cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.3.24.29 - Nicolas Coolman (24/03/2014)
~ Lancé par Florine (25/03/2014 20:51:24)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Basic, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.3.350
COMODO Firewall v6.3.39106.2972
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ Logiciels d'optimisation du système
CCleaner v4.11 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Sans échec (Fail-safe boot)
Total RAM: 1977 MB (83% free)
System Restore: Désactivé (Disabled)
System drive C: has 113 GB (81%) free of 139 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-FLORINE
~ User Name: Florine
~ All Users Names: Florine, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Florine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Florine\AppData\Roaming\
~ %Desktop% : C:\Users\Florine\Desktop\
~ %Favorites% : C:\Users\Florine\Favorites\
~ %LocalAppData% : C:\Users\Florine\AppData\Local\
~ %StartMenu% : C:\Users\Florine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 113 Go of 139 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.1E5DF19A5F053345430D7AF87943C47A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/02/2014 - 06:40:18.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/251
~ Mes musiques (My Musics) : 1/47
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/40
~ Mes Documents (My Documents) : 1/198
~ Mon Bureau (My Desktop) : 2/14
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.1A71CA0C02AC3972FCB7FC22C329CD81] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8179200] [PID.1532]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1696]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Florine\AppData\Roaming\Mozilla\Firefox\Profiles\aw9r1gl7.default\prefs.js
M0 - MFSP: prefs.js [Florine - aw9r1gl7.default] http://www.google.fr
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.0.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.0.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.0.2 for Mozilla browsers.) -- C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30214.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 10 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: (no name) - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 17 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 04s
~ Nombre de lignes (Lines number): 15218



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre8\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre8\bin\jp2ssv.dll
~ BHO: 6 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{d7f26d0e-9801-45c3-a091-8a65e4ed73b5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: Avira Control Center.lnk . (.Avira Operations GmbH & Co. KG - Antivirus Control Center (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd
O4 - GS\Desktop [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\Desktop [Public]: COMODO Firewall.lnk . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - GS\Desktop [Public]: Corel WinDVD Pro 11.lnk . (.Corel Corporation - WinDVD.) -- C:\Program Files\Corel\WinDVD11\WinDVD.exe
O4 - GS\Desktop [Public]: Defraggler.lnk . (.Piriform Ltd - Defraggler.) -- C:\Program Files\Defraggler\Defraggler.exe
O4 - GS\Desktop [Public]: EPSON File Manager.lnk . (.SEIKO EPSON CORPORATION - EPSON File Manager.) -- C:\Program Files\epson\Creativity Suite\File Manager\EFileManager.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: EPSON Stylus SX200_SX400_TX200_TX400 Manuel.lnk . (...) -- C:\Program Files\epson\TPMANUAL\ES_SX_TX\FRA\USE_G\INDEX.HTM
O4 - GS\Desktop [Public]: Espace Partagé.lnk . (...) -- C:\ProgramData\Shared Space
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation
O4 - GS\Desktop [Public]: MyFinePix Studio 1.0.lnk . (...) -- C:\Program Files\FUJIFILM2\MyFinePix Studio\Loader.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files\OpenOffice 4\program\soffice.exe
O4 - GS\Desktop [Public]: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files\Google\Picasa3\Picasa3.exe
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\Program [Public]: Corel WinDVD Pro 11.lnk . (.Corel Corporation - WinDVD.) -- C:\Program Files\Corel\WinDVD11\WinDVD.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation
O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.) -- C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Program [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\System32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.) -- C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\System32\taskschd.msc
O4 - GS\QuickLaunch [Florine]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Florine]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Florine]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation
O4 - GS\QuickLaunch [Florine]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Florine]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Florine]: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - GS\Program [Florine]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Program [Florine]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [Florine]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Florine]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Florine]: Run.lnk - Clé orpheline
O4 - GS\Accessories [Florine]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Florine]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Florine]: Profil Disques durs locaux Avira Free Antivirus.LNK . (.Avira Operations GmbH & Co. KG - On-Demand Scanner.) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe
O4 - GS\Desktop [Florine]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop [Florine]: Téléchargement.lnk . (...) -- C:\Users\Florine\Downloads
O4 - GS\Desktop [Florine]: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - GS\Desktop [Florine]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Florine]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 67 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [BkupTray] . (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [WarReg_PopUp] . (.eMachines - WR_PopUp.) -- C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Device Detection] . (...) -- C:\Program Files\FUJIFILM2\MyFinePix Studio\dd.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-3520299380-2938573044-1086819623-1000\..\Run: [EPSON Stylus SX400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-3520299380-2938573044-1086819623-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3520299380-2938573044-1086819623-1000\..\Run: [Device Detection] . (...) -- C:\Program Files\FUJIFILM2\MyFinePix Studio\dd.exe
O4 - HKUS\S-1-5-21-3520299380-2938573044-1086819623-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3520299380-2938573044-1086819623-1000\..\Run: [CCleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} ((no name)) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C108A59-87ED-4CFA-992B-60C18A331504}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{EAF9D401-F965-41FA-BDFB-7906156AEE0E}: DhcpNameServer = 80.10.46.232 80.10.46.232
O17 - HKLM\System\CCS\Services\Tcpip\..\{EAF9D401-F965-41FA-BDFB-7906156AEE0E}: DhcpDomain = orange-hotspot.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{3C108A59-87ED-4CFA-992B-60C18A331504}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{EAF9D401-F965-41FA-BDFB-7906156AEE0E}: DhcpNameServer = 80.10.46.232 80.10.46.232
O17 - HKLM\System\CS1\Services\Tcpip\..\{EAF9D401-F965-41FA-BDFB-7906156AEE0E}: DhcpDomain = orange-hotspot.com
O17 - HKLM\System\CS3\Services\Tcpip\..\{3C108A59-87ED-4CFA-992B-60C18A331504}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS3\Services\Tcpip\..\{EAF9D401-F965-41FA-BDFB-7906156AEE0E}: DhcpNameServer = 80.10.46.232 80.10.46.232
O17 - HKLM\System\CS3\Services\Tcpip\..\{EAF9D401-F965-41FA-BDFB-7906156AEE0E}: DhcpDomain = orange-hotspot.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
~ Services: 11 Scanned in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
~ Scheduled Task: 1 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_12_0_0_77.ocx
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (cmderd) . (.COMODO - COMODO Internet Security Eradication Driver.) - C:\Windows\System32\DRIVERS\cmderd.sys
O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\Windows\System32\DRIVERS\cmdguard.sys
O41 - Driver: (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\Windows\System32\DRIVERS\cmdhlp.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (DritekPortIO) . (.Dritek System Inc. - General Port I/O.) - C:\Program Files\LAUNCH~1\DPortIO.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\Windows\System32\DRIVERS\inspect.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 84 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.06) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: Avira Free Antivirus v14.0.3.350 - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: COMODO Firewall - (.COMODO Security Solutions Inc..) [HKLM] -- {7DB468A1-8F08-4862-8FFC-897779356715}
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM] -- {42EDF895-158C-484E-A7F2-42B90759F281}
O42 - Logiciel: Corel WinDVD - (.Corel Inc..) [HKLM] -- {5849AFE4-802B-4C4D-A79F-F988C2BB7A7F}
O42 - Logiciel: Corel WinDVD Pro 11 - (.Corel Inc..) [HKLM] -- _{991D8429-CFD9-48D9-BD85-6EDD3007B5A9}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8A8F8391-4C2C-4BE1-A984-CD4A5A546467}
O42 - Logiciel: EPSON File Manager - (...) [HKLM] -- {46CBBDF8-55B5-40DB-B459-7B848394309C}
O42 - Logiciel: EPSON Scan - (...) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (...) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Stylus SX200_SX400_TX200_TX400 Manuel - (...) [HKLM] -- EPSON Stylus SX200_SX400_TX200_TX400 Guide d'utilisation
O42 - Logiciel: EPSON Stylus SX400 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Stylus SX400 Series
O42 - Logiciel: FUJIFILM MyFinePix Studio 1.0 - (...) [HKLM] -- FinePix Genie_is1
O42 - Logiciel: FileHippo.com Update Checker - (...) [HKLM] -- FileHippo.com
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM] -- {CB84F0F2-927B-458D-9DC5-87832E3DC653}
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23}
O42 - Logiciel: ICA - (.Corel Inc..) [HKLM] -- {991D8429-CFD9-48D9-BD85-6EDD3007B5A9}
O42 - Logiciel: IPM - (.Corel Inc..) [HKLM] -- {82A34D1B-A36C-4B53-BFC8-2F3FDB32CFD9}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Java 8 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218000FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (...) [HKLM] -- LManager
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 28.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 24.4.0 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird 24.4.0 (x86 en-US) =>.Mozilla Corporation
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Setup - (.Corel Inc..) [HKLM] -- {2E5C5BC1-9285-45DA-8885-29AFEA541C52}
O42 - Logiciel: VC 9.0 Runtime - (.Check Point Software Technologies Ltd.) [HKLM] -- {02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: eMachines - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760}
O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: eMachines ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}
~ Logic: 26 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ABBYY]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Avira]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ComodoGroup]
[HKCU\Software\Compal]
[HKCU\Software\EPSON]
[HKCU\Software\FileHippo.com]
[HKCU\Software\Fujifilm]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\dskMetrics]
[HKLM\Software\ABBYY]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Alps]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Auslogics]
[HKLM\Software\Avira]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComodoGroup]
[HKLM\Software\Compal]
[HKLM\Software\Conexant]
[HKLM\Software\Corel]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\Fujifilm]
[HKLM\Software\Gateway]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\OpenOffice]
[HKLM\Software\Oracle]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\optimidata]
[HKLM\Software\webtogo]
~ Key Software: 179 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/04/2011 - 17:43:48 - [3,348] ----D C:\Program Files\7-Zip
O43 - CFD: 24/01/2010 - 16:09:38 - [118,664] ----D C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 13/11/2008 - 02:22:06 - [0] ----D C:\Program Files\Acer Incorporated
O43 - CFD: 15/02/2014 - 18:23:36 - [116,589] ----D C:\Program Files\Adobe
O43 - CFD: 13/11/2008 - 02:06:49 - [10,907] ----D C:\Program Files\Apoint2K
O43 - CFD: 30/10/2011 - 08:51:47 - [0] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 21/03/2014 - 22:26:18 - [285,817] ----D C:\Program Files\Avira
O43 - CFD: 11/03/2014 - 13:09:16 - [6,801] ----D C:\Program Files\CCleaner =>Piriform Ltd
O43 - CFD: 11/03/2014 - 13:10:01 - [16,310] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 22/03/2014 - 18:54:31 - [115,948] ----D C:\Program Files\Common Files
O43 - CFD: 15/02/2014 - 19:07:57 - [99,867] ----D C:\Program Files\COMODO
O43 - CFD: 15/02/2014 - 18:31:57 - [149,171] ----D C:\Program Files\Corel
O43 - CFD: 09/02/2014 - 20:44:56 - [6,943] ----D C:\Program Files\Defraggler
O43 - CFD: 23/03/2009 - 10:34:46 - [46,901] ----D C:\Program Files\EMACHINES
O43 - CFD: 09/04/2011 - 14:42:00 - [0] ----D C:\Program Files\eMachines GameZone
O43 - CFD: 24/01/2010 - 16:10:32 - [131,343] ----D C:\Program Files\epson
O43 - CFD: 23/03/2009 - 10:30:20 - [0] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 15/02/2014 - 18:00:31 - [0,421] ----D C:\Program Files\FileHippo.com
O43 - CFD: 14/07/2011 - 15:02:34 - [0,031] R---D C:\Program Files\FUJIFILM
O43 - CFD: 14/07/2011 - 15:12:15 - [117,261] ----D C:\Program Files\FUJIFILM2
O43 - CFD: 13/03/2011 - 20:58:21 - [86,006] ----D C:\Program Files\Google
O43 - CFD: 24/01/2010 - 16:14:48 - [74,611] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/04/2011 - 18:24:52 - [0,967] ----D C:\Program Files\Intel
O43 - CFD: 21/03/2014 - 22:33:22 - [5,294] ----D C:\Program Files\Internet Explorer
O43 - CFD: 13/11/2008 - 02:13:06 - [109,367] ----D C:\Program Files\InterVideo
O43 - CFD: 22/03/2014 - 18:53:40 - [258,986] ----D C:\Program Files\Java
O43 - CFD: 13/11/2008 - 02:04:44 - [2,355] ----D C:\Program Files\Launch Manager
O43 - CFD: 08/01/2013 - 16:30:56 - [0] ----D C:\Program Files\MALWAREBYTES ANTI-MALWARE
O43 - CFD: 30/04/2013 - 12:28:04 - [13,444] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 02/11/2006 - 13:35:51 - [44,772] ----D C:\Program Files\Microsoft Games
O43 - CFD: 22/03/2014 - 18:52:10 - [40,879] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 13/03/2011 - 22:19:19 - [0,146] ----D C:\Program Files\Microsoft Works
O43 - CFD: 13/03/2011 - 21:22:39 - [0,023] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 08/03/2011 - 22:37:45 - [19,522] ----D C:\Program Files\Movie Maker
O43 - CFD: 22/03/2014 - 18:49:33 - [55,012] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 22/03/2014 - 20:23:21 - [0,216] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 22/03/2014 - 18:53:11 - [48,131] ----D C:\Program Files\Mozilla Thunderbird =>.Mozilla Corporation
O43 - CFD: 02/11/2006 - 13:35:51 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 12/12/2010 - 16:58:36 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 28/08/2008 - 09:04:51 - [212,364] ----D C:\Program Files\NewTech Infosystems
O43 - CFD: 28/08/2008 - 08:44:04 - [0,195] ----D C:\Program Files\Oberon Media
O43 - CFD: 15/02/2014 - 18:42:37 - [315,083] ----D C:\Program Files\OpenOffice 4
O43 - CFD: 15/02/2014 - 18:41:33 - [0] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 04/07/2012 - 17:21:42 - [33,205] ----D C:\Program Files\Oracle
O43 - CFD: 28/08/2008 - 08:42:01 - [23,469] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:35:51 - [36,910] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 02/11/2006 - 13:58:18 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 03/03/2012 - 16:53:23 - [6,523] ----D C:\Program Files\VS Revo Group
O43 - CFD: 08/03/2011 - 22:37:45 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 08/03/2011 - 22:37:42 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 08/03/2011 - 22:37:36 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 09/02/2014 - 20:21:06 - [94,545] ----D C:\Program Files\Windows Live
O43 - CFD: 11/04/2012 - 14:01:52 - [8,522] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 08/03/2011 - 22:37:43 - [4,290] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 23/03/2009 - 10:30:20 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 08/03/2011 - 22:37:42 - [7,847] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 08/03/2011 - 23:06:20 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 08/03/2011 - 22:37:43 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 24/03/2014 - 22:29:21 - [17,111] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 15/02/2014 - 18:23:37 - [7,419] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 24/01/2010 - 16:12:41 - [5,987] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 13/11/2008 - 02:13:06 - [0,171] ----D C:\Program Files\Common Files\InterVideo
O43 - CFD: 22/03/2014 - 18:54:31 - [1,436] ----D C:\Program Files\Common Files\Java
O43 - CFD: 28/08/2008 - 09:04:17 - [6,846] ----D C:\Program Files\Common Files\LightScribe
O43 - CFD: 29/08/2011 - 07:35:28 - [14,107] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 28/08/2008 - 09:02:51 - [9,257] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 28/08/2008 - 08:44:12 - [0,338] ----D C:\Program Files\Common Files\Oberon Media
O43 - CFD: 15/02/2014 - 18:33:10 - [1,620] ----D C:\Program Files\Common Files\Protexis
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 05/03/2011 - 17:07:03 - [15,198] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 09/11/2011 - 15:15:15 - [14,369] ----D C:\Program Files\Common Files\System
O43 - CFD: 05/03/2011 - 22:43:17 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 28/08/2008 - 08:55:44 - [0,001] ----D C:\ProgramData\Acer
O43 - CFD: 15/02/2014 - 18:23:39 - [194,585] ----D C:\ProgramData\Adobe
O43 - CFD: 23/03/2009 - 10:35:06 - [-1646,854] ----D C:\ProgramData\Application Data
O43 - CFD: 17/12/2013 - 15:35:58 - [0] ----D C:\ProgramData\Auslogics
O43 - CFD: 18/01/2013 - 16:34:05 - [8,430] ----D C:\ProgramData\AVG January 2013 Campaign
O43 - CFD: 29/03/2013 - 18:04:28 - [0,036] ----D C:\ProgramData\AVG2012
O43 - CFD: 21/03/2014 - 22:27:07 - [7,293] ----D C:\ProgramData\Avira
O43 - CFD: 23/03/2009 - 10:30:20 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 08/03/2011 - 21:34:55 - [0] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 15/02/2014 - 19:11:40 - [0] ----D C:\ProgramData\CheckPoint
O43 - CFD: 22/08/2013 - 08:30:34 - [0] ----D C:\ProgramData\ChromeExt
O43 - CFD: 26/06/2011 - 14:42:23 - [0] --H-D C:\ProgramData\Common Files
O43 - CFD: 11/03/2014 - 20:33:37 - [47,520] ----D C:\ProgramData\Comodo
O43 - CFD: 15/02/2014 - 19:07:43 - [84,640] ----D C:\ProgramData\Comodo Downloader
O43 - CFD: 15/02/2014 - 18:33:26 - [21,851] ----D C:\ProgramData\Corel
O43 - CFD: 02/11/2006 - 13:59:44 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 13:59:44 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 24/01/2010 - 16:06:13 - [6,312] ----D C:\ProgramData\EPSON
O43 - CFD: 23/03/2009 - 10:30:20 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 13:59:44 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 22/08/2013 - 08:30:33 - [0] ----D C:\ProgramData\FireFoxExt
O43 - CFD: 28/08/2008 - 08:48:32 - [0] ----D C:\ProgramData\FloodLightGames
O43 - CFD: 14/07/2011 - 15:12:22 - [10,017] ----D C:\ProgramData\FUJIFILM2
O43 - CFD: 09/02/2014 - 19:24:19 - [0] ----D C:\ProgramData\GlarySoft
O43 - CFD: 13/03/2011 - 20:48:13 - [0,972] ----D C:\ProgramData\Google
O43 - CFD: 05/03/2011 - 16:58:16 - [16,861] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 23/03/2009 - 10:30:20 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 21/03/2014 - 22:15:49 - [113,824] ----D C:\ProgramData\MFAData
O43 - CFD: 09/02/2014 - 20:06:59 - [59,361] -S--D C:\ProgramData\Microsoft
O43 - CFD: 13/03/2011 - 21:22:57 - [0,054] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 23/03/2009 - 10:30:20 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 22/10/2012 - 07:09:38 - [0,035] ----D C:\ProgramData\Mozilla
O43 - CFD: 22/03/2014 - 18:54:18 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 11/03/2014 - 20:35:55 - [0] -S--D C:\ProgramData\Shared Space
O43 - CFD: 03/03/2012 - 16:55:32 - [0,005] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 13:59:44 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 13/03/2011 - 21:48:35 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 09/04/2011 - 14:28:48 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 13:59:44 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 24/01/2010 - 16:11:32 - [0,003] ----D C:\ProgramData\UDL
O43 - CFD: 11/05/2013 - 18:35:58 - [0,012] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 02/05/2010 - 16:17:26 - [1,294] ----D C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
O43 - CFD: 02/04/2011 - 18:13:17 - [2,076] ----D C:\Users\Florine\AppData\Roaming\Adobe
O43 - CFD: 21/03/2014 - 22:31:40 - [0] ----D C:\Users\Florine\AppData\Roaming\Avira
O43 - CFD: 08/03/2011 - 21:34:54 - [0,001] ----D C:\Users\Florine\AppData\Roaming\Canneverbe Limited
O43 - CFD: 17/12/2013 - 14:43:47 - [0] ----D C:\Users\Florine\AppData\Roaming\EPSON
O43 - CFD: 02/05/2010 - 16:05:30 - [0] ----D C:\Users\Florine\AppData\Roaming\Google
O43 - CFD: 23/03/2009 - 10:35:24 - [0] ----D C:\Users\Florine\AppData\Roaming\Identities
O43 - CFD: 24/01/2010 - 16:06:42 - [0] ----D C:\Users\Florine\AppData\Roaming\InstallShield
O43 - CFD: 29/10/2011 - 14:37:16 - [0] ----D C:\Users\Florine\AppData\Roaming\InterVideo
O43 - CFD: 23/03/2009 - 10:35:42 - [0,001] ----D C:\Users\Florine\AppData\Roaming\Macromedia
O43 - CFD: 05/03/2011 - 16:58:22 - [0] ----D C:\Users\Florine\AppData\Roaming\Malwarebytes
O43 - CFD: 19/02/2013 - 19:51:43 - [1,661] -S--D C:\Users\Florine\AppData\Roaming\Microsoft
O43 - CFD: 05/03/2011 - 16:17:23 - [18,806] ----D C:\Users\Florine\AppData\Roaming\Mozilla
O43 - CFD: 13/03/2011 - 21:52:09 - [31,987] ----D C:\Users\Florine\AppData\Roaming\OpenOffice.org
O43 - CFD: 23/03/2009 - 10:44:30 - [0,013] ----D C:\Users\Florine\AppData\Roaming\Template
O43 - CFD: 05/03/2011 - 17:35:35 - [903,064] ----D C:\Users\Florine\AppData\Roaming\Thunderbird =>.Mozilla Corporation
O43 - CFD: 09/04/2011 - 15:18:20 - [0] ----D C:\Users\Florine\AppData\Roaming\Windows Live Writer
O43 - CFD: 25/03/2014 - 20:51:41 - [0,439] ----D C:\Users\Florine\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 22/03/2014 - 00:06:27 - [15,143] ----D C:\Users\Florine\AppData\Local\Adobe
O43 - CFD: 14/07/2011 - 14:21:18 - [0] ----D C:\Users\Florine\AppData\Local\Apple
O43 - CFD: 23/03/2009 - 10:33:32 - [0] -SH-D C:\Users\Florine\AppData\Local\Application Data
O43 - CFD: 14/07/2011 - 14:25:38 - [1,819] ----D C:\Users\Florine\AppData\Local\FUJIFILM
O43 - CFD: 13/03/2011 - 20:48:13 - [24,590] ----D C:\Users\Florine\AppData\Local\Google
O43 - CFD: 23/03/2009 - 10:33:32 - [0] -SH-D C:\Users\Florine\AppData\Local\Historique
O43 - CFD: 16/07/2013 - 19:13:42 - [0] ----D C:\Users\Florine\AppData\Local\Macromedia
O43 - CFD: 14/12/2012 - 18:53:00 - [17,582] ----D C:\Users\Florine\AppData\Local\MFAData
O43 - CFD: 29/07/2013 - 10:10:00 - [172,095] ----D C:\Users\Florine\AppData\Local\Microsoft
O43 - CFD: 05/03/2011 - 16:17:12 - [79,064] ----D C:\Users\Florine\AppData\Local\Mozilla
O43 - CFD: 25/03/2014 - 20:50:19 - [0,038] ----D C:\Users\Florine\AppData\Local\Temp
O43 - CFD: 23/03/2009 - 10:33:32 - [0] -SH-D C:\Users\Florine\AppData\Local\Temporary Internet Files
O43 - CFD: 22/03/2014 - 18:53:09 - [1,128] ----D C:\Users\Florine\AppData\Local\Thunderbird =>.Mozilla Corporation
O43 - CFD: 14/07/2011 - 14:34:42 - [4,640] ----D C:\Users\Florine\AppData\Local\VirtualStore
O43 - CFD: 16/03/2014 - 18:20:20 - [0,039] ----D C:\Users\Florine\AppData\Local\Windows Live
O43 - CFD: 09/04/2011 - 15:18:31 - [0,618] ----D C:\Users\Florine\AppData\Local\Windows Live Writer
O43 - CFD: 21/01/2008 - 03:56:27 - [0,015] R---D C:\Users\Florine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 23/03/2009 - 10:35:32 - [0] R---D C:\Users\Florine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/01/2008 - 03:56:27 - [0,001] R---D C:\Users\Florine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/02/2014 - 19:12:19 - [0,004] ----D C:\Users\Florine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 09/02/2014 - 19:48:10 - [0] R---D C:\Users\Florine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ 1266 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1419 Scanned in 00mn 38s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E37983728F75AA4812A00FEDAE99605B] - 11/03/2014 - 20:28:38 ---A- . (...) -- C:\Windows\System32\Drivers\sfi.dat [1474832]
O44 - LFC:[MD5.F3A63C7A2D8609D3A1C6A3F86F655816] - 11/03/2014 - 21:07:42 ---A- . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\System32\GPhotos.scr [4550656]
O44 - LFC:[MD5.0E0C8EC771F8336845579798557769A5] - 16/03/2014 - 18:29:52 ---A- . (.Microsoft Corporation - Fichier DLL de ressources des fuseaux horai.) -- C:\Windows\System32\tzres.dll [2048]
O44 - LFC:[MD5.E66587751D859A88FA61149C9CC2C15C] - 16/03/2014 - 18:29:55 ---A- . (.Microsoft Corporation - DLL du rapport d’erreurs Windows.) -- C:\Windows\System32\wer.dll [876032]
O44 - LFC:[MD5.16508EACF164C1B9E032667EA4A601F3] - 16/03/2014 - 18:29:57 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [505344]
O44 - LFC:[MD5.7DEEA31FD41B77B433C17903B3416507] - 16/03/2014 - 18:29:58 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2050560]
O44 - LFC:[MD5.6C751B90F87DAE37D959AC56E14A5A80] - 21/03/2014 - 22:19:09 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [692616]
O44 - LFC:[MD5.9057059F5030926C0DC85717291B01FB] - 21/03/2014 - 22:19:09 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [71048]
O44 - LFC:[MD5.4F23BB46E26DC87F01563B8A96526075] - 21/03/2014 - 22:22:58 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [12347904]
O44 - LFC:[MD5.AC7811B550AC49013C9D83D998C8C740] - 21/03/2014 - 22:23:05 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [9739264]
O44 - LFC:[MD5.D198BE229744F2E87743BB82D4C29A18] - 21/03/2014 - 22:23:06 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1427968]
O44 - LFC:[MD5.8232228138E4859F3738DD1E4A8C692C] - 21/03/2014 - 22:23:07 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1105408]
O44 - LFC:[MD5.5A6F0A2EAB066E5E3C578076623FEBF8] - 21/03/2014 - 22:23:09 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [231936]
O44 - LFC:[MD5.0763D2835B7EF92E1DB630AB1BBA0D0F] - 21/03/2014 - 22:23:09 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [1806848]
O44 - LFC:[MD5.6B6879BE739279EDD2E4E28ED9911DBF] - 21/03/2014 - 22:23:09 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [1796096]
O44 - LFC:[MD5.E6BB9F479A08B2588D2704FA288777B7] - 21/03/2014 - 22:23:11 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [717824]
O44 - LFC:[MD5.1E5DF19A5F053345430D7AF87943C47A] - 21/03/2014 - 22:23:12 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1129472]
O44 - LFC:[MD5.C6B18D484DE84DCB479F25A393054B1F] - 21/03/2014 - 22:23:13 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [607744]
O44 - LFC:[MD5.F9DDC41D5B745EBDC673706C0575A260] - 21/03/2014 - 22:23:13 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [142848]
O44 - LFC:[MD5.B9714A9ED8BAA0106DDE60537B4CE710] - 21/03/2014 - 22:23:14 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [65536]
O44 - LFC:[MD5.FEA5277475F3EFC35C4AA7E95F553D5E] - 21/03/2014 - 22:23:14 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [176640]
O44 - LFC:[MD5.487D42D589DA9BEB7B6B3C725AB35343] - 21/03/2014 - 22:23:15 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [421376]
O44 - LFC:[MD5.9709ECC60A792387BBCD6AE1910B0413] - 21/03/2014 - 22:23:16 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [73216]
O44 - LFC:[MD5.22535A5C5F13BBA4F8D8FCA4F2593188] - 21/03/2014 - 22:23:18 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2382848]
O44 - LFC:[MD5.4189E5AB2CAD6F395D87DAAE73EB090F] - 21/03/2014 - 22:26:39 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [135648]
O44 - LFC:[MD5.D8C712305F73CD34D1B344810E522728] - 21/03/2014 - 22:26:39 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [37352]
O44 - LFC:[MD5.B8C10FF9369394EB84993F331810CF29] - 21/03/2014 - 22:26:39 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [90400]
O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 21/03/2014 - 22:26:47 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O44 - LFC:[MD5.CC6D77518FAAA5DEB1DC75023D90EB52] - 21/03/2014 - 22:35:48 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [332600]
O44 - LFC:[MD5.CF13E92D2DBA966F6B32AE130F0956EA] - 22/03/2014 - 18:38:05 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\mrt.exe [87350280]
O44 - LFC:[MD5.743524979EF5F33BDB4DDEE63FD6C042] - 22/03/2014 - 18:53:43 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [176024]
O44 - LFC:[MD5.9DFF2C8F4CE048322FCB10D38820D510] - 22/03/2014 - 18:53:43 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [176024]
O44 - LFC:[MD5.C6A09FA46EF0123EE5485999D6D9607E] - 22/03/2014 - 18:53:43 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [264600]
O44 - LFC:[MD5.EAE394724CDC4887E3CA29579F8B7DDE] - 22/03/2014 - 18:53:44 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge.dll [96664]
O44 - LFC:[MD5.CEAF98D916D2B75B8704BEE7680EE0B5] - 24/03/2014 - 22:25:48 ---A- . (...) -- C:\Windows\System32\agent.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/03/2014 - 22:25:49 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.B35EFB0F479DE6CC8E8740F9E1C25AE3] - 25/03/2014 - 05:45:24 ---A- . (...) -- C:\Windows\WindowsUpdate.log [5114]
O44 - LFC:[MD5.E5ED7EB5D58E7EA029122DBBE5F8108B] - 25/03/2014 - 05:45:33 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [3216]
O44 - LFC:[MD5.E5ED7EB5D58E7EA029122DBBE5F8108B] - 25/03/2014 - 05:45:33 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [3216]
O44 - LFC:[MD5.E05106A0088D01C90FCE98C840B23C30] - 25/03/2014 - 20:49:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.8E85BCCBCA1EFF4C1909830CC01D5B2B] - 25/03/2014 - 20:51:21 ---A- . (...) -- C:\Windows\ntbtlog.txt [165216]
~ Files: 41 Scanned in 00mn 10s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.76D206DF4F8E2152CE6382BDA8592BC6] - 16/03/2014 - 18:54:03 ---A- - C:\Windows\Prefetch\HIDCHK.EXE-0E572CF7.pf
O45 - LFCP:[MD5.04751922689587F006ED28CDD8FD09F4] - 16/03/2014 - 18:59:13 ---A- - C:\Windows\Prefetch\SCHEDULERSVC.EXE-F3CF4F15.pf
~ Prefetcher: 2 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ CSB: 15 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 1 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.B46AA621E7BD4FE150BCC140DACEDA1B] - 02/11/2006 - 09:55:12 ---A- . (.Microsoft Corporation - 1394 Bus Device Driver.) -- C:\Windows\System32\Drivers\1394bus.sys [53376]
O58 - SDL:[MD5.82B296AE1892FE3DBEE00C9CF92F8AC7] - 11/04/2009 - 07:32:46 ---A- . (.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\Windows\System32\Drivers\acpi.sys [265688]
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [149560]
O58 - SDL:[MD5.3911B972B55FEA0478476B2E777B29FA] - 21/04/2011 - 14:58:27 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys [273408]
O58 - SDL:[MD5.13F9E33747E6B41A3FF305C37DB0D360] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Filtre AGP 440 NT.) -- C:\Windows\System32\Drivers\AGP440.sys [56376]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [17464]
O58 - SDL:[MD5.C47344BC706E5F0B9DCE369516661578] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Filtre AGP AMD NT.) -- C:\Windows\System32\Drivers\AMDAGP.SYS [57400]
O58 - SDL:[MD5.9B78A39A4C173FDBC1321E0DD659B34C] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Pilote IDE AMD.) -- C:\Windows\System32\Drivers\amdide.sys [17976]
O58 - SDL:[MD5.18F29B49AD23ECEE3D2A826C725C8D48] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\amdk7.sys [41472]
O58 - SDL:[MD5.93AE7F7DD54AB986A6F1A1B37BE7442D] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\amdk8.sys [44032]
O58 - SDL:[MD5.0ED1A5B7A8AE5939A92EA1EC39E16D21] - 18/02/2008 - 15:09:40 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [166960]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [79928]
O58 - SDL:[MD5.53B202ABEE6455406254444303E87BE1] - 21/01/2008 - 03:33:40 ---A- . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\Windows\System32\Drivers\asyncmac.sys [17408]
O58 - SDL:[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - 11/04/2009 - 07:32:26 ---A- . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\Drivers\atapi.sys [19944]
O58 - SDL:[MD5.64B0052340B8EC28FA8A56B708AE71CC] - 11/04/2009 - 07:32:42 ---A- . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\Windows\System32\Drivers\ataport.sys [109032]
O58 - SDL:[MD5.B8C10FF9369394EB84993F331810CF29] - 25/02/2014 - 15:04:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [90400]
O58 - SDL:[MD5.4189E5AB2CAD6F395D87DAAE73EB090F] - 25/02/2014 - 15:04:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [135648]
O58 - SDL:[MD5.D8C712305F73CD34D1B344810E522728] - 25/02/2014 - 15:04:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [37352]
O58 - SDL:[MD5.2B8A5A8879238C3BA9A89A8E3AC4E45D] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Battery Class Driver.) -- C:\Windows\System32\Drivers\battc.sys [28216]
O58 - SDL:[MD5.E22ABCAA7B6FF580FEB0D49545DC4263] - 26/10/2007 - 07:41:02 ---A- . (.Broadcom Corp. - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL6.SYS [1044984]
O58 - SDL:[MD5.9F5F8F2318DFA3974A6F6A5602733929] - 21/01/2008 - 03:32:58 ---A- . (.Microsoft Corporation - Microsoft BDA Driver Support Library.) -- C:\Windows\System32\Drivers\bdasup.sys [12288]
O58 - SDL:[MD5.67E506B75BD5326A3EC7B70BD014DFB6] - 21/01/2008 - 03:33:14 ---A- . (.Microsoft Corporation - BEEP Driver.) -- C:\Windows\System32\Drivers\beep.sys [6144]
O58 - SDL:[MD5.D4DF28447741FD3D953526E33A617397] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - BLB Drive Driver.) -- C:\Windows\System32\Drivers\blbdrive.sys [45568]
O58 - SDL:[MD5.35F376253F687BDE63976CCB3F2108CA] - 22/02/2011 - 14:23:55 ---A- . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\Windows\System32\Drivers\bowser.sys [69632]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B1564976D98E91FC764D5DC28A0297DA] - 11/04/2009 - 06:42:55 ---A- . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\Windows\System32\Drivers\bridge.sys [93696]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.AD07C1EC6665B8B35741AB91200C6B68] - 02/11/2006 - 09:55:23 ---A- . (.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\Windows\System32\Drivers\bthmodem.sys [39936]
O58 - SDL:[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - 21/01/2008 - 03:33:23 ---A- . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\Drivers\cdfs.sys [70144]
O58 - SDL:[MD5.6B4BFFB9BECD728097024276430DB314] - 11/04/2009 - 05:39:17 ---A- . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\Drivers\cdrom.sys [67072]
O58 - SDL:[MD5.E5D4133F37219DBCFE102BC61072589D] - 21/01/2008 - 03:32:51 ---A- . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\Windows\System32\Drivers\circlass.sys [35328]
O58 - SDL:[MD5.0767B09C74D935A590B4879D14463B64] - 11/04/2009 - 07:32:43 ---A- . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Drivers\Classpnp.sys [125928]
O58 - SDL:[MD5.99AFC3795B58CC478FBBBCDC658FCB56] - 21/01/2008 - 03:32:52 ---A- . (.Microsoft Corporation - Control Method Battery Driver.) -- C:\Windows\System32\Drivers\CmBatt.sys [14208]
O58 - SDL:[MD5.50E13C92203B64D60D1DE365856724B6] - 24/09/2013 - 10:54:02 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\System32\Drivers\cmderd.sys [20072]
O58 - SDL:[MD5.18D51731B2672D1AFA0A3C94B70D14D7] - 14/11/2013 - 11:38:10 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\System32\Drivers\cmdguard.sys [584496]
O58 - SDL:[MD5.482C191477856782549C2EAEFB332B81] - 24/09/2013 - 10:54:04 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\System32\Drivers\cmdhlp.sys [43728]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [19000]
O58 - SDL:[MD5.6AFEF0B60FA25DE07C0968983EE4F60A] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Composite Battery Driver.) -- C:\Windows\System32\Drivers\compbatt.sys [20792]
O58 - SDL:[MD5.36975327EF03949CC378AB01E316B574] - 11/04/2009 - 07:32:30 ---A- . (.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\Drivers\crashdmp.sys [35304]
O58 - SDL:[MD5.741E9DFF4F42D2D8477D0FC1DC0DF871] - 21/01/2008 - 03:32:48 ---A- . (.Microsoft Corporation - Disk Block Verification Filter Driver.) -- C:\Windows\System32\Drivers\crcdisk.sys [24632]
O58 - SDL:[MD5.1F07BECDCA750766A96CDA811BA86410] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\crusoe.sys [40960]
O58 - SDL:[MD5.622C41A07CA7E6DD91770F50D532CB6C] - 14/04/2011 - 15:59:03 ---A- . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\Drivers\dfsc.sys [75264]
O58 - SDL:[MD5.5D4AEFC3386920236A548271F8F1AF6A] - 11/04/2009 - 07:32:31 ---A- . (.Microsoft Corporation - PnP Disk Driver.) -- C:\Windows\System32\Drivers\disk.sys [53736]
O58 - SDL:[MD5.494075282E23D838F43A4C9FB7143959] - 11/04/2009 - 05:39:11 ---A- . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\Drivers\Diskdump.sys [19456]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [71272]
O58 - SDL:[MD5.73BAF270D24FE726B9CD7F80BB17A23D] - 02/11/2006 - 14:29:36 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\DKbFltr.sys [21264]
O58 - SDL:[MD5.2A63675F6FA8EF0FF9F5C72695584CAA] - 30/10/2013 - 02:43:04 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Descrambler Filter.) -- C:\Windows\System32\Drivers\drmk.sys [130048]
O58 - SDL:[MD5.97FEF831AB90BEE128C9AF390E243F80] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Audio Descrambler Filter.) -- C:\Windows\System32\Drivers\drmkaud.sys [5632]
O58 - SDL:[MD5.C67EBF9C05531C406E1E079FF669A2E6] - 11/04/2009 - 07:32:29 ---A- . (.Microsoft Corporation - ATAPI Dump Driver.) -- C:\Windows\System32\Drivers\Dumpata.sys [27624]
O58 - SDL:[MD5.EAAAFEF04FBB45665C9576E525D45A12] - 21/01/2008 - 03:34:01 ---A- . (.Microsoft Corporation - DirectX API Driver.) -- C:\Windows\System32\Drivers\dxapi.sys [13312]
O58 - SDL:[MD5.C8D5369BFE193B5FB53337DCE77CE314] - 11/04/2009 - 05:23:23 ---A- . (.Microsoft Corporation - DirectX Graphics Driver.) -- C:\Windows\System32\Drivers\dxg.sys [76288]
O58 - SDL:[MD5.988670D8343EF9835FB3659DB71B2EFA] - 01/08/2013 - 04:16:32 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [638400]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\System32\Drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.7F64EA048DCFAC7ACF8B4D7B4E6FE371] - 11/04/2009 - 07:32:43 ---A- . (.Microsoft Corporation - Special Memory Device Cache.) -- C:\Windows\System32\Drivers\ecache.sys [141288]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:[MD5.3DB974F3935483555D7148663F726C61] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Error Device Driver.) -- C:\Windows\System32\Drivers\errdev.sys [6656]
O58 - SDL:[MD5.22B408651F9123527BCEE54B4F6C5CAE] - 11/04/2009 - 05:13:53 ---A- . (.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\Windows\System32\Drivers\exfat.sys [136704]
O58 - SDL:[MD5.1E9B9A70D332103C52995E957DC09EF8] - 11/04/2009 - 05:13:52 ---A- . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\Drivers\fastfat.sys [142848]
O58 - SDL:[MD5.AFE1E8B9782A0DD7FB46BBD88E43F89A] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\Windows\System32\Drivers\fdc.sys [25088]
O58 - SDL:[MD5.A8C0139A884861E3AAE9CFE73B208A9F] - 21/01/2008 - 03:33:40 ---A- . (.Microsoft Corporation - FileInfo Filter Driver.) -- C:\Windows\System32\Drivers\fileinfo.sys [58936]
O58 - SDL:[MD5.0AE429A696AECBC5970E3CF2C62635AE] - 21/01/2008 - 03:34:01 ---A- . (.Microsoft Corporation - File Trace Filter Driver.) -- C:\Windows\System32\Drivers\filetrace.sys [27648]
O58 - SDL:[MD5.85B7CF99D532820495D68D747FDA9EBD] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Floppy Driver.) -- C:\Windows\System32\Drivers\flpydisk.sys [20480]
O58 - SDL:[MD5.01334F9EA68E6877C4EF05D3EA8ABB05] - 11/04/2009 - 07:32:46 ---A- . (.Microsoft Corporation - Gestionnaire de filtres de système de fichiers Microsoft.) -- C:\Windows\System32\Drivers\fltMgr.sys [190424]
O58 - SDL:[MD5.B972A66758577E0BFD1DE0F91AAA27B5] - 29/02/2012 - 14:32:37 ---A- . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\Windows\System32\Drivers\fs_rec.sys [12800]
O58 - SDL:[MD5.73594DBC99E22958150192EE99BC48CE] - 11/04/2009 - 07:32:43 ---A- . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS [99816]
O58 - SDL:[MD5.34582A6E6573D54A07ECE5FE24A126B5] - 21/01/2008 - 03:32:47 ---A- . (.Microsoft Corporation - Filtre AGPv3.0 générique Microsoft pour plateformes de processe.) -- C:\Windows\System32\Drivers\GAGP30KX.SYS [61496]
O58 - SDL:[MD5.AB8A6A87D9D7255C3884D5B9541A6E80] - 17/04/2008 - 12:12:54 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [15464]
O58 - SDL:[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - 11/04/2009 - 05:42:42 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys [561152]
O58 - SDL:[MD5.CB04C744BE0A61B1D648FAED182C3B59] - 02/11/2006 - 08:36:49 ---A- . (.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\HdAudio.sys [235520]
O58 - SDL:[MD5.1338520E78D90154ED6BE8F84DE5FCEB] - 02/11/2006 - 09:55:22 ---A- . (.Microsoft Corporation - Pilote de miniport Bluetooth pour les périphériques HID.) -- C:\Windows\System32\Drivers\hidbth.sys [29184]
O58 - SDL:[MD5.5961CADB7CAD938368D2028725EF771D] - 11/04/2009 - 05:42:48 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hidclass.sys [39424]
O58 - SDL:[MD5.FF3160C3A2445128C5A6D9B076DA519E] - 02/11/2006 - 09:55:01 ---A- . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\Windows\System32\Drivers\hidir.sys [21504]
O58 - SDL:[MD5.BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8] - 03/07/2013 - 03:10:50 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\Drivers\hidparse.sys [25472]
O58 - SDL:[MD5.CCA4B519B17E23A00B826C55716809CC] - 11/04/2009 - 05:42:48 ---A- . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\Windows\System32\Drivers\hidusb.sys [12800]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.0EEECA26C8D4BDE2A4664DB058A81937] - 03/11/2009 - 20:41:44 ---A- . (.Microsoft Corporation - HTTP Pile du protocole.) -- C:\Windows\System32\Drivers\http.sys [411648]
O58 - SDL:[MD5.95BD3EA81EBE6B8CACAFDB6CDAB3586C] - 21/01/2008 - 03:32:23 ---A- . (.Microsoft Corporation - I2O Utility Filter.) -- C:\Windows\System32\Drivers\i2omgmt.sys [19000]
O58 - SDL:[MD5.C6B032D69650985468160FC9937CF5B4] - 21/01/2008 - 03:32:23 ---A- . (.Microsoft Corporation - I2O Miniport Driver.) -- C:\Windows\System32\Drivers\i2omp.sys [30264]
O58 - SDL:[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\Drivers\i8042prt.sys [54784]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.DCE0B53570703CCE580D066F89EF58CD] - 11/02/2011 - 18:12:16 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys [9036800]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41576]
O58 - SDL:[MD5.3AE4A66B98E9D5F807B91EF22C2A1575] - 24/09/2013 - 10:54:04 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\System32\Drivers\inspect.sys [85464]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 11/06/2008 - 11:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\System32\Drivers\int15.sys [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 11/06/2008 - 11:13:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\System32\Drivers\int15_64.sys [17952]
O58 - SDL:[MD5.83AA759F3189E6370C30DE5DC5590718] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\Windows\System32\Drivers\intelide.sys [17976]
O58 - SDL:[MD5.224191001E78C89DFA78924C3EA595FF] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\intelppm.sys [41472]
O58 - SDL:[MD5.62C265C38769B864CB25B4BCF62DF6C3] - 21/01/2008 - 03:34:33 ---A- . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\Windows\System32\Drivers\ipfltdrv.sys [47616]
O58 - SDL:[MD5.B25AAF203552B7B3491139D582B39AD1] - 21/01/2008 - 03:32:48 ---A- . (.Microsoft Corporation - PILOT IPMI WMI.) -- C:\Windows\System32\Drivers\IPMIDrv.sys [64512]
O58 - SDL:[MD5.8793643A67B42CEC66490B2A0CF92D68] - 21/01/2008 - 03:34:06 ---A- . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys [100864]
O58 - SDL:[MD5.E50A95179211B12946F7E035D60AF560] - 21/01/2008 - 03:34:18 ---A- . (.Microsoft Corporation - IRDA Protocol Driver.) -- C:\Windows\System32\Drivers\irda.sys [95744]
O58 - SDL:[MD5.109C0DFB82C3632FBD11949B73AEEAC9] - 21/01/2008 - 03:33:26 ---A- . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\Windows\System32\Drivers\irenum.sys [13312]
O58 - SDL:[MD5.6C70698A3E5C4376C6AB5C7C17FB0614] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\Windows\System32\Drivers\isapnp.sys [49720]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.37605E0A8CF00CBBA538E753E4344C6E] - 21/01/2008 - 03:32:49 ---A- . (.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\Windows\System32\Drivers\kbdclass.sys [35384]
O58 - SDL:[MD5.EDE59EC70E25C24581ADD1FBEC7325F7] - 11/04/2009 - 05:38:40 ---A- . (.Microsoft Corporation - Pilote de filtre clavier HID.) -- C:\Windows\System32\Drivers\kbdhid.sys [17408]
O58 - SDL:[MD5.EF73C1E29FBE7B0FD0274BF4394E346A] - 11/04/2009 - 05:38:49 ---A- . (.Microsoft Corporation - Kernel CSA Library.) -- C:\Windows\System32\Drivers\ks.sys [149504]
O58 - SDL:[MD5.4A1445EFA932A3BAF5BDB02D7131EE20] - 04/06/2012 - 16:26:04 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [440704]
O58 - SDL:[MD5.D1C5883087A0C3F1344D9D55A44901F6] - 21/01/2008 - 03:34:21 ---A- . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows\System32\Drivers\lltdio.sys [47104]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.8F5C7426567798E62A3B3614965D62CC] - 21/01/2008 - 03:34:22 ---A- . (.Microsoft Corporation - Pilote de filtre de virtualisation de fichier LUA.) -- C:\Windows\System32\Drivers\luafv.sys [84480]
O58 - SDL:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 04/04/2013 - 13:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856]
O58 - SDL:[MD5.B271EC02E71271A2DA28B3B7BC4E4F15] - 21/01/2008 - 03:34:35 ---A- . (.Microsoft Corporation - Medium changer class driver.) -- C:\Windows\System32\Drivers\mcd.sys [18944]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.E13B5EA0F51BA5B1512EC671393D09BA] - 21/01/2008 - 03:34:45 ---A- . (.Microsoft Corporation - Pilote de périphérique modem.) -- C:\Windows\System32\Drivers\modem.sys [31744]
O58 - SDL:[MD5.0A9BB33B56E294F686ABB7C1E4E2D8A8] - 21/01/2008 - 03:32:47 ---A- . (.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\Drivers\monitor.sys [41984]
O58 - SDL:[MD5.5BF6A1326A335C5298477754A506D263] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\Windows\System32\Drivers\mouclass.sys [34360]
O58 - SDL:[MD5.93B8D4869E12CFBE663915502900876F] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\Drivers\mouhid.sys [15872]
O58 - SDL:[MD5.BDAFC88AA6B92F7842416EA6A48E1600] - 21/01/2008 - 03:33:14 ---A- . (.Microsoft Corporation - Mount Point Manager.) -- C:\Windows\System32\Drivers\mountmgr.sys [57400]
O58 - SDL:[MD5.511D011289755DD9F9A7579FB0B064E6] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Pilote du bus de prise en charge des chemins d’accès multiples.) -- C:\Windows\System32\Drivers\mpio.sys [105016]
O58 - SDL:[MD5.22241FEBA9B2DEFA669C8CB0A8DD7D2E] - 21/01/2008 - 03:34:35 ---A- . (.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\Windows\System32\Drivers\mpsdrv.sys [64000]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.82CEA0395524AACFEB58BA1448E8325C] - 11/04/2009 - 05:14:40 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys [114688]
O58 - SDL:[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - 29/04/2011 - 14:24:40 ---A- . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\Drivers\mrxsmb.sys [106496]
O58 - SDL:[MD5.4FCCB34D793B116423209C0F8B7A3B03] - 06/07/2011 - 16:31:47 ---A- . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\Drivers\mrxsmb10.sys [214016]
O58 - SDL:[MD5.C3CB1B40AD4A0124D617A1199B0B9D7C] - 29/04/2011 - 14:24:42 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys [79872]
O58 - SDL:[MD5.5457DCFA7C0DA43522F4D9D4049C1472] - 11/04/2009 - 07:32:28 ---A- . (.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) -- C:\Windows\System32\Drivers\msahci.sys [27112]
O58 - SDL:[MD5.4468B0F385A86ECDDAF8D3CA662EC0E7] - 21/01/2008 - 03:32:47 ---A- . (.Microsoft Corporation - Microsoft Device Specific Module.) -- C:\Windows\System32\Drivers\msdsm.sys [94776]
O58 - SDL:[MD5.A9927F4A46B816C92F461ACB90CF8515] - 21/01/2008 - 03:33:23 ---A- . (.Microsoft Corporation - Mailslot driver.) -- C:\Windows\System32\Drivers\msfs.sys [22528]
O58 - SDL:[MD5.0F400E306F385C56317357D6DEA56F62] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - ISA Driver.) -- C:\Windows\System32\Drivers\msisadrv.sys [16440]
O58 - SDL:[MD5.232FA340531D940AAC623B121A595034] - 11/04/2009 - 07:32:46 ---A- . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\Drivers\msiscsi.sys [180712]
O58 - SDL:[MD5.D8C63D34D9C9E56C059E24EC7185CC07] - 21/01/2008 - 03:34:39 ---A- . (.Microsoft Corporation - MS KS Server.) -- C:\Windows\System32\Drivers\mskssrv.sys [8192]
O58 - SDL:[MD5.1D373C90D62DDB641D50E55B9E78D65E] - 21/01/2008 - 03:34:39 ---A- . (.Microsoft Corporation - MS Proxy Clock.) -- C:\Windows\System32\Drivers\mspclock.sys [5888]
O58 - SDL:[MD5.B572DA05BF4E098D4BBA3A4734FB505B] - 21/01/2008 - 03:34:39 ---A- . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\Windows\System32\Drivers\mspqm.sys [5504]
O58 - SDL:[MD5.B49456D70555DE905C311BCDA6EC6ADB] - 11/04/2009 - 07:32:46 ---A- . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\Windows\System32\Drivers\msrpc.sys [161752]
O58 - SDL:[MD5.E384487CB84BE41D09711C30CA79646C] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\System32\Drivers\mssmbios.sys [31288]
O58 - SDL:[MD5.7199C1EEC1E4993CAF96B8C0A26BD58A] - 21/01/2008 - 03:34:39 ---A- . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\Windows\System32\Drivers\mstee.sys [6016]
O58 - SDL:[MD5.6A57B5733D4CB702C8EA4542E836B96C] - 11/04/2009 - 07:32:31 ---A- . (.Microsoft Corporation - Multiple UNC Provider driver.) -- C:\Windows\System32\Drivers\mup.sys [48104]
O58 - SDL:[MD5.1357274D1883F68300AEADD15D7BBB42] - 11/04/2009 - 07:32:49 ---A- . (.Microsoft Corporation - NDIS 6.0 wrapper driver.) -- C:\Windows\System32\Drivers\ndis.sys [527848]
O58 - SDL:[MD5.0E186E90404980569FB449BA7519AE61] - 21/01/2008 - 03:34:06 ---A- . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\Windows\System32\Drivers\ndistapi.sys [20992]
O58 - SDL:[MD5.D6973AA34C4D5D76C0430B181C3CD389] - 21/01/2008 - 03:34:44 ---A- . (.Microsoft Corporation - NDIS User mode I/O driver.) -- C:\Windows\System32\Drivers\ndisuio.sys [16896]
O58 - SDL:[MD5.818F648618AE34F729FDB47EC68345C3] - 11/04/2009 - 05:46:32 ---A- . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\Windows\System32\Drivers\ndiswan.sys [121344]
O58 - SDL:[MD5.71DAB552B41936358F3B541AE5997FB3] - 21/01/2008 - 03:34:06 ---A- . (.Microsoft Corporation - NDIS Proxy.) -- C:\Windows\System32\Drivers\ndproxy.sys [49664]
O58 - SDL:[MD5.BCD093A5A6777CF626434568DC7DBA78] - 21/01/2008 - 03:34:01 ---A- . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\System32\Drivers\netbios.sys [35840]
O58 - SDL:[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - 11/04/2009 - 05:45:37 ---A- . (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\Drivers\netbt.sys [185856]
O58 - SDL:[MD5.3546C0B6F2D808D4E6294A9D6B25151B] - 05/04/2010 - 21:00:40 ---A- . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Drivers\netio.sys [221568]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.D36F239D7CCE1931598E8FB90A0DBC26] - 11/04/2009 - 05:14:01 ---A- . (.Microsoft Corporation - NPFS Driver.) -- C:\Windows\System32\Drivers\npfs.sys [35328]
O58 - SDL:[MD5.609773E344A97410CE4EBF74A8914FCF] - 21/01/2008 - 03:34:35 ---A- . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys [16384]
O58 - SDL:[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - 03/03/2013 - 20:07:52 ---A- . (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\Drivers\ntfs.sys [1082232]
O58 - SDL:[MD5.2757D2BA59AEE155209E24942AB127C9] - 30/01/2008 - 10:52:06 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\Drivers\NTIDrvr.sys [14848]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.C5DBBCDA07D780BDA9B685DF333BB41E] - 21/01/2008 - 03:33:22 ---A- . (.Microsoft Corporation - NULL Driver.) -- C:\Windows\System32\Drivers\null.sys [4608]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [45112]
O58 - SDL:[MD5.18BBDF913916B71BD54575BDB6EEAC0B] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Filtre AGP NForce NT.) -- C:\Windows\System32\Drivers\NV_AGP.SYS [109112]
O58 - SDL:[MD5.85C44FDFF9CF7E72A40DCB7EC06A4416] - 11/04/2009 - 05:43:28 ---A- . (.Microsoft Corporation - NativeWiFi Miniport Driver.) -- C:\Windows\System32\Drivers\nwifi.sys [148480]
O58 - SDL:[MD5.BE32DA025A0BE1878F0EE8D6D9386CD5] - 02/11/2006 - 09:55:16 ---A- . (.Microsoft Corporation - 1394 OpenHCI Port Driver.) -- C:\Windows\System32\Drivers\ohci1394.sys [62080]
O58 - SDL:[MD5.99514FAA8DF93D34B5589187DB3AA0BA] - 11/04/2009 - 05:45:51 ---A- . (.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\Windows\System32\Drivers\pacer.sys [72192]
O58 - SDL:[MD5.0FA9B5055484649D63C303FE404E5F4D] - 02/11/2006 - 09:51:30 ---A- . (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\Drivers\parport.sys [79360]
O58 - SDL:[MD5.B9C2B89F08670E159F7181891E449CD9] - 21/03/2012 - 00:28:50 ---A- . (.Microsoft Corporation - Partition Management Driver.) -- C:\Windows\System32\Drivers\partmgr.sys [53120]
O58 - SDL:[MD5.4F9A6A8A31413180D0FCB279AD5D8112] - 02/11/2006 - 09:51:23 ---A- . (.Microsoft Corporation - Pilote parallèle VDM.) -- C:\Windows\System32\Drivers\parvdm.sys [8704]
O58 - SDL:[MD5.941DC1D19E7E8620F40BBC206981EFDB] - 11/04/2009 - 07:32:55 ---A- . (.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) -- C:\Windows\System32\Drivers\pci.sys [149480]
O58 - SDL:[MD5.FC175F5DDAB666D7F4D17449A547626F] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\pciide.sys [16440]
O58 - SDL:[MD5.6429D10C5D149AC9EB2D95052A390CFF] - 11/04/2009 - 07:32:52 ---A- . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\Windows\System32\Drivers\pciidex.sys [43496]
O58 - SDL:[MD5.E6F3FB1B86AA519E7698AD05E58B04E5] - 02/11/2006 - 10:51:12 ---A- . (.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\Windows\System32\Drivers\pcmcia.sys [167528]
O58 - SDL:[MD5.6349F6ED9C623B44B52EA3C63C831A92] - 02/11/2006 - 10:04:35 ---A- . (.Microsoft Corporation - Protected Environment Authentication and Authorization Export D.) -- C:\Windows\System32\Drivers\PEAuth.sys [878080]
O58 - SDL:[MD5.6DBA75306DD9B242B6F1C343179AD201] - 30/10/2013 - 01:43:06 ---A- . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport Devices).) -- C:\Windows\System32\Drivers\portcls.sys [167936]
O58 - SDL:[MD5.2027293619DD0F047C584CF2E7DF4FFD] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\processr.sys [40960]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.9F5E0E1926014D17486901C88ECA2DB7] - 21/01/2008 - 03:32:58 ---A- . (.Microsoft Corporation - Pilote du support de Microsoft Quality Windows Audio Video Expe.) -- C:\Windows\System32\Drivers\qwavedrv.sys [31232]
O58 - SDL:[MD5.147D7F9C556D259924351FEB0DE606C3] - 21/01/2008 - 03:34:00 ---A- . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\Windows\System32\Drivers\rasacd.sys [11776]
O58 - SDL:[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - 21/01/2008 - 03:34:44 ---A- . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\Drivers\rasl2tp.sys [76288]
O58 - SDL:[MD5.509A98DD18AF4375E1FC40BC175F1DEF] - 11/04/2009 - 05:46:30 ---A- . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\Windows\System32\Drivers\raspppoe.sys [41472]
O58 - SDL:[MD5.ECFFFAEC0C1ECD8DBC77F39070EA1DB1] - 21/01/2008 - 03:34:44 ---A- . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\Windows\System32\Drivers\raspptp.sys [62976]
O58 - SDL:[MD5.2005F4A1E05FA09389AC85840F0A9E4D] - 11/04/2009 - 05:46:40 ---A- . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\Windows\System32\Drivers\rassstp.sys [69120]
O58 - SDL:[MD5.B14C9D5B9ADD2F84F70570BBBFAA7935] - 11/04/2009 - 05:14:29 ---A- . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) -- C:\Windows\System32\Drivers\rdbss.sys [225280]
O58 - SDL:[MD5.89E59BE9A564262A3FB6C4F4F1CD9899] - 21/01/2008 - 03:33:42 ---A- . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\RDPCDD.sys [6144]
O58 - SDL:[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\Drivers\rdpdr.sys [248832]
O58 - SDL:[MD5.9D91FE5286F748862ECFFA05F8A0710C] - 21/01/2008 - 03:34:38 ---A- . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\RDPENCDD.sys [6144]
O58 - SDL:[MD5.C127EBD5AFAB31524662C48DFCEB773A] - 01/05/2012 - 15:03:49 ---A- . (.Microsoft Corporation - RDP Terminal Stack Driver.) -- C:\Windows\System32\Drivers\rdpwd.sys [180736]
O58 - SDL:[MD5.24D3B49DAB660A8B8AFA40240E735E24] - 16/11/2010 - 00:24:48 ---A- . (.InterVideo - regi driver.) -- C:\Windows\System32\Drivers\regi.sys [13880]
O58 - SDL:[MD5.EEC7EE5675294B03E88AA868540007C1] - 11/04/2009 - 05:45:24 ---A- . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\Windows\System32\Drivers\rmcast.sys [113664]
O58 - SDL:[MD5.D9225D107E40D0FA5C5069446759C8E9] - 11/04/2009 - 05:46:07 ---A- . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\Windows\System32\Drivers\RNDISMP.sys [33280]
O58 - SDL:[MD5.75E8A6BFA7374ABA833AE92BF41AE4E6] - 21/01/2008 - 03:34:38 ---A- . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\Windows\System32\Drivers\rootmdm.sys [8192]
O58 - SDL:[MD5.9C508F4074A39E8B4B31D27198146FAD] - 21/01/2008 - 03:34:21 ---A- . (.Microsoft Corporation - Link-Layer Topology Responder Driver for NDIS 6.) -- C:\Windows\System32\Drivers\rspndr.sys [60416]
O58 - SDL:[MD5.CF2219A2FED4F8F2E0817A2BF1658799] - 27/06/2008 - 11:33:20 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [2147928]
O58 - SDL:[MD5.2D19A7469EA19993D0C12E627F4530BC] - 23/06/2010 - 09:21:32 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\Drivers\Rtlh86.sys [259176]
O58 - SDL:[MD5.3CE8F073A557E172B330109436984E30] - 02/11/2006 - 10:50:16 ---A- . (.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\Windows\System32\Drivers\sbp2port.sys [76392]
O58 - SDL:[MD5.6F5CA34AE885645ACF8A20D564DB976C] - 21/01/2008 - 03:33:27 ---A- . (.Microsoft Corporation - SCSI Port Driver.) -- C:\Windows\System32\Drivers\scsiport.sys [142904]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:[MD5.68E44E331D46F0FB38F0863A84CD1A31] - 02/11/2006 - 09:51:25 ---A- . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\Windows\System32\Drivers\serenum.sys [17920]
O58 - SDL:[MD5.C70D69A918B178D3C3B06339B40C2E1B] - 02/11/2006 - 09:51:30 ---A- . (.Microsoft Corporation - Pilote de périphérique série.) -- C:\Windows\System32\Drivers\serial.sys [83456]
O58 - SDL:[MD5.8AF3D28A879BF75DB53A0EE7A4289624] - 21/01/2008 - 03:32:45 ---A- . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys [19968]
O58 - SDL:[MD5.3EFA810BDCA87F6ECC24F9832243FE86] - 21/01/2008 - 03:32:49 ---A- . (.Microsoft Corporation - Small Form Factor Disk Driver.) -- C:\Windows\System32\Drivers\sffdisk.sys [13312]
O58 - SDL:[MD5.E95D451F7EA3E583AEC75F3B3EE42DC5] - 21/01/2008 - 03:32:49 ---A- . (.Microsoft Corporation - Small Form Factor MMC Protocol Driver.) -- C:\Windows\System32\Drivers\sffp_mmc.sys [12288]
O58 - SDL:[MD5.3D0EA348784B7AC9EA9BD9F317980979] - 21/01/2008 - 03:32:49 ---A- . (.Microsoft Corporation - Small Form Factor SD Protocol Driver.) -- C:\Windows\System32\Drivers\sffp_sd.sys [11776]
O58 - SDL:[MD5.46ED8E91793B2E6F848015445A0AC188] - 02/11/2006 - 09:51:40 ---A- . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\Windows\System32\Drivers\sfloppy.sys [13312]
O58 - SDL:[MD5.1D76624A09A054F682D746B924E2DBC3] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Filtre SIS NT AGP.) -- C:\Windows\System32\Drivers\SISAGP.SYS [55864]
O58 - SDL:[MD5.43CB7AA756C7DB280D01DA9B676CFDE2] - 21/01/2008 - 03:32:51 ---A- . (.Microsoft Corporation - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [41016]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.7B75299A4D201D6A6533603D6914AB04] - 11/04/2009 - 05:45:22 ---A- . (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\Drivers\smb.sys [66560]
O58 - SDL:[MD5.A7D7EA1771D2ED6F39A8063E79B6C3E8] - 21/01/2008 - 03:34:44 ---A- . (.Microsoft Corporation - Smard Card Driver Library.) -- C:\Windows\System32\Drivers\smclib.sys [17408]
O58 - SDL:[MD5.7AEBDEEF071FE28B0EEF2CDD69102BFF] - 21/01/2008 - 03:33:48 ---A- . (.Microsoft Corporation - loader for security processor.) -- C:\Windows\System32\Drivers\spldr.sys [21048]
O58 - SDL:[MD5.A7F8BAD9590ADDC425B4003E94780DFA] - 11/04/2009 - 03:52:40 ---A- . (.Microsoft Corporation - security processor.) -- C:\Windows\System32\Drivers\spsys.sys [684032]
O58 - SDL:[MD5.41987F9FC0E61ADF54F581E15029AD91] - 18/02/2011 - 15:03:32 ---A- . (.Microsoft Corporation - Server driver.) -- C:\Windows\System32\Drivers\srv.sys [305152]
O58 - SDL:[MD5.FF33AFF99564B1AA534F58868CBE41EF] - 29/04/2011 - 14:25:10 ---A- . (.Microsoft Corporation - Smb 2.0 Server driver.) -- C:\Windows\System32\Drivers\srv2.sys [146432]
O58 - SDL:[MD5.7605C0E1D01A08F3ECD743F38B834A44] - 29/04/2011 - 14:25:09 ---A- . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Drivers\srvnet.sys [102400]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 25/02/2014 - 15:05:01 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.47E55AFE1ED1D5AFF09690DB226F4A7A] - 11/04/2009 - 07:32:54 ---A- . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\Storport.sys [122344]
O58 - SDL:[MD5.70A92E46A2F459CDEDE3CA558CB26B6A] - 11/04/2009 - 05:42:47 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\Drivers\stream.sys [52992]
O58 - SDL:[MD5.7BA58ECF0C0A9A69D44B3DCA62BECF56] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\Windows\System32\Drivers\swenum.sys [15288]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.1239FD18895040D97B7CDBC19BC2075E] - 21/01/2008 - 03:34:32 ---A- . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\Windows\System32\Drivers\tape.sys [24576]
O58 - SDL:[MD5.6D0D344F643E28B31262AC2682109A3C] - 05/07/2013 - 04:20:37 ---A- . (.Microsoft Corporation - TCP/IP Driver.) -- C:\Windows\System32\Drivers\tcpip.sys [914880]
O58 - SDL:[MD5.5877A786EF27E42C4E84D1356F922302] - 05/07/2013 - 02:43:04 ---A- . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\System32\Drivers\tcpipreg.sys [31232]
O58 - SDL:[MD5.77937EFF009AC696B90E09F671F9D0A4] - 21/01/2008 - 03:33:41 ---A- . (.Microsoft Corporation - TDI Wrapper.) -- C:\Windows\System32\Drivers\tdi.sys [20992]
O58 - SDL:[MD5.5DCF5E267BE67A1AE926F2DF77FBCC56] - 21/01/2008 - 03:33:45 ---A- . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\Windows\System32\Drivers\tdpipe.sys [17920]
O58 - SDL:[MD5.389C63E32B3CEFED425B61ED92D3F021] - 21/01/2008 - 03:33:45 ---A- . (.Microsoft Corporation - TCP Transport Driver.) -- C:\Windows\System32\Drivers\tdtcp.sys [29184]
O58 - SDL:[MD5.76B06EB8A01FC8624D699E7045303E54] - 11/04/2009 - 05:45:56 ---A- . (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\Drivers\tdx.sys [72192]
O58 - SDL:[MD5.3CAD38910468EAB9A6479E2F01DB43C7] - 11/04/2009 - 07:32:52 ---A- . (.Microsoft Corporation - Terminal Server Driver.) -- C:\Windows\System32\Drivers\termdd.sys [53224]
O58 - SDL:[MD5.F4EAA7ECBCB25DE901C9B7F2CDCDA0B3] - 15/06/2013 - 12:23:33 ---A- . (.Microsoft Corporation - TS Security Filter Driver.) -- C:\Windows\System32\Drivers\tssecsrv.sys [24064]
O58 - SDL:[MD5.CAECC0120AC49E3D2F758B9169872D38] - 21/01/2008 - 03:34:06 ---A- . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) -- C:\Windows\System32\Drivers\TUNMP.SYS [15360]
O58 - SDL:[MD5.300DB877AC094FEAB0BE7688C3454A9C] - 18/02/2010 - 12:28:13 ---A- . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) -- C:\Windows\System32\Drivers\tunnel.sys [25088]
O58 - SDL:[MD5.7D33C4DB2CE363C8518D2DFCF533941F] - 21/01/2008 - 03:32:47 ---A- . (.Microsoft Corporation - Filtre MS AGPv3.5.) -- C:\Windows\System32\Drivers\UAGP35.SYS [59448]
O58 - SDL:[MD5.F763E070843EE2803DE1395002B42938] - 30/01/2008 - 10:51:50 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\System32\Drivers\UBHelper.sys [13824]
O58 - SDL:[MD5.D9728AF68C4C7693CB100B8441CBDEC6] - 11/04/2009 - 05:13:59 ---A- . (.Microsoft Corporation - UDF File System Driver.) -- C:\Windows\System32\Drivers\udfs.sys [226816]
O58 - SDL:[MD5.B0ACFDC9E4AF279E9116C03E014B2B27] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Filtre ULi AGPv3.0 pour plateformes à processeur K8/9.) -- C:\Windows\System32\Drivers\ULIAGPKX.SYS [60984]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.32CFF9F809AE9AED85464492BF3E32D2] - 21/01/2008 - 03:32:48 ---A- . (.Microsoft Corporation - User-Mode Bus Enumerator.) -- C:\Windows\System32\Drivers\umbus.sys [34816]
O58 - SDL:[MD5.88BD96A1BAEED33EE8BDF9499C07A841] - 21/01/2008 - 03:33:20 ---A- . (.Microsoft Corporation - Generic pass-through driver.) -- C:\Windows\System32\Drivers\umpass.sys [7680]
O58 - SDL:[MD5.8D31A140B55021BBD3A608F5A7AA2E18] - 12/02/2013 - 02:57:27 ---A- . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\Drivers\usb8023.sys [15872]
O58 - SDL:[MD5.D06F193F3E9CC3B356DF97F6A43C054A] - 11/04/2009 - 05:42:56 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\Drivers\USBCAMD.sys [25856]
O58 - SDL:[MD5.EAE017D3AA298374A1967B96C379C5AB] - 11/04/2009 - 05:42:56 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\System32\Drivers\USBCAMD2.sys [25856]
O58 - SDL:[MD5.AAB0B5F72D2D726FBFDC895A2902DE1D] - 29/06/2013 - 03:07:04 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys [73216]
O58 - SDL:[MD5.E9476E6C486E76BC4898074768FB7131] - 02/11/2006 - 09:55:09 ---A- . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\usbcir.sys [68608]
O58 - SDL:[MD5.FE619ED13CE12F5B43C04E3EA061BBD6] - 29/06/2013 - 03:06:53 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [6016]
O58 - SDL:[MD5.153E8515CB86F8BB5D1A8B478EBF4BB2] - 05/05/2011 - 14:54:07 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [39936]
O58 - SDL:[MD5.2AE6BCEBD85D31317E433733DAF25888] - 29/06/2013 - 03:07:15 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys [197632]
O58 - SDL:[MD5.38DBC7DD6CC5A72011F187425384388B] - 02/11/2006 - 09:55:05 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys [19456]
O58 - SDL:[MD5.B09C74A41F26B08149707EA5E7F956C2] - 29/06/2013 - 03:07:01 ---A- . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) -- C:\Windows\System32\Drivers\usbport.sys [226304]
O58 - SDL:[MD5.E75C4B5269091D15A2E7DC0B6D35F2F5] - 21/01/2008 - 03:32:48 ---A- . (.Microsoft Corporation - USB Printer driver.) -- C:\Windows\System32\Drivers\usbprint.sys [18944]
O58 - SDL:[MD5.1D714B8497CD68307806D5D3F60A5169] - 03/07/2013 - 03:33:45 ---A- . (.Microsoft Corporation - USB Scanner Driver.) -- C:\Windows\System32\Drivers\usbscan.sys [35328]
O58 - SDL:[MD5.BE3DA31C191BC222D9AD503C5224F2AD] - 11/04/2009 - 05:42:55 ---A- . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\Windows\System32\Drivers\USBSTOR.SYS [65536]
O58 - SDL:[MD5.44056325428A8E4C755830426E29878F] - 05/05/2011 - 14:54:07 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [23552]
O58 - SDL:[MD5.73FF24E21B690625A58109637DDA0DF7] - 12/07/2013 - 10:04:32 ---A- . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\Drivers\usbvideo.sys [134272]
O58 - SDL:[MD5.2E93AC0A1D8C79D019DB6C51F036636C] - 21/01/2008 - 03:34:39 ---A- . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys [25088]
O58 - SDL:[MD5.87B06E1F30B749A114F74622D013F8D4] - 21/01/2008 - 03:32:23 ---A- . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vgapnp.sys [26112]
O58 - SDL:[MD5.5D7159DEF58A800D5781BA3A879627BC] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Filtre VIA NT AGP.) -- C:\Windows\System32\Drivers\VIAAGP.SYS [56888]
O58 - SDL:[MD5.C4F3A691B5BAD343E6249BD8C2D45DEE] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Drivers\viac7.sys [41472]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [20024]
O58 - SDL:[MD5.C048D2C33D27441A0CDCAAE2651EB03D] - 21/01/2008 - 03:33:13 ---A- . (.Microsoft Corporation - Video Port Driver.) -- C:\Windows\System32\Drivers\videoprt.sys [110080]
O58 - SDL:[MD5.69503668AC66C77C6CD7AF86FBDF8C43] - 21/01/2008 - 03:32:22 ---A- . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys [52792]
O58 - SDL:[MD5.23E41B834759917BFD6B9A0D625D0C28] - 11/04/2009 - 07:33:03 ---A- . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys [292840]
O58 - SDL:[MD5.786DB5771F05EF300390399F626BF30A] - 21/08/2012 - 12:47:42 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\Drivers\volsnap.sys [224640]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\Drivers\VSTAZL3.SYS [200704]
O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\Drivers\VSTCNXT3.SYS [654336]
O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\Drivers\VSTDPV3.SYS [987648]
O58 - SDL:[MD5.48DFEE8F1AF7C8235D4E626F0C4FE031] - 02/11/2006 - 09:52:52 ---A- . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) -- C:\Windows\System32\Drivers\wacompen.sys [20608]
O58 - SDL:[MD5.55201897378CCA7AF8B5EFD874374A26] - 21/01/2008 - 03:34:06 ---A- . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windows\System32\Drivers\wanarp.sys [62464]
O58 - SDL:[MD5.4A5C31E2C1646034E6A60EBA4C747FF6] - 11/04/2009 - 05:22:46 ---A- . (.Microsoft Corporation - Watchdog Driver.) -- C:\Windows\System32\Drivers\watchdog.sys [33280]
O58 - SDL:[MD5.78FE9542363F297B18C027B2D7E7C07F] - 21/01/2008 - 03:32:50 ---A- . (.Microsoft Corporation - Microsoft Watchdog Timer Driver.) -- C:\Windows\System32\Drivers\wd.sys [22072]
O58 - SDL:[MD5.25944D2CC49E0A6C581D02A74B7D6645] - 27/06/2013 - 00:01:59 ---A- . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys [527064]
O58 - SDL:[MD5.48704647CD2E9DAA2EB81BDE6D029EDB] - 26/07/2012 - 04:39:21 ---A- . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\Windows\System32\Drivers\WdfLdr.sys [47720]
O58 - SDL:[MD5.2E7255D172DF0B8283CDFB7B433B864E] - 21/01/2008 - 03:32:21 ---A- . (.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\Windows\System32\Drivers\wmiacpi.sys [11264]
O58 - SDL:[MD5.C546864EED786304762D030FEBF6B411] - 21/01/2008 - 03:33:13 ---A- . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\Windows\System32\Drivers\wmilib.sys [17976]
O58 - SDL:[MD5.DE9D36F91A4DF3D911626643DEBF11EA] - 01/10/2009 - 02:01:54 ---A- . (.Microsoft Corporation - WPD USB Driver.) -- C:\Windows\System32\Drivers\WpdUsb.sys [40448]
O58 - SDL:[MD5.E3A3CB253C0EC2494D4A61F5E43A389C] - 21/01/2008 - 03:34:35 ---A- . (.Microsoft Corporation - Winsock2 IFS Layer.) -- C:\Windows\System32\Drivers\ws2ifsl.sys [15872]
O58 - SDL:[MD5.06E6F32C8D0A3F66D956F57B43A2E070] - 26/07/2012 - 03:33:43 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Platform.) -- C:\Windows\System32\Drivers\WUDFPf.sys [66560]
O58 - SDL:[MD5.867C301E8B790040AE9CF6486E8041DF] - 26/07/2012 - 03:32:51 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Reflecto.) -- C:\Windows\System32\Drivers\WUDFRd.sys [155136]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.D7659D3B5B92C31E84E53C1431F35132] - 11/04/2009 - 07:32:46 ---A- . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\clfs.sys [245736]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:[MD5.7DEEA31FD41B77B433C17903B3416507] - 07/02/2014 - 11:38:44 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2050560]
~ Drivers: 16 Scanned in 00mn 29s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2Albums\frexcludefolders.txt [35]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2Albums\watchedfolders.txt [110]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\albumdata_category.pmp [112]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\albumdata_date.pmp [204]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\albums_index.db [152]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\bigthumbs_index.db [12512]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\catdata_catpri.pmp [30]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\facetags.txt [0]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\facetemplatesV2_index.db [11696]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\imagedata_filetype.pmp [3916]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\previews_index.db [10136]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\repository.dat [204]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\saverlist.txt [0]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\scanlist.txt [12]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\starlist.txt [0]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\tags.txt [0]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\thumbindex.db [37415]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\thumbs2_index.db [11696]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\thumbs_index.db [11696]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\usernames.dat [8]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\db3\wordhash.dat [111988]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\ioqueue\albumsafe.ioq [0]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\ioqueue\filesafe.ioq [0]
O61 - LFC: 22/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Google\Picasa2\ioqueue\slingshot.ioq [0]
O61 - LFC: 22/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\AppData\Roaming\Thunderbird\Crash Reports\InstallTime20140316131045 [10] =>.Mozilla Corporation
O61 - LFC: 22/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\Documents\cc_20140322_185527.reg [13490]
O61 - LFC: 22/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\Documents\cc_20140322_185543.reg [206]
O61 - LFC: 22/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\Documents\cc_20140322_185559.reg [206]
O61 - LFC: 24/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Windows Live\uxcore_msnmsgr_00.etl [8192]
O61 - LFC: 24/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt00.sqm [562]
O61 - LFC: 24/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\Documents\cc_20140324_221150.reg [3362]
O61 - LFC: 25/03/2014 - 20:53:05 ---A- . (...) -- C:\Users\Florine\AppData\Local\Temp\Florine.bmp [31832]
O61 - LFC: 25/03/2014 - 20:53:05 --HA- . (...) -- C:\Users\Florine\AppData\Local\IconCache.db [2318293]
O61 - LFC: 25/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\AppData\Roaming\ZHP\Log.txt [19872] =>.Nicolas Coolman
O61 - LFC: 25/03/2014 - 20:53:07 ---A- . (...) -- C:\Users\Florine\AppData\Roaming\ZHP\TestsZHPDiag.txt [2869] =>.Nicolas Coolman
~ 1 Fichiers temporaires (Temporary files)
~ Files: 35 Scanned in 00mn 03s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\CLFS.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 24/09/2013 - C:\Windows\System32\DRIVERS\cmderd.sys (cmderd) .(.COMODO - COMODO Internet Security Eradication Driver.) - LEGACY_CMDERD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\crcdisk.sys (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\ecache.sys (Ecache) .(.Microsoft Corporation - Special Memory Device Cache.) - LEGACY_ECACHE
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 04/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\mountmgr.sys (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\Drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 11/04/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 11/04/2009 - C:\Windows\System32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 21/08/2012 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 27/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 26/07/2012 - C:\Windows\system32\drivers\Wudfpf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 87 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ FASS Keys: 9 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {A39B943F-4666-46EA-840D-A51F5561C098} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {D318FD11-337C-4DF7-ABB0-A8D8A337C632} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096]

~ Services: 31 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.429EAA9531748474A458AC984D2E8D29] [SPRF][12/12/2010] (...) -- C:\Users\Florine\AppData\Roaming\wklnhst.dat [92]
[MD5.0E46611DBBD6E6B94E1AF709F6A6CEFC] [SPRF][11/03/2014] (...) -- C:\Users\Florine\Desktop\adwcleaner.exe [1949184]
[MD5.BEF1F505CF0194E5D6DD4B52F3D3A446] [SPRF][24/03/2014] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\Florine\Desktop\ZHPDiag2.exe [6859570]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032]
~ Files: 6 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPCSS-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPC-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe =>.Microsoft Corporation
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "{011E2897-D8ED-4D64-BBAB-2527A374D514}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{0BBC41AD-BA76-49C4-AA30-6D0B538557DD}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{52F0B77B-54CF-4A82-A62D-48404F406663}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{F355EE27-8A6F-4CE1-881A-F77C2225C497}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O87 - FAEL: "{A90F1E71-72DD-453D-B72F-C3477F4C611D}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O87 - FAEL: "{E8257C08-95DD-47C7-A8AA-F3BF72CBE37B}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O87 - FAEL: "{72F7EE8D-0C03-4057-9920-9C39E7DF7E1F}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{5F4728B0-66FA-4604-AA4F-937D031E2560}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{1E4B37B4-82A9-4D01-A8AC-90F3B132AC44}" |In - Public - P6 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.)
O87 - FAEL: "{A4278805-2CB2-45DF-AA22-53C13B2452BB}" |In - Public - P17 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.)
O87 - FAEL: "{D97179F5-7C26-4FC0-B467-819363A43C93}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{B09988AC-E8B7-422A-ABF7-2C2C3DCB2C92}" | In - None - P6 - TRUE | .(.Corel Corporation - WinDVD.) -- c:\Program Files\Corel\WinDVD11\WinDVD.exe
~ Firewall: 161 Scanned in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "00006FCA9B229EC4896DC2FC53B9CA70" . (.ABBYY FineReader 6.0 Sprint.) -- C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "1CB5C5E25829AD54885892FAAE45C125" . (.Setup.) -- c:\Windows\Installer\{2E5C5BC1-9285-45DA-8885-29AFEA541C52}\ARPPRODUCTICON.exe
O90 - PUC: "2F0F48BCB729D854D95C7838E2D36C35" . (.GearDrvs.) -- C:\Windows\Installer\{CB84F0F2-927B-458D-9DC5-87832E3DC653}\ARPPRODUCTICON.exe
O90 - PUC: "4A1AFE21B3CAC344183432E7ED674030" . (.NTI Backup Now Standard.) -- C:\Windows\Installer\{12EFA1A4-AC3B-443C-8143-237EDE760403}\ARPPRODUCTICON.exe
O90 - PUC: "4EFA9485B208D4C47AF99F882CBBA7F7" . (.Corel WinDVD.) -- c:\Windows\Installer\{5849AFE4-802B-4C4D-A79F-F988C2BB7A7F}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA73301B744BA0000000010" . (.Adobe Reader XI (11.0.06).) -- C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "72B17402207D8EF4D8CE7020CCC8A058" . (.WinDVD.) -- C:\Windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\ARPPRODUCTICON.exe
O90 - PUC: "8B45D5D892D34BA4D88A8186AD9F148D" . (.OpenOffice 4.0.1.) -- C:\Windows\Installer\{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}\soffice.ico
O90 - PUC: "9248D1999DFC9D84DB58E6DD03705B9A" . (.ICA.) -- c:\Windows\Installer\{991D8429-CFD9-48D9-BD85-6EDD3007B5A9}\ARPPRODUCTICON.exe
O90 - PUC: "B1D43A28C63A35B4FB8CF2F3BD23FC9D" . (.IPM.) -- c:\Windows\Installer\{82A34D1B-A36C-4B53-BFC8-2F3FDB32CFD9}\ARPPRODUCTICON.exe
O90 - PUC: "C039314290386A74CB16E52FA72422CB" . (.NTI Media Maker 8.) -- C:\Windows\Installer\{2413930C-8309-47A6-BC61-5EF27A4222BC}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico
~ Update Products: 59 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.CDE96BA9F5CBCD89BFFA5AAF8661DB2F] [WIS][28/08/2008] (.NewTech Infosystems - Media Maker.) -- C:\Windows\Installer\105e91.msi [2835456]
[MD5.C36727AA6E2262F52FA03B92C6915601] [WIS][15/02/2014] (.Corel Inc. - Setup.) -- C:\Windows\Installer\1bc7cc.msi [2381824]
[MD5.177676C5205EF54FB49C7E4976694680] [WIS][15/02/2014] (.Corel Inc. - Blank Project Template.) -- C:\Windows\Installer\1bc7d0.msi [2940928]
[MD5.7B9C1AC8328CE2C3EDA15AEA20B488B4] [WIS][15/02/2014] (.Corel Inc. - Blank Project Template.) -- C:\Windows\Installer\1bc7d4.msi [6001664]
[MD5.33A35C6EEA9C75CB4A8DE1DE7504F803] [WIS][15/02/2014] (.Corel Inc. - ICA.) -- C:\Windows\Installer\1bc7d8.msi [1985536]
[MD5.ABE9EDABF94CBAEB4FFA72B562A63B67] [WIS][11/03/2014] (.COMODO Security Solutions Inc. - COMODO Internet Security Installer.) -- C:\Windows\Installer\3e1f9.msi [4843008]
[MD5.B0C80448A74410A64D0867D4D8ED7B68] [WIS][02/05/2010] (.GEAR Software - Blank Project Template.) -- C:\Windows\Installer\f1cb0.msi [441856]
~ WIS: 60 Scanned in 00mn 03s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Florine at 25/03/2014 20:53:44

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
1 ntkrnlpa!IofCallDriver[0x8228F916] >> \Device\Harddisk0\DR0[0x84CB6620]
3 CLASSPNP[0x87DAC8B3] >> ntkrnlpa!IofCallDriver[0x8228F916] >> [0x841EA898]
5 acpi[0x806A06BC] >> ntkrnlpa!IofCallDriver[0x8228F916] >> \Device\Ide\IdeDeviceP0T0L0-0[0x84B9D030]
kernel: MBR read successfully
user & kernel MBR OK

~ MBR: 13 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Florine at 25/03/2014 20:53:46

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (24/03/2014)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Protection_ZoneAlarm Toolbar] =>Toolbar.ZoneAlarm
C:\ProgramData\AVG January 2013 Campaign =>Toolbar.AVGSearch
~ Additionnel Scan: 227815 Items scanned in 00mn 20s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ MSI: 2 link(s) detected in 00mn 20s



End of the scan (1589 lines in 02mn 46s)(0)

Publicité


Signaler le contenu de ce document

Publicité