Dépannage Informatique Avast vs Evo-gen, et nettoyage éventuel

Dépannage Informatique : Avast vs Evo-gen, et nettoyage éventuel

Auteur
Messages
Simfreed
Participant
21 novembre 2014 à 19 h 27 min
Nombre d'articles : 2
#164358
Bonjour!
Aujourd’hui j’ai eu la mauvaise surprise de voir Avast mettre en quarantaine le fichier exécutable d’un de mes logiciels de travail en indiquant qu’il avait détecté un virus nommé Win32:Evo-gen.
En cherchant sur les forums de désinfection j’ai pu lire d’autre post impliquant Avast et Win32:Evo-gen, et voyant que les réponses étaient généralement un nettoyage et post des rapports des différents scans je viens sur ce forum pour vous demander de l’aide.
De plus, il y a quelque temps, j’ai eu un petit soucis avec un virus faisant apparaître plein de pub (adware je crois). Je pense avoir réussit à m’en débarrasser mais mon pc semble avoir besoin d’un petit nettoyage.
Voici les rapports fournit par AdwCleaner et ZHPDiag, Malwarebytes n’ayant rien trouvé et fourni aucun rapport.
AdwCleaner:
[spoiler:3quqf3ej]# AdwCleaner v4.101 – Rapport créé le 21/11/2014 à 14:23:17
# Mis à jour le 09/11/2014 par Xplode
# Database : 2014-11-16.1 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Simon – SIMON-PC
# Exécuté depuis : C:UsersSimonDesktopAdwCleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Fichier Supprimé : C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_services.hearstmags.com_0.localstorage-journal
Fichier Supprimé : C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxps_www.superfish.com_0.localstorage
Fichier Supprimé : C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxps_www.superfish.com_0.localstorage-journal
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094
***** [ Navigateurs ] *****
-\ Internet Explorer v11.0.9600.17420
-\ Mozilla Firefox v33.1.1 (x86 fr)
-\ Google Chrome v39.0.2171.65
*************************
AdwCleaner[R0].txt – [4308 octets] – [19/10/2014 11:28:44]
AdwCleaner[R1].txt – [951 octets] – [20/10/2014 08:22:53]
AdwCleaner[R2].txt – [1069 octets] – [20/10/2014 08:29:47]
AdwCleaner[R3].txt – [1130 octets] – [21/10/2014 07:12:34]
AdwCleaner[R4].txt – [1744 octets] – [21/11/2014 14:20:29]
AdwCleaner[S0].txt – [3899 octets] – [19/10/2014 11:30:45]
AdwCleaner[S1].txt – [997 octets] – [20/10/2014 08:24:34]
AdwCleaner[S2].txt – [1665 octets] – [21/11/2014 14:23:17]
########## EOF – C:AdwCleanerAdwCleaner[S2].txt – [1725 octets] ##########[/spoiler:3quqf3ej]
ZHPDiag: (partie1 car c’est long)
[spoiler:3quqf3ej]~ Rapport de ZHPDiag v2014.10.18.148 – Nicolas Coolman (18/10/2014)
~ Lancé par Simon (21/11/2014 15:01:05)
~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
~ Adresse du Forum http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
—\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17420
MFIE: Mozilla Firefox 33.1.1
GCIE: Google Chrome v39.0.2171.65 (Defaut)
—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System – Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
—\ Logiciels de protection du système
avast! Free Antivirus v9.0.2021
Malwarebytes Anti-Malware version 2.0.3.1025
Windows Defender W7 (Activate)
—\ Logiciels d'optimisation du système
CCleaner v3.22
—\ Logiciels de partage PeerToPeer
—\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader X
Java 7 Update 60 (64-bit)
—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3982 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 111 GB (37%) free of 300 GB
—\ Mode de connexion au système
~ Computer Name: SIMON-PC
~ User Name: Simon
~ All Users Names: UpdatusUser, Simon, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
—\ Variables d'environnement
~ System Unit : C:
~ %AppZHP% : C:UsersSimonAppDataRoamingZHP
~ %AppData% : C:UsersSimonAppDataRoaming
~ %Desktop% : C:UsersSimonDesktop
~ %Favorites% : C:UsersSimonFavorites
~ %LocalAppData% : C:UsersSimonAppDataLocal
~ %StartMenu% : C:UsersSimonAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32
—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 111 Go of 300 Go)
D: Hard drive, Flash drive, Thumb drive (Free 277 Go of 373 Go)
F: CD-ROM drive (Not Inserted)
—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
[HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
[HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
~ Security Center: 46 Scanned in 00mn 00s
—\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.24/02/2012 – 01:55:29.) — C:WindowsExplorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.6/11/2014 – 03:17:24.) — C:WindowsSystem32wininet.dll [2365440]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.17/07/2014 – 03:07:24.) — C:WindowsSystem32Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:28.) — C:WindowsSystem32sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.30/05/2014 – 07:45:52.) — C:Windowssystem32DriversAFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:22.) — C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:34.) — C:Windowssystem32DriversDfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:44.) — C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.24/02/2012 – 02:02:21.) — C:Windowssystem32DriversMRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:22.) — C:Windowssystem32DriversnetBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:36.) — C:Windowssystem32DriversRasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:58.) — C:Windowssystem32Driverstdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.24/02/2012 – 01:35:34.) — C:Windowssystem32Driversvolsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/49
~ Mes Videos (My Videos) : 1/307
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/10598
~ Mon Bureau (My Desktop) : 1/30
~ Menu demarrer (Programs) : 1/59
~ Hidden Files: Scanned in 00mn 10s
—\ Processus lancés
[MD5.89D2706FCD45E33CECFBD46BCBAD7E16] – (.Microsoft Corporation – Tablet PC Input Panel Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe [10240] [PID.3720]
[MD5.ED759B7FD51466447CC31CBE79B99050] – (.ASUSTek Computer Inc. – ASUS USB Charger Plus.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1121448] [PID.4020]
[MD5.F48ECBB9771865CDC5435BD9AF4564F0] – (.ASUSTeK Computer Inc. – ASUS Quick Gesture Exe.) — C:Program Files (x86)ASUSASUS Virtual TouchQuickGesturex86QuickGesture.exe [17872] [PID.4068]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] – (.ASUSTek Computer Inc. – ASUS FaceLogon Application.) — C:Program Files (x86)ASUSFaceLogonsensorsrv.exe [473728] [PID.3160]
[MD5.D9AB754613208112B840C75B6762B909] – (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [322176] [PID.3364]
[MD5.64A7C84C0A8C79B22033F92D43919062] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [102568] [PID.1680]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] – (.ASUS – AsScrPro.) — C:WindowsAsScrPro.exe [3058304] [PID.4136]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] – (.ASUSTeK – ACEngSvr Module.) — C:WindowsSysWOW64ACEngSvr.exe [162456] [PID.4184]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [107816] [PID.4336]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] – (.Intel Corporation – Intel(R) USB 3.0 Monitor.) — C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe [291608] [PID.4244]
[MD5.BC31B27061F27E8968CD0435C038F712] – (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [174720] [PID.5428]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] – (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe [105016] [PID.5204]
[MD5.09E3F3BBB6ABD32A8156DDD2A082812C] – (.National Instruments Corporation – NI Error Reporting Server.) — C:Program Files (x86)National InstrumentsSharedNI Error Reportingnierserver.exe [663896] [PID.0]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] – (.ASUSTeK Computer Inc. – A program that manage wireless devices in s.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe [2321072] [PID.6248]
[MD5.26B558B2D31C7425B455B00E562EAD93] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [4085896] [PID.6280]
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [271744] [PID.6592]
[MD5.7787F1E659DCDF85E47BBF374B502FAC] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8113664] [PID.4204]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] – (.ASUS – ASLDR Service.) — C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe [80512] [PID.1560]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] – (.ASUS – GFNEXSrv.) — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe [96896] [PID.1620]
[MD5.73F5C13B431915BAE35254B4E95DFB71] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1644]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [64704] [PID.1192]
[MD5.52436245AAEF3B65DF7859949AB6A14E] – (.ASUS – ASUS InstantOn Program.) — C:Program Files (x86)ASUSInstantOn for NBInsOnSrv.exe [277120] [PID.1324]
[MD5.896AA2F1D79662B17D5DBBE588E24E30] – (…) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe [128280] [PID.2212]
[MD5.3C6630473DD42FFC57D9F5564F533127] – (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe [161560] [PID.2236]
[MD5.7CBF0476029371402D14CD776612EE6A] – (.National Instruments Corporation – lkads.) — C:WindowsSysWOW64lkads.exe [53544] [PID.2308]
[MD5.86D5EF02C4D1486CF1BDA4A71EC470C0] – (.National Instruments Corporation – MXS Service.) — C:Program Files (x86)National InstrumentsMAXnimxs.exe [83768] [PID.2332]
[MD5.3B712766DEA950ACA65789B460AA1899] – (.National Instruments Corporation – nidmsrv.) — C:Program Files (x86)National InstrumentsSharedSecuritynidmsrv.exe [380720] [PID.2356]
[MD5.29EBF365BCC850A3134A391E95E685C6] – (.National Instruments Corporation – NI Service Locator.) — C:Program Files (x86)National InstrumentsSharedniSvcLocnisvcloc.exe [90440] [PID.2432]
[MD5.4DC8C4EC1F9637110142C7D65FFB40E5] – (.National Instruments Corporation – National Instruments Variable Engine.) — C:Program Files (x86)National InstrumentsSharedTaggertagsrv.exe [676016] [PID.2504]
[MD5.D83C2FF7EA53E66B8EA7901D710494EA] – (.Atheros – Atheros Coex Service Application.) — C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe [158880] [PID.2944]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] – (.ASUSTek Computer Inc. – HControl.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe [174720] [PID.3472]
[MD5.EA75E0837B21B46E88102E23438FE2CB] – (.ASUS – ASUS InstantOn Program.) — C:Program Files (x86)ASUSInstantOn for NBInsOnWMI.exe [289408] [PID.3520]
[MD5.20CDB07017497C94A0BAD253C4BAFCBC] – (.National Instruments, Inc. – Part of Logos.) — C:WindowsSysWOW64lkcitdl.exe [695136] [PID.3592]
[MD5.B9BA33801B5F9B79F0949AF206F96177] – (.National Instruments Corporation – lktsrv.) — C:WindowsSysWOW64lktsrv.exe [63792] [PID.3368]
[MD5.EE599A2981D3C5AF19CD6AEF39B0E51B] – (.National Instruments Corporation – NI Measurements Device Loader SCM Plug-in.) — C:WindowsSysWOW64nidevldu.exe [102040] [PID.976]
[MD5.F59599F4C0B3259AC1355F34E6AC6342] – (.National Instruments Corporation – National Instruments Zeroconf Service.) — C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsResponder.exe [260976] [PID.4436]
[MD5.10B3FCF03C4AF87D69C9F31B3E3B6F68] – (.National Instruments Corporation – NI PXI Service Manager.) — C:WindowsSysWOW64nipxism.exe [19056] [PID.4768]
[MD5.149126216A694E6BA84E92ECA77AAE3B] – (.ASUS – ATKOSD.) — C:Program Files (x86)ASUSATK PackageATK HotkeyATKOSD.exe [2488888] [PID.4828]
[MD5.FD919AC3746322662DC21CDB7B9ADC07] – (.National Instruments Corporation – System Web Server Daemon.) — C:Program Files (x86)National InstrumentsSharedNI WebServerSystemWebServer.exe [57680] [PID.4660]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] – (.ASUS – KBFiltr.) — C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe [113208] [PID.4960]
[MD5.964D778400303BF6CB4F7826314DB8B2] – (.National Instruments Corporation – National Instruments Network Discovery Serv.) — C:Program Files (x86)National InstrumentsSharedNI Network DiscoveryniDiscSvc.exe [176512] [PID.2200]
[MD5.4A7C441D99D86704D194E7678873B95D] – (.ASUS – WDC.) — C:Program Files (x86)ASUSATK PackageATK HotkeyWDC.exe [174648] [PID.5420]
[MD5.F0EA0AD4B1AFFEFE4AB34191D539509B] – (.National Instruments Corporation – Application Web Server Daemon.) — C:Program Files (x86)National InstrumentsSharedNI WebServerApplicationWebServer.exe [57696] [PID.5600]
[MD5.2B23FAA39D8F949ED5EEE03ECA50BCD5] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [277784] [PID.4292]
[MD5.3C5405EF78576E8E4D791EB18F6856A8] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [363800] [PID.5840]
~ Processes Running: Scanned in 00mn 04s
—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultPreferences
—\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 13s
—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 – MFSP: prefs.js [Simon – jmim5433.default-1351205969399] http://www.google.be” onclick=”window.open(this.href);return false;
P2 – FPN:Firefox Plugin Navigator . (.National Instruments – LabVIEW 2011 Netscape Plug-in for Win32.) — C:Program Files (x86)Mozilla FirefoxPluginsnplv2011win32.dll
P2 – FPN:Firefox Plugin Navigator . (.National Instruments – LabVIEW 2012 Netscape Plug-in for Win32.) — C:Program Files (x86)Mozilla FirefoxPluginsnplv2012win32.dll
P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:Windowssystem32MacromedFlashNPSWF64_15_0_0_223.dll
P2 – FPN: [HKLM] [@java.com/DTPlugin,version=10.60.2] – (.Oracle Corporation – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:Program FilesJavajre7bindtpluginnpDeployJava1.dll
P2 – FPN: [HKLM] [@java.com/JavaPlugin,version=10.60.2] – (.Oracle Corporation – Next Generation Java Plug-in 10.60.2 for Mozilla browsers.) — C:Program FilesJavajre7binplugin2npjp2.dll
P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.30514.0.) — C:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll
~ Firefox Browser: 9 Scanned in 00mn 00s
—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.be” onclick=”window.open(this.href);return false;
R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://asus.msn.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearchUrl,Default = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) — C:WindowsSysWOW64ieframe.dll
R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
R4 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
~ IE Browser: 23 Scanned in 00mn 00s
—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
—\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
—\ Browser Helper Objects de navigateur (O2)
O2 – BHO: Java(tm) Plug-In SSV Helper [64Bits] – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binssv.dll
O2 – BHO: IESpeakDoc [64Bits] – {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations – Bluetooth IE PlugIn.) — C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll
O2 – BHO: avast! Online Security [64Bits] – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software – IE Webrep plugin.) — C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O2 – BHO: Windows Live ID Sign-in Helper [64Bits] – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 – BHO: Bing Bar Helper [64Bits] – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. – Extensions du client Bing.) — C:Program Files (x86)MicrosoftBingBar7.3.132.0BingExt.dll =>Toolbar.Bing
O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binjp2ssv.dll
~ BHO: 11 Scanned in 00mn 00s
—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: avast! Online Security – [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (…) — (.not file.)
O3 – Toolbar: (no name) – [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
O3 – Toolbar: Bing Bar – [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. – Bing Client Extensions.) — C:Program Files (x86)MicrosoftBingBar7.3.132.0amd64BingExt.dll =>Toolbar.Bing
~ Toolbar: Scanned in 00mn 00s
—\ Applications lancées au démarrage du système (O4)
O4 – HKLM..Run: [AtherosBtStack] . (.Atheros Communications – Serveur Stack Bluetooth.) — C:Program Files (x86)Bluetooth SuiteBtvStack.exe
O4 – HKLM..Run: [AthBtTray] . (.Atheros Commnucations – Bluetooth Tray.) — C:Program Files (x86)Bluetooth SuiteAthBtTray.exe
O4 – HKLM..Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe (.not file.)
O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:Windowssystem32igfxpers.exe
O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKCU..Run: [NIRegistrationWizard] . (…) — C:Program Files (x86)National InstrumentsSharedRegistrationWizardBinRegistrationWizard.exe
O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
O4 – HKLM..Wow6432NodeRun: [ASUSWebStorage] . (.ecareme – AsusWebStorage.) — C:Program Files (x86)ASUSASUS WebStorage3.0.108.222AsusWSPanel.exe
O4 – HKLM..Wow6432NodeRun: [USB3MON] . (.Intel Corporation – Intel(R) USB 3.0 Monitor.) — C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe
O4 – HKLM..Wow6432NodeRun: [ATKOSD2] . (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
O4 – HKLM..Wow6432NodeRun: [ATKMEDIA] . (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
O4 – HKLM..Wow6432NodeRun: [HControlUser] . (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
O4 – HKLM..Wow6432NodeRun: [Wireless Console 3] . (.ASUSTeK Computer Inc. – A program that manage wireless devices in s.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe
O4 – HKLM..Wow6432NodeRun: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
O4 – HKLM..Wow6432NodeRun: [NI Update Service] . (.National Instruments – National Instruments Update Service.) — C:Program Files (x86)National InstrumentsSharedUpdate ServiceNIUpdateService.exe
O4 – HKLM..Wow6432NodeRun: [niDevMon] . (.National Instruments Corporation – NI-DAQ Device Monitor.) — C:Program Files (x86)National InstrumentsNI-DAQHWConfignidevmon.exe
O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-2618693130-1802013049-3945703744-1001..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-2618693130-1802013049-3945703744-1001..Run: [NIRegistrationWizard] . (…) — C:Program Files (x86)National InstrumentsSharedRegistrationWizardBinRegistrationWizard.exe
~ Application: Scanned in 00mn 00s
—\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
—\ Winsock hijacker (Layered Service Provider) (O10)
O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
O10 – WLSP:00000000008Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
O10 – WLSP:00000000009Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:Windowssystem32wshbth.dll
O10 – WLSP:00000000010Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program Files (x86)BonjourmdnsNSP.dll
O10 – WLSP:00000000011Winsock LSP File . (.National Instruments Corporation – National Instruments Zeroconf Namespace Service Provider.) — C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsNSP.dll
~ Winsock: 11 Scanned in 00mn 00s
—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{2D7176F1-3F2D-44C1-A029-459896DC4274}: DhcpNameServer = 130.104.1.2 130.104.1.1 130.104.254.1
O17 – HKLMSystemCS1ServicesTcpip..{2D7176F1-3F2D-44C1-A029-459896DC4274}: DhcpNameServer = 130.104.1.2 130.104.1.1 130.104.254.1
O17 – HKLMSystemCS2ServicesTcpip..{2D7176F1-3F2D-44C1-A029-459896DC4274}: DhcpNameServer = 130.104.1.2 130.104.1.1 130.104.254.1
~ Domain: Scanned in 00mn 00s
—\ Protocole additionnel (O18)
O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 311.) – C:Windowssystem32nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
—\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
O23 – Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. – ASUS FastBoot.) – C:Windowssystem32FBAgent.exe
O23 – Service: ASLDR Service (ASLDRService) . (.ASUS – ASLDR Service.) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
O23 – Service: ASUS InstantOn Service (ASUS InstantOn) . (.ASUS – ASUS InstantOn Program.) – C:Program Files (x86)ASUSInstantOn for NBInsOnSrv.exe
O23 – Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations – AdminService Application.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
O23 – Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS – GFNEXSrv.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
O23 – Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software – avast! Service.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
O23 – Service: Service Bonjour (Bonjour Service) . (.Apple Inc. – Bonjour Service.) – C:Program FilesBonjourmDNSResponder.exe
O23 – Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. – Programme d'installation de Google.) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe =>.Google Inc
O23 – Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation – Intel(R) Capability Licensing Service Inter.) – C:Program FilesInteliCLS ClientHeciServer.exe
O23 – Service: Intel(R) ME Service (Intel(R) ME Service) . (…) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
O23 – Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
O23 – Service: NI Citadel 4 Service (LkCitadelServer) . (.National Instruments, Inc. – Part of Logos.) – C:WindowsSysWOW64lkcitdl.exe
O23 – Service: NI PSP Service Locator (lkClassAds) . (.National Instruments Corporation – lkads.) – C:WindowsSysWOW64lkads.exe
O23 – Service: NI Time Synchronization (lkTimeSync) . (.National Instruments Corporation – lktsrv.) – C:WindowsSysWOW64lktsrv.exe
O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Local Manageability Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
O23 – Service: NI Configuration Manager (mxssvr) . (.National Instruments Corporation – MXS Service.) – C:Program Files (x86)National InstrumentsMAXnimxs.exe
O23 – Service: NI Application Web Server (NIApplicationWebServer) . (.National Instruments Corporation – Application Web Server Daemon.) – C:Program Files (x86)National InstrumentsSharedNI WebServerApplicationWebServer.exe
O23 – Service: NI Device Loader (nidevldu) . (.National Instruments Corporation – NI Measurements Device Loader SCM Plug-in.) – C:WindowsSysWOW64nidevldu.exe
O23 – Service: NI Domain Service (NIDomainService) . (.National Instruments Corporation – nidmsrv.) – C:Program Files (x86)National InstrumentsSharedSecuritynidmsrv.exe
O23 – Service: NI mDNS Responder Service (nimDNSResponder) . (.National Instruments Corporation – National Instruments Zeroconf Service.) – C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsResponder.exe
O23 – Service: NI Network Discovery (NINetworkDiscovery) . (.National Instruments Corporation – National Instruments Network Discovery Serv.) – C:Program Files (x86)National InstrumentsSharedNI Network DiscoveryniDiscSvc.exe
O23 – Service: NI PXI Resource Manager (nipxirmu) . (.National Instruments Corporation – NI PXI Service Manager.) – C:WindowsSysWOW64nipxism.exe
O23 – Service: NI Service Locator (NiSvcLoc) . (.National Instruments Corporation – NI Service Locator.) – C:Program Files (x86)National InstrumentsSharedniSvcLocnisvcloc.exe
O23 – Service: NI System Web Server (NISystemWebServer) . (.National Instruments Corporation – System Web Server Daemon.) – C:Program Files (x86)National InstrumentsSharedNI WebServerSystemWebServer.exe
O23 – Service: National Instruments Variable Engine (NITaggerService) . (.National Instruments Corporation – National Instruments Variable Engine.) – C:Program Files (x86)National InstrumentsSharedTaggertagsrv.exe
O23 – Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 311.4.) – C:Windowssystem32nvvsvc.exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation – NVIDIA Settings Update Manager.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
O23 – Service: Skype Updater (SkypeUpdate) . (.Skype Technologies – Skype Updater Service.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
O23 – Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation – User Notification Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
O23 – Service: ZAtheros Bt&Wlan Coex Agent (ZAtheros Bt&Wlan Coex Agent) . (.Atheros – Atheros Coex Service Application.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
~ Services: 31 Scanned in 00mn 13s
—\ Enumération Active Desktop & MHTML Editor (O24)
O24 – Default MHTML Editor: Last – .(…) – (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
—\ Enumère les données de BootExecute (BEX) (O34)
O34 – HKLM BootExecute: (autocheck autochk *) – File not found
~ BEX: 1 Scanned in 00mn 00s
—\ Tâches planifiées en automatique (O39)
[MD5.D51145F6B0CE987850F13A61DAD5E531] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [267440]
[MD5.3B9ED0E96B9E83B2CF2A57AF0FD3BB09] [APT] [ASUS P4G] (.ASUS.) — C:Program FilesASUSP4GBatteryLife.exe [1004464]
[MD5.F48ECBB9771865CDC5435BD9AF4564F0] [APT] [ASUS Quick Gesture] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Virtual TouchQuickGesturex86QuickGesture.exe [17872]
[MD5.107DCA9FE75CAD5BED0EA9D2CB80440C] [APT] [ASUS Quick Gesture (x64)] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Virtual TouchQuickGesturex64QuickGesture64.exe [18896]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] [APT] [ASUS SmartLogon Console Sensor] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSFaceLogonsensorsrv.exe [473728]
[MD5.ED759B7FD51466447CC31CBE79B99050] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1121448]
[MD5.D9AB754613208112B840C75B6762B909] [APT] [ATKOSD2] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [322176]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) — C:Program FilesAVAST SoftwareAvastAvastEmUpdate.exe [808448]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (…) — C:WindowsTEMP{D5F53F20-20A5-4D54-B407-C34254D33CDE}.exe (.not file.) [0] =>Toolbar.AVGSearch
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (…) — C:WindowsTEMP{5CC2DEDE-1CDA-4525-AA3B-72025517DA3F}.exe (.not file.) [0] =>Toolbar.AVGSearch
[MD5.45C26D4AF94C4D2335B5960F1D9BCC7D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) — C:Program FilesCCleanerCCleaner.exe [3113312]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [107912]
[MD5.C7AAC31A910E4BBFDF94D3786ED13E71] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d] (.Intel Corporation.) — C:Program Files (x86)IntelIntel(R) ME FW Recovery AgentbinBootstrap.exe [233224]
[MD5.C7AAC31A910E4BBFDF94D3786ED13E71] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon] (.Intel Corporation.) — C:Program Files (x86)IntelIntel(R) ME FW Recovery AgentbinBootstrap.exe [233224]
[MD5.FD145BB8D84122A16824344E722245F7] [APT] [MATLAB R2013a Startup Accelerator] (…) — C:Program Files (x86)MATLABR2013a Studentbinwin32MATLABStartupAccelerator.exe [32768]
[MD5.00000000000000000000000000000000] [APT] [{764E0E5A-747A-43CB-BA2A-4DFD1BD5E8C9}] (…) — F:SETUP.exe (.not file.) [0]
[MD5.15ABBA57923260D4B09A5D5E5754D8B0] [APT] [{FB80856A-D751-4229-BC18-0BA233EE83D7}] (.Google Inc..) — c:program files (x86)googlechromeapplicationchrome.exe [856904]
O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
O39 – APT: AVG-Secure-Search-Update_JUNE2013_HP_rmv – (…) — C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_HP_rmv.job [352] =>Toolbar.AVGSearch
O39 – APT: AVG-Secure-Search-Update_JUNE2013_HP_rmv – (…) — C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_HP_rmv [352] =>Toolbar.AVGSearch
O39 – APT: AVG-Secure-Search-Update_JUNE2013_TB_rmv – (…) — C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_TB_rmv.job [352] =>Toolbar.AVGSearch
O39 – APT: AVG-Secure-Search-Update_JUNE2013_TB_rmv – (…) — C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_TB_rmv [352] =>Toolbar.AVGSearch
O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1066]
O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1066]
O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1070]
O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1070]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon – (.Intel Corporation.) — C:WindowsTasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [828]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon – (.Intel Corporation.) — C:WindowsSystem32TasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [828]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d – (.Intel Corporation.) — C:WindowsTasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [830]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d – (.Intel Corporation.) — C:WindowsSystem32TasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d [830]
O39 – APT: MATLAB R2013a Startup Accelerator – (…) — C:WindowsTasksMATLAB R2013a Startup Accelerator.job [602]
O39 – APT: MATLAB R2013a Startup Accelerator – (…) — C:WindowsSystem32TasksMATLAB R2013a Startup Accelerator [602]
~ Scheduled Task: 35 Scanned in 00mn 07s
—\ Composants installés (ActiveSetup Installed Components) (O40)
O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
O40 – ASIC: Internet Explorer [64Bits] – {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s
—\ Pilotes lancés au démarrage du système (O41)
O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
O41 – Driver: (aswRdr) . (.AVAST Software – avast! WFP Redirect Driver.) – C:Windowssystem32driversaswRdr2.sys
O41 – Driver: (aswSnx) . (.AVAST Software – avast! Virtualization Driver.) – C:Windowssystem32driversaswSnx.sys
O41 – Driver: (aswSP) . (.AVAST Software – avast! self protection module.) – C:Windowssystem32driversaswSP.sys
O41 – Driver: (ATKWMIACPIIO) . (.ASUS – ATK WMIACPI Utility.) – C:Program Files (x86)ASUSATK PackageATK WMIACPIatkwmiacpi64.sys
O41 – Driver: (blbdrive) . (.Microsoft Corporation – BLB Drive Driver.) – C:WindowsSystem32DRIVERSblbdrive.sys
O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
O41 – Driver: C:WindowsSystem32driversdiscache.sys (discache) . (.Microsoft Corporation – System Indexer/Cache Driver.) – C:WindowsSystem32driversdiscache.sys
O41 – Driver: (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:WindowsSystem32DRIVERSmssmbios.sys
O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
O41 – Driver: C:WindowsSystem32DRIVERSRDPCDD.sys (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
O41 – Driver: C:WindowsSystem32driversRDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation – RDP Encoder Miniport.) – C:WindowsSystem32driversrdpencdd.sys
O41 – Driver: C:WindowsSystem32driversRdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation – RDP Reflector Driver Miniport.) – C:WindowsSystem32driversrdprefmp.sys
O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
O41 – Driver: (TermDD) . (.Microsoft Corporation – Remote Desktop Server Driver.) – C:WindowsSystem32DRIVERStermdd.sys
O41 – Driver: (VBoxDrv) . (.Oracle Corporation – VirtualBox Support Driver.) – C:WindowsSystem32DRIVERSVBoxDrv.sys
O41 – Driver: (VBoxUSBMon) . (.Oracle Corporation – VirtualBox USB Monitor Driver.) – C:WindowsSystem32DRIVERSVBoxUSBMon.sys
O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
O41 – Driver: (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:WindowsSystem32DRIVERSvwififlt.sys
O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
O41 – Driver: (WfpLwf) . (.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – C:WindowsSystem32DRIVERSwfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s[/spoiler:3quqf3ej]
les autres suivent
Simfreed
Participant
21 novembre 2014 à 19 h 29 min
Nombre d'articles : 2
#208680
ZHPDiag: (partie2)
[spoiler:1u54s8t0]—\ Logiciels installés (O42)
O42 – Logiciel: ASUS AI Recovery – (.ASUS.) [HKLM][64Bits] — {D39F0676-163E-4595-A917-E28F99BBD4D2}
O42 – Logiciel: ASUS FaceLogon – (.ASUS.) [HKLM][64Bits] — {64452561-169F-4A36-A2FF-B5E118EC65F5}
O42 – Logiciel: ASUS K45_K75_K95_Screensaver – (.ASUS.) [HKLM][64Bits] — ASUS K45_K75_K95_Screensaver
O42 – Logiciel: ASUS LifeFrame3 – (.ASUS.) [HKLM][64Bits] — {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
O42 – Logiciel: ASUS Live Update – (.ASUS.) [HKLM][64Bits] — {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
O42 – Logiciel: ASUS Power4Gear Hybrid – (.ASUS.) [HKLM][64Bits] — {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 – Logiciel: ASUS Splendid Video Enhancement Technology – (.ASUS.) [HKLM][64Bits] — {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 – Logiciel: ASUS USB Charger Plus – (.ASUS.) [HKLM][64Bits] — {A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
O42 – Logiciel: ASUS Virtual Camera – (.ASUS.) [HKLM][64Bits] — {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
O42 – Logiciel: ASUS Virtual Touch – (.ASUS.) [HKLM][64Bits] — {938CFBD4-0652-49E5-BB8B-153948865941}
O42 – Logiciel: ASUS WebStorage – (.eCareme Technologies, Inc..) [HKLM][64Bits] — ASUS WebStorage
O42 – Logiciel: ATK Package – (.ASUS.) [HKLM][64Bits] — {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 – Logiciel: Adobe Flash Player 15 ActiveX – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player ActiveX
O42 – Logiciel: Adobe Flash Player 15 Plugin – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player Plugin
O42 – Logiciel: Adobe Reader X (10.1.12) MUI – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 – Logiciel: AsusVibe2.0 – (.ASUSTEK.) [HKLM][64Bits] — Asus Vibe2.0
O42 – Logiciel: Atheros Bluetooth Suite (64) – (.Atheros.) [HKLM][64Bits] — {230D1595-57DA-4933-8C4E-375797EBB7E1}
O42 – Logiciel: Audiograbber MP3 Plugin (64 bit) – (.AG.) [HKLM][64Bits] — Audiograbber-Lame
O42 – Logiciel: BattlEye for OA Uninstall – (…) [HKLM][64Bits] — BattlEye for OA
O42 – Logiciel: Battle.net – (.Blizzard Entertainment.) [HKLM][64Bits] — Battle.net
O42 – Logiciel: Bing Bar – (.Microsoft Corporation.) [HKLM][64Bits] — {3365E735-48A6-4194-9988-CE59AC5AE503} =>Toolbar.Bing
O42 – Logiciel: BlueJ – (.BlueJ Team.) [HKLM][64Bits] — {7D66971C-652B-4065-A6B1-B3EE313C254B}
O42 – Logiciel: Bonjour – (.Apple Inc..) [HKLM][64Bits] — {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 – Logiciel: Borderlands 2 – (.Gearbox Software.) [HKLM][64Bits] — Steam App 49520
O42 – Logiciel: Bubbletown – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}
O42 – Logiciel: CCleaner – (.Piriform.) [HKLM][64Bits] — CCleaner
O42 – Logiciel: Call of Duty: Black Ops – (.Treyarch.) [HKLM][64Bits] — Steam App 42700
O42 – Logiciel: Call of Duty: Black Ops – Multiplayer – (.Treyarch.) [HKLM][64Bits] — Steam App 42710
O42 – Logiciel: Call of Duty: Modern Warfare 3 – (.Infinity Ward – Sledgehammer Games.) [HKLM][64Bits] — Steam App 42680
O42 – Logiciel: Call of Duty: Modern Warfare 3 – Dedicated Server – (.Infinity Ward – Sledgehammer Games.) [HKLM][64Bits] — Steam App 42750
O42 – Logiciel: Call of Duty: Modern Warfare 3 – Multiplayer – (.Infinity Ward – Sledgehammer Games.) [HKLM][64Bits] — Steam App 42690
O42 – Logiciel: CodeBlocks – (.The Code::Blocks Team.) [HKCU][64Bits] — CodeBlocks
O42 – Logiciel: CyberLink LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 – Logiciel: CyberLink LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 – Logiciel: CyberLink Media Suite – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 – Logiciel: CyberLink Media Suite – (.CyberLink Corp..) [HKLM][64Bits] — {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 – Logiciel: CyberLink Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 – Logiciel: CyberLink Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 – Logiciel: DVDFab 8.2.1.0 (07/09/2012) Qt – (.Fengtao Software Inc..) [HKLM][64Bits] — DVDFab 8 Qt_is1
O42 – Logiciel: Deadtime Stories – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}
O42 – Logiciel: Diablo III – (.Blizzard Entertainment.) [HKLM][64Bits] — Diablo III
O42 – Logiciel: Dream Day First Home – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 – Logiciel: Dream Vacation Solitaire – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}
O42 – Logiciel: Dropbox – (.Dropbox, Inc..) [HKCU][64Bits] — Dropbox
O42 – Logiciel: ETDWare PS/2-X64 10.5.9.0 – (.ELAN Microelectronic Corp..) [HKLM][64Bits] — Elantech
O42 – Logiciel: Farm Frenzy 3 – Madagascar – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}
O42 – Logiciel: Fast Boot – (.ASUS.) [HKLM][64Bits] — {13F4A7F3-EABC-4261-AF6B-1317777F0755}
O42 – Logiciel: Fender FUSE 1.0.1 – (…) [HKLM][64Bits] — Fender FUSE
O42 – Logiciel: Galapago – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 – Logiciel: Game Park Console – (.Oberon Media Inc..) [HKLM][64Bits] — Game Park Console
O42 – Logiciel: Go Go Gourmet Chef of the Year – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}
O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM][64Bits] — Google Chrome
O42 – Logiciel: Google Drive – (.Google, Inc..) [HKLM][64Bits] — {C60F3836-333A-4AE2-B526-CFDBA143A9BA}
O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM][64Bits] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 – Logiciel: Guild Wars 2 – (.NCsoft Corporation, Ltd..) [HKLM][64Bits] — Guild Wars 2
O42 – Logiciel: Hearthstone – (.Blizzard Entertainment.) [HKLM][64Bits] — Hearthstone
O42 – Logiciel: InstantOn for NB – (.ASUS.) [HKLM][64Bits] — {749F674B-2674-47E8-879C-5626A06B2A91}
O42 – Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent – (.Intel Corporation.) [HKLM][64Bits] — {A6C48A9F-694A-4234-B3AA-62590B668927}
O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 – Logiciel: Intel(R) OpenCL CPU Runtime – (.Intel Corporation.) [HKLM][64Bits] — {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 – Logiciel: Intel(R) Processor Graphics – (.Intel Corporation.) [HKLM][64Bits] — {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 – Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver – (.Intel Corporation.) [HKLM][64Bits] — {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 – Logiciel: Intel® Trusted Connect Service Client – (.Intel Corporation.) [HKLM][64Bits] — {09536BA1-E498-4CC3-B834-D884A67D7E34}
O42 – Logiciel: Java 7 Update 60 (64-bit) – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F06417060FF}
O42 – Logiciel: Java 7 Update 71 – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 – Logiciel: Java SE Development Kit 7 Update 7 (64-bit) – (.Oracle.) [HKLM][64Bits] — {64A3A4F4-B792-11D6-A78A-00B0D0170070}
O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM][64Bits] — {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 – Logiciel: LTspice IV – (…) [HKLM][64Bits] — LTspice IV
O42 – Logiciel: LibreOffice 3.6 – (.The Document Foundation.) [HKLM][64Bits] — {C2F438B6-7010-453B-93EC-B2FC053AA97B}
O42 – Logiciel: Logiciels National Instruments – (.National Instruments.) [HKLM][64Bits] — NI Uninstaller
O42 – Logiciel: LyX 2.0.5.1 – (.LyX Team.) [HKLM][64Bits] — LyX2051
O42 – Logiciel: MATLAB R2013a Student Version (32-bit) – (.The MathWorks, Inc..) [HKLM][64Bits] — Matlab SV R2013a
O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 – Logiciel: MSVCRT_amd64 – (.Microsoft.) [HKLM][64Bits] — {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 – Logiciel: MSXML 4.0 SP2 (KB954430) – (.Microsoft Corporation.) [HKLM][64Bits] — {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 – Logiciel: MSXML 4.0 SP2 (KB973688) – (.Microsoft Corporation.) [HKLM][64Bits] — {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 – Logiciel: MSXML4 Parser – (.Microsoft Game Studios.) [HKLM][64Bits] — {01501EBA-EC35-4F9F-8889-3BE346E5DA13}
O42 – Logiciel: Mahjong Memoirs – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}
O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.3.1025 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
O42 – Logiciel: Mesh Runtime – (.Microsoft Corporation.) [HKLM][64Bits] — {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 – Logiciel: MiKTeX 2.9 – (.MiKTeX.org.) [HKLM][64Bits] — MiKTeX 2.9
O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM][64Bits] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 – Logiciel: Mises à jour NVIDIA 1.11.3 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 – Logiciel: Mozilla Firefox 33.1.1 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Firefox 33.1.1 (x86 fr)
O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM][64Bits] — MozillaMaintenanceService
O42 – Logiciel: Mozilla Thunderbird 31.2.0 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Thunderbird 31.2.0 (x86 fr) =>.Mozilla Corporation
O42 – Logiciel: NVIDIA PhysX – (.NVIDIA Corporation.) [HKLM][64Bits] — {46ED2B64-85C7-4E1F-920C-A555B21F2E4C}
O42 – Logiciel: NVIDIA Pilote graphique 311.44 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 – Logiciel: Nexus Mod Manager – (.Black Tree Gaming.) [HKLM][64Bits] — 6af12c54-643b-4752-87d0-8335503010de_is1
O42 – Logiciel: Oracle VM VirtualBox 4.3.6 – (.Oracle Corporation.) [HKLM][64Bits] — {DC65DFD8-E175-4A85-948A-42965853B2E8}
O42 – Logiciel: Plants vs Zombies – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}
O42 – Logiciel: Qualcomm Atheros WiFi Driver Installation – (.Qualcomm Atheros.) [HKLM][64Bits] — {7D916FA5-DAE9-4A25-B089-655C70EAF607}
O42 – Logiciel: Questions-Réponses 1.56 – (.Thomas et Mathieu DUBAËLE (Atlence.com).) [HKLM][64Bits] — Questions-Réponses
O42 – Logiciel: Realtek Ethernet Controller Driver – (.Realtek.) [HKLM][64Bits] — {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 – Logiciel: Realtek USB 2.0 Card Reader – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 – Logiciel: SceneSwitch – (.ASUS.) [HKLM][64Bits] — {5172E572-C175-4F80-A6D5-5CB45826AD61}
O42 – Logiciel: Security Update for CAPICOM (KB931906) – (.Microsoft Corporation.) [HKLM][64Bits] — KB931906
O42 – Logiciel: Security Update for CAPICOM (KB931906) – (.Microsoft Corporation.) [HKLM][64Bits] — {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 – Logiciel: Skype™ 6.11 – (.Skype Technologies S.A..) [HKLM][64Bits] — {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 – Logiciel: SolidWorks 2013 x64 Edition SP03 – (.SolidWorks Corporation.) [HKLM][64Bits] — SolidWorks Installation Manager 20130-40300-1100-100
O42 – Logiciel: SolidWorks 2013 x64 Edition SP03 – (.SolidWorks.) [HKLM][64Bits] — {B6B5EA7E-B91F-443D-A958-B0062FB53804}
O42 – Logiciel: SolidWorks 2013 x64 French Resources – (.Nom de votre société.) [HKLM][64Bits] — {0D01B115-8364-4AFD-8CA3-423488C25D26}
O42 – Logiciel: SolidWorks eDrawings 2013 x64 Edition SP03 – (.Dassault Systèmes SolidWorks Corp.) [HKLM][64Bits] — {AC2165BD-762D-420B-AD33-20FACAA7112B}
O42 – Logiciel: Steam – (.Valve Corporation.) [HKLM][64Bits] — {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 – Logiciel: TexMakerX 1.9.3 – (.Benito van der Zander.) [HKLM][64Bits] — TexMakerX_is1
O42 – Logiciel: The Elder Scrolls V: Skyrim – (.Bethesda Game Studios.) [HKLM][64Bits] — Steam App 72850
O42 – Logiciel: Turbo Fiesta – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}
O42 – Logiciel: Ultra Defragmenter – (.UltraDefrag Development Team.) [HKLM][64Bits] — UltraDefrag
O42 – Logiciel: VLC media player – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
O42 – Logiciel: WinFlash – (.ASUS.) [HKLM][64Bits] — {8F21291E-0444-4B1D-B9F9-4370A73E346D}
O42 – Logiciel: WinRAR 5.10 (32-bit) – (.win.rar GmbH.) [HKLM][64Bits] — WinRAR archiver
O42 – Logiciel: Wireless Console 3 – (.ASUS.) [HKLM][64Bits] — {19EA33FB-B34E-40EA-8B8A-61743AEB795A}
O42 – Logiciel: World of Goo – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}
O42 – Logiciel: avast! Free Antivirus v9.0.2021 – (.AVAST Software.) [HKLM][64Bits] — avast
~ Logic: 71 Scanned in 00mn 00s
—\ HKCU & HKLM Software Keys
[HKCUSoftwareAFPL Ghostscript]
[HKCUSoftwareASProtect]
[HKCUSoftwareASUS]
[HKCUSoftwareATK0100]
[HKCUSoftwareActiveState]
[HKCUSoftwareAdobe]
[HKCUSoftwareAion]
[HKCUSoftwareAppDataLowSoftwareJavaSoft]
[HKCUSoftwareAppDataLow]
[HKCUSoftwareAtheros]
[HKCUSoftwareAvast Software]
[HKCUSoftwareBlizzard Entertainment]
[HKCUSoftwareBlueJ]
[HKCUSoftwareBohemia Interactive Studio]
[HKCUSoftwareClasses]
[HKCUSoftwareClients]
[HKCUSoftwareCryptic]
[HKCUSoftwareCyberLink]
[HKCUSoftwareDT Soft]
[HKCUSoftwareDVDFab]
[HKCUSoftwareDisc Soft]
[HKCUSoftwareECAREME]
[HKCUSoftwareElantech]
[HKCUSoftwareEmulators]
[HKCUSoftwareFender FUSE]
[HKCUSoftwareGPL Ghostscript]
[HKCUSoftwareGameSpy]
[HKCUSoftwareGameforge4d]
[HKCUSoftwareGoogle]
[HKCUSoftwareHewlett-Packard]
[HKCUSoftwareIM Providers]
[HKCUSoftwareInfernum]
[HKCUSoftwareIntel]
[HKCUSoftwareJavaSoft]
[HKCUSoftwareLyX]
[HKCUSoftwareMacromedia]
[HKCUSoftwareMalwarebytes' Anti-Malware]
[HKCUSoftwareMathworks]
[HKCUSoftwareMiKTeX.org]
[HKCUSoftwareMozillaPlugins]
[HKCUSoftwareMozilla]
[HKCUSoftwareNVIDIA Corporation]
[HKCUSoftwareNational Instruments]
[HKCUSoftwareNetscape]
[HKCUSoftwareODBC]
[HKCUSoftwareOracle]
[HKCUSoftwarePiriform]
[HKCUSoftwarePolicies]
[HKCUSoftwareRICOH]
[HKCUSoftwareRealtek]
[HKCUSoftwareSecuROM]
[HKCUSoftwareSkype]
[HKCUSoftwareSolidWorks]
[HKCUSoftwareTUG]
[HKCUSoftwareThe Document Foundation]
[HKCUSoftwareThunderbird] =>.Mozilla Corporation
[HKCUSoftwareTortoiseGit]
[HKCUSoftwareTortoiseSVN]
[HKCUSoftwareTrolltech]
[HKCUSoftwareValve]
[HKCUSoftwareWinRAR SFX]
[HKCUSoftwareWinRAR]
[HKCUSoftwareWow6432Node]
[HKCUSoftwareZebHelpProcess Helper]
[HKCUSoftwareeDrawings]
[HKCUSoftwareej-technologies]
[HKCUSoftwaresrac]
[HKCUSoftwaretestapp]
[HKCUSoftwaretrion]
[HKLMSoftwareAGEIA Technologies]
[HKLMSoftwareASUS]
[HKLMSoftwareATHEROS]
[HKLMSoftwareATI Technologies]
[HKLMSoftwareAgere]
[HKLMSoftwareApple Inc.]
[HKLMSoftwareClasses]
[HKLMSoftwareClients]
[HKLMSoftwareDTS]
[HKLMSoftwareDolby]
[HKLMSoftwareECAREME]
[HKLMSoftwareHewlett-Packard]
[HKLMSoftwareIM Providers]
[HKLMSoftwareIntel]
[HKLMSoftwareJavaSoft]
[HKLMSoftwareKhronos]
[HKLMSoftwareKnowles]
[HKLMSoftwareLSI]
[HKLMSoftwareMacromedia]
[HKLMSoftwareMacrovision]
[HKLMSoftwareMcAfee.com]
[HKLMSoftwareMozillaPlugins]
[HKLMSoftwareMozilla]
[HKLMSoftwareNVIDIA Corporation]
[HKLMSoftwareNational Instruments]
[HKLMSoftwareNexusModManager]
[HKLMSoftwareODBC]
[HKLMSoftwareOracle]
[HKLMSoftwarePXISA]
[HKLMSoftwarePiriform]
[HKLMSoftwarePolicies]
[HKLMSoftwareRICOH]
[HKLMSoftwareRTLSetup]
[HKLMSoftwareRealtek Semiconductor Corp.]
[HKLMSoftwareRealtek]
[HKLMSoftwareRegisteredApplications]
[HKLMSoftwareSRS Labs]
[HKLMSoftwareSiteAdvisor]
[HKLMSoftwareSolidWorks]
[HKLMSoftwareSonicFocus]
[HKLMSoftwareSonic]
[HKLMSoftwareSrac]
[HKLMSoftwareWaves Audio]
[HKLMSoftwareWow6432NodeAFPL Ghostscript]
[HKLMSoftwareWow6432NodeAGEIA Technologies]
[HKLMSoftwareWow6432NodeASUS]
[HKLMSoftwareWow6432NodeAVAST Software]
[HKLMSoftwareWow6432NodeActivision]
[HKLMSoftwareWow6432NodeAdobe]
[HKLMSoftwareWow6432NodeAdwCleaner]
[HKLMSoftwareWow6432NodeApple Inc.]
[HKLMSoftwareWow6432NodeApps TMD]
[HKLMSoftwareWow6432NodeArenaNet]
[HKLMSoftwareWow6432NodeArobas Music]
[HKLMSoftwareWow6432NodeAsLdr]
[HKLMSoftwareWow6432NodeBethesda Softworks]
[HKLMSoftwareWow6432NodeBlizzard Entertainment]
[HKLMSoftwareWow6432NodeBohemia Interactive Studio]
[HKLMSoftwareWow6432NodeBohemia Interactive]
[HKLMSoftwareWow6432NodeClasses]
[HKLMSoftwareWow6432NodeClients]
[HKLMSoftwareWow6432NodeCyberLink]
[HKLMSoftwareWow6432NodeDT Soft]
[HKLMSoftwareWow6432NodeDisc Soft]
[HKLMSoftwareWow6432NodeEA Games]
[HKLMSoftwareWow6432NodeECAREME]
[HKLMSoftwareWow6432NodeFLEXlm License Manager]
[HKLMSoftwareWow6432NodeGPL Ghostscript]
[HKLMSoftwareWow6432NodeGameforge]
[HKLMSoftwareWow6432NodeGoogle]
[HKLMSoftwareWow6432NodeIM Providers]
[HKLMSoftwareWow6432NodeImageMagick]
[HKLMSoftwareWow6432NodeInstallShield]
[HKLMSoftwareWow6432NodeIntel]
[HKLMSoftwareWow6432NodeJavaSoft]
[HKLMSoftwareWow6432NodeJreMetrics]
[HKLMSoftwareWow6432NodeKhronos]
[HKLMSoftwareWow6432NodeKitware]
[HKLMSoftwareWow6432NodeLibreOffice]
[HKLMSoftwareWow6432NodeMacromedia]
[HKLMSoftwareWow6432NodeMacrovision]
[HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware (Trial)]
[HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware]
[HKLMSoftwareWow6432NodeMathWorks]
[HKLMSoftwareWow6432NodeMetin2_FR]
[HKLMSoftwareWow6432NodeMiKTeX.org]
[HKLMSoftwareWow6432NodeMozillaPlugins]
[HKLMSoftwareWow6432NodeMozilla]
[HKLMSoftwareWow6432NodeNVIDIA Corporation]
[HKLMSoftwareWow6432NodeNational Instruments]
[HKLMSoftwareWow6432NodeNostale_FR]
[HKLMSoftwareWow6432NodeODBC]
[HKLMSoftwareWow6432NodeOberon Media]
[HKLMSoftwareWow6432NodePXISA]
[HKLMSoftwareWow6432NodePersits Software]
[HKLMSoftwareWow6432NodePolicies]
[HKLMSoftwareWow6432NodeQualcomm Atheros WiFi Driver Installation]
[HKLMSoftwareWow6432NodeRealtek Semiconductor Corp.]
[HKLMSoftwareWow6432NodeRealtek]
[HKLMSoftwareWow6432NodeRegisteredApplications]
[HKLMSoftwareWow6432NodeRunes of Magic]
[HKLMSoftwareWow6432NodeSkype]
[HKLMSoftwareWow6432NodeSolidWorks]
[HKLMSoftwareWow6432NodeThe Document Foundation]
[HKLMSoftwareWow6432NodeValve]
[HKLMSoftwareWow6432NodeVideoLAN]
[HKLMSoftwareWow6432NodeVolatile]
[HKLMSoftwareWow6432NodeWinRAR]
[HKLMSoftwareWow6432NodeZemi Interactive]
[HKLMSoftwareWow6432Nodemozilla.org]
[HKLMSoftwareWow6432Node]
[HKLMSoftwareeDrawings]
[HKLMSoftwareej-technologies]
[HKLMSoftwarejumpshot.com]
~ Key Software: 375 Scanned in 00mn 01s
—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 24/02/2012 – 03:28:31 – [] —-D C:Program Files (x86)Adobe
O43 – CFD: 7/09/2012 – 17:41:18 – [] —-D C:Program Files (x86)ASUS
O43 – CFD: 9/02/2014 – 12:43:24 – [] —-D C:Program Files (x86)Atlence
O43 – CFD: 9/09/2012 – 15:25:12 – [] —-D C:Program Files (x86)audiograbber
O43 – CFD: 6/11/2014 – 21:04:10 – [] —-D C:Program Files (x86)Battle.net
O43 – CFD: 22/09/2012 – 12:37:54 – [] —-D C:Program Files (x86)BlueJ
O43 – CFD: 21/05/2012 – 11:45:02 – [] —-D C:Program Files (x86)Bluetooth Suite
O43 – CFD: 1/03/2014 – 18:20:54 – [] —-D C:Program Files (x86)Bonjour
O43 – CFD: 5/02/2014 – 16:12:05 – [] —-D C:Program Files (x86)CodeBlocks
O43 – CFD: 18/11/2014 – 16:53:30 – [] —-D C:Program Files (x86)Common Files
O43 – CFD: 21/05/2012 – 11:56:24 – [] —-D C:Program Files (x86)CyberLink
O43 – CFD: 10/10/2014 – 18:37:53 – [] —-D C:Program Files (x86)Diablo III
O43 – CFD: 2/11/2012 – 16:07:48 – [] —-D C:Program Files (x86)Dotjosh Studios
O43 – CFD: 9/09/2012 – 16:48:46 – [] —-D C:Program Files (x86)DVDFab 8 Qt
O43 – CFD: 25/11/2012 – 16:46:15 – [] —-D C:Program Files (x86)Fender
O43 – CFD: 12/09/2013 – 09:25:31 – [] —-D C:Program Files (x86)Google
O43 – CFD: 13/09/2014 – 12:04:06 – [] —-D C:Program Files (x86)Guild Wars 2
O43 – CFD: 6/11/2014 – 21:00:05 – [] —-D C:Program Files (x86)Hearthstone
O43 – CFD: 22/05/2014 – 14:56:16 – [] –H-D C:Program Files (x86)InstallShield Installation Information
O43 – CFD: 20/12/2013 – 18:53:38 – [] —-D C:Program Files (x86)Intel
O43 – CFD: 13/11/2014 – 08:07:40 – [] —-D C:Program Files (x86)Internet Explorer
O43 – CFD: 18/11/2014 – 16:52:46 – [] —-D C:Program Files (x86)Java
O43 – CFD: 9/09/2012 – 15:37:31 – [] —-D C:Program Files (x86)LibreOffice 3.6
O43 – CFD: 28/01/2014 – 19:11:19 – [] —-D C:Program Files (x86)LTC
O43 – CFD: 17/02/2013 – 13:06:44 – [] —-D C:Program Files (x86)LyX 2.0
O43 – CFD: 19/10/2014 – 11:39:45 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
O43 – CFD: 27/09/2013 – 13:58:15 – [] —-D C:Program Files (x86)MATLAB
O43 – CFD: 24/02/2012 – 03:41:46 – [] —-D C:Program Files (x86)Microsoft
O43 – CFD: 3/03/2014 – 00:27:57 – [] —-D C:Program Files (x86)Microsoft CAPICOM 2.1.0.2
O43 – CFD: 18/10/2014 – 17:53:35 – [] —-D C:Program Files (x86)Microsoft Games
O43 – CFD: 1/03/2014 – 18:18:25 – [] —-D C:Program Files (x86)Microsoft Office
O43 – CFD: 25/07/2014 – 10:20:38 – [] —-D C:Program Files (x86)Microsoft Silverlight
O43 – CFD: 24/02/2012 – 03:37:31 – [] —-D C:Program Files (x86)Microsoft SQL Server Compact Edition
O43 – CFD: 4/12/2012 – 18:43:23 – [] —-D C:Program Files (x86)Microsoft Visual Studio
O43 – CFD: 1/03/2014 – 18:18:18 – [] —-D C:Program Files (x86)Microsoft Visual Studio 8
O43 – CFD: 5/12/2012 – 00:31:10 – [] —-D C:Program Files (x86)Microsoft Works
O43 – CFD: 4/12/2012 – 18:42:53 – [] —-D C:Program Files (x86)Microsoft.NET
O43 – CFD: 12/05/2013 – 18:11:01 – [] —-D C:Program Files (x86)MiKTeX 2.9
O43 – CFD: 15/11/2014 – 00:04:29 – [] —-D C:Program Files (x86)Mozilla Firefox
O43 – CFD: 16/11/2014 – 09:00:14 – [] —-D C:Program Files (x86)Mozilla Maintenance Service
O43 – CFD: 20/10/2014 – 15:09:36 – [] —-D C:Program Files (x86)Mozilla Thunderbird =>.Mozilla Corporation
O43 – CFD: 4/12/2012 – 18:43:33 – [] —-D C:Program Files (x86)MSBuild
O43 – CFD: 1/03/2014 – 18:16:59 – [] —-D C:Program Files (x86)MSECache
O43 – CFD: 23/10/2012 – 23:35:47 – [0] —-D C:Program Files (x86)MSXML 4.0
O43 – CFD: 21/10/2014 – 18:15:34 – [] —-D C:Program Files (x86)National Instruments
O43 – CFD: 21/05/2012 – 11:40:32 – [] —-D C:Program Files (x86)NVIDIA Corporation
O43 – CFD: 21/05/2012 – 11:43:49 – [] —-D C:Program Files (x86)Qualcomm Atheros WiFi Driver Installation
O43 – CFD: 21/05/2012 – 11:42:27 – [] —-D C:Program Files (x86)Realtek
O43 – CFD: 14/07/2009 – 06:32:38 – [] —-D C:Program Files (x86)Reference Assemblies
O43 – CFD: 27/09/2013 – 13:25:34 – [] —-D C:Program Files (x86)ScienceActive
O43 – CFD: 4/03/2014 – 20:53:31 – [] R—D C:Program Files (x86)Skype
O43 – CFD: 6/11/2014 – 21:41:16 – [] —-D C:Program Files (x86)Steam
O43 – CFD: 21/05/2012 – 11:41:48 – [0] –H-D C:Program Files (x86)Temp
O43 – CFD: 27/09/2013 – 14:31:01 – [] —-D C:Program Files (x86)TexMakerX
O43 – CFD: 14/07/2009 – 05:57:06 – [0] –H-D C:Program Files (x86)Uninstall Information
O43 – CFD: 9/09/2012 – 15:13:38 – [] —-D C:Program Files (x86)VideoLAN
O43 – CFD: 10/07/2013 – 20:42:53 – [] —-D C:Program Files (x86)Windows Defender
O43 – CFD: 24/02/2012 – 03:39:42 – [] —-D C:Program Files (x86)Windows Live
O43 – CFD: 11/09/2012 – 21:43:31 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
O43 – CFD: 12/12/2013 – 12:48:55 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
O43 – CFD: 14/07/2009 – 06:32:38 – [] —-D C:Program Files (x86)Windows NT
O43 – CFD: 11/09/2012 – 21:43:30 – [] —-D C:Program Files (x86)Windows Photo Viewer
O43 – CFD: 18/02/2011 – 21:09:10 – [] —-D C:Program Files (x86)Windows Portable Devices
O43 – CFD: 11/09/2012 – 21:43:34 – [] —-D C:Program Files (x86)Windows Sidebar
O43 – CFD: 15/06/2014 – 10:26:13 – [] —-D C:Program Files (x86)WinRAR
O43 – CFD: 19/10/2014 – 12:25:42 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
O43 – CFD: 8/09/2012 – 10:30:41 – [] —-D C:Program Files (x86)Common FilesAdobe
O43 – CFD: 21/05/2012 – 11:44:18 – [] —-D C:Program Files (x86)Common FilesAtheros
O43 – CFD: 9/02/2014 – 12:40:50 – [] —-D C:Program Files (x86)Common FilesAtlence
O43 – CFD: 16/01/2013 – 18:27:12 – [] —-D C:Program Files (x86)Common FilesBattlEye
O43 – CFD: 17/09/2014 – 09:25:03 – [] —-D C:Program Files (x86)Common FilesBlizzard Entertainment
O43 – CFD: 15/05/2014 – 07:08:16 – [] —-D C:Program Files (x86)Common FilesDESIGNER
O43 – CFD: 1/03/2014 – 18:15:29 – [] —-D C:Program Files (x86)Common FilesGestionnaire d'installation SolidWorks
O43 – CFD: 28/12/2013 – 16:24:25 – [] —-D C:Program Files (x86)Common FilesInstallShield
O43 – CFD: 18/11/2014 – 16:53:30 – [] —-D C:Program Files (x86)Common FilesJava
O43 – CFD: 1/03/2014 – 18:15:00 – [] —-D C:Program Files (x86)Common FilesMacrovision Shared
O43 – CFD: 21/10/2014 – 18:20:06 – [] —-D C:Program Files (x86)Common FilesMerge Modules
O43 – CFD: 1/03/2014 – 18:18:22 – [] —-D C:Program Files (x86)Common Filesmicrosoft shared
O43 – CFD: 24/02/2012 – 03:42:35 – [] —-D C:Program Files (x86)Common FilesOberon Media
O43 – CFD: 21/05/2012 – 11:40:39 – [] —-D C:Program Files (x86)Common FilespostureAgent
O43 – CFD: 21/05/2012 – 11:52:08 – [] —-D C:Program Files (x86)Common FilesSceneSwitch
O43 – CFD: 14/07/2009 – 04:20:08 – [] —-D C:Program Files (x86)Common FilesServices
O43 – CFD: 10/06/2013 – 18:53:40 – [] —-D C:Program Files (x86)Common FilesSkype
O43 – CFD: 1/03/2014 – 18:28:11 – [] —-D C:Program Files (x86)Common FilesSolidWorks Shared
O43 – CFD: 14/07/2009 – 04:20:08 – [] —-D C:Program Files (x86)Common FilesSpeechEngines
O43 – CFD: 6/11/2014 – 21:31:06 – [] —-D C:Program Files (x86)Common FilesSteam
O43 – CFD: 5/12/2012 – 22:58:22 – [] —-D C:Program Files (x86)Common FilesSystem
O43 – CFD: 24/02/2012 – 03:29:35 – [] —-D C:Program Files (x86)Common FilesWindows Live
O43 – CFD: 12/04/2013 – 11:17:19 – [] —-D C:ProgramDataAdobe
O43 – CFD: 1/03/2014 – 18:20:51 – [] —-D C:ProgramDataApple
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataApplication Data
O43 – CFD: 7/09/2012 – 17:40:24 – [] —-D C:ProgramDataAsus
O43 – CFD: 24/02/2012 – 03:42:14 – [] —-D C:ProgramDataASUS WebStorage
O43 – CFD: 7/09/2012 – 17:24:05 – [] —-D C:ProgramDataAtheros
O43 – CFD: 13/12/2013 – 08:25:06 – [] —-D C:ProgramDataAVAST Software
O43 – CFD: 11/09/2012 – 10:17:04 – [] —-D C:ProgramDataBattle.net
O43 – CFD: 11/09/2012 – 10:40:30 – [] —-D C:ProgramDataBlizzard Entertainment
O43 – CFD: 6/02/2013 – 11:16:05 – [] —-D C:ProgramDataBohemia Interactive Studio
O43 – CFD: 7/09/2012 – 17:24:16 – [] —-D C:ProgramDataChangeFolderView
O43 – CFD: 21/05/2012 – 11:54:37 – [] —-D C:ProgramDataCyberLink
O43 – CFD: 25/10/2012 – 21:11:30 – [] —-D C:ProgramDataDAEMON Tools Lite =>.DT Soft Ltd
O43 – CFD: 4/03/2014 – 16:59:09 – [] —-D C:ProgramDataDassaultSystemes
O43 – CFD: 24/02/2012 – 03:43:10 – [] —-D C:ProgramDataDeadtime Stories
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataDesktop
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataDocuments
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataFavorites
O43 – CFD: 1/03/2014 – 18:15:11 – [] —-D C:ProgramDataFLEXnet
O43 – CFD: 7/09/2012 – 17:21:16 – [] —-D C:ProgramDataFolderView
O43 – CFD: 22/09/2012 – 13:06:40 – [] —-D C:ProgramDataHewlett-Packard
O43 – CFD: 21/05/2012 – 11:41:06 – [] —-D C:ProgramDataIntel
O43 – CFD: 19/10/2014 – 11:39:42 – [] —-D C:ProgramDataMalwarebytes
O43 – CFD: 10/11/2012 – 09:35:13 – [] —-D C:ProgramDataMcAfee
O43 – CFD: 20/12/2013 – 19:00:53 – [] -S–D C:ProgramDataMicrosoft
O43 – CFD: 13/11/2014 – 01:13:51 – [] —-D C:ProgramDataMicrosoft Help
O43 – CFD: 17/02/2013 – 13:04:40 – [] —-D C:ProgramDataMiKTeX
O43 – CFD: 7/09/2012 – 19:52:51 – [] —-D C:ProgramDataMozilla
O43 – CFD: 8/11/2014 – 14:06:51 – [] —-D C:ProgramDataNational Instruments
O43 – CFD: 20/12/2013 – 19:15:22 – [] —-D C:ProgramDataNVIDIA
O43 – CFD: 21/05/2012 – 11:38:32 – [] —-D C:ProgramDataNVIDIA Corporation
O43 – CFD: 18/11/2014 – 16:53:54 – [0] —-D C:ProgramDataOracle
O43 – CFD: 21/05/2012 – 11:49:32 – [] —-D C:ProgramDataP4G
O43 – CFD: 21/10/2014 – 18:14:46 – [] —-D C:ProgramDataPXISA
O43 – CFD: 21/05/2012 – 11:42:35 – [] —-D C:ProgramDataQualcomm Atheros
O43 – CFD: 4/03/2014 – 20:53:19 – [] —-D C:ProgramDataSkype
O43 – CFD: 4/07/2014 – 15:15:35 – [0] —-D C:ProgramDataSolid State Networks
O43 – CFD: 1/03/2014 – 18:22:22 – [] —-D C:ProgramDataSolidWorks
O43 – CFD: 21/05/2012 – 11:41:44 – [] —-D C:ProgramDataSonicFocus
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataStart Menu
O43 – CFD: 3/09/2014 – 09:32:31 – [] —-D C:ProgramDataSun
O43 – CFD: 21/05/2012 – 11:56:18 – [] —-D C:ProgramDataTemp
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataTemplates
O43 – CFD: 21/05/2012 – 11:53:58 – [] —-D C:ProgramDataUSBChargerPlus
O43 – CFD: 8/09/2014 – 19:57:02 – [] —-D C:UsersSimonAppDataRoaming.minecraft
O43 – CFD: 8/09/2012 – 10:08:13 – [] —-D C:UsersSimonAppDataRoamingAdobe
O43 – CFD: 7/09/2012 – 17:41:06 – [] —-D C:UsersSimonAppDataRoamingASUS WebStorage
O43 – CFD: 7/09/2012 – 17:23:55 – [] —-D C:UsersSimonAppDataRoamingAtheros
O43 – CFD: 13/12/2013 – 08:31:43 – [] —-D C:UsersSimonAppDataRoamingAVAST Software
O43 – CFD: 17/05/2014 – 21:08:07 – [] —-D C:UsersSimonAppDataRoamingBattle.net
O43 – CFD: 12/12/2013 – 13:33:37 – [] —-D C:UsersSimonAppDataRoamingbenibela
O43 – CFD: 11/07/2014 – 20:36:38 – [] —-D C:UsersSimonAppDataRoamingBigHugeEngine
O43 – CFD: 10/05/2014 – 09:33:21 – [] —-D C:UsersSimonAppDataRoamingCodeBlocks
O43 – CFD: 18/10/2014 – 20:08:49 – [] —-D C:UsersSimonAppDataRoamingDAEMON Tools Lite =>.DT Soft Ltd
O43 – CFD: 1/03/2014 – 18:32:09 – [0] —-D C:UsersSimonAppDataRoamingDassaultSystemes
O43 – CFD: 21/11/2014 – 09:06:14 – [] —-D C:UsersSimonAppDataRoamingDropbox
O43 – CFD: 4/07/2013 – 14:10:17 – [] —-D C:UsersSimonAppDataRoamingdvdcss
O43 – CFD: 11/09/2014 – 11:31:20 – [] —-D C:UsersSimonAppDataRoamingGuild Wars 2
O43 – CFD: 1/03/2014 – 18:38:43 – [] —-D C:UsersSimonAppDataRoaminghelp_images_otherUI
O43 – CFD: 7/09/2012 – 17:21:55 – [] —-D C:UsersSimonAppDataRoamingIdentities
O43 – CFD: 9/09/2012 – 15:37:52 – [] —-D C:UsersSimonAppDataRoamingLibreOffice
O43 – CFD: 1/05/2013 – 16:31:44 – [] —-D C:UsersSimonAppDataRoamingLyX2.0
O43 – CFD: 7/09/2012 – 17:41:06 – [] —-D C:UsersSimonAppDataRoamingMacromedia
O43 – CFD: 15/12/2013 – 18:49:02 – [] —-D C:UsersSimonAppDataRoamingMalwarebytes
O43 – CFD: 27/09/2013 – 14:22:46 – [] —-D C:UsersSimonAppDataRoamingMathWorks
O43 – CFD: 14/07/2009 – 08:44:38 – [0] —-D C:UsersSimonAppDataRoamingMedia Center Programs
O43 – CFD: 1/03/2014 – 18:32:15 – [] -S–D C:UsersSimonAppDataRoamingMicrosoft
O43 – CFD: 17/02/2013 – 13:19:24 – [] —-D C:UsersSimonAppDataRoamingMiKTeX
O43 – CFD: 7/09/2012 – 19:53:08 – [] —-D C:UsersSimonAppDataRoamingMozilla
O43 – CFD: 14/10/2012 – 16:29:26 – [] —-D C:UsersSimonAppDataRoamingNVIDIA
O43 – CFD: 28/12/2013 – 16:27:30 – [] R-H-D C:UsersSimonAppDataRoamingSecuROM
O43 – CFD: 4/05/2014 – 15:13:38 – [] —-D C:UsersSimonAppDataRoamingSkype
O43 – CFD: 13/05/2014 – 08:48:44 – [] —-D C:UsersSimonAppDataRoamingSolidWorks
O43 – CFD: 25/10/2012 – 22:30:06 – [] —-D C:UsersSimonAppDataRoamingSpirited Machine
O43 – CFD: 27/09/2013 – 15:05:28 – [] —-D C:UsersSimonAppDataRoamingSubversion
O43 – CFD: 18/10/2014 – 14:08:45 – [] —-D C:UsersSimonAppDataRoamingTeeworlds
O43 – CFD: 13/04/2014 – 15:02:24 – [] —-D C:UsersSimonAppDataRoamingTERA
O43 – CFD: 9/09/2012 – 15:46:47 – [] —-D C:UsersSimonAppDataRoamingThunderbird =>.Mozilla Corporation
O43 – CFD: 29/09/2013 – 13:50:12 – [] —-D C:UsersSimonAppDataRoamingTortoiseSVN
O43 – CFD: 19/11/2014 – 23:49:33 – [] —-D C:UsersSimonAppDataRoamingvlc
O43 – CFD: 14/10/2012 – 16:44:27 – [] —-D C:UsersSimonAppDataRoamingWinRAR
O43 – CFD: 25/05/2014 – 15:57:21 – [] —-D C:UsersSimonAppDataRoamingWorldPainter
O43 – CFD: 21/11/2014 – 15:02:11 – [] —-D C:UsersSimonAppDataRoamingZHP =>.Nicolas Coolman
O43 – CFD: 10/09/2012 – 19:39:58 – [] —-D C:UsersSimonAppDataLocalActivision
O43 – CFD: 2/11/2014 – 12:20:15 – [] —-D C:UsersSimonAppDataLocalAdobe
O43 – CFD: 7/09/2012 – 17:20:30 – [] -SH-D C:UsersSimonAppDataLocalApplication Data
O43 – CFD: 25/10/2012 – 22:15:58 – [] —-D C:UsersSimonAppDataLocalArmA 2
O43 – CFD: 11/11/2013 – 09:42:05 – [] —-D C:UsersSimonAppDataLocalArmA 2 OA
O43 – CFD: 7/09/2012 – 17:40:21 – [] —-D C:UsersSimonAppDataLocalASUS
O43 – CFD: 8/09/2012 – 16:46:01 – [] —-D C:UsersSimonAppDataLocalAxialis
O43 – CFD: 7/11/2014 – 19:18:21 – [] —-D C:UsersSimonAppDataLocalBattle.net
O43 – CFD: 3/03/2013 – 17:41:13 – [] —-D C:UsersSimonAppDataLocalBlack_Tree_Gaming
O43 – CFD: 17/05/2014 – 21:08:21 – [] —-D C:UsersSimonAppDataLocalBlizzard
O43 – CFD: 17/05/2014 – 20:54:15 – [] —-D C:UsersSimonAppDataLocalBlizzard Entertainment
O43 – CFD: 7/09/2012 – 17:24:04 – [] —-D C:UsersSimonAppDataLocalBMExplorer
O43 – CFD: 19/11/2014 – 18:22:33 – [] —-D C:UsersSimonAppDataLocalCrashDumps
O43 – CFD: 1/03/2014 – 18:32:09 – [0] —-D C:UsersSimonAppDataLocalDassaultSystemes
O43 – CFD: 2/11/2012 – 16:08:02 – [] —-D C:UsersSimonAppDataLocalDayZCommander
O43 – CFD: 2/11/2014 – 13:27:36 – [0] —-D C:UsersSimonAppDataLocalDiagnostics
O43 – CFD: 28/12/2013 – 16:24:28 – [] —-D C:UsersSimonAppDataLocalDownloaded Installations
O43 – CFD: 20/10/2014 – 08:14:31 – [] —-D C:UsersSimonAppDataLocalElevatedDiagnostics
O43 – CFD: 3/09/2014 – 09:19:32 – [] -SH-D C:UsersSimonAppDataLocalEmieSiteList
O43 – CFD: 3/09/2014 – 09:19:32 – [] -SH-D C:UsersSimonAppDataLocalEmieUserList
O43 – CFD: 11/06/2013 – 10:01:34 – [] —-D C:UsersSimonAppDataLocalGoogle
O43 – CFD: 7/09/2012 – 17:20:30 – [] -SH-D C:UsersSimonAppDataLocalHistorique
O43 – CFD: 10/09/2012 – 18:02:47 – [] —-D C:UsersSimonAppDataLocalMacromedia
O43 – CFD: 1/03/2014 – 18:32:16 – [] —-D C:UsersSimonAppDataLocalMicrosoft
O43 – CFD: 18/11/2014 – 16:35:00 – [] —-D C:UsersSimonAppDataLocalMicrosoft Games
O43 – CFD: 26/01/2014 – 00:13:43 – [] —-D C:UsersSimonAppDataLocalMicrosoft Help
O43 – CFD: 17/02/2013 – 13:06:44 – [] —-D C:UsersSimonAppDataLocalMiKTeX
O43 – CFD: 3/10/2013 – 21:31:30 – [] —-D C:UsersSimonAppDataLocalMozilla
O43 – CFD: 8/11/2014 – 14:19:06 – [] —-D C:UsersSimonAppDataLocalNational Instruments
O43 – CFD: 7/09/2012 – 19:24:48 – [] —-D C:UsersSimonAppDataLocalPower2Go
O43 – CFD: 15/12/2013 – 18:47:37 – [] —-D C:UsersSimonAppDataLocalPrograms
O43 – CFD: 14/12/2013 – 17:10:51 – [] —-D C:UsersSimonAppDataLocalSkyrim
O43 – CFD: 4/03/2014 – 17:00:15 – [] —-D C:UsersSimonAppDataLocalSolidWorks
O43 – CFD: 25/10/2012 – 22:32:36 – [] —-D C:UsersSimonAppDataLocalSpirited_Machine
O43 – CFD: 21/11/2014 – 14:27:31 – [] —-D C:UsersSimonAppDataLocalTemp
O43 – CFD: 11/05/2014 – 14:54:19 – [] —-D C:UsersSimonAppDataLocalTempFichierSauvegardeSW
O43 – CFD: 7/09/2012 – 17:20:30 – [] -SH-D C:UsersSimonAppDataLocalTemporary Internet Files
O43 – CFD: 29/09/2013 – 15:43:27 – [] —-D C:UsersSimonAppDataLocalTGitCache
O43 – CFD: 8/03/2014 – 19:58:30 – [] —-D C:UsersSimonAppDataLocalThe Witcher
O43 – CFD: 17/09/2014 – 13:45:20 – [] —-D C:UsersSimonAppDataLocalThunderbird =>.Mozilla Corporation
O43 – CFD: 29/09/2013 – 15:49:38 – [] —-D C:UsersSimonAppDataLocalTSVNCache
O43 – CFD: 9/09/2012 – 15:25:21 – [] —-D C:UsersSimonAppDataLocalVirtualStore
O43 – CFD: 14/07/2009 – 05:54:32 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
O43 – CFD: 29/09/2013 – 18:26:16 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsActiveState ActiveTcl 8.5.14.0
O43 – CFD: 14/08/2014 – 16:06:27 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
O43 – CFD: 9/09/2012 – 15:21:54 – [0] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsAudiograbber
O43 – CFD: 22/09/2012 – 12:37:55 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsBlueJ
O43 – CFD: 25/10/2012 – 22:36:32 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsBohemia Interactive
O43 – CFD: 20/11/2014 – 18:05:15 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsBT Devices
O43 – CFD: 5/02/2014 – 16:12:05 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsCodeBlocks
O43 – CFD: 21/11/2014 – 09:05:34 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsDropbox
O43 – CFD: 25/11/2012 – 16:46:16 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsFender FUSE
O43 – CFD: 18/10/2014 – 20:16:53 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsGames
O43 – CFD: 14/07/2009 – 05:49:38 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
O43 – CFD: 14/08/2014 – 16:06:27 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
O43 – CFD: 24/12/2012 – 23:47:01 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam
~ 3 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 230 Scanned in 00mn 00s
—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.8A8CB073A4B9F9D97CFA8CA9C1C851CE] – 11/11/2014 – 04:08:48 —A- . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll [728064]
O44 – LFC:[MD5.1306E6A1BF4D506CD687DF9F947270F2] – 11/11/2014 – 04:08:52 —A- . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll [241152]
O44 – LFC:[MD5.B938AF16A521C913791C6F7AFF032757] – 12/11/2014 – 07:46:56 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32oleaut32.dll [861696]
O44 – LFC:[MD5.2720C94ADCC1727A66365CCB1CE456C4] – 12/11/2014 – 07:47:02 —A- . (.Microsoft Corporation – Windows Installer.) — C:WindowsSystem32msi.dll [3241984]
O44 – LFC:[MD5.93C055B6AAD76360A60CB7E59A491531] – 12/11/2014 – 07:47:05 —A- . (.Microsoft Corporation – Pilote Win32 multi-utilisateurs.) — C:WindowsSystem32win32k.sys [3198976]
O44 – LFC:[MD5.934735F508E297504460935B71E99F0B] – 12/11/2014 – 07:47:08 —A- . (.Microsoft Corporation – Gestionnaire de liaisons d’objets2.) — C:WindowsSystem32packager.dll [77824]
O44 – LFC:[MD5.336BA030AB7B05300CB0B5C6AFB27176] – 12/11/2014 – 07:47:19 —A- . (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll [22016]
O44 – LFC:[MD5.DF30FC54FFF79BC744B22A4850A3CF92] – 12/11/2014 – 07:47:19 —A- . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32TSpkg.dll [86528]
O44 – LFC:[MD5.47C48C705F4F1EFC99B50B43AE4301FE] – 12/11/2014 – 07:47:20 —A- . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll [314880]
O44 – LFC:[MD5.55F0CF40479A1FC89CFA578909A540F2] – 12/11/2014 – 07:47:20 —A- . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll [210944]
O44 – LFC:[MD5.109CC0DF72CC07A6CB59D2995255A1DA] – 12/11/2014 – 07:47:24 —A- . (.Microsoft Corporation – Bibliothèque de chiffrement Windows.) — C:WindowsSystem32ncrypt.dll [309760]
O44 – LFC:[MD5.A71B81AC2C14ABA013CCF1225D9E3E36] – 12/11/2014 – 07:47:24 —A- . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll [342016]
O44 – LFC:[MD5.FAFCB80D42A65964B6F4945283B8C10F] – 12/11/2014 – 07:47:29 —A- . (.Microsoft Corporation – Session audio.) — C:WindowsSystem32AudioSes.dll [296448]
O44 – LFC:[MD5.A2C9E45F4069A002E985D1563D16813B] – 12/11/2014 – 07:47:30 —A- . (.Microsoft Corporation – Audio Engine.) — C:WindowsSystem32AudioEng.dll [440832]
O44 – LFC:[MD5.B1BB7B91C3C878FDB2874138CE81C4EF] – 12/11/2014 – 07:47:30 —A- . (.Microsoft Corporation – Media Foundation Crash Dump Encryption DLL.) — C:WindowsSystem32EncDump.dll [284672]
O44 – LFC:[MD5.9383B21A4B77C130940262DDC5F3F49B] – 12/11/2014 – 07:47:32 —A- . (.Microsoft Corporation – Audio Ks Endpoint.) — C:WindowsSystem32AUDIOKSE.dll [500224]
O44 – LFC:[MD5.DE3E38431B00C2EA247C53675DCF01A0] – 12/11/2014 – 07:47:32 —A- . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32audiosrv.dll [680960]
O44 – LFC:[MD5.1FEBD408F32DFC523882E7DA5AC57819] – 12/11/2014 – 07:47:33 —A- . (.Microsoft Corporation – Microsoft IME.) — C:WindowsSystem32IMJP10K.DLL [878080]
O44 – LFC:[MD5.364ECFF4ABD9D575F4F7CF7EB7928EF3] – 12/11/2014 – 07:47:35 —A- . (.Microsoft Corporation – MSXML 3.0 SP11.) — C:WindowsSystem32msxml3.dll [1882624]
O44 – LFC:[MD5.D005697F0467BBDDAB7638496DA5DB52] – 12/11/2014 – 07:47:35 —A- . (.Microsoft Corporation – XML Resources.) — C:WindowsSystem32msxml3r.dll [2048]
O44 – LFC:[MD5.BBD6A636AAA65D874F3863280CD8373D] – 12/11/2014 – 07:47:46 —A- . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll [25110016]
O44 – LFC:[MD5.4B6D9AB2ECD11AF5F6B1C42D938E0A85] – 12/11/2014 – 07:47:47 —A- . (.Microsoft Corporation – DAC for Trident DOM.) — C:WindowsSystem32MshtmlDac.dll [88064]
O44 – LFC:[MD5.EE3592B010E3F69D141323E592C01A1A] – 12/11/2014 – 07:47:47 —A- . (.Microsoft Corporation – DLL de gestion d'utilisateur local et de co.) — C:WindowsSystem32msrating.dll [199680]
O44 – LFC:[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] – 12/11/2014 – 07:47:48 —A- . (.Microsoft Corporation – Extensions Internet pour Win32.) — C:WindowsSystem32wininet.dll [2365440]
O44 – LFC:[MD5.B6DC4597FF946B0C8B29650A71F52D4E] – 12/11/2014 – 07:47:48 —A- . (.Microsoft Corporation – Microsoft ® VBScript.) — C:WindowsSystem32vbscript.dll [580096]
O44 – LFC:[MD5.98088A13F65BE35DA3693F264740CEEC] – 12/11/2014 – 07:47:49 —A- . (.Microsoft Corporation – Microsoft (R) HTML Media DLL.) — C:WindowsSystem32mshtmlmedia.dll [1359360]
O44 – LFC:[MD5.F208D7FB40FD80EA9F123BABF687359C] – 12/11/2014 – 07:47:49 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript9.dll [6040064]
O44 – LFC:[MD5.7EC80DB959695D4F927D2D601DA59F35] – 12/11/2014 – 07:47:49 —A- . (.Microsoft Corporation – Microsoft ® JScript Diagnostics.) — C:WindowsSystem32jscript9diag.dll [814080]
O44 – LFC:[MD5.7EE5FBD190BF5B27F7977EA6CBF0DCAC] – 12/11/2014 – 07:47:50 —A- . (.Microsoft Corporation – Microsoft® HTML Editing Component.) — C:WindowsSystem32mshtmled.dll [92160]
O44 – LFC:[MD5.69602F6259598A7837CB83D3608FE293] – 12/11/2014 – 07:47:50 —A- . (.Microsoft Corporation – Moteur de l’interface utilisateur d’Interne.) — C:WindowsSystem32ieui.dll [633856]
O44 – LFC:[MD5.154B8555A118BCFD95F358390E418B00] – 12/11/2014 – 07:47:50 —A- . (.Microsoft Corporation – Navigateur Internet.) — C:WindowsSystem32ieframe.dll [14390272]
O44 – LFC:[MD5.31F2A5ECFD2C75F970A3007ACD5627C7] – 12/11/2014 – 07:47:51 —A- . (.Microsoft Corporation – JScript Proxy Auto-Configuration.) — C:WindowsSystem32jsproxy.dll [54784]
O44 – LFC:[MD5.08BCDD6C9E23D00309F359620461DFE8] – 12/11/2014 – 07:47:51 —A- . (.Microsoft Corporation – Outil d’installation sans assistance d’IE 7.) — C:WindowsSystem32ieUnatt.exe [144384]
O44 – LFC:[MD5.5C9D58591D0091630452B04F35527240] – 12/11/2014 – 07:47:52 —A- . (.Microsoft Corporation – Panneau de configuration Internet.) — C:WindowsSystem32inetcpl.cpl [2124288]
O44 – LFC:[MD5.BA4EC6139B8830BBA9CC5D065CA5796C] – 12/11/2014 – 07:47:52 —A- . (.Microsoft Corporation – Run time utility for Internet Explorer.) — C:WindowsSystem32iertutil.dll [2884096]
O44 – LFC:[MD5.6507CA9349500A535AF70670F248E525] – 12/11/2014 – 07:47:53 —A- . (.Microsoft Corporation – IOD Version Map.) — C:WindowsSystem32iesetup.dll [66560]
O44 – LFC:[MD5.BD708EBEDB35E474F1A19747154ACC47] – 12/11/2014 – 07:47:53 —A- . (.Microsoft Corporation – Microsoft SmartScreen Filter.) — C:WindowsSystem32ieapfltr.dll [799232]
O44 – LFC:[MD5.1E30BECF0DB35481588FB72C9CF97CA2] – 12/11/2014 – 07:47:54 —A- . (.Microsoft Corporation – Microsoft Feeds Manager.) — C:WindowsSystem32msfeeds.dll [800768]
O44 – LFC:[MD5.E17C34BECCD1388E9B386A9F82F01222] – 12/11/2014 – 07:47:55 —A- . (.Microsoft Corporation – IE ETW Collector Service Resources.) — C:WindowsSystem32ieetwcollectorres.dll [4096]
O44 – LFC:[MD5.C6A719FD0B07B2DD0ADACD07636F4BAD] – 12/11/2014 – 07:47:55 —A- . (.Microsoft Corporation – Microsoft Spell Checking Facility.) — C:WindowsSystem32MsSpellCheckingFacility.exe [968704]
O44 – LFC:[MD5.56651A76C63DAF2C593F1F767FC8A856] – 12/11/2014 – 07:47:57 —A- . (.Microsoft Corporation – Extensions OLE32 pour Win32.) — C:WindowsSystem32urlmon.dll [1550336]
O44 – LFC:[MD5.33098C85B789630865CD3F5D22FB0DFC] – 12/11/2014 – 07:48:01 —A- . (.Microsoft Corporation – JavaScript Performance Collection Agent.) — C:WindowsSystem32JavaScriptCollectionAgent.dll [77824]
O44 – LFC:[MD5.1F3794CE1AEA5DA12ACF90210EAE4ECB] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – IE ETW Collector Proxy Stub Resources.) — C:WindowsSystem32ieetwproxystub.dll [48640]
O44 – LFC:[MD5.7293701905DF1F40760C851F20DDC9EC] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – IE ETW Collector Service.) — C:WindowsSystem32ieetwcollector.exe [114688]
O44 – LFC:[MD5.854B230F5D77486B67D809FFB8A10C7E] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – Microsoft® MSHTML Typelib.) — C:WindowsSystem32mshtml.tlb [2724864]
O44 – LFC:[MD5.26BC4EC95E363DD59171710E22108F15] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – Traitement de RunOnce complet avec interfac.) — C:WindowsSystem32iernonce.dll [34304]
O44 – LFC:[MD5.4E47ABA3C6C5032446A2AF7EFD026037] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Expl.) — C:WindowsSystem32ie4uinit.exe [716800]
O44 – LFC:[MD5.7184AEACDA13E64B10F84E9DD79C8A01] – 12/11/2014 – 07:48:09 —A- . (.Microsoft Corporation – DLL des événements d’audit de la sécurité.) — C:WindowsSystem32msaudite.dll [146432]
O44 – LFC:[MD5.58F87BF5659C8EBC61EB439C916F2F9A] – 12/11/2014 – 07:48:11 —A- . (.Microsoft Corporation – DLL du schéma d’audit de sécurité.) — C:WindowsSystem32adtschema.dll [681984]
O44 – LFC:[MD5.C4C1B73FC2FF151BA08E1EAFDE2A2FAF] – 12/11/2014 – 07:48:11 —A- . (.Microsoft Corporation – DLL serveur LSA.) — C:WindowsSystem32lsasrv.dll [1460736]
O44 – LFC:[MD5.41774FF331F609EF442B7398EE6202B1] – 12/11/2014 – 07:48:11 —A- . (.Microsoft Corporation – Kernel Security Support Provider Interface.) — C:WindowsSystem32Driversksecpkg.sys [155064]
O44 – LFC:[MD5.008CD4EBFABCF78D0F19B3778492648C] – 12/11/2014 – 07:48:12 —A- . (.Microsoft Corporation – Gestionnaire des connexions distantes du se.) — C:WindowsSystem32termsrv.dll [683520]
O44 – LFC:[MD5.6021CF6A11DE9B5FC1BD210B6855C497] – 12/11/2014 – 07:48:13 —A- . (.Microsoft Corporation – Application Experience Program Inventory Co.) — C:WindowsSystem32aeinv.dll [424448]
O44 – LFC:[MD5.9F1FA4F36406693C77CC5779AA7E532D] – 12/11/2014 – 07:48:14 —A- . (.Microsoft Corporation – Mise à jour des données de compatibilité de.) — C:WindowsSystem32aepdu.dll [228864]
O44 – LFC:[MD5.F992AAE3F2DF1D7D2A75B681B0C5280E] – 12/11/2014 – 07:48:15 —A- . (.Microsoft Corporation – General Telemetry.) — C:WindowsSystem32generaltel.dll [304640]
O44 – LFC:[MD5.D92FB5770CBDE049A4732B76A77F6864] – 13/11/2014 – 01:06:06 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32MRT.exe [103374192]
O44 – LFC:[MD5.2C9EA95BE71D6C24A7B25774B577484A] – 13/11/2014 – 08:10:31 —A- . (…) — C:WindowsSystem32FNTCACHE.DAT [480504]
O44 – LFC:[MD5.83CA6203E1C69DEFE6CDE3A833DB01F4] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1669584]
O44 – LFC:[MD5.85BF0E329F34DDF87A6CAA3B981D1FBB] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfc009.dat [122336]
O44 – LFC:[MD5.9C98BD0F0BFF24FFA314112DC185A0BF] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfc00C.dat [150386]
O44 – LFC:[MD5.0EA1704483F3FB739E9B370643D68314] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfh009.dat [654464]
O44 – LFC:[MD5.DDBA87A0128051396D56FD67F31B8966] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfh00C.dat [747894]
O44 – LFC:[MD5.E7F977C266C1DF2DA7117A52441EBCF6] – 21/11/2014 – 14:24:36 —A- . (…) — C:WindowsPFRO.log [6006]
O44 – LFC:[MD5.E8D8501D471B93E97557EED394C440A8] – 21/11/2014 – 14:24:38 —A- . (…) — C:Windowssetupact.log [5924]
O44 – LFC:[MD5.CB65F207405A2B479136BF2ADF13D209] – 21/11/2014 – 14:24:38 -S-A- . (…) — C:Windowsbootstat.dat [67584]
O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 21/11/2014 – 14:30:31 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
O44 – LFC:[MD5.7DEF2E0FCD19BB030F52C5739755EF0B] – 21/11/2014 – 14:30:41 —A- . (…) — C:WindowsWindowsUpdate.log [1517284]
O44 – LFC:[MD5.1C216980E7D21100A357B52B3C45F78D] – 7/11/2014 – 20:49:08 —A- . (.Microsoft Corporation – Personnalisation d’IEAK.) — C:WindowsSystem32iedkcs32.dll [388272]
O44 – LFC:[MD5.88F06328527A204A5F4EA75A42067ED1] – 9/11/2014 – 21:30:23 –HA- . (…) — C:WindowsSystem32GelSprinter GX e2600.CAC [559]
~ Files: 71 Scanned in 00mn 16s[/spoiler:1u54s8t0]
Simfreed
Participant
21 novembre 2014 à 19 h 31 min
Nombre d'articles : 2
#208681
ZHPDiag: (partie3)
[spoiler:3h92hqo9]—\ Déni du service (Local Security Authority) (O48)
O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corp. – LiveSSP.) — C:WindowsSystem32livessp.dll
~ LSA: 9 Scanned in 00mn 00s
—\ Contrôle du Safe Boot (CSB) (O49)
O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (.Microsoft Corporation – RDP Encoder Miniport.) — C:WindowsSystem32Driversrdpencdd.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
—\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s
—\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 – SMSR:HKLM…startupregACMON [Key] . (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe
O53 – SMSR:HKLM…startupregAdobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe
O53 – SMSR:HKLM…startupregASUS Screen Saver Protector [Key] . (.ASUS – AsScrPro.) — C:WindowsAsScrPro.exe
O53 – SMSR:HKLM…startupregCLMLServer [Key] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
O53 – SMSR:HKLM…startupregRTHDVCPL [Key] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
~ SMSR Keys: 5 Scanned in 00mn 00s
—\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=5
O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=3
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPath”=1
~ MWPS: 17 Scanned in 00mn 00s
—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKCU…policiesExplorer] – “NoDriveAutoRun”=0
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktop”=1
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
O56 – MWPE:[HKLM…policiesExplorer] – “ForceActiveDesktopOn”=0
~ MWPE Keys: 4 Scanned in 00mn 00s
—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:21/08/2014 – 01:51:38 —A- . (.Advanced Card Systems Ltd. – PCSC/CCID IFD Handler.) — C:WindowsSystem32Driversa38usb.sys [62848]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [491088]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SATA Storport Driver.) — C:WindowsSystem32Driversadpahci.sys [339536]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec StorPort Ultra320 SCSI Driver (X64).) — C:WindowsSystem32Driversadpu320.sys [182864]
O58 – SDL:10/06/2009 – 22:01:06 —A- . (.LSI Corp – SoftModem Device Driver.) — C:WindowsSystem32Driversagrsm64.sys [1146880]
O58 – SDL:29/02/2012 – 19:08:34 —A- . (.ASUSTek Computer Inc. – ASUS Charger driver.) — C:WindowsSystem32DriversAiCharger.sys [17152]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Acer Laboratories Inc. – ALi mini IDE Driver.) — C:WindowsSystem32Driversaliide.sys [15440]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.Advanced Micro Devices – AHCI 1.2 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [107904]
O58 – SDL:14/07/2009 – 02:52:20 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [194128]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [27008]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec RAID Storport Driver.) — C:WindowsSystem32Driversarc.sys [87632]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [97856]
O58 – SDL:21/12/2011 – 22:15:56 —A- . (.Windows (R) Win 7 DDK provider – ASUS Virtual Bus.) — C:WindowsSystem32DriversAsusVBus.sys [35968]
O58 – SDL:8/11/2011 – 03:48:28 —A- . (.Windows (R) Win 7 DDK provider – ASUS HID mini driver for Virtual Touch Device.) — C:WindowsSystem32DriversAsusVTouch.sys [16512]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [29208] =>.ALWIL Software
O58 – SDL:11/07/2014 – 10:34:43 —A- . (.AVAST Software – avast! File System Minifilter for Windows 2003/Vista.) — C:WindowsSystem32DriversaswMonFlt.sys [79184]
O58 – SDL:11/07/2014 – 10:34:42 —A- . (.AVAST Software – avast! WFP Redirect Driver.) — C:WindowsSystem32DriversaswRdr2.sys [93568]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65776] =>.ALWIL Software
O58 – SDL:11/07/2014 – 10:34:43 —A- . (.AVAST Software – avast! Virtualization Driver.) — C:WindowsSystem32Driversaswsnx.sys [1041168]
O58 – SDL:11/07/2014 – 10:34:54 —A- . (.AVAST Software – avast! self protection module.) — C:WindowsSystem32Driversaswsp.sys [427360]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (.AVAST Software – Stream Filter.) — C:WindowsSystem32Driversaswstm.sys [92008]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [224896] =>.ALWIL Software
O58 – SDL:28/12/2011 – 05:44:26 —A- . (.Atheros Communications, Inc. – Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32Driversathrx.sys [2797056]
O58 – SDL:10/06/2009 – 21:34:23 —A- . (.Broadcom Corporation – Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) — C:WindowsSystem32Driversb57nd60a.sys [270848]
O58 – SDL:10/06/2009 – 21:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) — C:WindowsSystem32DriversBrFiltLo.sys [18432]
O58 – SDL:10/06/2009 – 21:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) — C:WindowsSystem32DriversBrFiltUp.sys [8704]
O58 – SDL:14/07/2009 – 02:19:07 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32DriversBrSerId.sys [286720]
O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother Serial driver (WDM version).) — C:WindowsSystem32DriversBrSerWdm.sys [47104]
O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother USB MDM Driver.) — C:WindowsSystem32DriversBrUsbMdm.sys [14976]
O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother USB Serial Driver.) — C:WindowsSystem32DriversBrUsbSer.sys [14720]
O58 – SDL:29/12/2011 – 23:16:18 —A- . (.Atheros – Atheros A2DP driver.) — C:WindowsSystem32Driversbtath_a2dp.sys [338592]
O58 – SDL:29/12/2011 – 23:16:36 —A- . (.Atheros – Atheros Bluetooth AVDT driver.) — C:WindowsSystem32Driversbtath_avdt.sys [110752]
O58 – SDL:29/12/2011 – 23:16:54 —A- . (.Atheros – Atheros BUS driver.) — C:WindowsSystem32Driversbtath_bus.sys [30368]
O58 – SDL:29/12/2011 – 23:17:06 —A- . (.Atheros – Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_flt.sys [36000]
O58 – SDL:29/12/2011 – 23:17:24 —A- . (.Atheros – Atheros HCRP driver.) — C:WindowsSystem32Driversbtath_hcrp.sys [167584]
O58 – SDL:29/12/2011 – 23:17:54 —A- . (.Atheros – Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_lwflt.sys [68256]
O58 – SDL:29/12/2011 – 23:18:06 —A- . (.Atheros – Atheros AVRCP driver.) — C:WindowsSystem32Driversbtath_rcp.sys [280992]
O58 – SDL:29/12/2011 – 23:18:54 —A- . (.Atheros – BtFilter Driver.) — C:WindowsSystem32Driversbtfilter.sys [548000]
O58 – SDL:10/06/2009 – 21:34:28 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [468480]
O58 – SDL:14/07/2009 – 02:52:31 —A- . (.CMD Technology, Inc. – CMD PCI IDE Bus Driver.) — C:WindowsSystem32Driverscmdide.sys [17488]
O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
O58 – SDL:19/02/2012 – 19:16:24 —A- . (.ELAN Microelectronics Corp. – ETD Kernel Center.) — C:WindowsSystem32DriversETD.sys [200488]
O58 – SDL:10/06/2009 – 21:34:33 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3286016]
O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
O58 – SDL:17/07/2012 – 18:12:08 —A- . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversHECIx64.sys [62784]
O58 – SDL:20/11/2010 – 14:33:36 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [78720]
O58 – SDL:29/11/2011 – 12:40:32 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver – x64.) — C:WindowsSystem32DriversiaStor.sys [568600]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [410496]
O58 – SDL:14/12/2012 – 02:42:22 —A- . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd64.sys [5353888]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.Intel Corp./ICP vortex GmbH – Intel/ICP Raid Storport Driver.) — C:WindowsSystem32Driversiirsp.sys [44112]
O58 – SDL:6/12/2011 – 12:23:10 —A- . (.Intel(R) Corporation – Intel(R) Display Audio Driver.) — C:WindowsSystem32DriversIntcDAud.sys [331264]
O58 – SDL:27/02/2012 – 12:01:00 —A- . (.Intel Corporation – Intel(R) USB 3.0 Host Controller Switch Driver.) — C:WindowsSystem32Driversiusb3hcs.sys [16152]
O58 – SDL:27/02/2012 – 12:01:00 —A- . (.Intel Corporation – Intel(R) USB 3.0 Hub Driver.) — C:WindowsSystem32Driversiusb3hub.sys [356120]
O58 – SDL:27/02/2012 – 12:01:00 —A- . (.Intel Corporation – Intel(R) USB 3.0 eXtensible Host Controller Driver.) — C:WindowsSystem32Driversiusb3xhc.sys [788760]
O58 – SDL:20/07/2009 – 10:29:40 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [15416]
O58 – SDL:10/06/2009 – 21:34:18 —A- . (.Atheros Communications, Inc. – Atheros L1c PCI-E Gigabit Ethernet Controller.) — C:WindowsSystem32DriversL1C62x64.sys [57344]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT FC Driver (StorPort).) — C:WindowsSystem32Driverslsi_fc.sys [114752]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [106560]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [65600]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SCSI Driver (StorPort).) — C:WindowsSystem32Driverslsi_scsi.sys [115776]
O58 – SDL:17/06/2013 – 08:42:50 —A- . (.National Instruments Corporation – LabVIEW Timed Loop Scheduler's Kernel/User Mode Pipe.) — C:WindowsSystem32Driverslvalarmk.sys [27528]
O58 – SDL:1/10/2014 – 10:11:12 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
O58 – SDL:1/10/2014 – 10:11:16 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
O58 – SDL:21/11/2014 – 14:30:31 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows 7Server 2008 R2 for.) — C:WindowsSystem32Driversmegasas.sys [35392]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32DriversMegaSR.sys [284736]
O58 – SDL:1/10/2014 – 10:11:26 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [63704]
O58 – SDL:14/07/2009 – 02:48:26 —A- . (.IBM Corporation – IBM ServeRAID Controller Driver.) — C:WindowsSystem32Driversnfrd960.sys [51264]
O58 – SDL:12/02/2013 – 10:09:00 —A- . (.National Instruments Corporation – 1006 Chassis Component.) — C:WindowsSystem32Driversni1006k.sys [30800]
O58 – SDL:12/02/2013 – 10:09:02 —A- . (.National Instruments Corporation – 1045 Chassis Component.) — C:WindowsSystem32Driversni1045kl.sys [12984]
O58 – SDL:12/02/2013 – 10:09:04 —A- . (.National Instruments Corporation – 1065 Chassis Component.) — C:WindowsSystem32Driversni1065k.sys [27832]
O58 – SDL:23/07/2012 – 19:41:06 —A- . (.National Instruments Corporation – NI cDAQ Common Components.) — C:WindowsSystem32Driversnicdcckl.sys [12992]
O58 – SDL:21/07/2011 – 13:48:16 —A- . (.National Instruments Corporation – NI Common Digital Runtime.) — C:WindowsSystem32Driversnicdrkl.sys [11864]
O58 – SDL:25/06/2013 – 14:27:30 —A- . (.National Instruments Corporation – NI Conditioned Measurements Runtime.) — C:WindowsSystem32Driversnicmrkl.sys [13456]
O58 – SDL:25/06/2013 – 14:27:38 —A- . (.National Instruments Corporation – NI Condor Runtime.) — C:WindowsSystem32Driversnicondrkl.sys [13416]
O58 – SDL:25/06/2013 – 14:27:16 —A- . (.National Instruments Corporation – NI C Series Runtime.) — C:WindowsSystem32Driversnicsrkl.sys [15176]
O58 – SDL:28/06/2012 – 16:44:32 —A- . (.National Instruments Corporation – NI Device Interconnect Manager.) — C:WindowsSystem32Driversnidimkl.sys [13000]
O58 – SDL:4/03/2013 – 13:44:58 —A- . (.National Instruments Corporation – NI-DAQmx Framework.) — C:WindowsSystem32Driversnidmxfkl.sys [13416]
O58 – SDL:13/02/2013 – 09:46:02 —A- . (.National Instruments Corporation – NI DSA Runtime Component.) — C:WindowsSystem32Driversnidsarkl.sys [13432]
O58 – SDL:12/01/2012 – 16:20:58 —A- . (.National Instruments Corporation – NI Ethernet Device Enumerator Driver.) — C:WindowsSystem32Driversniede.sys [38064]
O58 – SDL:25/06/2013 – 14:28:18 —A- . (.National Instruments Corporation – NI Embedded Runtime.) — C:WindowsSystem32Driversniemrkl.sys [15176]
O58 – SDL:25/06/2013 – 14:29:14 —A- . (.National Instruments Corporation – NI E Series Runtime.) — C:WindowsSystem32Driversniesrkl.sys [15176]
O58 – SDL:13/02/2013 – 13:10:32 —A- . (.National Instruments Corporation – NI Fusion Standard Library.) — C:WindowsSystem32Driversnifslkl.sys [13432]
O58 – SDL:28/06/2012 – 16:26:46 —A- . (.National Instruments Corporation – NI Measurements DeBuG Library.) — C:WindowsSystem32Driversnimdbgkl.sys [13000]
O58 – SDL:28/06/2012 – 18:17:38 —A- . (.National Instruments Corporation – NI Measurement Routing Utilities.) — C:WindowsSystem32Driversnimru2kl.sys [13008]
O58 – SDL:4/03/2013 – 13:43:24 —A- . (.National Instruments Corporation – NI Measurements Streaming DMA Runtime Component.) — C:WindowsSystem32Driversnimsdrkl.sys [13480]
O58 – SDL:4/03/2013 – 13:46:08 —A- . (.National Instruments Corporation – NI Measurements Status Component.) — C:WindowsSystem32Driversnimstskl.sys [13448]
O58 – SDL:28/06/2012 – 17:47:16 —A- . (.National Instruments Corporation – NI mx Driver Framework.) — C:WindowsSystem32Driversnimxdfkl.sys [12984]
O58 – SDL:4/03/2013 – 13:46:16 —A- . (.National Instruments Corporation – NI Measurements eXtensions for PAL.) — C:WindowsSystem32Driversnimxpkl.sys [13448]
O58 – SDL:9/10/2012 – 09:50:36 —A- . (.National Instruments Corporation – NI 6535-7 Driver for DAQmx (a).) — C:WindowsSystem32Driversninshsdkl.sys [13000]
O58 – SDL:28/06/2012 – 15:23:58 —A- . (.National Instruments Corporation – NI Object Request Broker.) — C:WindowsSystem32Driversniorbkl.sys [12992]
O58 – SDL:19/12/2012 – 22:11:28 —A- . (.National Instruments Corporation – NI-PAL 1394 Export Driver for Windows.) — C:WindowsSystem32Driversnipalfwed.sys [42792]
O58 – SDL:19/12/2012 – 22:11:54 —A- . (.National Instruments Corporation – NI-PAL 1394 Legacy Wrapper Driver for Windows.) — C:WindowsSystem32Driversnipalfwedl.sys [13624] =>PUP.weDownloadManager
O58 – SDL:19/12/2012 – 21:55:28 —A- . (.National Instruments Corporation – NI-PAL Driver for Windows.) — C:WindowsSystem32Driversnipalk.sys [926992]
O58 – SDL:19/12/2012 – 22:09:42 —A- . (.National Instruments Corporation – NI-PAL USB Export Driver for Windows.) — C:WindowsSystem32Driversnipalusbed.sys [71976]
O58 – SDL:19/12/2012 – 22:10:16 —A- . (.National Instruments Corporation – NI-PAL USB Legacy Wrapper Driver for Windows.) — C:WindowsSystem32Driversnipalusbedl.sys [13624]
O58 – SDL:18/12/2012 – 09:40:34 —A- . (.National Instruments Corporation – NI PCI Bridge Class Filter.) — C:WindowsSystem32Driversnipbcfk.sys [16984]
O58 – SDL:11/02/2013 – 10:27:04 —A- . (.National Instruments Corporation – National Instruments PXI Bridge Access Filter Driver.) — C:WindowsSystem32Driversnipxibaf.sys [87288]
O58 – SDL:6/03/2013 – 11:13:18 —A- . (.National Instruments Corporation – National Instruments PXI Bridge Configuration Filter Driver.) — C:WindowsSystem32Driversnipxibrc.sys [70336]
O58 – SDL:9/08/2011 – 15:18:20 —A- . (.National Instruments Corporation – Generic PXI Chassis Pilot.) — C:WindowsSystem32Driversnipxigpk.sys [22680]
O58 – SDL:14/03/2013 – 16:32:46 —A- . (.National Instruments Corporation – NI PXI Resource Manager.) — C:WindowsSystem32Driversnipxirmkl.sys [13432]
O58 – SDL:25/06/2013 – 14:28:42 —A- . (.National Instruments Corporation – NI Raptor Runtime.) — C:WindowsSystem32Driversniraptrkl.sys [15176]
O58 – SDL:25/06/2013 – 14:28:42 —A- . (.National Instruments Corporation – NI Raptor Runtime.) — C:WindowsSystem32Driversniraptrkw.sys [14664]
O58 – SDL:7/03/2012 – 20:07:52 —A- . (.National Instruments Corporation – NI Signal Conditioning Driver Component.) — C:WindowsSystem32Driversniscdkl.sys [12984]
O58 – SDL:2/07/2012 – 16:17:36 —A- . (.National Instruments Corporation – NI Static Digital Component.) — C:WindowsSystem32Driversnisdigkl.sys [12960]
O58 – SDL:1/06/2012 – 13:43:02 —A- . (.National Instruments Corporation – NI-6533/4 Device Driver.) — C:WindowsSystem32Driversnisftkl.sys [12952]
O58 – SDL:30/01/2013 – 20:52:38 —A- . (.National Instruments Corporation – National Instruments SMBus Export Driver.) — C:WindowsSystem32Driversnismbusw.sys [98968]
O58 – SDL:7/03/2012 – 20:21:02 —A- . (.National Instruments Corporation – NI Signal Conditioning Driver Component.) — C:WindowsSystem32Driversnispdkl.sys [12984]
O58 – SDL:25/06/2013 – 14:29:14 —A- . (.National Instruments Corporation – NI S Series Runtime.) — C:WindowsSystem32Driversnissrkl.sys [15176]
O58 – SDL:5/01/2009 – 09:19:30 —A- . (.National Instruments Corporation – NI STC2.) — C:WindowsSystem32Driversnistc2kl.sys [11824]
O58 – SDL:7/02/2013 – 16:24:36 —A- . (.National Instruments Corporation – NI STC3 Runtime.) — C:WindowsSystem32Driversnistc3rkl.sys [13416]
O58 – SDL:18/07/2011 – 18:33:10 —A- . (.National Instruments Corporation – NI STC Counter Runtime Library.) — C:WindowsSystem32Driversnistcrkl.sys [12968]
O58 – SDL:24/05/2013 – 14:15:32 —A- . (.National Instruments Corporation – NI Switch Drivers.) — C:WindowsSystem32Driversniswdkl.sys [15176]
O58 – SDL:7/02/2013 – 15:18:28 —A- . (.National Instruments Corporation – NI TIO Counter Runtime Library.) — C:WindowsSystem32Driversnitiorkl.sys [13440]
O58 – SDL:8/10/2012 – 13:01:02 —A- . (.National Instruments Corporation – NI Umber Firmware Updater Runtime.) — C:WindowsSystem32Driversniufurkl.sys [13008]
O58 – SDL:8/10/2012 – 13:01:02 —A- . (.National Instruments Corporation – NI Umber Firmware Updater Runtime.) — C:WindowsSystem32Driversniufurkw.sys [12496]
O58 – SDL:25/06/2013 – 14:29:14 —A- . (.National Instruments Corporation – NI AO Series Runtime.) — C:WindowsSystem32Driversniwfrkl.sys [15176]
O58 – SDL:25/06/2013 – 14:28:18 —A- . (.National Instruments Corporation – NI M Series Runtime.) — C:WindowsSystem32Driversnixsrkl.sys [15176]
O58 – SDL:8/04/2013 – 13:32:26 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 311.44.) — C:WindowsSystem32Driversnvlddmkm.sys [11077920]
O58 – SDL:8/04/2013 – 13:32:30 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 311.44.) — C:WindowsSystem32Driversnvpciflt.sys [30496]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [148352]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [166272]
O58 – SDL:14/07/2009 – 02:45:46 —A- . (.QLogic Corporation – QLogic Fibre Channel Stor Miniport Driver.) — C:WindowsSystem32Driversql2300.sys [1524816]
O58 – SDL:14/07/2009 – 02:45:45 —A- . (.QLogic Corporation – QLogic iSCSI Storport Miniport Driver.) — C:WindowsSystem32Driversql40xx.sys [128592]
O58 – SDL:29/09/2011 – 10:30:34 —A- . (.Realtek – Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) — C:WindowsSystem32DriversRt64win7.sys [646248]
O58 – SDL:27/12/2011 – 14:12:22 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [4727656]
O58 – SDL:17/08/2011 – 07:27:06 —A- . (.Realtek Semiconductor Corp. – Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) — C:WindowsSystem32DriversRtsUStor.sys [251496]
O58 – SDL:10/06/2009 – 21:37:19 —A- . (…) — C:WindowsSystem32Driverssecdrv.sys [23040]
O58 – SDL:10/06/2009 – 21:35:57 —A- . (.Silicon Integrated Systems Corp. – NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device.) — C:WindowsSystem32DriversSiSG664.sys [56832]
O58 – SDL:14/07/2009 – 02:45:45 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [43584]
O58 – SDL:14/07/2009 – 02:45:46 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [80464]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
O58 – SDL:18/12/2013 – 17:19:54 —A- . (.Oracle Corporation – VirtualBox Support Driver.) — C:WindowsSystem32DriversVBoxDrv.sys [252688]
O58 – SDL:18/12/2013 – 17:16:44 —A- . (.Oracle Corporation – VirtualBox Host-Only Network Adapter Driver.) — C:WindowsSystem32DriversVBoxNetAdp.sys [140560]
O58 – SDL:18/12/2013 – 17:16:44 —A- . (.Oracle Corporation – VirtualBox Bridged Networking Driver.) — C:WindowsSystem32DriversVBoxNetFlt.sys [154896]
O58 – SDL:18/12/2013 – 17:16:44 —A- . (.Oracle Corporation – VirtualBox USB Monitor Driver.) — C:WindowsSystem32DriversVBoxUSBMon.sys [126736]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [17488]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [161872]
O58 – SDL:28/12/2011 – 05:44:26 —A- . (.Atheros Communications, Inc. – Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32athrx.sys [2797056]
O58 – SDL:29/02/2012 – 19:08:34 —A- . (.ASUSTek Computer Inc. – ASUS Charger driver.) — C:WindowsSysWOW64driversAiCharger.sys [17152]
O58 – SDL:8/10/2002 – 00:07:38 R–A- . (…) — C:WindowsSysWOW64driversSECDRV.SYS [11376]
~ Drivers: 141 Scanned in 00mn 05s
—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 14/11/2014 – 15:02:54 —A- . (…) — C:UsersSimonAppDataLocalGoogleChromeUser DataWidevineCDM1.4.6.703_platform_specificwin_x86widevinecdmadapter.dll [146760]
O61 – LFC: 15/11/2014 – 15:02:54 —A- . (…) — C:UsersSimonAppDataLocalGoogleChromeUser Datanacl_validation_cache.bin [524]
O61 – LFC: 18/11/2014 – 15:02:58 —A- . (…) — C:UsersSimonAppDataLocalLowSunJavajre1.7.0_71lzma.exe [145408]
O61 – LFC: 19/11/2014 – 15:02:54 —A- . (…) — C:UsersSimonAppDataLocalGoogleChromeUser DataEVWhitelist4_platform_specificallev_hashes_whitelist.bin [713907]
O61 – LFC: 21/11/2014 – 15:02:57 —A- . (…) — C:UsersSimonAppDataLocalTempdropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprnpmlb.dll [43008]
O61 – LFC: 21/11/2014 – 15:02:58 —A- . (…) — C:UsersSimonAppDataLocalTempnss89A.tmpDropboxNSISTools.dll [68096]
O61 – LFC: 21/11/2014 – 15:02:58 —A- . (…) — C:UsersSimonAppDataLocalTempnss89A.tmpUAC.dll [30208]
O61 – LFC: 21/11/2014 – 15:03:16 —A- . (…) — C:UsersSimonAppDataRoamingsp_data.sys [380]
O61 – LFC: 21/11/2014 – 15:03:16 —A- . (…) — C:UsersSimonDesktopAdwCleaner.exe [2140160]
~ 141 Fichiers temporaires (Temporary files)
~ 6 Fichiers cookies (Cookies files)
~ Files: 9 Scanned in 00mn 37s
—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 3/07/2009 – C:Program Files (x86)ASUSATK PackageATKGFNEXASMMAP64.sys (ASMMAP64) .(.ASUS – Memory mapping Driver.) – LEGACY_ASMMAP64
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswMonFlt.sys (aswMonFlt) .(.AVAST Software – avast! File System Minifilter for Windows 2.) – LEGACY_ASWMONFLT
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswRdr2.sys (aswRdr) .(.AVAST Software – avast! WFP Redirect Driver.) – LEGACY_ASWRDR
O64 – Services: CurCS – 11/07/2014 – C:WindowsSystem32DriversaswRvrt.sys (aswRvrt) .(…) – LEGACY_ASWRVRT
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswSnx.sys (aswSnx) .(.AVAST Software – avast! Virtualization Driver.) – LEGACY_ASWSNX
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswSP.sys (aswSP) .(.AVAST Software – avast! self protection module.) – LEGACY_ASWSP
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswStm.sys (aswStm) .(.AVAST Software – Stream Filter.) – LEGACY_ASWSTM
O64 – Services: CurCS – 11/07/2014 – C:WindowsSystem32DriversaswVmm.sys (aswVmm) .(…) – LEGACY_ASWVMM
O64 – Services: CurCS – 7/09/2011 – C:Program Files (x86)ASUSATK PackageATK WMIACPIatkwmiacpi64.sys (ATKWMIACPIIO) .(.ASUS – ATK WMIACPI Utility.) – LEGACY_ATKWMIACPIIO
O64 – Services: CurCS – 27/02/2012 – C:WindowsSystem32DRIVERSiusb3hcs.sys (iusb3hcs) .(.Intel Corporation – Intel(R) USB 3.0 Host Controller Switch Dri.) – LEGACY_IUSB3HCS
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnidimkl.sys (nidimk) .(.National Instruments Corporation – NI Device Interconnect Manager.) – LEGACY_NIDIMK
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnimdbgkl.sys (nimdbgk) .(.National Instruments Corporation – NI Measurements DeBuG Library.) – LEGACY_NIMDBGK
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnimru2kl.sys (nimru2k) .(.National Instruments Corporation – NI Measurement Routing Utilities.) – LEGACY_NIMRU2K
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnimxdfkl.sys (nimxdfk) .(.National Instruments Corporation – NI mx Driver Framework.) – LEGACY_NIMXDFK
O64 – Services: CurCS – 19/12/2012 – C:WindowsSystem32driversnipalk.sys (NIPALK) .(.National Instruments Corporation – NI-PAL Driver for Windows.) – LEGACY_NIPALK
O64 – Services: CurCS – 14/03/2013 – C:Windowssystem32driversnipxirmkl.sys (nipxirmk) .(.National Instruments Corporation – NI PXI Resource Manager.) – LEGACY_NIPXIRMK
O64 – Services: CurCS – 18/12/2013 – C:WindowsSystem32DRIVERSVBoxDrv.sys (VBoxDrv) .(.Oracle Corporation – VirtualBox Support Driver.) – LEGACY_VBOXDRV
O64 – Services: CurCS – 18/12/2013 – C:WindowsSystem32DRIVERSVBoxUSBMon.sys (VBoxUSBMon) .(.Oracle Corporation – VirtualBox USB Monitor Driver.) – LEGACY_VBOXUSBMON
~ Legacy: 103 Scanned in 00mn 00s
—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s
—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s
—\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {F77847E6-BA53-4002-BED8-3B63DAFA8405} – (Google) – http://www.google.be” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s
—\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [72192]
O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [236032]
O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [777728]
O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [859648]
O83 – Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32Audiosrv.dll [680960]
O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [99328]
O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire de connexions d’accès distant.) — C:WindowsSystem32rasmans.dll [344064]
O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [97792]
O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [64512]
O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [359424]
O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [316928]
O83 – Search Svchost Services: TermService (TermService) . (.Microsoft Corporation – Gestionnaire des connexions distantes du serveur hôte de session Burea.) — C:WindowsSystem32termsrv.dll [683520]
O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [2477536]
O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [849920]
O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [370688]
O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [569344]
O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [70144]
O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [156672]
O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [67584]
O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [242688]
O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [121856]
O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [136704]
O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [111104]
O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1110016]
O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [90624]
O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [84480]
O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [209920]
O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [44544]
O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s
—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][6/10/2010] (…) — C:ProgramDataFullRemove.exe [131984]
[MD5.51687E46B122CAFBD9BA6BF8480E913C] [SPRF][21/11/2014] (…) — C:UsersSimonAppDataRoamingsp_data.sys [380]
[MD5.6504113C2218667814D4F54847BA046A] [SPRF][21/11/2014] (.Pas de propriétaire – Aut2Exe.) — C:UsersSimonDesktopAdwCleaner.exe [2140160]
[MD5.33398D340008A0577507FCA7FD443622] [SPRF][19/10/2014] (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:UsersSimonDesktopmbam-setup-2.0.3.1025.exe [19828376]
[MD5.3C166BAE84553D4CB27AF8ABDC61712D] [SPRF][2/09/2013] (…) — C:UsersSimonDesktopMinecraft.exe [675988]
[MD5.3D451F62411C7E1758924458A69703C1] [SPRF][19/10/2014] (.Nicolas Coolman – ZHPDiag Setup.) — C:UsersSimonDesktopZHPDiag2.exe [6862284]
~ Files: 6 Scanned in 00mn 01s
—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 – PUC: “537E56336A8449149988EC95CAA55E30” . (.Bing Bar.) — C:WindowsInstaller{3365E735-48A6-4194-9988-CE59AC5AE503}icon_installer_ico =>Toolbar.Bing
~ Update Products: 1 Scanned in 00mn 01s
—\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 – MNS: ASUS WebStorage Drive – {d6044399-0b9e-4084-a9ac-c4b7c7800fcf}
~ MNS: 1 Scanned in 00mn 00s
—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.5D3A30ADD585A102F1B60C0BA313ECEE] [WIS][11/03/2014] (.Microsoft Corporation – Bing Bar.) — C:WindowsInstallercadd3.msi [741376] =>Toolbar.Bing
~ WIS: 1 Scanned in 00mn 09s
—\ Recherche de clés de registre CLSID (O101)
[HKCRCLSID{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing
[HKCRCLSID{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing
~ BCK: 6321 Scanned in 00mn 14s
—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 12/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
SS – | Auto 11/03/2014 193696 | (BBSvc) . (.Microsoft Corporation..) – C:Program Files (x86)MicrosoftBingBar7.3.132.0BBSvc.exe =>Toolbar.Bing
SS – | Demand 2/06/2013 49152 | (BEService) . (…) – C:Program Files (x86)Common FilesBattlEyeBEService.exe
SS – | Demand 28/03/2013 77352 | (CoordinatorServiceHost) . (.Dassault Systèmes SolidWorks Corp..) – C:Program FilesSolidWorks CorpSolidWorksswSchedulerDTSCoordinatorService.exe
SS – | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
SS – | Demand 1/03/2014 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) – C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
SS – | Demand 1/03/2014 1431888 | (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe
SS – | Auto 19/10/2014 107912 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 19/10/2014 107912 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 4/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
SS – | Demand 15/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
SS – | Disabled 8/06/2013 81248 | (NIApplicationWebServer64) . (.National Instruments Corporation.) – C:Program FilesNational InstrumentsSharedNI WebServerApplicationWebServer.exe
SS – | Demand 2/08/2010 1427688 | (NILM License Manager) . (.Macrovision Corporation.) – C:Program Files (x86)National InstrumentsSharedLicense ManagerBinlmgrd.exe
SS – | Auto 8/04/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
SS – | Demand 1/03/2014 79360 | (SolidWorks Licensing Service) . (.SolidWorks.) – C:Program Files (x86)Common FilesSolidWorks SharedServiceSolidWorksLicensing.exe
SS – | Demand 28/08/2014 833728 | (Steam Client Service) . (.Valve Corporation.) – C:Program Files (x86)Common FilesSteamSteamService.exe
SR – | Auto 4/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
SR – | Auto 4/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) – C:Windowssystem32FBAgent.exe
SR – | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
SR – | Auto 17/02/2012 277120 | (ASUS InstantOn) . (.ASUS.) – C:Program Files (x86)ASUSInstantOn for NBInsOnSrv.exe
SR – | Auto 29/12/2011 106144 | (AtherosSvc) . (.Atheros Commnucations.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
SR – | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
SR – | Auto 11/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SR – | Demand 11/03/2014 247968 | (BBUpdate) . (.Microsoft Corporation..) – C:Program Files (x86)MicrosoftBingBar7.3.132.0SeaPort.exe =>Toolbar.Bing
SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
SR – | Auto 3/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
SR – | Auto 21/02/2012 128280 | (Intel(R) ME Service) . (…) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
SR – | Auto 21/02/2012 161560 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
SR – | Auto 27/10/2010 695136 | (LkCitadelServer) . (.National Instruments, Inc..) – C:WindowsSysWOW64lkcitdl.exe
SR – | Auto 12/06/2013 53544 | (lkClassAds) . (.National Instruments Corporation.) – C:WindowsSysWOW64lkads.exe
SR – | Auto 12/06/2013 63792 | (lkTimeSync) . (.National Instruments Corporation.) – C:WindowsSysWOW64lktsrv.exe
SR – | Auto 28/02/2012 277784 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
SR – | Auto 10/06/2013 83768 | (mxssvr) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsMAXnimxs.exe
SR – | Auto 8/06/2013 57696 | (NIApplicationWebServer) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedNI WebServerApplicationWebServer.exe
SR – | Auto 4/03/2013 102040 | (nidevldu) . (.National Instruments Corporation.) – C:WindowsSysWOW64nidevldu.exe
SR – | Auto 12/06/2013 380720 | (NIDomainService) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedSecuritynidmsrv.exe
SR – | Auto 11/05/2013 260976 | (nimDNSResponder) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsResponder.exe
SR – | Auto 19/06/2013 176512 | (NINetworkDiscovery) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedNI Network DiscoveryniDiscSvc.exe
SR – | Auto 14/03/2013 19056 | (nipxirmu) . (.National Instruments Corporation.) – C:WindowsSysWOW64nipxism.exe
SR – | Auto 7/06/2013 90440 | (NiSvcLoc) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedniSvcLocnisvcloc.exe
SR – | Auto 8/06/2013 57680 | (NISystemWebServer) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedNI WebServerSystemWebServer.exe
SR – | Auto 14/06/2011 676016 | (NITaggerService) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedTaggertagsrv.exe
SR – | Auto 14/03/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
SR – | Auto 28/02/2012 363800 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 29/12/2011 158880 | (ZAtheros Bt&Wlan Coex Agent) . (.Atheros.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
~ Services: Scanned in 00mn 16s
—\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Simon at 21/11/2014 15:08:33
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
—\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
Run by Simon at 21/11/2014 15:08:35
********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
—\ Scan Additionnel (O88)
Database Version : 13026 – (18/10/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 7
[HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^
[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{3365E735-48A6-4194-9988-CE59AC5AE503}] =>Toolbar.Bing^
[HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f} =>Toolbar.Bing^
C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_HP_rmv.job =>Toolbar.AVGSearch^
C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_HP_rmv =>Toolbar.AVGSearch^
C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_TB_rmv.job =>Toolbar.AVGSearch^
C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_TB_rmv =>Toolbar.AVGSearch^
C:WindowsInstallercadd3.msi =>Toolbar.Bing^
[HKCRCLSID{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing^
[HKCRCLSID{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing^
~ Additionnel Scan: 673004 Items scanned in 00mn 44s
—\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/” onclick=”window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/” onclick=”window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Scanned in 00mn 00s
—\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-wedownloadmanager” onclick=”window.open(this.href);return false; =>PUP.weDownloadManager
~ MSI: 1 link(s) detected in 00mn 00s
End of the scan (1596 lines in 08mn 21s)(0)[/spoiler:3h92hqo9]
Merci d’avance pour vos conseils éclairés.
g3n-h@ckm@n
Admin bbPress
22 novembre 2014 à 2 h 02 min
Nombre d'articles : 8436
#208682
salut c’es du faux positif de la part d’avast , comme d’habitude….
Auteur
Messages

Le sujet ‘Avast vs Evo-gen, et nettoyage éventuel’ est fermé à de nouvelles réponses.