56:56 - [263,862] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 16/09/2013 - 12:49:52 - [32,777] ----D C:\Program Files (x86)\Intel O43 - CFD: 12/10/2013 - 06:36:35 - [6,175] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 18/09/2013 - 14:03:12 - [45,263] ----D C:\Program Files (x86)\ISL O43 - CFD: 16/10/2013 - 11:11:46 - [121,070] ----D C:\Program Files (x86)\Java O43 - CFD: 12/03/2010 - 08:04:18 - [7,257] ----D C:\Program Files (x86)\Launch Manager O43 - CFD: 12/10/2013 - 06:52:59 - [13,265] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 02/11/2013 - 21:26:19 - [2,414] ----D C:\Program Files (x86)\MarkAny O43 - CFD: 18/09/2013 - 12:32:45 - [712,404] ----D C:\Program Files (x86)\Microsoft AutoRoute O43 - CFD: 18/09/2013 - 12:50:47 - [479,471] ----D C:\Program Files (x86)\Microsoft Encarta O43 - CFD: 20/09/2013 - 09:09:19 - [75,350] ----D C:\Program Files (x86)\Microsoft Money 2005 O43 - CFD: 29/09/2013 - 18:21:43 - [230,395] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 18/09/2013 - 10:33:47 - [182,745] ----D C:\Program Files (x86)\Microsoft Picture It! 7 O43 - CFD: 12/10/2013 - 06:30:16 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 17/09/2013 - 12:03:00 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight(Caméra et +) O43 - CFD: 13/10/2013 - 21:13:42 - [4,837] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 18/09/2013 - 13:50:57 - [0,327] ----D C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 18/09/2013 - 12:57:06 - [80,454] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 18/09/2013 - 12:26:12 - [6,602] ----D C:\Program Files (x86)\Microsoft Works Suite 2003 O43 - CFD: 18/09/2013 - 13:47:16 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 03/11/2013 - 08:56:42 - [50,836] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 03/11/2013 - 09:03:06 - [0,216] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 01/11/2013 - 08:33:07 - [49,983] ----D C:\Program Files (x86)\Mozilla Thunderbird =>.Mozilla Corporation O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 29/09/2013 - 18:21:01 - [63,752] ----D C:\Program Files (x86)\MSECache O43 - CFD: 16/09/2013 - 12:20:40 - [0,070] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 23/09/2013 - 09:38:40 - [17,510] ----D C:\Program Files (x86)\MyTomTom 3 O43 - CFD: 12/03/2010 - 08:38:21 - [1449,150] ----D C:\Program Files (x86)\NewTech Infosystems O43 - CFD: 12/03/2010 - 08:05:26 - [3,383] ----D C:\Program Files (x86)\Nuvoton Technology Corporation O43 - CFD: 16/09/2013 - 12:40:08 - [3,488] ----D C:\Program Files (x86)\O2Micro O43 - CFD: 18/09/2013 - 14:11:04 - [219,224] ----D C:\Program Files (x86)\Panasonic O43 - CFD: 02/11/2013 - 21:40:15 - [0] ----D C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 19/09/2013 - 22:50:13 - [73,545] ----D C:\Program Files (x86)\QuickTime O43 - CFD: 16/09/2013 - 11:57:05 - [3,203] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 06:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 02/11/2013 - 21:56:31 - [312,884] ----D C:\Program Files (x86)\Samsung O43 - CFD: 16/09/2013 - 11:57:19 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 10/11/2013 - 08:33:07 - [48,573] ----D C:\Program Files (x86)\TomTom HOME 2 O43 - CFD: 23/09/2013 - 09:48:18 - [0,043] ----D C:\Program Files (x86)\TomTom International B.V O43 - CFD: 03/11/2013 - 09:37:27 - [26,022] ----D C:\Program Files (x86)\Uniblue O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 02/11/2013 - 19:34:13 - [19,272] ----D C:\Program Files (x86)\WebPlayer O43 - CFD: 19/09/2013 - 06:10:55 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 13/10/2013 - 21:13:40 - [84,260] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 17/09/2013 - 21:37:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 17/09/2013 - 21:37:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 17/09/2013 - 21:37:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 17/09/2013 - 21:37:23 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 17/09/2013 - 21:37:23 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 21/09/2013 - 06:16:30 - [3,362] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 12/11/2013 - 07:32:14 - [17,096] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 17/09/2013 - 08:48:50 - [13,562] ----D C:\Program Files (x86)\Common Files\ACD Systems O43 - CFD: 21/09/2013 - 06:10:57 - [6,289] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 10/10/2013 - 07:59:56 - [45,947] ----D C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 18/09/2013 - 13:57:18 - [63,888] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 18/09/2013 - 14:19:31 - [24,348] ----D C:\Program Files (x86)\Common Files\ArcSoft O43 - CFD: 12/03/2010 - 08:21:12 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 18/09/2013 - 14:02:49 - [6,348] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 16/10/2013 - 11:12:19 - [1,191] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 04/11/2013 - 07:53:57 - [172,864] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 12/03/2010 - 08:12:18 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media O43 - CFD: 18/09/2013 - 13:51:56 - [0,605] ----D C:\Program Files (x86)\Common Files\Panasonic O43 - CFD: 16/09/2013 - 12:49:55 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 18/09/2013 - 13:52:39 - [0,529] ----D C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 02/11/2013 - 21:26:33 - [0,305] ----D C:\Program Files (x86)\Common Files\Samsung O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 21/09/2013 - 06:52:44 - [0] ----D C:\Program Files (x86)\Common Files\SWF Studio O43 - CFD: 18/09/2013 - 11:56:07 - [16,766] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 16/09/2013 - 12:52:43 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 22/09/2013 - 05:36:29 - [44,064] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 17/09/2013 - 08:48:44 - [0,186] ----D C:\ProgramData\ACD Systems O43 - CFD: 12/03/2010 - 08:28:13 - [0,146] ----D C:\ProgramData\Acer O43 - CFD: 23/09/2013 - 09:23:51 - [301,461] ----D C:\ProgramData\Adobe O43 - CFD: 17/10/2013 - 06:41:29 - [0,172] ----D C:\ProgramData\Aimersoft Video Converter Ultimate O43 - CFD: 18/09/2013 - 13:57:05 - [41,729] ----D C:\ProgramData\Apple O43 - CFD: 19/09/2013 - 22:49:54 - [26,332] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 23/09/2013 - 19:04:26 - [0] ----D C:\ProgramData\ArcSoft O43 - CFD: 16/09/2013 - 12:30:04 - [0] ----D C:\ProgramData\ATI O43 - CFD: 17/09/2013 - 13:08:13 - [79,595] ----D C:\ProgramData\AVAST Software O43 - CFD: 27/09/2013 - 17:48:33 - [0] ----D C:\ProgramData\AVS4YOU O43 - CFD: 12/03/2010 - 08:38:44 - [0,014] ----D C:\ProgramData\BackupManager O43 - CFD: 16/09/2013 - 12:20:16 - [0] -SH-D C:\ProgramData\Bureau O43 - CFD: 18/09/2013 - 07:59:29 - [18,896] --H-D C:\ProgramData\CanonBJ O43 - CFD: 18/09/2013 - 08:42:05 - [0,002] --H-D C:\ProgramData\CanonIJScan O43 - CFD: 20/09/2013 - 06:01:34 - [0,097] ----D C:\ProgramData\CyberLink O43 - CFD: 18/09/2013 - 10:02:48 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Documents O43 - CFD: 16/09/2013 - 13:04:10 - [0,028] ----D C:\ProgramData\EgisTec IPS O43 - CFD: 12/03/2010 - 08:25:27 - [0] ----D C:\ProgramData\eSobi O43 - CFD: 16/09/2013 - 12:20:16 - [0] -SH-D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Favorites O43 - CFD: 12/03/2010 - 08:30:36 - [1,004] ----D C:\ProgramData\Google O43 - CFD: 28/09/2013 - 06:03:19 - [6,602] ----D C:\ProgramData\Malwarebytes O43 - CFD: 17/09/2013 - 07:40:07 - [0,005] ----D C:\ProgramData\McAfee O43 - CFD: 16/09/2013 - 12:29:15 - [0] ----D C:\ProgramData\McQcModifier-5c47-a7b0 O43 - CFD: 16/09/2013 - 12:20:16 - [0] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 13/10/2013 - 21:13:23 - [839,767] -S--D C:\ProgramData\Microsoft O43 - CFD: 18/09/2013 - 12:14:03 - [0,116] ----D C:\ProgramData\Microsoft Help O43 - CFD: 16/09/2013 - 12:20:16 - [0] -SH-D C:\ProgramData\Modèles O43 - CFD: 16/09/2013 - 18:34:03 - [0] ----D C:\ProgramData\Mozilla O43 - CFD: 16/09/2013 - 12:51:45 - [0,007] ----D C:\ProgramData\OEM O43 - CFD: 16/10/2013 - 11:12:35 - [0] ----D C:\ProgramData\Oracle O43 - CFD: 18/09/2013 - 13:56:18 - [3,662] ----D C:\ProgramData\Panasonic O43 - CFD: 02/11/2013 - 21:41:06 - [11,667] ----D C:\ProgramData\Samsung O43 - CFD: 12/03/2010 - 08:33:57 - [0] ----D C:\ProgramData\SiteAdvisor O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Start Menu O43 - CFD: 16/10/2013 - 11:12:21 - [0] ----D C:\ProgramData\Sun O43 - CFD: 20/09/2013 - 06:01:44 - [0,191] ----D C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Templates O43 - CFD: 23/09/2013 - 09:55:06 - [0,125] ----D C:\ProgramData\TomTom O43 - CFD: 21/09/2013 - 06:53:43 - [0] -SH-D C:\Users\Dan\AppData\Roaming\.# O43 - CFD: 17/09/2013 - 08:49:43 - [0] ----D C:\Users\Dan\AppData\Roaming\ACD Systems O43 - CFD: 21/09/2013 - 20:44:09 - [0,946] ----D C:\Users\Dan\AppData\Roaming\Adobe O43 - CFD: 16/10/2013 - 11:03:47 - [0,915] ----D C:\Users\Dan\AppData\Roaming\Aimersoft Video Converter Ultimate O43 - CFD: 20/09/2013 - 05:31:41 - [0,020] ----D C:\Users\Dan\AppData\Roaming\Apple Computer O43 - CFD: 25/10/2013 - 17:46:08 - [0,206] ----D C:\Users\Dan\AppData\Roaming\ArcSoft O43 - CFD: 16/09/2013 - 12:30:04 - [0] ----D C:\Users\Dan\AppData\Roaming\ATI O43 - CFD: 27/09/2013 - 17:48:33 - [0] ----D C:\Users\Dan\AppData\Roaming\AVS4YOU O43 - CFD: 18/09/2013 - 08:42:06 - [11,415] ----D C:\Users\Dan\AppData\Roaming\Canon O43 - CFD: 17/09/2013 - 07:32:36 - [0] ----D C:\Users\Dan\AppData\Roaming\CyberLink O43 - CFD: 18/09/2013 - 10:02:26 - [1,339] ----D C:\Users\Dan\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 21/09/2013 - 06:52:54 - [0,017] ----D C:\Users\Dan\AppData\Roaming\GameConsole O43 - CFD: 25/09/2013 - 08:02:27 - [0,001] ----D C:\Users\Dan\AppData\Roaming\GHISLER O43 - CFD: 16/09/2013 - 17:58:00 - [0] ----D C:\Users\Dan\AppData\Roaming\Google O43 - CFD: 16/09/2013 - 12:28:48 - [0] ----D C:\Users\Dan\AppData\Roaming\Identities O43 - CFD: 16/09/2013 - 12:44:09 - [0] ----D C:\Users\Dan\AppData\Roaming\InstallShield O43 - CFD: 16/09/2013 - 12:29:28 - [0] ----D C:\Users\Dan\AppData\Roaming\Intel Corporation O43 - CFD: 16/09/2013 - 12:29:17 - [0,081] ----D C:\Users\Dan\AppData\Roaming\Macromedia O43 - CFD: 28/09/2013 - 06:03:30 - [8,847] ----D C:\Users\Dan\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 08:44:38 - [0] ----D C:\Users\Dan\AppData\Roaming\Media Center Programs O43 - CFD: 20/10/2013 - 12:10:59 - [82,447] -S--D C:\Users\Dan\AppData\Roaming\Microsoft O43 - CFD: 17/09/2013 - 06:04:40 - [23,793] ----D C:\Users\Dan\AppData\Roaming\Mozilla O43 - CFD: 17/09/2013 - 07:32:49 - [0,013] ----D C:\Users\Dan\AppData\Roaming\PowerCinema O43 - CFD: 02/11/2013 - 21:40:28 - [262,271] ----D C:\Users\Dan\AppData\Roaming\Samsung O43 - CFD: 16/09/2013 - 18:34:07 - [806,571] ----D C:\Users\Dan\AppData\Roaming\Thunderbird =>.Mozilla Corporation O43 - CFD: 23/09/2013 - 09:55:04 - [3,426] ----D C:\Users\Dan\AppData\Roaming\TomTom O43 - CFD: 03/11/2013 - 09:37:30 - [4,238] ----D C:\Users\Dan\AppData\Roaming\Uniblue O43 - CFD: 20/09/2013 - 08:59:22 - [0] ----D C:\Users\Dan\AppData\Roaming\WinRAR O43 - CFD: 12/11/2013 - 07:35:21 - [0,018] ----D C:\Users\Dan\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 16/10/2013 - 11:02:35 - [0] ----D C:\Users\Dan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} O43 - CFD: 23/09/2013 - 03:23:09 - [50,735] ----D C:\Users\Dan\AppData\Local\ACD Systems O43 - CFD: 10/10/2013 - 07:59:07 - [17,750] ----D C:\Users\Dan\AppData\Local\Adobe O43 - CFD: 16/10/2013 - 11:02:17 - [0] ----D C:\Users\Dan\AppData\Local\Aimersoft O43 - CFD: 18/09/2013 - 13:57:08 - [0] ----D C:\Users\Dan\AppData\Local\Apple O43 - CFD: 16/09/2013 - 12:20:27 - [0] -SH-D C:\Users\Dan\AppData\Local\Application Data O43 - CFD: 26/09/2013 - 12:31:41 - [0] ----D C:\Users\Dan\AppData\Local\Apps O43 - CFD: 18/09/2013 - 14:20:36 - [0,001] ----D C:\Users\Dan\AppData\Local\ArcSoft O43 - CFD: 16/09/2013 - 12:30:04 - [0,057] ----D C:\Users\Dan\AppData\Local\ATI O43 - CFD: 27/09/2013 - 06:48:43 - [0,134] ----D C:\Users\Dan\AppData\Local\avgchrome O43 - CFD: 16/09/2013 - 12:38:57 - [0] ----D C:\Users\Dan\AppData\Local\Broadcom O43 - CFD: 16/09/2013 - 13:08:59 - [0,010] ----D C:\Users\Dan\AppData\Local\Cyberlink O43 - CFD: 31/10/2013 - 11:43:45 - [0] ----D C:\Users\Dan\AppData\Local\Diagnostics O43 - CFD: 10/11/2013 - 08:32:44 - [234,469] ----D C:\Users\Dan\AppData\Local\Downloaded Installations O43 - CFD: 16/09/2013 - 12:29:17 - [0] ----D C:\Users\Dan\AppData\Local\EgisTec IPS O43 - CFD: 11/11/2013 - 09:35:24 - [0,630] ----D C:\Users\Dan\AppData\Local\ElevatedDiagnostics O43 - CFD: 17/10/2013 - 10:11:15 - [56,055] ----D C:\Users\Dan\AppData\Local\Google O43 - CFD: 16/09/2013 - 12:20:27 - [0] -SH-D C:\Users\Dan\AppData\Local\Historique O43 - CFD: 18/09/2013 - 14:07:06 - [0,080] ----D C:\Users\Dan\AppData\Local\ISL O43 - CFD: 17/09/2013 - 09:10:02 - [0] ----D C:\Users\Dan\AppData\Local\Macromedia O43 - CFD: 20/10/2013 - 12:10:59 - [488,079] ----D C:\Users\Dan\AppData\Local\Microsoft O43 - CFD: 16/09/2013 - 12:57:56 - [0] ----D C:\Users\Dan\AppData\Local\Microsoft Help O43 - CFD: 02/10/2013 - 06:31:53 - [29,298] ----D C:\Users\Dan\AppData\Local\Mozilla O43 - CFD: 18/09/2013 - 13:54:59 - [0,671] ----D C:\Users\Dan\AppData\Local\Panasonic O43 - CFD: 17/09/2013 - 07:32:32 - [5,627] ----D C:\Users\Dan\AppData\Local\PowerCinema O43 - CFD: 28/09/2013 - 06:02:59 - [0] ----D C:\Users\Dan\AppData\Local\Programs O43 - CFD: 02/11/2013 - 21:44:11 - [0,014] ----D C:\Users\Dan\AppData\Local\Samsung O43 - CFD: 12/11/2013 - 07:32:16 - [2,750] ----D C:\Users\Dan\AppData\Local\Temp O43 - CFD: 16/09/2013 - 12:20:27 - [0] -SH-D C:\Users\Dan\AppData\Local\Temporary Internet Files O43 - CFD: 10/10/2013 - 08:00:40 - [14,983] ----D C:\Users\Dan\AppData\Local\Thunderbird =>.Mozilla Corporation O43 - CFD: 23/09/2013 - 09:55:04 - [1,930] ----D C:\Users\Dan\AppData\Local\TomTom O43 - CFD: 18/09/2013 - 13:07:03 - [0,087] ----D C:\Users\Dan\AppData\Local\VirtualStore O43 - CFD: 13/10/2013 - 21:15:38 - [0,063] ----D C:\Users\Dan\AppData\Local\Windows Live O43 - CFD: 13/10/2013 - 21:05:55 - [0] ----D C:\Users\Dan\AppData\Local\WMTools Downloaded Files O43 - CFD: 14/07/2009 - 05:54:32 - [0,014] R---D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 19/09/2013 - 06:17:46 - [0] R---D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 16/09/2013 - 13:06:06 - [0] ----D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter O43 - CFD: 14/07/2009 - 05:49:38 - [0,001] R---D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 19/09/2013 - 06:17:46 - [0] R---D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 25/09/2013 - 08:37:08 - [0,003] ----D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker O43 - CFD: 21/09/2013 - 06:16:38 - [0,003] ----D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 205 Scanned in 00mn 23s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 02/11/2013 - 21:24:21 ---A- . (...) -- C:\aqua_bitmap.cpp [2006] O44 - LFC:[MD5.CE4B6956E4E12492715A53076E58761F] - 02/11/2013 - 21:29:50 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16392] O44 - LFC:[MD5.52D6F40B50ECFC051979FEC68E74F0F8] - 02/11/2013 - 21:55:16 ---A- . (.MCCI Corporation - SAMSUNG Android USB Composite Device Driver.) -- C:\Windows\System32\Drivers\ssadbus.sys [169288] O44 - LFC:[MD5.D6CFD3B2EABCF9327DE39C62BABFA1E3] - 02/11/2013 - 21:55:16 ---A- . (.MCCI Corporation - SAMSUNG Android USB Modem Filter Driver.) -- C:\Windows\System32\Drivers\ssadmdfl.sys [21320] O44 - LFC:[MD5.5EB01E6148742C3EC2185AC92F6D16FD] - 02/11/2013 - 21:55:16 ---A- . (.MCCI Corporation - SAMSUNG Android USB Modem.) -- C:\Windows\System32\Drivers\ssadmdm.sys [188232] O44 - LFC:[MD5.FE9FA1AAE4D00CA73ADEF4437CD89679] - 02/11/2013 - 21:55:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadcm.sys [17224] O44 - LFC:[MD5.FE9FA1AAE4D00CA73ADEF4437CD89679] - 02/11/2013 - 21:55:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadcmnt.sys [17224] O44 - LFC:[MD5.0D7B007DEA662EE90C87CB0AEA5D692A] - 02/11/2013 - 21:55:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadwh.sys [17736] O44 - LFC:[MD5.0D7B007DEA662EE90C87CB0AEA5D692A] - 02/11/2013 - 21:55:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadwhnt.sys [17736] O44 - LFC:[MD5.5299BC8E2AC2DA3CDF7D52B73C91406E] - 03/11/2013 - 10:17:12 ---A- . (...) -- C:\Windows\PFRO.log [764436] O44 - LFC:[MD5.A072E1CED5407804D4A73011ADACD0CB] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.0A2AB075F2F3636ED9D63AFFC7ED2B99] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106388] O44 - LFC:[MD5.A7570C301B391A60B33436E27FE6205E] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130754] O44 - LFC:[MD5.52AAC9B6238CBA6541B563AB788CD155] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616008] O44 - LFC:[MD5.BD2DEE111CBFE3ACA592831A99BB1E0A] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704480] O44 - LFC:[MD5.A072E1CED5407804D4A73011ADACD0CB] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.0A2AB075F2F3636ED9D63AFFC7ED2B99] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106388] O44 - LFC:[MD5.A7570C301B391A60B33436E27FE6205E] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130754] O44 - LFC:[MD5.52AAC9B6238CBA6541B563AB788CD155] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616008] O44 - LFC:[MD5.BD2DEE111CBFE3ACA592831A99BB1E0A] - 12/11/2013 - 06:43:26 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704480] O44 - LFC:[MD5.13AA795F175A996B50D4183810A6467F] - 12/11/2013 - 06:50:57 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.71700FE7180B9D24A3B3F8BD0EC172B2] - 12/11/2013 - 06:50:58 ---A- . (...) -- C:\Windows\setupact.log [71766] O44 - LFC:[MD5.3575F740EB901C5B852326034CF26C62] - 12/11/2013 - 06:55:21 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1343528] ~ Files: 23 Scanned in 00mn 22s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.75CB2A5B22909400E3BE32A0661211E2] - 07/11/2013 - 13:22:45 ---A- - C:\Windows\Prefetch\AgCx_SC2.db O45 - LFCP:[MD5.B453E678C86231A9D58A8346C1A5813F] - 09/11/2013 - 19:01:05 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.8BD6119668FA637922607540FBBDC35D] - 10/11/2013 - 15:27:21 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.5A606EA9E624CA9040387D9C9AB0C58A] - 10/11/2013 - 15:27:28 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-22AD8A37.pf O45 - LFCP:[MD5.6A1F96F1DA46AB412541D3D24CA434CD] - 10/11/2013 - 15:27:31 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5511E724.pf O45 - LFCP:[MD5.310AC5BAD8168E35D2B38C46A8456541] - 10/11/2013 - 15:32:09 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AC024951.pf O45 - LFCP:[MD5.36E7A6155C628FB30CE0E4FCE910B415] - 10/11/2013 - 15:39:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-32F10EC8.pf O45 - LFCP:[MD5.7C571F8FE4457818A2650EDBBC3F4217] - 10/11/2013 - 15:41:35 ---A- - C:\Windows\Prefetch\POWERPNT.EXE-E34D32A2.pf O45 - LFCP:[MD5.BB03B5C8BAECC2AF7F57166CF42E793F] - 10/11/2013 - 16:23:38 ---A- - C:\Windows\Prefetch\WORDCONV.EXE-DAB20EB6.pf O45 - LFCP:[MD5.31977D94C96257BB2EEE9226B3A48DDA] - 11/11/2013 - 08:34:21 ---A- - C:\Windows\Prefetch\ALU.EXE-794D40B5.pf O45 - LFCP:[MD5.362A5EB76BDE75C9EA1053827A942FBD] - 11/11/2013 - 08:37:14 ---A- - C:\Windows\Prefetch\WINWORD.EXE-52A16940.pf O45 - LFCP:[MD5.729CB22E4938FB9665E8C64389F0BC47] - 11/11/2013 - 08:42:27 ---A- - C:\Windows\Prefetch\CNSLMAIN.EXE-024AFDE5.pf O45 - LFCP:[MD5.825F727FCB90DD0F505AF60E76C93BDF] - 11/11/2013 - 08:42:30 ---A- - C:\Windows\Prefetch\MPNEX20.EXE-DF20CADD.pf O45 - LFCP:[MD5.A69E850A5173280CA170BBC0F7A61257] - 11/11/2013 - 09:01:05 ---A- - C:\Windows\Prefetch\WIAWOW64.EXE-35DF33E2.pf O45 - LFCP:[MD5.1AC68FA322A813A9C14246D23C4B2278] - 11/11/2013 - 09:02:26 ---A- - C:\Windows\Prefetch\MPNSCAN.EXE-3CEE0BA3.pf O45 - LFCP:[MD5.8B2F52141F7C7B49993E6C23EBDB6322] - 11/11/2013 - 09:04:02 ---A- - C:\Windows\Prefetch\ACDSEEQVPRO3.EXE-10FA7DFE.pf O45 - LFCP:[MD5.A24F83BA2A76D83C89A70BC7D72E880A] - 11/11/2013 - 09:04:12 ---A- - C:\Windows\Prefetch\ACDSEEPRO3.EXE-50AB0CD3.pf O45 - LFCP:[MD5.AFDA8A1BE403FDB482713CB9D5E07408] - 11/11/2013 - 09:18:38 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf O45 - LFCP:[MD5.B7DBBF16AF3A30571C40655F38891AF3] - 11/11/2013 - 09:18:41 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARUSER_32.EXE-992C17DF.pf =>Toolbar.Google O45 - LFCP:[MD5.46EFF3A8FF72899945EA9A46DB26DB72] - 11/11/2013 - 09:19:02 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEONDEMAND.EXE-54C2945A.pf O45 - LFCP:[MD5.26DDE04A3D533FEEF656F03C095FFCF0] - 11/11/2013 - 09:19:03 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARMANAGER_08875ABF-6CE8F09A.pf =>Toolbar.Google O45 - LFCP:[MD5.2F46FEB8B28FFD22443C5B6C52E24DAE] - 11/11/2013 - 09:19:12 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-5B31194A.pf O45 - LFCP:[MD5.F23BE2FF4BB75712CAF58723CD61DE74] - 11/11/2013 - 09:27:36 ---A- - C:\Windows\Prefetch\AMDDRIVERDOWNLOADER (1).EXE-E1AD7A78.pf O45 - LFCP:[MD5.EDE00996A011C0EBA220AF7739CEBA93] - 11/11/2013 - 09:35:07 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E531BB90.pf O45 - LFCP:[MD5.0334F1CDAF9C23E1E8C9E0E26172F3EA] - 11/11/2013 - 09:35:08 ---A- - C:\Windows\Prefetch\MSDT.EXE-A16F1692.pf O45 - LFCP:[MD5.5D5EF95004EA415D807647B55FF10806] - 11/11/2013 - 09:35:15 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-EEA91845.pf O45 - LFCP:[MD5.F9C7061E6DDFF835C8931001D4AD6C62] - 11/11/2013 - 09:35:15 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-E962779E.pf O45 - LFCP:[MD5.767E581B1AACCC8FD5307F2704516189] - 11/11/2013 - 09:35:15 ---A- - C:\Windows\Prefetch\ROUTE.EXE-C5FB9965.pf O45 - LFCP:[MD5.97A383315D5E076DFA9DDF156D8F698E] - 11/11/2013 - 09:35:29 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-D8BC1DC6.pf O45 - LFCP:[MD5.AC95A3CD34744D42688535FC7C4A13DA] - 11/11/2013 - 09:49:23 ---A- - C:\Windows\Prefetch\13-9_WIN7_WIN8_64_DD_CCC_WHQL-EBE5FBE4.pf O45 - LFCP:[MD5.0889FC22B286CA731B09B0CA7F5E9E33] - 11/11/2013 - 09:50:24 ---A- - C:\Windows\Prefetch\SETUP.EXE-03A8FB66.pf O45 - LFCP:[MD5.E6E04F0D056617F4B31E30E81CAE3D4E] - 11/11/2013 - 09:50:24 ---A- - C:\Windows\Prefetch\SETUP.EXE-92AB8BC3.pf O45 - LFCP:[MD5.7080330744AA82DF12F382A29C4CC118] - 11/11/2013 - 09:50:34 ---A- - C:\Windows\Prefetch\INSTALLMANAGERAPP.EXE-B7601FD0.pf O45 - LFCP:[MD5.E6A9EE3E1F3D281C022B958C38CE6DB1] - 11/11/2013 - 09:52:03 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-7D20CFB0.pf O45 - LFCP:[MD5.D1AFEA8F66DA3D948A491117AA6445DD] - 11/11/2013 - 09:52:03 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-BAE57A74.pf O45 - LFCP:[MD5.40F3400617F4889649113AFA353C67C8] - 11/11/2013 - 09:52:03 ---A- - C:\Windows\Prefetch\SETACL64.EXE-7D1AFD78.pf O45 - LFCP:[MD5.9FEFAC07AFE66C8FF8C985BBE3EC2A5D] - 11/11/2013 - 09:52:20 ---A- - C:\Windows\Prefetch\MSOXMLED.EXE-D7155173.pf O45 - LFCP:[MD5.CDD7F2AA02848F9B2E68558F73B69A79] - 11/11/2013 - 09:52:31 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2D.pf O45 - LFCP:[MD5.11E89A9ECA0728C6780D6846297E7022] - 11/11/2013 - 09:56:45 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-49876884.pf O45 - LFCP:[MD5.362655D154AB21D54592B55D9A31EF0B] - 11/11/2013 - 09:56:46 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf O45 - LFCP:[MD5.2E2AC4F900AC142648C21EAE789E730E] - 11/11/2013 - 10:01:26 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-276AC160.pf O45 - LFCP:[MD5.BC2196049E43105DD339A01342EF936C] - 11/11/2013 - 10:01:43 ---A- - C:\Windows\Prefetch\MOM.EXE-AF39B199.pf O45 - LFCP:[MD5.6EF845523F02B68439DFCFD3D2B3F8B4] - 11/11/2013 - 10:03:08 ---A- - C:\Windows\Prefetch\CCC.EXE-22878179.pf O45 - LFCP:[MD5.C76FD3929434F2BA4A0D2CD2D107BD2E] - 11/11/2013 - 10:03:13 ---A- - C:\Windows\Prefetch\CLI.EXE-278FDBBC.pf O45 - LFCP:[MD5.CBE4F442814A6225C7181BC70FFC680F] - 11/11/2013 - 10:05:20 ---A- - C:\Windows\Prefetch\CCCPREV.EXE-35B8BFAF.pf O45 - LFCP:[MD5.A3713E6D992F95ECABFB55399EB182A1] - 11/11/2013 - 13:29:44 ---A- - C:\Windows\Prefetch\PIP.EXE-841CBFD3.pf O45 - LFCP:[MD5.0027ED28088C56FAA4687254BA30D37E] - 11/11/2013 - 14:27:17 ---A- - C:\Windows\Prefetch\EHREC.EXE-6F8B48D9.pf O45 - LFCP:[MD5.8A6B1856144973C5847CC7D8471DF652] - 11/11/2013 - 14:27:19 ---A- - C:\Windows\Prefetch\EHSCHED.EXE-1271D822.pf O45 - LFCP:[MD5.1A1209A453B8C6B91D7285E6E1BF498D] - 11/11/2013 - 14:27:19 ---A- - C:\Windows\Prefetch\EHTRAY.EXE-81626C3F.pf O45 - LFCP:[MD5.90F6AF5C84C5A4897FA03806727ED72B] - 11/11/2013 - 14:27:34 ---A- - C:\Windows\Prefetch\MCGLIDHOST.EXE-BE3C5C94.pf O45 - LFCP:[MD5.96075D92A864F31EBA26FA0CFC218454] - 11/11/2013 - 14:27:37 ---A- - C:\Windows\Prefetch\EHRECVR.EXE-2E9E2061.pf O45 - LFCP:[MD5.3A31A528A60339AB69DD5FBD739199FD] - 11/11/2013 - 14:38:06 ---A- - C:\Windows\Prefetch\EXCEL.EXE-62478D54.pf O45 - LFCP:[MD5.39E4AE3E1215DC5B67B43A82E69B09BE] - 11/11/2013 - 14:39:04 ---A- - C:\Windows\Prefetch\JAVA.EXE-4EF2C834.pf O45 - LFCP:[MD5.734A5492D7128176D90C1394BAA10B89] - 11/11/2013 - 14:39:04 ---A- - C:\Windows\Prefetch\JP2LAUNCHER.EXE-2897E2F8.pf O45 - LFCP:[MD5.256D8A0F2657C7590C7A0EBCEF123695] - 11/11/2013 - 14:53:47 ---A- - C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-9AE42873.pf O45 - LFCP:[MD5.9509A11F0CF8903432BCFE11C3BA48D1] - 11/11/2013 - 14:53:47 ---A- - C:\Windows\Prefetch\SPLWOW64.EXE-853292E2.pf O45 - LFCP:[MD5.85F84323FDE0B47C74A932BC3D24B39A] - 11/11/2013 - 20:02:05 ---A- - C:\Windows\Prefetch\GREG.EXE-19BF140E.pf O45 - LFCP:[MD5.CE4DF5DB2E8B138EB1C4C807AFC41CB3] - 12/11/2013 - 06:02:01 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-E35F76FB.pf O45 - LFCP:[MD5.D286DAA3F13633AAE153F8A66AB144CE] - 12/11/2013 - 06:02:02 ---A- - C:\Windows\Prefetch\AVAST.SETUP-50B30900.pf O45 - LFCP:[MD5.872A2281E0B29BE366DF3CD982F0017B] - 12/11/2013 - 06:02:03 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.C6A9085E2245C11A732634CDF5023139] - 12/11/2013 - 06:03:02 ---A- - C:\Windows\Prefetch\MSMONEY.EXE-D748FA70.pf O45 - LFCP:[MD5.0A593E6AD14E733E4E68D633BE41C80D] - 12/11/2013 - 06:03:03 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.C75110F2ECCDC7C598A9CF65000E0622] - 12/11/2013 - 06:06:08 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-516337347-4083560862-3161475633-1001.db O45 - LFCP:[MD5.87DA12068F7017D890C500124A8F59A2] - 12/11/2013 - 06:06:08 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-516337347-4083560862-3161475633-1001.db O45 - LFCP:[MD5.2746EB7C36C019894988D0614E6FB9EE] - 12/11/2013 - 06:15:48 ---A- - C:\Windows\Prefetch\CTFMON.EXE-286F3259.pf O45 - LFCP:[MD5.26752B8DD82760C1A049C65ED9B1AF0A] - 12/11/2013 - 06:15:53 ---A- - C:\Windows\Prefetch\KEYTOOL.EXE-950D34CD.pf O45 - LFCP:[MD5.7C03278619E4C440C21DA5977F669F4C] - 12/11/2013 - 06:16:02 ---A- - C:\Windows\Prefetch\PING.EXE-CF0A440C.pf O45 - LFCP:[MD5.227180F5FF4419C2E282517A887B5946] - 12/11/2013 - 06:16:44 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-61632EF4.pf O45 - LFCP:[MD5.00B2A82BA7F00271D050F5D34CC6D0F7] - 12/11/2013 - 06:19:04 ---A- - C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf O45 - LFCP:[MD5.FA895557B9328823F867C1EF5B81D8B1] - 12/11/2013 - 06:21:05 ---A- - C:\Windows\Prefetch\PWDF.EXE-336B6CD4.pf O45 - LFCP:[MD5.6E304FCECFB83E37A8DA96D9766850AC] - 12/11/2013 - 06:21:10 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-E4EA699E.pf O45 - LFCP:[MD5.CEC43711C88831AE7149BAC2BFC41FAF] - 12/11/2013 - 06:21:11 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-14FECFA1.pf O45 - LFCP:[MD5.A09317CA41C0C3D033EBF523FC5295FD] - 12/11/2013 - 06:21:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-3C104EE3.pf O45 - LFCP:[MD5.2AF98B7C165B7A694D4B46BD36ED2919] - 12/11/2013 - 06:21:17 ---A- - C:\Windows\Prefetch\BROWSERPLUGINHELPER.EXE-3CA17324.pf O45 - LFCP:[MD5.57CE36B769A4A09F6F580C93A060930C] - 12/11/2013 - 06:21:22 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-F41E6E8E.pf O45 - LFCP:[MD5.ED691DF68966CF1E292E363B2E595A43] - 12/11/2013 - 06:21:28 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-35EC0309.pf O45 - LFCP:[MD5.A85DB7B04D6863DA8479F0A0D73EE4FD] - 12/11/2013 - 06:21:32 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-13D172B9.pf O45 - LFCP:[MD5.55C7FA75AF9A6D0B5BDF5BFF5977285F] - 12/11/2013 - 06:21:37 ---A- - C:\Windows\Prefetch\MMDX64FX.EXE-4C9473D7.pf O45 - LFCP:[MD5.185436A4FDD12CB60EEBF4B325C9F290] - 12/11/2013 - 06:21:42 ---A- - C:\Windows\Prefetch\LMWORKER.EXE-3276D4F8.pf O45 - LFCP:[MD5.7EF3D5969471BF0EF0BFC731F7D48C70] - 12/11/2013 - 06:21:49 ---A- - C:\Windows\Prefetch\TURBOBOOST.EXE-41682A66.pf O45 - LFCP:[MD5.32ED963ADE9A93192B0D0B6E8A60E905] - 12/11/2013 - 06:27:58 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-3290E8FC.pf O45 - LFCP:[MD5.5812596C65271882E372678BDF735E26] - 12/11/2013 - 06:28:07 ---A- - C:\Windows\Prefetch\MBAM.EXE-125A28F9.pf O45 - LFCP:[MD5.B8A10E262D26A0B4EE9F80C50FBBCF1B] - 12/11/2013 - 06:33:12 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-B28CC291.pf O45 - LFCP:[MD5.75F661486B31EB1DEA6469BEE5070EC1] - 12/11/2013 - 06:38:47 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5B401A7E.pf O45 - LFCP:[MD5.FC0F4AF227AD69DC4998485483CBE51B] - 12/11/2013 - 06:39:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8BB53BB1.pf O45 - LFCP:[MD5.8A4764DA69FC83AEA5B0BDE799169806] - 12/11/2013 - 06:39:25 ---A- - C:\Windows\Prefetch\DINOTIFY.EXE-932244C0.pf O45 - LFCP:[MD5.C8813787B5BC0835A9DEFA85180D32C3] - 12/11/2013 - 06:39:25 ---A- - C:\Windows\Prefetch\DRVINST.EXE-26FFA444.pf O45 - LFCP:[MD5.1616957FA1352ADDE03C4EF22CC5600D] - 12/11/2013 - 06:39:47 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-B018CCBF.pf O45 - LFCP:[MD5.2B64C4A0147143D5E2FABFB301E98B43] - 12/11/2013 - 06:40:04 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DBB194EF.pf O45 - LFCP:[MD5.1C2F81379DD3CC185E6D212E5F510776] - 12/11/2013 - 06:40:07 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A31A92CA.pf O45 - LFCP:[MD5.26CBAD2F6DBCE66E000495C2181026AE] - 12/11/2013 - 06:40:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C7028A70.pf O45 - LFCP:[MD5.CF83B901B02EACB7E51C4725A8E627E2] - 12/11/2013 - 06:40:39 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-0D78D366.pf O45 - LFCP:[MD5.ED94C36122AE27A987A5F5073C3314F8] - 12/11/2013 - 06:46:10 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf O45 - LFCP:[MD5.BE09BC70F81E98748F40BBA9BC04B1D0] - 12/11/2013 - 06:48:19 ---A- - C:\Windows\Prefetch\RAREXTLOADER.EXE-F523F60B.pf O45 - LFCP:[MD5.CD3044DDA843C1E09647C4E8E33938E4] - 12/11/2013 - 06:48:53 ---A- - C:\Windows\Prefetch\PREVHOST.EXE-AC9628F9.pf O45 - LFCP:[MD5.13A71DD861A43119D0BA4A94E16623FA] - 12/11/2013 - 06:49:56 ---A- - C:\Windows\Prefetch\GFXUI.EXE-2E721AA9.pf O45 - LFCP:[MD5.9E2E3AAA47BAADA29DB6112444A7B6AE] - 12/11/2013 - 06:50:00 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.ED0179067F10001BB1B79043DBB4410A] - 12/11/2013 - 06:52:21 ---A- - C:\Windows\Prefetch\EPOWERTRAYLAUNCHER.EXE-AAA7B579.pf O45 - LFCP:[MD5.192962B0E186863DC6898D5A837E375A] - 12/11/2013 - 06:52:21 ---A- - C:\Windows\Prefetch\HKCMD.EXE-15DC91D5.pf O45 - LFCP:[MD5.42B16F9DCCE9BD30224AF7F4CF86E8BD] - 12/11/2013 - 06:52:21 ---A- - C:\Windows\Prefetch\IGFXPERS.EXE-82C794F2.pf O45 - LFCP:[MD5.A7415477212DFF0D713CF1078CA607A5] - 12/11/2013 - 06:52:21 ---A- - C:\Windows\Prefetch\IGFXTRAY.EXE-21BDFE68.pf O45 - LFCP:[MD5.95F155A055D11CD99C992D23D0122C6A] - 12/11/2013 - 06:52:21 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-C0BB540D.pf O45 - LFCP:[MD5.12F74E297DA7E85DDDBA18475ADB8D1E] - 12/11/2013 - 06:52:21 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-BB49B536.pf O45 - LFCP:[MD5.DB5525D32FDF537DB30B12BC1D830D5B] - 12/11/2013 - 06:52:30 ---A- - C:\Windows\Prefetch\CSC.EXE-4D47A477.pf O45 - LFCP:[MD5.1EBFB2D1AAB83EADD3513BF7A9681A30] - 12/11/2013 - 06:52:30 ---A- - C:\Windows\Prefetch\CVTRES.EXE-9077A165.pf O45 - LFCP:[MD5.262A91000689BB3301FA5EB1F9C484AB] - 12/11/2013 - 06:52:45 ---A- - C:\Windows\Prefetch\EPOWERTRAY.EXE-3C873827.pf O45 - LFCP:[MD5.A441ADE30FF76E2F20F7A1929C742F46] - 12/11/2013 - 06:52:46 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-454AB5C0.pf O45 - LFCP:[MD5.3984BB48C2B35F5C74383D1AC2AEA55B] - 12/11/2013 - 06:52:47 ---A- - C:\Windows\Prefetch\EPOWEREVENT.EXE-4414DB31.pf O45 - LFCP:[MD5.56F39288B80BE0EF1A5463C943760DCD] - 12/11/2013 - 06:52:52 ---A- - C:\Windows\Prefetch\SUMP.EXE-9DEFAA97.pf O45 - LFCP:[MD5.C45545CA8EE157D87C662D4E0B2DFECA] - 12/11/2013 - 06:53:11 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-0DD1597D.pf O45 - LFCP:[MD5.A221F6CE58F4BA011DBD5DC752B5098E] - 12/11/2013 - 06:53:44 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-528BC649.pf O45 - LFCP:[MD5.8599D1731E327D9C4D85C5A00ECC3A11] - 12/11/2013 - 06:54:03 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-E510713D.pf O45 - LFCP:[MD5.F55E0A6B89CB08CACB72EAEFAAB20A5B] - 12/11/2013 - 06:54:04 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_9_900_11-40054B03.pf O45 - LFCP:[MD5.6CF02DEC45D382842D7FA161560FD6AD] - 12/11/2013 - 06:54:04 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-55FE3087.pf O45 - LFCP:[MD5.1919DA9DFF82D78A96325B0C6B7183AF] - 12/11/2013 - 06:54:05 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-D593A5D9.pf O45 - LFCP:[MD5.EFB025D1E5EA8C0E37ACFD340E1DDB96] - 12/11/2013 - 06:54:17 ---A- - C:\Windows\Prefetch\UNS.EXE-9B1279FB.pf O45 - LFCP:[MD5.4FEF6D4AE75AB7D00FF0C62154BE4017] - 12/11/2013 - 06:55:07 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-7D63BB4C.pf O45 - LFCP:[MD5.0410BF7E21A334B6B736E08B0CAAF10A] - 12/11/2013 - 07:02:59 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-CFB2CE07.pf O45 - LFCP:[MD5.D5EAD814B409E3321DBDC5CA314745C8] - 12/11/2013 - 07:03:40 ---A- - C:\Windows\Prefetch\THUNDERBIRD.EXE-33138219.pf O45 - LFCP:[MD5.ED8869A06E455C145198FCBBAAFA4FE1] - 12/11/2013 - 07:04:10 ---A- - C:\Windows\Prefetch\WERMGR.EXE-D948C216.pf O45 - LFCP:[MD5.11ED24FD5DA112B2E4F38384A2D0BA1B] - 12/11/2013 - 07:04:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-015D2E4A.pf O45 - LFCP:[MD5.6F43AA039045FE8737A6C2C85C9A8310] - 12/11/2013 - 07:05:37 ---A- - C:\Windows\Prefetch\LongTermHist.db O45 - LFCP:[MD5.ACE4BA1F0DF4483BE75DE95AE09F36E1] - 12/11/2013 - 07:05:37 ---A- - C:\Windows\Prefetch\LongTermHist.db.bt O45 - LFCP:[MD5.B153785B2251F1DC669C9F0400443DEE] - 12/11/2013 - 07:05:37 ---A- - C:\Windows\Prefetch\LongTermHist.db.dx O45 - LFCP:[MD5.B30B3DD2153125C78B5031BBB89ECF60] - 12/11/2013 - 07:06:15 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C1C2EFBE.pf O45 - LFCP:[MD5.D4EFA1CB0A7781D1939AF8C26BB5B2B4] - 12/11/2013 - 07:13:08 ---A- - C:\Windows\Prefetch\PHOTOSCREENSAVER.SCR-57F154DF.pf O45 - LFCP:[MD5.39C350ED93978EA5D5B7BE9D9F1C43B3] - 12/11/2013 - 07:18:42 ---A- - C:\Windows\Prefetch\SNIPPINGTOOL.EXE-74818B88.pf O45 - LFCP:[MD5.805C003715E80357BBD301922E675234] - 12/11/2013 - 07:18:42 ---A- - C:\Windows\Prefetch\WISPTIS.EXE-33A5A971.pf O45 - LFCP:[MD5.ECF69ED2C45681F2180418425A5AF81B] - 12/11/2013 - 07:27:21 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.05EC33D4C79486A044A6F5BED241E385] - 12/11/2013 - 07:27:22 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.A34DD93542ECA650F7C8B0D2308D02CC] - 12/11/2013 - 07:27:22 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.EBE593949D8C734C3E367871E4E280AF] - 12/11/2013 - 07:27:22 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.5ACB7C919E7849A88EB255A5846D90B3] - 12/11/2013 - 07:30:56 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8329E055.pf O45 - LFCP:[MD5.6AF63B54F81C03E809EF5D7109492CAC] - 12/11/2013 - 07:31:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-50DEE1CF.pf O45 - LFCP:[MD5.50EF5FCB767002877CE67AE5EF047893] - 12/11/2013 - 07:32:20 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-38926D07.pf O45 - LFCP:[MD5.05CACE209F458131269D8339378745C6] - 12/11/2013 - 07:35:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-62E5E10F.pf O45 - LFCP:[MD5.8895A3755D63F6880CBD39E44788DBFE] - 12/11/2013 - 07:35:05 ---A- - C:\Windows\Prefetch\CONHOST.EXE-F98A1078.pf O45 - LFCP:[MD5.B26D85E63AB28C3EC5D76433C3588064] - 12/11/2013 - 07:35:09 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-7B160CA5.pf O45 - LFCP:[MD5.3D3804E5CDFF5E0FCF69EDB2E2416C44] - 12/11/2013 - 07:35:09 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-0C8A533A.pf O45 - LFCP:[MD5.856EBA8EC57C5E112F9F6384BE1E4C68] - 12/11/2013 - 07:35:10 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-10E4267C.pf O45 - LFCP:[MD5.02AAD36D4C3BFA71F9B74E6567F91F20] - 12/11/2013 - 07:35:10 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-C6CFE2A8.pf O45 - LFCP:[MD5.3AAECAC5C376C1AF83ACC4F9003D1CE9] - 12/11/2013 - 07:35:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-23205583.pf O45 - LFCP:[MD5.65A5D12A3E52408D36EB0DDC71B497FD] - 12/11/2013 - 07:35:12 ---A- - C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/04/2171 - 05:49:54 ----D - C:\Windows\Prefetch\ReadyBoot ~ Prefetcher: 144 Scanned in 00mn 01s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 8 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Aimersoft Helper Compact.exe [Key] . (...) -- C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O53 - SMSR:HKLM\...\startupreg\ArcadeMovieService [Key] . (.CyberLink Corp. - Arcade Movie Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe O53 - SMSR:HKLM\...\startupreg\ArcSoft Connection Service [Key] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O53 - SMSR:HKLM\...\startupreg\BackupManagerTray [Key] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu [Key] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O53 - SMSR:HKLM\...\startupreg\EaseUS EPM tray [Key] . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Partition Master Free Edition Applic.) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe O53 - SMSR:HKLM\...\startupreg\EgisTecPMMUpdate [Key] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe O53 - SMSR:HKLM\...\startupreg\EgisUpdate [Key] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe O53 - SMSR:HKLM\...\startupreg\IJNetworkScanUtility [Key] . (.CANON INC. - Canon IJ Network Scan Utility.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O53 - SMSR:HKLM\...\startupreg\KiesPDLR [Key] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O53 - SMSR:HKLM\...\startupreg\KiesPreload [Key] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O53 - SMSR:HKLM\...\startupreg\KiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O53 - SMSR:HKLM\...\startupreg\MoneyAgent [Key] . (...) -- C:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\mwlDaemon [Key] . (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe O53 - SMSR:HKLM\...\startupreg\MyTomTomSA.exe [Key] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe O53 - SMSR:HKLM\...\startupreg\PLFSetI [Key] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O53 - SMSR:HKLM\...\startupreg\VitaKeyPdtWzd [Key] . (.Egis Technology Inc. - PdtWzd.exe.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe ~ SMSR Keys: 23 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.6106653B08F4F72EEAA7F099E7C408A4] - 07/03/2013 - 08:49:18 ---A- . (...) -- C:\Windows\System32\epmntdrv.sys [17480] O58 - SDL:[MD5.0D0E5281784C2C526BA43C2ECD374288] - 18/09/2006 - 07:50:10 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\SysWOW64\drivers\afc.sys [22784] O58 - SDL:[MD5.F17F09BA097D8EC3CE2084FA97886B85] - 07/03/2013 - 08:49:20 ---A- . (...) -- C:\Windows\SysWOW64\epmntdrv.sys [13896] ~ Drivers: 16 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Folder.cdx [16896] O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Folder.dbf [121316] O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Thumb1.cdx [40448] O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Thumb1.dbf [58674] O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Thumb1.fpt [42019840] O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Thumb2.cdx [40448] O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Thumb2.dbf [58674] O61 - LFC: 09/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Thumb2.fpt [7282176] O61 - LFC: 09/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\nsmail.doc.lnk [1125] O61 - LFC: 09/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\cert8.db.bak [65536] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Inbox.mozmsgs\527DD4AE.901%40gmail.com.wdseml [1564] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\0.0.10.448.1CEDD20B68924A0.0%40s20.offre-par-mail.com.wdseml [390] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\0.0.1E.675.1CEDCA7EE4CBA10.0%40s2.eprive67.com.wdseml [348] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:48 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\20131109-01300616-6575394b-0%40TRT-89.wdseml [965] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:49 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.mozmsgs\0.0.44.C0C.1CEDC0448E03A32.0%40mta.prod.dc2.responsys.com.wdseml [1182] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:50 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.mozmsgs\73C28D62-7EDF-4985-9A1D-D8E689403DF3%40aol.com.wdseml [1176] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DD9FC.3060909%40wanadoo.fr.wdseml [949] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DDB2D.6040901%40wanadoo.fr.wdseml [954] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DDB44.3020400%40wanadoo.fr.wdseml [954] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DDB57.7030407%40wanadoo.fr.wdseml [954] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DEA78.9090802%40wanadoo.fr.wdseml [2576] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DF82D.8050102%40wanadoo.fr.wdseml [640] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DF86A.9090103%40wanadoo.fr.wdseml [1622] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DF88C.2090707%40wanadoo.fr.wdseml [638] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527DF8C1.6080908%40wanadoo.fr.wdseml [647] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527E7B9F.7050505%40wanadoo.fr.wdseml [1236] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\026A6DD648F74333B21F4145E69DCF28%40PCHP.wdseml [332] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:54 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\1383985824757.174921327%40xen-009-mg-01.p6.xq.wdseml [1959] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:54 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\1672D786F8C641A6869C6F1E2D4883F1%40persob3ac9c4b7.wdseml [5846] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:54 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\1E50BAFA56B54B81989DBC24F8366564%40persob3ac9c4b7.wdseml [4415] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:55 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\2.1.4.1101016561.2318175.490207061%40newsletters.dailymotion.com.wdseml [5616] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:56 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\2D2CCCD780F74C0AB80136B1E3A2362D%40LMbureau.wdseml [663] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:56 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\5110A7EB3B464B2AB8664B0F05392D9F%40LMbureau.wdseml [527] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:58 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\527DDB15.3070209%40wanadoo.fr.wdseml [2065] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:58 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\527DE53E.1000309%40laposte.net.wdseml [853] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:58 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\527DE8A1.7070709%40wanadoo.fr.wdseml [905] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:58 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\5DF4C9E06DE6499783F5A407F58D3E5E%40persob3ac9c4b7.wdseml [2266] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:58 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\610B6C42BC7D40318EA10B9FFD17773B%40PCHP.wdseml [804] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:59 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\705155261.7160.1383996936959.JavaMail.www%40wwinf1d31.wdseml [1358] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:59 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\70b25c46c2f57b1d10a44cc4c93f25bb%40cron-he.crsend.com.wdseml [622] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:59 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\7f5ba36a8af9441655a8206f2d160fb0%40localhost.localdomain.wdseml [4465] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:59 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\9754F19C51414E2790BDA30D30C78E62%40PCHP.wdseml [404] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:36:59 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\9DE7A1C91EE94243B4EA11CD348B1BE4%40persob3ac9c4b7.wdseml [392] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:00 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\A7312949C678411AB2F6C02A8A9C9B09%40PCHP.wdseml [519] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:00 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\B09CA2262E2E4BC3B57BB139139C826E%40persob3ac9c4b7.wdseml [3381] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:00 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\B98DCF4F9276493CA7D7DAC2677BDDB8%40persob3ac9c4b7.wdseml [379] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:00 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\CA05B869CBC242B5B1CCC31EBE08C559%40LMbureau.wdseml [6056] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:00 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\c48ee7003bf4060f1b167cf768802944%40www.univers-nature.info.wdseml [6657] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:01 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\DUB121-W1FD28EE1A80CAFDAFFCB5F3FD0%40phx.gbl.wdseml [1468] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:01 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\E776A0EB5E6E47A29A98AF3B3C731F8E%40persob3ac9c4b7.wdseml [1611] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\EC78D2E122DE44DA8C9B42333D9BD819%40persob3ac9c4b7.wdseml [2882] =>.Mozilla Corporation O61 - LFC: 09/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\persdict.dat [318] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\ExifImage.fpt [48832] O61 - LFC: 10/11/2013 - 07:36:14 ---A- . (.TomTom.) -- C:\Users\Dan\AppData\Local\Downloaded Installations\{BA5C1855-286B-44A6-BE80-75B92B6D2BCC}\1036.MST [137216] O61 - LFC: 10/11/2013 - 07:36:14 ---A- . (.TomTom.) -- C:\Users\Dan\AppData\Local\Downloaded Installations\{BA5C1855-286B-44A6-BE80-75B92B6D2BCC}\TomTom HOME.msi [27390976] O61 - LFC: 10/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Local\Thunderbird\Profiles\jo4901y4.default\startupCache\startupCache.4.little [2783994] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Local\TomTom\HOME\Profiles\h1wn1y5m.default\XUL.mfl [457705] O61 - LFC: 10/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\PowerP11.pip [1484] O61 - LFC: 10/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\01 Rigolo.docx.lnk [626] O61 - LFC: 10/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\08-Les meilleurs proverbes xxx.pps.lnk [1247] O61 - LFC: 10/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\Hard.lnk [487] O61 - LFC: 10/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\Références.lnk [509] O61 - LFC: 10/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\chasse_au_lapin.pps.lnk [619] O61 - LFC: 10/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Word12.pip [1684] O61 - LFC: 10/11/2013 - 07:36:23 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\PowerPoint\PPT11.pcb [277] O61 - LFC: 10/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Inbox.mozmsgs\527E900E.4060609%40orange.fr.wdseml [1311] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\0.0.1E.8B3.1CEDE0780E939B0.0%40s2.eprive67.com.wdseml [349] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\0.0.A.441.1CEDDE5219EFC14.0%40s20.offre-par-mail.com.wdseml [376] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\1551fff5c4084bcaa226dcdd974e4750%40n.soleilsucre.com.wdseml [1465] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\527F3239.9010402%40wanadoo.fr.wdseml [803] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\000001423f8a5230-27636eb5-5756-4409-b849-507f1a0d2014-000000%40eu-west-1.amazonses.com.wdseml [2555] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:55 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\20131109184615.ee65198ad4%40tuningunivers.forumactif.com.wdseml [1575] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:36:58 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\560a8208d3031e04728df348c69e3584%40www.univers-nature.info.wdseml [17128] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:37:00 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\B1A579DEF7AF4378BF82D14911B26595%40persob3ac9c4b7.wdseml [2013] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\mw1e4i.1ltxph%40.wdseml [1408] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\mw1e4j.dp6q4k%40.wdseml [1408] =>.Mozilla Corporation O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\Log.txt [326] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\MapShareDownloadCache\MapCache779644878.bin [1093805] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\cert8.db [65536] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\compreg.dat [133463] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\cookies.sqlite-journal [512] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\extensions.cache [152] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\extensions.rdf [2376] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\key3.db [16384] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\localstore.rdf [1050] O61 - LFC: 10/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\mimeTypes.rdf [251] O61 - LFC: 10/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\Resources\itemmetadata.tlvvoc.xml [5481] O61 - LFC: 10/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\places.sqlite [131072] O61 - LFC: 10/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\places.sqlite-journal [0] O61 - LFC: 10/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\pluginreg.dat [9443] O61 - LFC: 10/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\prefs.js [6775] O61 - LFC: 10/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\TomTom\HOME\Profiles\h1wn1y5m.default\xpti.dat [100989] O61 - LFC: 10/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\backup.xml [24640] O61 - LFC: 10/11/2013 - 07:37:04 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\Europe_1GB_South\MapServerPatch.dat [254999] O61 - LFC: 10/11/2013 - 07:37:04 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\Europe_1GB_South\MapSettings.cfg [14076] O61 - LFC: 10/11/2013 - 07:37:04 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\Europe_1GB_South\PatchFilter.dat [71] O61 - LFC: 10/11/2013 - 07:37:04 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\Europe_1GB_South\ServerLineIndex.dat [277384] O61 - LFC: 10/11/2013 - 07:37:04 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\Europe_1GB_South\ServerNameIndex.dat [2488] O61 - LFC: 10/11/2013 - 07:37:05 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\itn\temporary.iti [115] O61 - LFC: 10/11/2013 - 07:37:05 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\mapshareupdate.xml [296] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\settings.dat [1256] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\ttgo.bif [1720] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\tthome.bif [46] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\zip\Great_Britain.postal [9186840] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\zip\Great_Britain.tlv [661] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\zip\Great_BritainPostal.ver [57] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\zip\Nederland.postal [2024206] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\zip\Nederland.tlv [644] O61 - LFC: 10/11/2013 - 07:37:06 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Backup\XL\Backup02\InternalMemory\zip\Nederlandpostal.ver [54] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode-1\nederland.cab [2012529] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode-1\nederland.toc [1923] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode-2\great_britain.cab [9032825] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode-2\great_britain.toc [1947] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode-3\nederland.cab [2012529] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode-3\nederland.toc [1923] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode\great_britain.cab [9032825] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\complete\zipcode\Navigating_to_a_postcode\great_britain.toc [1947] O61 - LFC: 10/11/2013 - 07:37:07 ---A- . (...) -- C:\Users\Dan\Documents\TomTom\HOME\Download\temp\27dd90e056893b4a1c02f247c7782da3.tmp.meta [69] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Asset.cdx [207872] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\Asset.dbf [1081032] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\AssetExif.cdx [20992] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\AssetExif.dbf [155376] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\AssetExif.fpt [347520] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\ExifImage.cdx [41984] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\ExifImage.dbf [573012] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\FileType.cdx [7680] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\FileType.dbf [48740] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\FolderRoot.dbf [7190] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\JoinAssetTypeFileType.cdx [11776] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\JoinAssetTypeFileType.dbf [6430] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\JoinFieldSetFileType.cdx [38912] O61 - LFC: 11/11/2013 - 07:36:13 ---A- . (...) -- C:\Users\Dan\AppData\Local\ACD Systems\Catalogs\30Pro\Default\JoinFieldSetFileType.dbf [37912] O61 - LFC: 11/11/2013 - 07:36:14 ---A- . (...) -- C:\Users\Dan\AppData\Local\ATI\ACE\Manifest.Bin [26869] O61 - LFC: 11/11/2013 - 07:36:14 ---A- . (...) -- C:\Users\Dan\AppData\Local\ATI\ACE\Manifest.xml [19492] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\2013111108.000\5361C543-EF97-480D-8588-C142CD526CC4.Diagnose.Admin.0.etl [393216] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\2013111108.000\NetworkConfiguration.cab [1380] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\2013111108.000\NetworkDiagnostics.0.debugreport.xml [76212] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\2013111108.000\NetworkDiagnostics.1.debugreport.xml [70950] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\2013111108.000\ResultReport.xml [39133] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\2013111108.000\results.xml [256] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\2013111108.000\results.xsl [49097] O61 - LFC: 11/11/2013 - 07:36:15 ---A- . (...) -- C:\Users\Dan\AppData\Local\ElevatedDiagnostics\460911090\latest.cab [30816] O61 - LFC: 11/11/2013 - 07:36:19 ---A- . (...) -- C:\Users\Dan\AppData\Local\Google\Toolbar\broker_metrics.xml [10692] O61 - LFC: 11/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP Navigator EX V20\index\image.idx [274] O61 - LFC: 11/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP Navigator EX V20\index\index.idx [19] O61 - LFC: 11/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP620 series_000085F4EC31\SCGR.H00 [4421280] O61 - LFC: 11/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP620 series_000085F4EC31\SCGR.PV0 [3761501] O61 - LFC: 11/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP620 series_000085F4EC31\SCGR.PVR [3369084] O61 - LFC: 11/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP620 series_000085F4EC31\SCGR.T00 [404325] O61 - LFC: 11/11/2013 - 07:36:20 --H-- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP Navigator EX V20\history\sc\hstr_0008.lnk [581] O61 - LFC: 11/11/2013 - 07:36:20 --H-- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP Navigator EX V20\history\sc\hstr_0009.lnk [596] O61 - LFC: 11/11/2013 - 07:36:20 --H-- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP Navigator EX V20\history\sc\hstr_0010.lnk [596] O61 - LFC: 11/11/2013 - 07:36:20 --H-- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP Navigator EX V20\history\sc\hstr_0011.lnk [581] O61 - LFC: 11/11/2013 - 07:36:20 --H-- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP Navigator EX V20\history\sc\hstr_0012.lnk [596] O61 - LFC: 11/11/2013 - 07:36:21 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Canon\MP620 series_000085F4EC31\SCGR.TIN [5228] O61 - LFC: 11/11/2013 - 07:36:21 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Excel\Excel11.xlb [17805] O61 - LFC: 11/11/2013 - 07:36:21 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Excel11.pip [1560] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\Bibliothèque.lnk [1120] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\DOCUMENTS E (E).lnk [286] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\EUROTOOL.XLA.lnk [1257] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\Ident MdP sept2012.xls.lnk [426] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\Temp.lnk [1000] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\convoc du 15-11-2013.doc.lnk [1197] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\VB11.pip [144] O61 - LFC: 11/11/2013 - 07:36:22 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Word11.pip [1712] O61 - LFC: 11/11/2013 - 07:36:22 --H-- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Office\Récent\index.dat [1419] O61 - LFC: 11/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\addons.sqlite [524288] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\blocklist.xml [50776] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\cookies.sqlite [524288] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\directoryTree.json [297] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\downloads.sqlite [98304] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Drafts [1457] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Drafts.msf [3592] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Inbox.mozmsgs\2F68AA419E88410F84F52944D33EE1FF%40pc351626.wdseml [2616] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\history.mab [14605] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\impab.mab [127269] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:46 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Sent [5290704] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Sent.mozmsgs\52808956.7080605%40wanadoo.fr.wdseml [2721] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Sent.mozmsgs\52809263.6060009%40wanadoo.fr.wdseml [329] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Sent.mozmsgs\5280E109.3040407%40wanadoo.fr.wdseml [602] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Sent.msf [37164] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\0.0.12.767.1CEDEB647390498.0%40s20.offre-par-mail.com.wdseml [363] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\0.0.5E.791.1CEDEC9089240FC.0%40s2.eprive67.com.wdseml [354] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:49 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Drafts [1747210] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:49 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Drafts.msf [3491] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:49 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.mozmsgs\1384188545.16519.YahooMailNeo%40web28903.mail.ir2.yahoo.com.wdseml [3630] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:50 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.mozmsgs\5280CA58.7030804%40gmail.com.wdseml [3390] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:50 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.mozmsgs\5280F1A0.6080908%40gmail.com.wdseml [7774] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:50 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.mozmsgs\DUB119-W27567F8E0A52B0CD593915BEFF0%40phx.gbl.wdseml [1934] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.sbd\V8 [67246] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.sbd\V8.mozmsgs\DUB125-W78AD7ACB7F56D711B3C4D2B3FF0%40phx.gbl.wdseml [1931] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.sbd\V8.msf [6859] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Junk [146257] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Junk.msf [4920] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent [92767252] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\msgFilterRules.dat [1559] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\528099F3.5000601%40wanadoo.fr.wdseml [1007] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.mozmsgs\5280D3D6.7010808%40wanadoo.fr.wdseml [3164] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\00000142452cd43e-7ded0510-c5db-4298-b3d4-4a14da90a6cd-000000%40eu-west-1.amazonses.com.wdseml [6854] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:53 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\0fb554182ed4b86394bd341172cbfe94%40localhost.localdomain.wdseml [568] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:54 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\1384189538.89216.YahooMailNeo%40web28906.mail.ir2.yahoo.com.wdseml [501] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:54 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\1640926298.10119.1384171578653.JavaMail.www%40wwinf1k10.wdseml [1494] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:36:59 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\7815087186384b9fa8164ace364568fb%40cron-he.crsend.com.wdseml [575] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:37:00 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\b6rhk34bfs4qreau11vxubyg0w1gmj.9360441.8533%40mta923.miniinthebox.chtah.com.wdseml [9749] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\mw38se.nc6te3%40.wdseml [1408] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\permissions.sqlite [65536] =>.Mozilla Corporation O61 - LFC: 11/11/2013 - 07:37:07 ---A- . (.AMD.) -- C:\Users\Dan\Downloads\amddriverdownloader (1).exe [791552] O61 - LFC: 12/11/2013 - 07:36:14 ---A- . (...) -- C:\Users\Dan\AppData\Local\ATI\ACE\Profiles.xml [13921] O61 - LFC: 12/11/2013 - 07:36:18 ---A- . (...) -- C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\preferences [117732] O61 - LFC: 12/11/2013 - 07:36:19 ---A- . (...) -- C:\Users\Dan\AppData\Local\Thunderbird\Profiles\jo4901y4.default\Cache\3\52\945E9d01 [63519] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:19 ---A- . (...) -- C:\Users\Dan\AppData\Local\Thunderbird\Profiles\jo4901y4.default\Cache\_CACHE_001_ [4194304] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:19 ---A- . (...) -- C:\Users\Dan\AppData\Local\Thunderbird\Profiles\jo4901y4.default\Cache\_CACHE_002_ [4194304] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:19 ---A- . (...) -- C:\Users\Dan\AppData\Local\Thunderbird\Profiles\jo4901y4.default\Cache\_CACHE_003_ [4194304] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:19 ---A- . (...) -- C:\Users\Dan\AppData\Local\Thunderbird\Profiles\jo4901y4.default\Cache\_CACHE_MAP_ [8468] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:19 --HA- . (...) -- C:\Users\Dan\AppData\Local\IconCache.db [1153445] O61 - LFC: 12/11/2013 - 07:36:20 ---A- . (...) -- C:\Users\Dan\AppData\Local\Thunderbird\Profiles\jo4901y4.default\_CACHE_CLEAN_ [1] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:21 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-11-12 (06-28-47).txt [2102] O61 - LFC: 12/11/2013 - 07:36:23 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Microsoft\Sticky Notes\StickyNotes.snt [5632] O61 - LFC: 12/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\calendar-data\local.sqlite [1409024] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:37 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\cert8.db [65536] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Inbox [6791516] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\folderTree.json [991] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\global-messages-db.sqlite [4259840] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\key3.db [16384] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:45 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\localstore.rdf [23931] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:46 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Inbox.msf [66992] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:46 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\popstate.dat [967] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash [22691988] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:47 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.mozmsgs\0.0.9.19E.1CEDF6C79E53630.0%40s20.offre-par-mail.com.wdseml [353] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:49 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange-1.fr\Trash.msf [245241] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:49 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox [64099099] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Inbox.msf [122370] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:51 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\popstate.dat [866] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Sent.msf [246091] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:52 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash [611212939] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:36:58 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.mozmsgs\5EDAB434C8514AE08C186B07943BC339%40EXISTPC.wdseml [1572] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\Mail\pop.orange.fr\Trash.msf [606336] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\panacea.dat [9746] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\parent.lock [0] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\prefs.js [19323] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\session.json [423] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:37:02 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Thunderbird\Profiles\jo4901y4.default\virtualFolders.dat [10] =>.Mozilla Corporation O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\backup\20131112.062317.zip [507] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\backup\20131112.065324.zip [605] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\history\20131112-062249_repair.xml [1007] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\history\20131112-065310_repair.xml [1719] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\history\latest_scan_results.xml [2963] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\icons.mht [1917166] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\last_fix_results.dat [4455] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\last_scan_results.dat [3912] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\settings.dat [1476] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\Uniblue\SpeedUpMyPC\state.sqlite [44032] =>Rogue.SpeedUpMyPC O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\ZHP\Log.txt [19053] =>.Nicolas Coolman O61 - LFC: 12/11/2013 - 07:37:03 ---A- . (...) -- C:\Users\Dan\AppData\Roaming\ZHP\TestsZHPDiag.txt [2809] =>.Nicolas Coolman ~ Files: 254 Scanned in 00mn 54s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 22/01/2010 - C:\Windows\System32\DRIVERS\atipmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK O64 - Services: CurCS - 30/08/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 30/08/2013 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 22/01/2010 - C:\Windows\System32\DRIVERS\igdpmd64.sys (intelkmd) .(.Intel Corporation - Intel Graphics Kernel Mode Driver.) - LEGACY_INTELKMD O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys (mwlPSDFilter) .(.Egis Technology Inc. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys (mwlPSDNServ) .(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV O64 - Services: CurCS - 03/06/2009 - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys (mwlPSDVDisk) .(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 02/11/2009 - C:\Windows\System32\DRIVERS\TurboB.sys (TurboB) .(...) - LEGACY_TURBOB O64 - Services: CurCS - 01/07/2010 - C:\Program Files\Unlocker\UnlockerDriver5.sys (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5 O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 88 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) D:\Soft to Install\Raxco.PerfectDisk.v11.0.0.175.Professional.French.WinAll.Incl.Keygen-CRD\setup\PD11_PRO_fr.exe ~ Files: Scanned in 00mn 23s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe [36136] [MD5.A1A85B616648F17728B002F4A0614966] [SPRF][06/08/2004] (.Microsoft(R) Corporation - Programme de désinstallation de Money.) -- C:\Users\Dan\AppData\Local\Temp\mnyF41E.exe [45056] [MD5.7F9C39AD29302999F1163359D7ECF03C] [SPRF][06/06/2008] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Dan\AppData\Local\Temp\_is4CB9.exe [457216] [MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [SPRF][22/06/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Dan\AppData\Local\Temp\_is9981.exe [455600] [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][18/09/2013] (...) -- C:\Users\Dan\AppData\Roaming\wklnhst.dat [0] ~ Files: 5 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "{8F778FC6-58C1-44F6-BCB7-42A038B2AB69}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.) O87 - FAEL: "{C0ED4784-DCFA-4111-A2D4-12E1F2439054}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.exe (.not file.) O87 - FAEL: "{B1B52BF7-68BA-4E11-8882-378CA6CCC1F6}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{98D1E046-7297-459D-AAB5-96001DEC8E7E}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{94FF22EA-DC04-48F0-95C1-11DF432C8EA3}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{CFE37668-513E-43F3-BD43-A43E950CF8BE}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{22BC2083-48D3-487D-844C-6C3BFC8554BC}" | In - None - P17 - TRUE | .(.Acer Incoporated - Acer Video Quality Enhancement.) -- C:\Program Files (x86)\Acer\Acer VCM\VC.exe O87 - FAEL: "{37DD7A91-48D6-4B7A-82E2-7C4CE7D68E9C}" | In - None - P17 - TRUE | .(.Acer Incorporated - Raw Socket Service.) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O87 - FAEL: "{99B50AF1-ACEE-46BD-9941-A4CEADB4BC78}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{362A122E-B728-4638-B06D-9F14F503CE4D}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{158E0002-4FF7-4D6F-B9DA-817374553A69}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{1C4DF753-F947-4DBC-89C2-A71E30942237}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{7CCD9AEC-D281-481F-85B1-1BBFD81B8709}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{6A90E623-CFF7-4A3B-8205-5D3AB687AD43}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{6B4B8FE7-F88A-4268-B664-EBD2B375DC9E}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{958A51EC-FCCF-4AD5-9808-A9D98D9A5AA1}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{33535EFA-C0F2-43B3-8601-0A25EE74BA53}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{11A6ADB3-AB0D-425E-B9A4-D0656E2776D8}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{9EF02B24-7C0F-44DD-A8AC-737A67582246}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{20C88B04-7CB2-4BF6-8837-0AC9CEFE14DE}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{B81502C9-D4C5-48F3-A0E7-DDC92A656217}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{9A404C96-43A0-4C3F-A03C-B4013ED592C9}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{5D1263A7-E93F-4DCC-A3BB-B1BC9CEAB1C5}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{0331BCD4-4FEC-4F35-A68E-220AC8CE560D}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{833CF278-CBE1-4A32-B95A-3C9521BA5BC9}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{6C431D4E-09C6-4400-B12F-A000E4C880BE}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{D24BC0E7-515B-49EA-8535-AB9A68ACB0CF}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E11A2959-4104-4082-AE43-B484A81669C6}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{09B6E6E3-202E-4E08-AF98-5696B31E3613}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\System32\svchost.exe O87 - FAEL: "{8A46A787-025D-49CA-9210-9B3DF7E78BD8}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe O87 - FAEL: "{ED16C90C-51F1-411D-B5F2-4354A97E1679}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\PowerCinema.exe (.not file.) O87 - FAEL: "{0679E5FB-C054-4C1F-9C8F-EABAB301C081}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\PCMService.exe (.not file.) O87 - FAEL: "{BD3BB699-E3B5-472F-A6A6-7A18F0DE11B3}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\DMP\CLBrowserEngine.exe (.not file.) O87 - FAEL: "{BBFC331A-5FC0-473B-A29B-BF542DD11A84}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\DMS\CLMSService.exe (.not file.) O87 - FAEL: "{0D56A9CA-E3B5-4B20-8AB5-4781F7C17686}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\TouchMovie.exe (.not file.) O87 - FAEL: "{77D6907A-3CB0-46A1-ABB1-18F54BE5E0D1}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\TouchMovieService.exe (.not file.) O87 - FAEL: "{0B0AAECB-8BBF-4CA7-9906-05EC8DB337A5}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Dan\AppData\Local\DProtect\DProtectSvc.exe (.not file.) =>Trojan.Staser O87 - FAEL: "{C12C39F5-F88B-4616-914B-E9452D9E3909}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity O87 - FAEL: "{E9C56C96-A1A2-41FB-A4FC-DAC5033A0365}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{8A9503F0-765D-4E7D-BAD5-F3EEB0E21B6F}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{1F859BAD-EFDA-4A27-88F9-B0BBB3FA9D58}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{04F7AF95-D1C2-4865-8BAB-60896E7B012A}" | In - None - P17 - TRUE | .(.Acer Incorporated - Acer HomeMedia.) -- C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe O87 - FAEL: "RemoteDesktop-UserMode-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{0BB0AAE1-A720-48CD-B12B-736D0508879F}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe O87 - FAEL: "{F721F533-E1F9-435A-8942-A7F47D2AB747}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe O87 - FAEL: "{61DC70CA-4CDE-4687-BD09-300E7CB2B58D}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe ~ Firewall: 213 Scanned in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "00002105501100000000000000F01FEC" . (.Microsoft Office 2007 Primary Interop Assemblies.) -- C:\Windows\Installer\{50120000-1105-0000-0000-0000000FF1CE}\misc.exe,6 O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe O90 - PUC: "07A570032D5BB044FA3ABF0212471012" . (.Backup Manager Advance.) -- C:\Windows\Installer\{30075A70-B5D2-440B-AFA3-FB2021740121}\ARPPRODUCTICON.exe O90 - PUC: "0D4CBCB488D1D26408E905F643AE110C" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{4BCBC4D0-1D88-462D-809E-506F34EA11C0}\ARPPRODUCTICON.exe O90 - PUC: "1038C85769625584FA5435B4210089A0" . (.Samsung Kies.) -- C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe O90 - PUC: "140D86A7A468BA7DE9E8F0A9ACDFB7FB" . (.Catalyst Control Center Core Implementation.) -- C:\Windows\Installer\{7A68D041-864A-D7AB-9E8E-0F9ACAFD7BBF}\ARPPRODUCTICON.exe O90 - PUC: "14FD07E747FFD1C765C93CFD59E7C124" . (.Catalyst Control Center Graphics Full Existing.) -- C:\Windows\Installer\{7E70DF41-FF74-7C1D-569C-C3DF957E1C42}\ARPPRODUCTICON.exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "277C90D53BCEB244C96C4B43C187DF2C" . (.Apple Application Support.) -- C:\Windows\Installer\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}\WinInstall.ico O90 - PUC: "291AB58B9782A8E49CDDF6BCE1862E9E" . (.Catalyst Control Center Graphics Previews Vista.) -- C:\Windows\Installer\{B85BA192-2879-4E8A-C9DD-6FCB1E68E2E9}\ARPPRODUCTICON.exe O90 - PUC: "32A44CFA8A6E52646B1B324D8325D595" . (.O2Micro 1394 OHCI Compliant Host Controller Driver.) -- C:\Windows\Installer\{AFC44A23-E6A8-4625-B6B1-23D438525D59}\ARPPRODUCTICON.exe O90 - PUC: "4100643057937624F993D14C4705097B" . (.Encyclopédie Microsoft Encarta 2003.) -- C:\Windows\Installer\{03460014-3975-4267-9F39-1DC4745090B7}\EESTD.ICO O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico =>.Apple Inc O90 - PUC: "4A1AFE21B3CAC344183432E7ED674030" . (.NTI Backup Now Standard.) -- C:\Windows\Installer\{12EFA1A4-AC3B-443C-8143-237EDE760403}\ARPPRODUCTICON.exe O90 - PUC: "4A94D9E94FD183147BBDD5788A3980E8" . (.WIDCOMM Bluetooth Software.) -- C:\Windows\Installer\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}\ARPPRODUCTICON.exe O90 - PUC: "4BA27099597D5D44D9563E9C8F23C279" . (.TomTom HOME.) -- C:\Windows\Installer\{99072AB4-D795-44D5-9D65-E3C9F8322C97}\ARPPRODUCTICON.exe O90 - PUC: "5B769D51EB4AEA24E94846DC60B252AA" . (.eSobi v2.) -- C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe O90 - PUC: "6240D448811F824AD9074C5524A21B3B" . (.Catalyst Control Center Graphics Full New.) -- C:\Windows\Installer\{844D0426-F118-A428-9D70-C455422AB1B3}\ARPPRODUCTICON.exe O90 - PUC: "66E7AC201DA19ED4ABE9680AEE0B917C" . (.Extension Système de Microsoft Money.) -- C:\Windows\Installer\{02CA7E66-1AD1-4DE9-BA9E-86A0EEB019C7}\MnyIco.exe O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.05) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O90 - PUC: "6DA6B392D485D68A5A6C933D5A4A1998" . (.ccc-utility64.) -- C:\Windows\Installer\{293B6AD6-584D-A86D-A5C6-39D3A5A49189}\ARPPRODUCTICON.exe O90 - PUC: "743C7362DAD96D11E92A0050D5C07A16" . (.PowerCinema.) -- C:\Windows\Installer\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\ARPPRODUCTICON.exe O90 - PUC: "7A92E62A5EF61B58C70DA2D5AB012D1A" . (.ccc-core-static.) -- C:\Windows\Installer\{A26E29A7-6FE5-85B1-7CD0-2A5DBA10D2A1}\ARPPRODUCTICON.exe O90 - PUC: "8DABB896611BD5948B97F0705A335EF7" . (.Samsung Story Album Viewer.) -- C:\Windows\Installer\{698BBAD8-B116-495D-B879-0F07A533E57F}\ARPPRODUCTICON.exe O90 - PUC: "9D0DC7D088A436A4F819F3E4F8737186" . (.MyWinLocker.) -- C:\Windows\Installer\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\ARPPRODUCTICON.exe O90 - PUC: "9F6C4F93A816B5E4F82BB66D1671E423" . (.Moniteur de la technologie Intel® Turbo Boost.) -- C:\Windows\Installer\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}\ARPPRODUCTICON.exe O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico O90 - PUC: "A11C609B391D3414F97A2EEEA8A5F812" . (.ArcadeMovie.) -- C:\Windows\Installer\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}\ARPPRODUCTICON.exe O90 - PUC: "A2268694F3D4E984A9ECF5CEC40CDB3E" . (.MediaShow Espresso.) -- C:\Windows\Installer\{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}\ARPPRODUCTICON.exe O90 - PUC: "A9B9EB4705BFC54986691946B1DA8BB0" . (.Catalyst Control Center Graphics Light.) -- C:\Windows\Installer\{74BE9B9A-FB50-945C-6896-91641BADB80B}\ARPPRODUCTICON.exe O90 - PUC: "ABFAB76BF9C4AF84496939E3B3520544" . (.QuickTime.) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\Installer.ico O90 - PUC: "B68040A017B03C3459FEDFCFC4811D16" . (.SILKYPIX Developer Studio 3.1 SE.) -- C:\Windows\Installer\{0A04086B-0B71-43C3-95EF-FDFC4C18D161}\ARPPRODUCTICON.exe O90 - PUC: "BB46690E80BBAF54781D33AE0B0E715F" . (.Fingerprint Solution.) -- C:\Windows\Installer\{E09664BB-BB08-45FA-87D1-33EAB0E017F5}\ARPPRODUCTICON.exe O90 - PUC: "C039314290386A74CB16E52FA72422CB" . (.NTI Media Maker 8.) -- C:\Windows\Installer\{2413930C-8309-47A6-BC61-5EF27A4222BC}\ARPPRODUCTICON.exe O90 - PUC: "C040110900063D11C8EF10054038389C" . (.Microsoft Office Professional Edition 2003.) -- C:\Windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe,6 O90 - PUC: "C040580900063D11C8EF10054038389C" . (.Microsoft Office Word Viewer 2003.) -- C:\Windows\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe,1 O90 - PUC: "C055BE04C58F8CC39408E5D69486E5E4" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{40EB550C-F85C-3CC8-4980-5E6D49685E4E}\ARPPRODUCTICON.exe O90 - PUC: "D30CF9A3586C138449FCE4FD3D474979" . (.Microsoft SQL Server Compact 3.5 SP2 ENU.) -- C:\Windows\Installer\{3A9FC03D-C685-4831-94CF-4EDFD3749497}\ProductIcon O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "D8380EA51B9121D5F58E6E05B3C27861" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}\ARPPRODUCTICON.exe O90 - PUC: "DA93DA4DE19033D4BBB2956FCF8BDA3C" . (.Microsoft SQL Server Compact 3.5 SP2 x64 ENU.) -- C:\Windows\Installer\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}\ProductIcon O90 - PUC: "EAA2DAF5DD6C8CC43B52FBBC3B3D2294" . (.O2Micro Flash Memory Card Windows Driver.) -- C:\Windows\Installer\{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}\ARPPRODUCTICON.exe O90 - PUC: "EB63B96346D31464A9AE08D834F61E23" . (.Microsoft Picture It! Photo 7.0.) -- C:\Windows\Installer\{369B36BE-3D64-4641-9AEA-808D436FE132}\PIL_2003.exe O90 - PUC: "EC411D4643242C546BA0B2705D4AF827" . (.Microsoft Works 7.0.) -- C:\Windows\Installer\{64D114CE-4234-45C2-B60A-2B07D5A48F72}\Win2Kico.exe O90 - PUC: "FAF082B101EA13E44AA1BD93716D15CD" . (.ACDSee Pro 3.) -- C:\Windows\Installer\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}\ARPPRODUCTICON.exe ~ Update Products: 111 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.FDB288CA21528425564A796219D6410A] [WIS][18/09/2013] (.Ichikawa Soft Laboratory - SILKYPIX Developer Studio 3.1 SE.) -- C:\Windows\Installer\222bf5.msi [59321856] [MD5.F02CEB0F4B11AE653D77F610A637C9F3] [WIS][07/01/2010] (.ATI - Branding.) -- C:\Windows\Installer\257eb.msi [392192] [MD5.2F4E0C37DE4117668290D67A804155F9] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\257f2.msi [2912256] [MD5.9D4C1654919A95074BC8ADA4EE0FF94B] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\257f9.msi [7324672] [MD5.57A6A46A67E79E03C3C3CC39CB94E389] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25800.msi [409600] [MD5.0B29C4F5E9DCE738A7AB30B248BDE06D] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25807.msi [991744] [MD5.51C67B887A0702E8709A0EBA49A40956] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2580e.msi [5749760] [MD5.513F25CF0AB3178B2BA818166B49E3D2] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25816.msi [1266176] [MD5.B6CC6457F531FC3896443C1ACAF72CC4] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2581d.msi [1250816] [MD5.AE3F8C0010DAA5C614BC96FC92D04B2D] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25824.msi [1234432] [MD5.C9F8759183BA1677D333DEA5E9B0B653] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2582b.msi [1305088] [MD5.9D83B7EEBEDDEB8508B6C23CCFE9256E] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25832.msi [725504] [MD5.62E503CFAECA3C68194395EE0EFD2C6F] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25839.msi [1252864] [MD5.92AE81645898F99552A8706913E406CF] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25840.msi [1254912] [MD5.C70B027312513AFB1B32F4955CA2A3D8] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25847.msi [1260544] [MD5.826C0DCE5616EBC79418CAEF8CDD4223] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2584e.msi [1270784] [MD5.E8F7AC262D1D0AFB27ADA5A79EDE1285] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25855.msi [1251328] [MD5.A349A1B6EC90293639D0C34DC53C05E3] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2585c.msi [1278464] [MD5.08DFBDE3E7155C83157684E20A6C8C4F] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25863.msi [1262592] [MD5.D3F811274741315E344AB22491AFDEA8] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2586a.msi [1257472] [MD5.B5F03B9A448E9926D87F258053313163] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25871.msi [1244160] [MD5.6E466A09C2E9C61007511315CBAAFBC3] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25878.msi [1258496] [MD5.362C2E67184060E027C84F3316C42FA6] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2587f.msi [1256960] [MD5.C95D414D532EF9F34D6BC7CE882601C0] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25886.msi [1289728] [MD5.06E120D27ED267FB062584E72091D6AF] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2588d.msi [1246720] [MD5.529DCF4F66C63370C988B26791F9DAFA] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\25894.msi [1277440] [MD5.D83851B980960F7E1DC6E2846DA1A36E] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\2589b.msi [1255424] [MD5.2236B55B2B0A535E0FA81A272CC3D902] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\258a2.msi [942080] [MD5.D6975E92B4B259808C9147EFD3B17620] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\258a9.msi [1244672] [MD5.51C24C7EE0F8A598B9C20D057FC889BD] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\258b0.msi [1898496] [MD5.00A57F31FFF714ECF3FE8CB0DF11804F] [WIS][28/01/2010] (.ATI - Catalyst Control Center Utility 64.) -- C:\Windows\Installer\258b7.msi [279552] [MD5.DC2977233513D8E0B53ACA16632B9A9B] [WIS][28/01/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\258bf.msi [2444288] [MD5.B2EAD1869C11CD889D26DE8C50CFCF96] [WIS][28/08/2009] (.O2Micro International LTD. - O2Micro 1394 OHCI Compliant Host Controller Driver.) -- C:\Windows\Installer\288e6.msi [646144] [MD5.C555B7BE179B1E472AE5E946BA5B3066] [WIS][12/03/2010] (.esobi Inc. - eSobi.) -- C:\Windows\Installer\28ae0.msi [12495872] [MD5.857BCB41886FDEBCFB12C8E9C3EFEE3C] [WIS][15/01/2010] (.Broadcom Corp. - WIDCOMM Bluetooth Profile Pack.) -- C:\Windows\Installer\2b457.msi [4925048] [MD5.D1CAA91A05B9F86BD7B6DB82A5DFAB10] [WIS][09/03/2010] (.O2Micro International LTD. - O2Micro Flash Memory Card Windows Driver.) -- C:\Windows\Installer\2b460.msi [649216] [MD5.F978A143AAEB737FB867DC6D9F9F7060] [WIS][16/09/2013] (.Intel - Intel(R) Turbo Boost Technology Monitor.) -- C:\Windows\Installer\2b46e.msi [9069056] [MD5.D24949E5C6EC59F7F8664A657066994D] [WIS][12/03/2010] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\3f5c7.msi [28160] =>Toolbar.Google [MD5.F251E19436E3C1B770FC7944BC80346C] [WIS][06/11/2009] (.NewTech Infosystems - Media Maker.) -- C:\Windows\Installer\3f5d2.msi [12269568] [MD5.B1F0995F3B88BD2063B2141A385F3104] [WIS][08/03/2010] (.NewTech Infosystems - NTI Backup Now EZ.) -- C:\Windows\Installer\3f5ef.msi [989184] ~ WIS: 118 Scanned in 00mn 17s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 03/07/2008 109056 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe SR - | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 22/01/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 12/01/2010 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe SR - | Auto 25/02/2010 325200 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe SR - | Auto 21/01/2010 819744 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe SR - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe SS - | Auto 16/09/2013 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 16/09/2013 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 16/09/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 24/12/2009 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe SR - | Auto 08/03/2010 3456880 | (IGBASVC) . (.Egis Technology Inc..) - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe SR - | Auto 30/09/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SS - | Demand 03/11/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 02/12/2009 305448 | (MWLService) . (.Egis Technology Inc..) - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe SR - | Auto 09/03/2010 250368 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe SS - | Demand 06/11/2009 50432 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe SR - | Auto 06/11/2009 144640 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe SR - | Auto 12/02/2007 65536 | (O2FLASH) . (.O2Micro International.) - C:\Windows\System32\DRIVERS\o2flash.exe SR - | Auto 03/02/2010 244904 | (RichVideo) . (...) - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe SR - | Auto 30/01/2010 260640 | (RS_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe SR - | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SR - | Demand 02/11/2009 126352 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe SR - | Auto 30/09/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 04/07/2009 240160 | (Updater Service) . (.Acer.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 19s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Dan at 12/11/2013 07:37:57 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Dan at 12/11/2013 07:37:59 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd ~ Emulateurs: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 12994 - (11/11/2013) Clés trouvées (Keys found) : 6 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 4 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{232F1B14-7126-491F-AC8C-6123BA58FDE2}] =>PUP.QuickShare^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\swg] =>Toolbar.Google^ [HKLM\Software\Classes\SpeedUpMyPC] =>Rogue.SpeedUpMyPC [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^ C:\Windows\Tasks\SpeedUpMyPC.job =>Rogue.SpeedUpMyPC^ C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe =>Rogue.SpeedUpMyPC^ C:\Windows\Installer\3f5c7.msi =>Toolbar.Google^ ~ Additionnel Scan: 270178 Items scanned in 00mn 19s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google ~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC ~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare ~ http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser ~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity ~ MSI: 5 link(s) detected in 00mn 19s End of the scan (2164 lines in 03mn 23s)(1)