Dépannage Informatique : Avast vs Evo-gen, et nettoyage éventuel
-
AuteurMessages
-
#164358 |
Bonjour!
Aujourd’hui j’ai eu la mauvaise surprise de voir Avast mettre en quarantaine le fichier exécutable d’un de mes logiciels de travail en indiquant qu’il avait détecté un virus nommé Win32:Evo-gen.
En cherchant sur les forums de désinfection j’ai pu lire d’autre post impliquant Avast et Win32:Evo-gen, et voyant que les réponses étaient généralement un nettoyage et post des rapports des différents scans je viens sur ce forum pour vous demander de l’aide.De plus, il y a quelque temps, j’ai eu un petit soucis avec un virus faisant apparaître plein de pub (adware je crois). Je pense avoir réussit à m’en débarrasser mais mon pc semble avoir besoin d’un petit nettoyage.
Voici les rapports fournit par AdwCleaner et ZHPDiag, Malwarebytes n’ayant rien trouvé et fourni aucun rapport.
AdwCleaner:
[spoiler:3quqf3ej]# AdwCleaner v4.101 – Rapport créé le 21/11/2014 à 14:23:17
# Mis à jour le 09/11/2014 par Xplode
# Database : 2014-11-16.1 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Simon – SIMON-PC
# Exécuté depuis : C:UsersSimonDesktopAdwCleaner.exe
# Option : Nettoyer***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Fichier Supprimé : C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_services.hearstmags.com_0.localstorage-journal
Fichier Supprimé : C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxps_www.superfish.com_0.localstorage
Fichier Supprimé : C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxps_www.superfish.com_0.localstorage-journal***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components�FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Navigateurs ] *****
-\ Internet Explorer v11.0.9600.17420
-\ Mozilla Firefox v33.1.1 (x86 fr)
-\ Google Chrome v39.0.2171.65
*************************
AdwCleaner[R0].txt – [4308 octets] – [19/10/2014 11:28:44]
AdwCleaner[R1].txt – [951 octets] – [20/10/2014 08:22:53]
AdwCleaner[R2].txt – [1069 octets] – [20/10/2014 08:29:47]
AdwCleaner[R3].txt – [1130 octets] – [21/10/2014 07:12:34]
AdwCleaner[R4].txt – [1744 octets] – [21/11/2014 14:20:29]
AdwCleaner[S0].txt – [3899 octets] – [19/10/2014 11:30:45]
AdwCleaner[S1].txt – [997 octets] – [20/10/2014 08:24:34]
AdwCleaner[S2].txt – [1665 octets] – [21/11/2014 14:23:17]########## EOF – C:AdwCleanerAdwCleaner[S2].txt – [1725 octets] ##########[/spoiler:3quqf3ej]
ZHPDiag: (partie1 car c’est long)
[spoiler:3quqf3ej]~ Rapport de ZHPDiag v2014.10.18.148 – Nicolas Coolman (18/10/2014)
~ Lancé par Simon (21/11/2014 15:01:05)
~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
~ Adresse du Forum http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user—\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17420
MFIE: Mozilla Firefox 33.1.1
GCIE: Google Chrome v39.0.2171.65 (Defaut)—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System – Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK—\ Logiciels de protection du système
avast! Free Antivirus v9.0.2021
Malwarebytes Anti-Malware version 2.0.3.1025
Windows Defender W7 (Activate)—\ Logiciels d'optimisation du système
CCleaner v3.22—\ Logiciels de partage PeerToPeer
—\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader X
Java 7 Update 60 (64-bit)—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3982 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 111 GB (37%) free of 300 GB—\ Mode de connexion au système
~ Computer Name: SIMON-PC
~ User Name: Simon
~ All Users Names: UpdatusUser, Simon, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator—\ Variables d'environnement
~ System Unit : C:
~ %AppZHP% : C:UsersSimonAppDataRoamingZHP
~ %AppData% : C:UsersSimonAppDataRoaming
~ %Desktop% : C:UsersSimonDesktop
~ %Favorites% : C:UsersSimonFavorites
~ %LocalAppData% : C:UsersSimonAppDataLocal
~ %StartMenu% : C:UsersSimonAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 111 Go of 300 Go)
D: Hard drive, Flash drive, Thumb drive (Free 277 Go of 373 Go)
F: CD-ROM drive (Not Inserted)—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
[HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
[HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
[HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
~ Security Center: 46 Scanned in 00mn 00s—\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.24/02/2012 – 01:55:29.) — C:WindowsExplorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.6/11/2014 – 03:17:24.) — C:WindowsSystem32wininet.dll [2365440]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.17/07/2014 – 03:07:24.) — C:WindowsSystem32Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:28.) — C:WindowsSystem32sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.30/05/2014 – 07:45:52.) — C:Windowssystem32DriversAFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:22.) — C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:34.) — C:Windowssystem32DriversDfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:44.) — C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.24/02/2012 – 02:02:21.) — C:Windowssystem32DriversMRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:22.) — C:Windowssystem32DriversnetBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:36.) — C:Windowssystem32DriversRasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:58.) — C:Windowssystem32Driverstdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.24/02/2012 – 01:35:34.) — C:Windowssystem32Driversvolsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/49
~ Mes Videos (My Videos) : 1/307
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 1/10598
~ Mon Bureau (My Desktop) : 1/30
~ Menu demarrer (Programs) : 1/59
~ Hidden Files: Scanned in 00mn 10s—\ Processus lancés
[MD5.89D2706FCD45E33CECFBD46BCBAD7E16] – (.Microsoft Corporation – Tablet PC Input Panel Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe [10240] [PID.3720]
[MD5.ED759B7FD51466447CC31CBE79B99050] – (.ASUSTek Computer Inc. – ASUS USB Charger Plus.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1121448] [PID.4020]
[MD5.F48ECBB9771865CDC5435BD9AF4564F0] – (.ASUSTeK Computer Inc. – ASUS Quick Gesture Exe.) — C:Program Files (x86)ASUSASUS Virtual TouchQuickGesturex86QuickGesture.exe [17872] [PID.4068]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] – (.ASUSTek Computer Inc. – ASUS FaceLogon Application.) — C:Program Files (x86)ASUSFaceLogonsensorsrv.exe [473728] [PID.3160]
[MD5.D9AB754613208112B840C75B6762B909] – (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [322176] [PID.3364]
[MD5.64A7C84C0A8C79B22033F92D43919062] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [102568] [PID.1680]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] – (.ASUS – AsScrPro.) — C:WindowsAsScrPro.exe [3058304] [PID.4136]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] – (.ASUSTeK – ACEngSvr Module.) — C:WindowsSysWOW64ACEngSvr.exe [162456] [PID.4184]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [107816] [PID.4336]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] – (.Intel Corporation – Intel(R) USB 3.0 Monitor.) — C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe [291608] [PID.4244]
[MD5.BC31B27061F27E8968CD0435C038F712] – (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [174720] [PID.5428]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] – (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe [105016] [PID.5204]
[MD5.09E3F3BBB6ABD32A8156DDD2A082812C] – (.National Instruments Corporation – NI Error Reporting Server.) — C:Program Files (x86)National InstrumentsSharedNI Error Reportingnierserver.exe [663896] [PID.0]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] – (.ASUSTeK Computer Inc. – A program that manage wireless devices in s.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe [2321072] [PID.6248]
[MD5.26B558B2D31C7425B455B00E562EAD93] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [4085896] [PID.6280]
[MD5.14D6542607ACD4B2D1DDB1A36E0D8813] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [271744] [PID.6592]
[MD5.7787F1E659DCDF85E47BBF374B502FAC] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8113664] [PID.4204]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] – (.ASUS – ASLDR Service.) — C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe [80512] [PID.1560]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] – (.ASUS – GFNEXSrv.) — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe [96896] [PID.1620]
[MD5.73F5C13B431915BAE35254B4E95DFB71] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1644]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [64704] [PID.1192]
[MD5.52436245AAEF3B65DF7859949AB6A14E] – (.ASUS – ASUS InstantOn Program.) — C:Program Files (x86)ASUSInstantOn for NBInsOnSrv.exe [277120] [PID.1324]
[MD5.896AA2F1D79662B17D5DBBE588E24E30] – (…) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe [128280] [PID.2212]
[MD5.3C6630473DD42FFC57D9F5564F533127] – (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe [161560] [PID.2236]
[MD5.7CBF0476029371402D14CD776612EE6A] – (.National Instruments Corporation – lkads.) — C:WindowsSysWOW64lkads.exe [53544] [PID.2308]
[MD5.86D5EF02C4D1486CF1BDA4A71EC470C0] – (.National Instruments Corporation – MXS Service.) — C:Program Files (x86)National InstrumentsMAXnimxs.exe [83768] [PID.2332]
[MD5.3B712766DEA950ACA65789B460AA1899] – (.National Instruments Corporation – nidmsrv.) — C:Program Files (x86)National InstrumentsSharedSecuritynidmsrv.exe [380720] [PID.2356]
[MD5.29EBF365BCC850A3134A391E95E685C6] – (.National Instruments Corporation – NI Service Locator.) — C:Program Files (x86)National InstrumentsSharedniSvcLocnisvcloc.exe [90440] [PID.2432]
[MD5.4DC8C4EC1F9637110142C7D65FFB40E5] – (.National Instruments Corporation – National Instruments Variable Engine.) — C:Program Files (x86)National InstrumentsSharedTaggertagsrv.exe [676016] [PID.2504]
[MD5.D83C2FF7EA53E66B8EA7901D710494EA] – (.Atheros – Atheros Coex Service Application.) — C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe [158880] [PID.2944]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] – (.ASUSTek Computer Inc. – HControl.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe [174720] [PID.3472]
[MD5.EA75E0837B21B46E88102E23438FE2CB] – (.ASUS – ASUS InstantOn Program.) — C:Program Files (x86)ASUSInstantOn for NBInsOnWMI.exe [289408] [PID.3520]
[MD5.20CDB07017497C94A0BAD253C4BAFCBC] – (.National Instruments, Inc. – Part of Logos.) — C:WindowsSysWOW64lkcitdl.exe [695136] [PID.3592]
[MD5.B9BA33801B5F9B79F0949AF206F96177] – (.National Instruments Corporation – lktsrv.) — C:WindowsSysWOW64lktsrv.exe [63792] [PID.3368]
[MD5.EE599A2981D3C5AF19CD6AEF39B0E51B] – (.National Instruments Corporation – NI Measurements Device Loader SCM Plug-in.) — C:WindowsSysWOW64nidevldu.exe [102040] [PID.976]
[MD5.F59599F4C0B3259AC1355F34E6AC6342] – (.National Instruments Corporation – National Instruments Zeroconf Service.) — C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsResponder.exe [260976] [PID.4436]
[MD5.10B3FCF03C4AF87D69C9F31B3E3B6F68] – (.National Instruments Corporation – NI PXI Service Manager.) — C:WindowsSysWOW64nipxism.exe [19056] [PID.4768]
[MD5.149126216A694E6BA84E92ECA77AAE3B] – (.ASUS – ATKOSD.) — C:Program Files (x86)ASUSATK PackageATK HotkeyATKOSD.exe [2488888] [PID.4828]
[MD5.FD919AC3746322662DC21CDB7B9ADC07] – (.National Instruments Corporation – System Web Server Daemon.) — C:Program Files (x86)National InstrumentsSharedNI WebServerSystemWebServer.exe [57680] [PID.4660]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] – (.ASUS – KBFiltr.) — C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe [113208] [PID.4960]
[MD5.964D778400303BF6CB4F7826314DB8B2] – (.National Instruments Corporation – National Instruments Network Discovery Serv.) — C:Program Files (x86)National InstrumentsSharedNI Network DiscoveryniDiscSvc.exe [176512] [PID.2200]
[MD5.4A7C441D99D86704D194E7678873B95D] – (.ASUS – WDC.) — C:Program Files (x86)ASUSATK PackageATK HotkeyWDC.exe [174648] [PID.5420]
[MD5.F0EA0AD4B1AFFEFE4AB34191D539509B] – (.National Instruments Corporation – Application Web Server Daemon.) — C:Program Files (x86)National InstrumentsSharedNI WebServerApplicationWebServer.exe [57696] [PID.5600]
[MD5.2B23FAA39D8F949ED5EEE03ECA50BCD5] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [277784] [PID.4292]
[MD5.3C5405EF78576E8E4D791EB18F6856A8] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [363800] [PID.5840]
~ Processes Running: Scanned in 00mn 04s—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersSimonAppDataLocalGoogleChromeUser DataDefaultPreferences—\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 13s—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 – MFSP: prefs.js [Simon – jmim5433.default-1351205969399] http://www.google.be” onclick=”window.open(this.href);return false;
P2 – FPN:Firefox Plugin Navigator . (.National Instruments – LabVIEW 2011 Netscape Plug-in for Win32.) — C:Program Files (x86)Mozilla FirefoxPluginsnplv2011win32.dll
P2 – FPN:Firefox Plugin Navigator . (.National Instruments – LabVIEW 2012 Netscape Plug-in for Win32.) — C:Program Files (x86)Mozilla FirefoxPluginsnplv2012win32.dll
P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:Windowssystem32MacromedFlashNPSWF64_15_0_0_223.dll
P2 – FPN: [HKLM] [@java.com/DTPlugin,version=10.60.2] – (.Oracle Corporation – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:Program FilesJavajre7bindtpluginnpDeployJava1.dll
P2 – FPN: [HKLM] [@java.com/JavaPlugin,version=10.60.2] – (.Oracle Corporation – Next Generation Java Plug-in 10.60.2 for Mozilla browsers.) — C:Program FilesJavajre7binplugin2npjp2.dll
P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.30514.0.) — C:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll
~ Firefox Browser: 9 Scanned in 00mn 00s—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.be” onclick=”window.open(this.href);return false;
R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://asus.msn.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearchUrl,Default = http://www.google.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) — C:WindowsSysWOW64ieframe.dll
R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
R4 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
~ IE Browser: 23 Scanned in 00mn 00s—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s—\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s—\ Browser Helper Objects de navigateur (O2)
O2 – BHO: Java(tm) Plug-In SSV Helper [64Bits] – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binssv.dll
O2 – BHO: IESpeakDoc [64Bits] – {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations – Bluetooth IE PlugIn.) — C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll
O2 – BHO: avast! Online Security [64Bits] – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software – IE Webrep plugin.) — C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O2 – BHO: Windows Live ID Sign-in Helper [64Bits] – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 – BHO: Bing Bar Helper [64Bits] – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. – Extensions du client Bing.) — C:Program Files (x86)MicrosoftBingBar7.3.132.0BingExt.dll =>Toolbar.Bing
O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binjp2ssv.dll
~ BHO: 11 Scanned in 00mn 00s—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: avast! Online Security – [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (…) — (.not file.)
O3 – Toolbar: (no name) – [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
O3 – Toolbar: Bing Bar – [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. – Bing Client Extensions.) — C:Program Files (x86)MicrosoftBingBar7.3.132.0amd64BingExt.dll =>Toolbar.Bing
~ Toolbar: Scanned in 00mn 00s—\ Applications lancées au démarrage du système (O4)
O4 – HKLM..Run: [AtherosBtStack] . (.Atheros Communications – Serveur Stack Bluetooth.) — C:Program Files (x86)Bluetooth SuiteBtvStack.exe
O4 – HKLM..Run: [AthBtTray] . (.Atheros Commnucations – Bluetooth Tray.) — C:Program Files (x86)Bluetooth SuiteAthBtTray.exe
O4 – HKLM..Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe (.not file.)
O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:Windowssystem32igfxpers.exe
O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKCU..Run: [NIRegistrationWizard] . (…) — C:Program Files (x86)National InstrumentsSharedRegistrationWizardBinRegistrationWizard.exe
O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
O4 – HKLM..Wow6432NodeRun: [ASUSWebStorage] . (.ecareme – AsusWebStorage.) — C:Program Files (x86)ASUSASUS WebStorage3.0.108.222AsusWSPanel.exe
O4 – HKLM..Wow6432NodeRun: [USB3MON] . (.Intel Corporation – Intel(R) USB 3.0 Monitor.) — C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe
O4 – HKLM..Wow6432NodeRun: [ATKOSD2] . (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
O4 – HKLM..Wow6432NodeRun: [ATKMEDIA] . (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
O4 – HKLM..Wow6432NodeRun: [HControlUser] . (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
O4 – HKLM..Wow6432NodeRun: [Wireless Console 3] . (.ASUSTeK Computer Inc. – A program that manage wireless devices in s.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe
O4 – HKLM..Wow6432NodeRun: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
O4 – HKLM..Wow6432NodeRun: [NI Update Service] . (.National Instruments – National Instruments Update Service.) — C:Program Files (x86)National InstrumentsSharedUpdate ServiceNIUpdateService.exe
O4 – HKLM..Wow6432NodeRun: [niDevMon] . (.National Instruments Corporation – NI-DAQ Device Monitor.) — C:Program Files (x86)National InstrumentsNI-DAQHWConfignidevmon.exe
O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-2618693130-1802013049-3945703744-1001..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-2618693130-1802013049-3945703744-1001..Run: [NIRegistrationWizard] . (…) — C:Program Files (x86)National InstrumentsSharedRegistrationWizardBinRegistrationWizard.exe
~ Application: Scanned in 00mn 00s—\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s—\ Winsock hijacker (Layered Service Provider) (O10)
O10 – WLSP:�00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
O10 – WLSP:�00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
O10 – WLSP:�00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:�00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
O10 – WLSP:�00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
O10 – WLSP:�00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
O10 – WLSP:�00000000007Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
O10 – WLSP:�00000000008Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
O10 – WLSP:�00000000009Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:Windowssystem32wshbth.dll
O10 – WLSP:�00000000010Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program Files (x86)BonjourmdnsNSP.dll
O10 – WLSP:�00000000011Winsock LSP File . (.National Instruments Corporation – National Instruments Zeroconf Namespace Service Provider.) — C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsNSP.dll
~ Winsock: 11 Scanned in 00mn 00s—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{2D7176F1-3F2D-44C1-A029-459896DC4274}: DhcpNameServer = 130.104.1.2 130.104.1.1 130.104.254.1
O17 – HKLMSystemCS1ServicesTcpip..{2D7176F1-3F2D-44C1-A029-459896DC4274}: DhcpNameServer = 130.104.1.2 130.104.1.1 130.104.254.1
O17 – HKLMSystemCS2ServicesTcpip..{2D7176F1-3F2D-44C1-A029-459896DC4274}: DhcpNameServer = 130.104.1.2 130.104.1.1 130.104.254.1
~ Domain: Scanned in 00mn 00s—\ Protocole additionnel (O18)
O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
~ Winlogon: Scanned in 00mn 00s—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 311.) – C:Windowssystem32nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s—\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
O23 – Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. – ASUS FastBoot.) – C:Windowssystem32FBAgent.exe
O23 – Service: ASLDR Service (ASLDRService) . (.ASUS – ASLDR Service.) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
O23 – Service: ASUS InstantOn Service (ASUS InstantOn) . (.ASUS – ASUS InstantOn Program.) – C:Program Files (x86)ASUSInstantOn for NBInsOnSrv.exe
O23 – Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations – AdminService Application.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
O23 – Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS – GFNEXSrv.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
O23 – Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software – avast! Service.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
O23 – Service: Service Bonjour (Bonjour Service) . (.Apple Inc. – Bonjour Service.) – C:Program FilesBonjourmDNSResponder.exe
O23 – Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. – Programme d'installation de Google.) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe =>.Google Inc
O23 – Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation – Intel(R) Capability Licensing Service Inter.) – C:Program FilesInteliCLS ClientHeciServer.exe
O23 – Service: Intel(R) ME Service (Intel(R) ME Service) . (…) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
O23 – Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
O23 – Service: NI Citadel 4 Service (LkCitadelServer) . (.National Instruments, Inc. – Part of Logos.) – C:WindowsSysWOW64lkcitdl.exe
O23 – Service: NI PSP Service Locator (lkClassAds) . (.National Instruments Corporation – lkads.) – C:WindowsSysWOW64lkads.exe
O23 – Service: NI Time Synchronization (lkTimeSync) . (.National Instruments Corporation – lktsrv.) – C:WindowsSysWOW64lktsrv.exe
O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Local Manageability Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
O23 – Service: NI Configuration Manager (mxssvr) . (.National Instruments Corporation – MXS Service.) – C:Program Files (x86)National InstrumentsMAXnimxs.exe
O23 – Service: NI Application Web Server (NIApplicationWebServer) . (.National Instruments Corporation – Application Web Server Daemon.) – C:Program Files (x86)National InstrumentsSharedNI WebServerApplicationWebServer.exe
O23 – Service: NI Device Loader (nidevldu) . (.National Instruments Corporation – NI Measurements Device Loader SCM Plug-in.) – C:WindowsSysWOW64nidevldu.exe
O23 – Service: NI Domain Service (NIDomainService) . (.National Instruments Corporation – nidmsrv.) – C:Program Files (x86)National InstrumentsSharedSecuritynidmsrv.exe
O23 – Service: NI mDNS Responder Service (nimDNSResponder) . (.National Instruments Corporation – National Instruments Zeroconf Service.) – C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsResponder.exe
O23 – Service: NI Network Discovery (NINetworkDiscovery) . (.National Instruments Corporation – National Instruments Network Discovery Serv.) – C:Program Files (x86)National InstrumentsSharedNI Network DiscoveryniDiscSvc.exe
O23 – Service: NI PXI Resource Manager (nipxirmu) . (.National Instruments Corporation – NI PXI Service Manager.) – C:WindowsSysWOW64nipxism.exe
O23 – Service: NI Service Locator (NiSvcLoc) . (.National Instruments Corporation – NI Service Locator.) – C:Program Files (x86)National InstrumentsSharedniSvcLocnisvcloc.exe
O23 – Service: NI System Web Server (NISystemWebServer) . (.National Instruments Corporation – System Web Server Daemon.) – C:Program Files (x86)National InstrumentsSharedNI WebServerSystemWebServer.exe
O23 – Service: National Instruments Variable Engine (NITaggerService) . (.National Instruments Corporation – National Instruments Variable Engine.) – C:Program Files (x86)National InstrumentsSharedTaggertagsrv.exe
O23 – Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 311.4.) – C:Windowssystem32nvvsvc.exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation – NVIDIA Settings Update Manager.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
O23 – Service: Skype Updater (SkypeUpdate) . (.Skype Technologies – Skype Updater Service.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
O23 – Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation – User Notification Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
O23 – Service: ZAtheros Bt&Wlan Coex Agent (ZAtheros Bt&Wlan Coex Agent) . (.Atheros – Atheros Coex Service Application.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
~ Services: 31 Scanned in 00mn 13s—\ Enumération Active Desktop & MHTML Editor (O24)
O24 – Default MHTML Editor: Last – .(…) – (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s—\ Enumère les données de BootExecute (BEX) (O34)
O34 – HKLM BootExecute: (autocheck autochk *) – File not found
~ BEX: 1 Scanned in 00mn 00s—\ Tâches planifiées en automatique (O39)
[MD5.D51145F6B0CE987850F13A61DAD5E531] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [267440]
[MD5.3B9ED0E96B9E83B2CF2A57AF0FD3BB09] [APT] [ASUS P4G] (.ASUS.) — C:Program FilesASUSP4GBatteryLife.exe [1004464]
[MD5.F48ECBB9771865CDC5435BD9AF4564F0] [APT] [ASUS Quick Gesture] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Virtual TouchQuickGesturex86QuickGesture.exe [17872]
[MD5.107DCA9FE75CAD5BED0EA9D2CB80440C] [APT] [ASUS Quick Gesture (x64)] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Virtual TouchQuickGesturex64QuickGesture64.exe [18896]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] [APT] [ASUS SmartLogon Console Sensor] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSFaceLogonsensorsrv.exe [473728]
[MD5.ED759B7FD51466447CC31CBE79B99050] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1121448]
[MD5.D9AB754613208112B840C75B6762B909] [APT] [ATKOSD2] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [322176]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) — C:Program FilesAVAST SoftwareAvastAvastEmUpdate.exe [808448]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (…) — C:WindowsTEMP{D5F53F20-20A5-4D54-B407-C34254D33CDE}.exe (.not file.) [0] =>Toolbar.AVGSearch
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (…) — C:WindowsTEMP{5CC2DEDE-1CDA-4525-AA3B-72025517DA3F}.exe (.not file.) [0] =>Toolbar.AVGSearch
[MD5.45C26D4AF94C4D2335B5960F1D9BCC7D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) — C:Program FilesCCleanerCCleaner.exe [3113312]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [107912]
[MD5.C7AAC31A910E4BBFDF94D3786ED13E71] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d] (.Intel Corporation.) — C:Program Files (x86)IntelIntel(R) ME FW Recovery AgentbinBootstrap.exe [233224]
[MD5.C7AAC31A910E4BBFDF94D3786ED13E71] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon] (.Intel Corporation.) — C:Program Files (x86)IntelIntel(R) ME FW Recovery AgentbinBootstrap.exe [233224]
[MD5.FD145BB8D84122A16824344E722245F7] [APT] [MATLAB R2013a Startup Accelerator] (…) — C:Program Files (x86)MATLABR2013a Studentbinwin32MATLABStartupAccelerator.exe [32768]
[MD5.00000000000000000000000000000000] [APT] [{764E0E5A-747A-43CB-BA2A-4DFD1BD5E8C9}] (…) — F:SETUP.exe (.not file.) [0]
[MD5.15ABBA57923260D4B09A5D5E5754D8B0] [APT] [{FB80856A-D751-4229-BC18-0BA233EE83D7}] (.Google Inc..) — c:program files (x86)googlechromeapplicationchrome.exe [856904]
O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
O39 – APT: AVG-Secure-Search-Update_JUNE2013_HP_rmv – (…) — C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_HP_rmv.job [352] =>Toolbar.AVGSearch
O39 – APT: AVG-Secure-Search-Update_JUNE2013_HP_rmv – (…) — C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_HP_rmv [352] =>Toolbar.AVGSearch
O39 – APT: AVG-Secure-Search-Update_JUNE2013_TB_rmv – (…) — C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_TB_rmv.job [352] =>Toolbar.AVGSearch
O39 – APT: AVG-Secure-Search-Update_JUNE2013_TB_rmv – (…) — C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_TB_rmv [352] =>Toolbar.AVGSearch
O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1066]
O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1066]
O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1070]
O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1070]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon – (.Intel Corporation.) — C:WindowsTasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job [828]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon – (.Intel Corporation.) — C:WindowsSystem32TasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon [828]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d – (.Intel Corporation.) — C:WindowsTasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job [830]
O39 – APT: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d – (.Intel Corporation.) — C:WindowsSystem32TasksISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d [830]
O39 – APT: MATLAB R2013a Startup Accelerator – (…) — C:WindowsTasksMATLAB R2013a Startup Accelerator.job [602]
O39 – APT: MATLAB R2013a Startup Accelerator – (…) — C:WindowsSystem32TasksMATLAB R2013a Startup Accelerator [602]
~ Scheduled Task: 35 Scanned in 00mn 07s—\ Composants installés (ActiveSetup Installed Components) (O40)
O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
O40 – ASIC: Internet Explorer [64Bits] – {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s—\ Pilotes lancés au démarrage du système (O41)
O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
O41 – Driver: (aswRdr) . (.AVAST Software – avast! WFP Redirect Driver.) – C:Windowssystem32driversaswRdr2.sys
O41 – Driver: (aswSnx) . (.AVAST Software – avast! Virtualization Driver.) – C:Windowssystem32driversaswSnx.sys
O41 – Driver: (aswSP) . (.AVAST Software – avast! self protection module.) – C:Windowssystem32driversaswSP.sys
O41 – Driver: (ATKWMIACPIIO) . (.ASUS – ATK WMIACPI Utility.) – C:Program Files (x86)ASUSATK PackageATK WMIACPIatkwmiacpi64.sys
O41 – Driver: (blbdrive) . (.Microsoft Corporation – BLB Drive Driver.) – C:WindowsSystem32DRIVERSblbdrive.sys
O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
O41 – Driver: C:WindowsSystem32driversdiscache.sys (discache) . (.Microsoft Corporation – System Indexer/Cache Driver.) – C:WindowsSystem32driversdiscache.sys
O41 – Driver: (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:WindowsSystem32DRIVERSmssmbios.sys
O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
O41 – Driver: C:WindowsSystem32DRIVERSRDPCDD.sys (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
O41 – Driver: C:WindowsSystem32driversRDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation – RDP Encoder Miniport.) – C:WindowsSystem32driversrdpencdd.sys
O41 – Driver: C:WindowsSystem32driversRdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation – RDP Reflector Driver Miniport.) – C:WindowsSystem32driversrdprefmp.sys
O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
O41 – Driver: (TermDD) . (.Microsoft Corporation – Remote Desktop Server Driver.) – C:WindowsSystem32DRIVERStermdd.sys
O41 – Driver: (VBoxDrv) . (.Oracle Corporation – VirtualBox Support Driver.) – C:WindowsSystem32DRIVERSVBoxDrv.sys
O41 – Driver: (VBoxUSBMon) . (.Oracle Corporation – VirtualBox USB Monitor Driver.) – C:WindowsSystem32DRIVERSVBoxUSBMon.sys
O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
O41 – Driver: (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:WindowsSystem32DRIVERSvwififlt.sys
O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
O41 – Driver: (WfpLwf) . (.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – C:WindowsSystem32DRIVERSwfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s[/spoiler:3quqf3ej]les autres suivent
-
ZHPDiag: (partie2)
[spoiler:1u54s8t0]—\ Logiciels installés (O42)
O42 – Logiciel: ASUS AI Recovery – (.ASUS.) [HKLM][64Bits] — {D39F0676-163E-4595-A917-E28F99BBD4D2}
O42 – Logiciel: ASUS FaceLogon – (.ASUS.) [HKLM][64Bits] — {64452561-169F-4A36-A2FF-B5E118EC65F5}
O42 – Logiciel: ASUS K45_K75_K95_Screensaver – (.ASUS.) [HKLM][64Bits] — ASUS K45_K75_K95_Screensaver
O42 – Logiciel: ASUS LifeFrame3 – (.ASUS.) [HKLM][64Bits] — {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
O42 – Logiciel: ASUS Live Update – (.ASUS.) [HKLM][64Bits] — {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
O42 – Logiciel: ASUS Power4Gear Hybrid – (.ASUS.) [HKLM][64Bits] — {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 – Logiciel: ASUS Splendid Video Enhancement Technology – (.ASUS.) [HKLM][64Bits] — {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 – Logiciel: ASUS USB Charger Plus – (.ASUS.) [HKLM][64Bits] — {A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
O42 – Logiciel: ASUS Virtual Camera – (.ASUS.) [HKLM][64Bits] — {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
O42 – Logiciel: ASUS Virtual Touch – (.ASUS.) [HKLM][64Bits] — {938CFBD4-0652-49E5-BB8B-153948865941}
O42 – Logiciel: ASUS WebStorage – (.eCareme Technologies, Inc..) [HKLM][64Bits] — ASUS WebStorage
O42 – Logiciel: ATK Package – (.ASUS.) [HKLM][64Bits] — {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 – Logiciel: Adobe Flash Player 15 ActiveX – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player ActiveX
O42 – Logiciel: Adobe Flash Player 15 Plugin – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player Plugin
O42 – Logiciel: Adobe Reader X (10.1.12) MUI – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 – Logiciel: AsusVibe2.0 – (.ASUSTEK.) [HKLM][64Bits] — Asus Vibe2.0
O42 – Logiciel: Atheros Bluetooth Suite (64) – (.Atheros.) [HKLM][64Bits] — {230D1595-57DA-4933-8C4E-375797EBB7E1}
O42 – Logiciel: Audiograbber MP3 Plugin (64 bit) – (.AG.) [HKLM][64Bits] — Audiograbber-Lame
O42 – Logiciel: BattlEye for OA Uninstall – (…) [HKLM][64Bits] — BattlEye for OA
O42 – Logiciel: Battle.net – (.Blizzard Entertainment.) [HKLM][64Bits] — Battle.net
O42 – Logiciel: Bing Bar – (.Microsoft Corporation.) [HKLM][64Bits] — {3365E735-48A6-4194-9988-CE59AC5AE503} =>Toolbar.Bing
O42 – Logiciel: BlueJ – (.BlueJ Team.) [HKLM][64Bits] — {7D66971C-652B-4065-A6B1-B3EE313C254B}
O42 – Logiciel: Bonjour – (.Apple Inc..) [HKLM][64Bits] — {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 – Logiciel: Borderlands 2 – (.Gearbox Software.) [HKLM][64Bits] — Steam App 49520
O42 – Logiciel: Bubbletown – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}
O42 – Logiciel: CCleaner – (.Piriform.) [HKLM][64Bits] — CCleaner
O42 – Logiciel: Call of Duty: Black Ops – (.Treyarch.) [HKLM][64Bits] — Steam App 42700
O42 – Logiciel: Call of Duty: Black Ops – Multiplayer – (.Treyarch.) [HKLM][64Bits] — Steam App 42710
O42 – Logiciel: Call of Duty: Modern Warfare 3 – (.Infinity Ward – Sledgehammer Games.) [HKLM][64Bits] — Steam App 42680
O42 – Logiciel: Call of Duty: Modern Warfare 3 – Dedicated Server – (.Infinity Ward – Sledgehammer Games.) [HKLM][64Bits] — Steam App 42750
O42 – Logiciel: Call of Duty: Modern Warfare 3 – Multiplayer – (.Infinity Ward – Sledgehammer Games.) [HKLM][64Bits] — Steam App 42690
O42 – Logiciel: CodeBlocks – (.The Code::Blocks Team.) [HKCU][64Bits] — CodeBlocks
O42 – Logiciel: CyberLink LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 – Logiciel: CyberLink LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 – Logiciel: CyberLink Media Suite – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 – Logiciel: CyberLink Media Suite – (.CyberLink Corp..) [HKLM][64Bits] — {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 – Logiciel: CyberLink Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 – Logiciel: CyberLink Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 – Logiciel: DVDFab 8.2.1.0 (07/09/2012) Qt – (.Fengtao Software Inc..) [HKLM][64Bits] — DVDFab 8 Qt_is1
O42 – Logiciel: Deadtime Stories – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}
O42 – Logiciel: Diablo III – (.Blizzard Entertainment.) [HKLM][64Bits] — Diablo III
O42 – Logiciel: Dream Day First Home – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 – Logiciel: Dream Vacation Solitaire – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}
O42 – Logiciel: Dropbox – (.Dropbox, Inc..) [HKCU][64Bits] — Dropbox
O42 – Logiciel: ETDWare PS/2-X64 10.5.9.0 – (.ELAN Microelectronic Corp..) [HKLM][64Bits] — Elantech
O42 – Logiciel: Farm Frenzy 3 – Madagascar – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}
O42 – Logiciel: Fast Boot – (.ASUS.) [HKLM][64Bits] — {13F4A7F3-EABC-4261-AF6B-1317777F0755}
O42 – Logiciel: Fender FUSE 1.0.1 – (…) [HKLM][64Bits] — Fender FUSE
O42 – Logiciel: Galapago – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 – Logiciel: Game Park Console – (.Oberon Media Inc..) [HKLM][64Bits] — Game Park Console
O42 – Logiciel: Go Go Gourmet Chef of the Year – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}
O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM][64Bits] — Google Chrome
O42 – Logiciel: Google Drive – (.Google, Inc..) [HKLM][64Bits] — {C60F3836-333A-4AE2-B526-CFDBA143A9BA}
O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM][64Bits] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 – Logiciel: Guild Wars 2 – (.NCsoft Corporation, Ltd..) [HKLM][64Bits] — Guild Wars 2
O42 – Logiciel: Hearthstone – (.Blizzard Entertainment.) [HKLM][64Bits] — Hearthstone
O42 – Logiciel: InstantOn for NB – (.ASUS.) [HKLM][64Bits] — {749F674B-2674-47E8-879C-5626A06B2A91}
O42 – Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent – (.Intel Corporation.) [HKLM][64Bits] — {A6C48A9F-694A-4234-B3AA-62590B668927}
O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 – Logiciel: Intel(R) OpenCL CPU Runtime – (.Intel Corporation.) [HKLM][64Bits] — {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 – Logiciel: Intel(R) Processor Graphics – (.Intel Corporation.) [HKLM][64Bits] — {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 – Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver – (.Intel Corporation.) [HKLM][64Bits] — {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 – Logiciel: Intel® Trusted Connect Service Client – (.Intel Corporation.) [HKLM][64Bits] — {09536BA1-E498-4CC3-B834-D884A67D7E34}
O42 – Logiciel: Java 7 Update 60 (64-bit) – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F06417060FF}
O42 – Logiciel: Java 7 Update 71 – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 – Logiciel: Java SE Development Kit 7 Update 7 (64-bit) – (.Oracle.) [HKLM][64Bits] — {64A3A4F4-B792-11D6-A78A-00B0D0170070}
O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM][64Bits] — {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 – Logiciel: LTspice IV – (…) [HKLM][64Bits] — LTspice IV
O42 – Logiciel: LibreOffice 3.6 – (.The Document Foundation.) [HKLM][64Bits] — {C2F438B6-7010-453B-93EC-B2FC053AA97B}
O42 – Logiciel: Logiciels National Instruments – (.National Instruments.) [HKLM][64Bits] — NI Uninstaller
O42 – Logiciel: LyX 2.0.5.1 – (.LyX Team.) [HKLM][64Bits] — LyX2051
O42 – Logiciel: MATLAB R2013a Student Version (32-bit) – (.The MathWorks, Inc..) [HKLM][64Bits] — Matlab SV R2013a
O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 – Logiciel: MSVCRT_amd64 – (.Microsoft.) [HKLM][64Bits] — {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 – Logiciel: MSXML 4.0 SP2 (KB954430) – (.Microsoft Corporation.) [HKLM][64Bits] — {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 – Logiciel: MSXML 4.0 SP2 (KB973688) – (.Microsoft Corporation.) [HKLM][64Bits] — {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 – Logiciel: MSXML4 Parser – (.Microsoft Game Studios.) [HKLM][64Bits] — {01501EBA-EC35-4F9F-8889-3BE346E5DA13}
O42 – Logiciel: Mahjong Memoirs – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}
O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.3.1025 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
O42 – Logiciel: Mesh Runtime – (.Microsoft Corporation.) [HKLM][64Bits] — {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 – Logiciel: MiKTeX 2.9 – (.MiKTeX.org.) [HKLM][64Bits] — MiKTeX 2.9
O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM][64Bits] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 – Logiciel: Mises à jour NVIDIA 1.11.3 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 – Logiciel: Mozilla Firefox 33.1.1 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Firefox 33.1.1 (x86 fr)
O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM][64Bits] — MozillaMaintenanceService
O42 – Logiciel: Mozilla Thunderbird 31.2.0 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Thunderbird 31.2.0 (x86 fr) =>.Mozilla Corporation
O42 – Logiciel: NVIDIA PhysX – (.NVIDIA Corporation.) [HKLM][64Bits] — {46ED2B64-85C7-4E1F-920C-A555B21F2E4C}
O42 – Logiciel: NVIDIA Pilote graphique 311.44 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 – Logiciel: Nexus Mod Manager – (.Black Tree Gaming.) [HKLM][64Bits] — 6af12c54-643b-4752-87d0-8335503010de_is1
O42 – Logiciel: Oracle VM VirtualBox 4.3.6 – (.Oracle Corporation.) [HKLM][64Bits] — {DC65DFD8-E175-4A85-948A-42965853B2E8}
O42 – Logiciel: Plants vs Zombies – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}
O42 – Logiciel: Qualcomm Atheros WiFi Driver Installation – (.Qualcomm Atheros.) [HKLM][64Bits] — {7D916FA5-DAE9-4A25-B089-655C70EAF607}
O42 – Logiciel: Questions-Réponses 1.56 – (.Thomas et Mathieu DUBAËLE (Atlence.com).) [HKLM][64Bits] — Questions-Réponses
O42 – Logiciel: Realtek Ethernet Controller Driver – (.Realtek.) [HKLM][64Bits] — {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 – Logiciel: Realtek USB 2.0 Card Reader – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 – Logiciel: SceneSwitch – (.ASUS.) [HKLM][64Bits] — {5172E572-C175-4F80-A6D5-5CB45826AD61}
O42 – Logiciel: Security Update for CAPICOM (KB931906) – (.Microsoft Corporation.) [HKLM][64Bits] — KB931906
O42 – Logiciel: Security Update for CAPICOM (KB931906) – (.Microsoft Corporation.) [HKLM][64Bits] — {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 – Logiciel: Skype™ 6.11 – (.Skype Technologies S.A..) [HKLM][64Bits] — {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 – Logiciel: SolidWorks 2013 x64 Edition SP03 – (.SolidWorks Corporation.) [HKLM][64Bits] — SolidWorks Installation Manager 20130-40300-1100-100
O42 – Logiciel: SolidWorks 2013 x64 Edition SP03 – (.SolidWorks.) [HKLM][64Bits] — {B6B5EA7E-B91F-443D-A958-B0062FB53804}
O42 – Logiciel: SolidWorks 2013 x64 French Resources – (.Nom de votre société.) [HKLM][64Bits] — {0D01B115-8364-4AFD-8CA3-423488C25D26}
O42 – Logiciel: SolidWorks eDrawings 2013 x64 Edition SP03 – (.Dassault Systèmes SolidWorks Corp.) [HKLM][64Bits] — {AC2165BD-762D-420B-AD33-20FACAA7112B}
O42 – Logiciel: Steam – (.Valve Corporation.) [HKLM][64Bits] — {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 – Logiciel: TexMakerX 1.9.3 – (.Benito van der Zander.) [HKLM][64Bits] — TexMakerX_is1
O42 – Logiciel: The Elder Scrolls V: Skyrim – (.Bethesda Game Studios.) [HKLM][64Bits] — Steam App 72850
O42 – Logiciel: Turbo Fiesta – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}
O42 – Logiciel: Ultra Defragmenter – (.UltraDefrag Development Team.) [HKLM][64Bits] — UltraDefrag
O42 – Logiciel: VLC media player – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
O42 – Logiciel: WinFlash – (.ASUS.) [HKLM][64Bits] — {8F21291E-0444-4B1D-B9F9-4370A73E346D}
O42 – Logiciel: WinRAR 5.10 (32-bit) – (.win.rar GmbH.) [HKLM][64Bits] — WinRAR archiver
O42 – Logiciel: Wireless Console 3 – (.ASUS.) [HKLM][64Bits] — {19EA33FB-B34E-40EA-8B8A-61743AEB795A}
O42 – Logiciel: World of Goo – (.Oberon Media.) [HKLM][64Bits] — {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}
O42 – Logiciel: avast! Free Antivirus v9.0.2021 – (.AVAST Software.) [HKLM][64Bits] — avast
~ Logic: 71 Scanned in 00mn 00s—\ HKCU & HKLM Software Keys
[HKCUSoftwareAFPL Ghostscript]
[HKCUSoftwareASProtect]
[HKCUSoftwareASUS]
[HKCUSoftwareATK0100]
[HKCUSoftwareActiveState]
[HKCUSoftwareAdobe]
[HKCUSoftwareAion]
[HKCUSoftwareAppDataLowSoftwareJavaSoft]
[HKCUSoftwareAppDataLow]
[HKCUSoftwareAtheros]
[HKCUSoftwareAvast Software]
[HKCUSoftwareBlizzard Entertainment]
[HKCUSoftwareBlueJ]
[HKCUSoftwareBohemia Interactive Studio]
[HKCUSoftwareClasses]
[HKCUSoftwareClients]
[HKCUSoftwareCryptic]
[HKCUSoftwareCyberLink]
[HKCUSoftwareDT Soft]
[HKCUSoftwareDVDFab]
[HKCUSoftwareDisc Soft]
[HKCUSoftwareECAREME]
[HKCUSoftwareElantech]
[HKCUSoftwareEmulators]
[HKCUSoftwareFender FUSE]
[HKCUSoftwareGPL Ghostscript]
[HKCUSoftwareGameSpy]
[HKCUSoftwareGameforge4d]
[HKCUSoftwareGoogle]
[HKCUSoftwareHewlett-Packard]
[HKCUSoftwareIM Providers]
[HKCUSoftwareInfernum]
[HKCUSoftwareIntel]
[HKCUSoftwareJavaSoft]
[HKCUSoftwareLyX]
[HKCUSoftwareMacromedia]
[HKCUSoftwareMalwarebytes' Anti-Malware]
[HKCUSoftwareMathworks]
[HKCUSoftwareMiKTeX.org]
[HKCUSoftwareMozillaPlugins]
[HKCUSoftwareMozilla]
[HKCUSoftwareNVIDIA Corporation]
[HKCUSoftwareNational Instruments]
[HKCUSoftwareNetscape]
[HKCUSoftwareODBC]
[HKCUSoftwareOracle]
[HKCUSoftwarePiriform]
[HKCUSoftwarePolicies]
[HKCUSoftwareRICOH]
[HKCUSoftwareRealtek]
[HKCUSoftwareSecuROM]
[HKCUSoftwareSkype]
[HKCUSoftwareSolidWorks]
[HKCUSoftwareTUG]
[HKCUSoftwareThe Document Foundation]
[HKCUSoftwareThunderbird] =>.Mozilla Corporation
[HKCUSoftwareTortoiseGit]
[HKCUSoftwareTortoiseSVN]
[HKCUSoftwareTrolltech]
[HKCUSoftwareValve]
[HKCUSoftwareWinRAR SFX]
[HKCUSoftwareWinRAR]
[HKCUSoftwareWow6432Node]
[HKCUSoftwareZebHelpProcess Helper]
[HKCUSoftwareeDrawings]
[HKCUSoftwareej-technologies]
[HKCUSoftwaresrac]
[HKCUSoftwaretestapp]
[HKCUSoftwaretrion]
[HKLMSoftwareAGEIA Technologies]
[HKLMSoftwareASUS]
[HKLMSoftwareATHEROS]
[HKLMSoftwareATI Technologies]
[HKLMSoftwareAgere]
[HKLMSoftwareApple Inc.]
[HKLMSoftwareClasses]
[HKLMSoftwareClients]
[HKLMSoftwareDTS]
[HKLMSoftwareDolby]
[HKLMSoftwareECAREME]
[HKLMSoftwareHewlett-Packard]
[HKLMSoftwareIM Providers]
[HKLMSoftwareIntel]
[HKLMSoftwareJavaSoft]
[HKLMSoftwareKhronos]
[HKLMSoftwareKnowles]
[HKLMSoftwareLSI]
[HKLMSoftwareMacromedia]
[HKLMSoftwareMacrovision]
[HKLMSoftwareMcAfee.com]
[HKLMSoftwareMozillaPlugins]
[HKLMSoftwareMozilla]
[HKLMSoftwareNVIDIA Corporation]
[HKLMSoftwareNational Instruments]
[HKLMSoftwareNexusModManager]
[HKLMSoftwareODBC]
[HKLMSoftwareOracle]
[HKLMSoftwarePXISA]
[HKLMSoftwarePiriform]
[HKLMSoftwarePolicies]
[HKLMSoftwareRICOH]
[HKLMSoftwareRTLSetup]
[HKLMSoftwareRealtek Semiconductor Corp.]
[HKLMSoftwareRealtek]
[HKLMSoftwareRegisteredApplications]
[HKLMSoftwareSRS Labs]
[HKLMSoftwareSiteAdvisor]
[HKLMSoftwareSolidWorks]
[HKLMSoftwareSonicFocus]
[HKLMSoftwareSonic]
[HKLMSoftwareSrac]
[HKLMSoftwareWaves Audio]
[HKLMSoftwareWow6432NodeAFPL Ghostscript]
[HKLMSoftwareWow6432NodeAGEIA Technologies]
[HKLMSoftwareWow6432NodeASUS]
[HKLMSoftwareWow6432NodeAVAST Software]
[HKLMSoftwareWow6432NodeActivision]
[HKLMSoftwareWow6432NodeAdobe]
[HKLMSoftwareWow6432NodeAdwCleaner]
[HKLMSoftwareWow6432NodeApple Inc.]
[HKLMSoftwareWow6432NodeApps TMD]
[HKLMSoftwareWow6432NodeArenaNet]
[HKLMSoftwareWow6432NodeArobas Music]
[HKLMSoftwareWow6432NodeAsLdr]
[HKLMSoftwareWow6432NodeBethesda Softworks]
[HKLMSoftwareWow6432NodeBlizzard Entertainment]
[HKLMSoftwareWow6432NodeBohemia Interactive Studio]
[HKLMSoftwareWow6432NodeBohemia Interactive]
[HKLMSoftwareWow6432NodeClasses]
[HKLMSoftwareWow6432NodeClients]
[HKLMSoftwareWow6432NodeCyberLink]
[HKLMSoftwareWow6432NodeDT Soft]
[HKLMSoftwareWow6432NodeDisc Soft]
[HKLMSoftwareWow6432NodeEA Games]
[HKLMSoftwareWow6432NodeECAREME]
[HKLMSoftwareWow6432NodeFLEXlm License Manager]
[HKLMSoftwareWow6432NodeGPL Ghostscript]
[HKLMSoftwareWow6432NodeGameforge]
[HKLMSoftwareWow6432NodeGoogle]
[HKLMSoftwareWow6432NodeIM Providers]
[HKLMSoftwareWow6432NodeImageMagick]
[HKLMSoftwareWow6432NodeInstallShield]
[HKLMSoftwareWow6432NodeIntel]
[HKLMSoftwareWow6432NodeJavaSoft]
[HKLMSoftwareWow6432NodeJreMetrics]
[HKLMSoftwareWow6432NodeKhronos]
[HKLMSoftwareWow6432NodeKitware]
[HKLMSoftwareWow6432NodeLibreOffice]
[HKLMSoftwareWow6432NodeMacromedia]
[HKLMSoftwareWow6432NodeMacrovision]
[HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware (Trial)]
[HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware]
[HKLMSoftwareWow6432NodeMathWorks]
[HKLMSoftwareWow6432NodeMetin2_FR]
[HKLMSoftwareWow6432NodeMiKTeX.org]
[HKLMSoftwareWow6432NodeMozillaPlugins]
[HKLMSoftwareWow6432NodeMozilla]
[HKLMSoftwareWow6432NodeNVIDIA Corporation]
[HKLMSoftwareWow6432NodeNational Instruments]
[HKLMSoftwareWow6432NodeNostale_FR]
[HKLMSoftwareWow6432NodeODBC]
[HKLMSoftwareWow6432NodeOberon Media]
[HKLMSoftwareWow6432NodePXISA]
[HKLMSoftwareWow6432NodePersits Software]
[HKLMSoftwareWow6432NodePolicies]
[HKLMSoftwareWow6432NodeQualcomm Atheros WiFi Driver Installation]
[HKLMSoftwareWow6432NodeRealtek Semiconductor Corp.]
[HKLMSoftwareWow6432NodeRealtek]
[HKLMSoftwareWow6432NodeRegisteredApplications]
[HKLMSoftwareWow6432NodeRunes of Magic]
[HKLMSoftwareWow6432NodeSkype]
[HKLMSoftwareWow6432NodeSolidWorks]
[HKLMSoftwareWow6432NodeThe Document Foundation]
[HKLMSoftwareWow6432NodeValve]
[HKLMSoftwareWow6432NodeVideoLAN]
[HKLMSoftwareWow6432NodeVolatile]
[HKLMSoftwareWow6432NodeWinRAR]
[HKLMSoftwareWow6432NodeZemi Interactive]
[HKLMSoftwareWow6432Nodemozilla.org]
[HKLMSoftwareWow6432Node]
[HKLMSoftwareeDrawings]
[HKLMSoftwareej-technologies]
[HKLMSoftwarejumpshot.com]
~ Key Software: 375 Scanned in 00mn 01s—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 24/02/2012 – 03:28:31 – [] —-D C:Program Files (x86)Adobe
O43 – CFD: 7/09/2012 – 17:41:18 – [] —-D C:Program Files (x86)ASUS
O43 – CFD: 9/02/2014 – 12:43:24 – [] —-D C:Program Files (x86)Atlence
O43 – CFD: 9/09/2012 – 15:25:12 – [] —-D C:Program Files (x86)audiograbber
O43 – CFD: 6/11/2014 – 21:04:10 – [] —-D C:Program Files (x86)Battle.net
O43 – CFD: 22/09/2012 – 12:37:54 – [] —-D C:Program Files (x86)BlueJ
O43 – CFD: 21/05/2012 – 11:45:02 – [] —-D C:Program Files (x86)Bluetooth Suite
O43 – CFD: 1/03/2014 – 18:20:54 – [] —-D C:Program Files (x86)Bonjour
O43 – CFD: 5/02/2014 – 16:12:05 – [] —-D C:Program Files (x86)CodeBlocks
O43 – CFD: 18/11/2014 – 16:53:30 – [] —-D C:Program Files (x86)Common Files
O43 – CFD: 21/05/2012 – 11:56:24 – [] —-D C:Program Files (x86)CyberLink
O43 – CFD: 10/10/2014 – 18:37:53 – [] —-D C:Program Files (x86)Diablo III
O43 – CFD: 2/11/2012 – 16:07:48 – [] —-D C:Program Files (x86)Dotjosh Studios
O43 – CFD: 9/09/2012 – 16:48:46 – [] —-D C:Program Files (x86)DVDFab 8 Qt
O43 – CFD: 25/11/2012 – 16:46:15 – [] —-D C:Program Files (x86)Fender
O43 – CFD: 12/09/2013 – 09:25:31 – [] —-D C:Program Files (x86)Google
O43 – CFD: 13/09/2014 – 12:04:06 – [] —-D C:Program Files (x86)Guild Wars 2
O43 – CFD: 6/11/2014 – 21:00:05 – [] —-D C:Program Files (x86)Hearthstone
O43 – CFD: 22/05/2014 – 14:56:16 – [] –H-D C:Program Files (x86)InstallShield Installation Information
O43 – CFD: 20/12/2013 – 18:53:38 – [] —-D C:Program Files (x86)Intel
O43 – CFD: 13/11/2014 – 08:07:40 – [] —-D C:Program Files (x86)Internet Explorer
O43 – CFD: 18/11/2014 – 16:52:46 – [] —-D C:Program Files (x86)Java
O43 – CFD: 9/09/2012 – 15:37:31 – [] —-D C:Program Files (x86)LibreOffice 3.6
O43 – CFD: 28/01/2014 – 19:11:19 – [] —-D C:Program Files (x86)LTC
O43 – CFD: 17/02/2013 – 13:06:44 – [] —-D C:Program Files (x86)LyX 2.0
O43 – CFD: 19/10/2014 – 11:39:45 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
O43 – CFD: 27/09/2013 – 13:58:15 – [] —-D C:Program Files (x86)MATLAB
O43 – CFD: 24/02/2012 – 03:41:46 – [] —-D C:Program Files (x86)Microsoft
O43 – CFD: 3/03/2014 – 00:27:57 – [] —-D C:Program Files (x86)Microsoft CAPICOM 2.1.0.2
O43 – CFD: 18/10/2014 – 17:53:35 – [] —-D C:Program Files (x86)Microsoft Games
O43 – CFD: 1/03/2014 – 18:18:25 – [] —-D C:Program Files (x86)Microsoft Office
O43 – CFD: 25/07/2014 – 10:20:38 – [] —-D C:Program Files (x86)Microsoft Silverlight
O43 – CFD: 24/02/2012 – 03:37:31 – [] —-D C:Program Files (x86)Microsoft SQL Server Compact Edition
O43 – CFD: 4/12/2012 – 18:43:23 – [] —-D C:Program Files (x86)Microsoft Visual Studio
O43 – CFD: 1/03/2014 – 18:18:18 – [] —-D C:Program Files (x86)Microsoft Visual Studio 8
O43 – CFD: 5/12/2012 – 00:31:10 – [] —-D C:Program Files (x86)Microsoft Works
O43 – CFD: 4/12/2012 – 18:42:53 – [] —-D C:Program Files (x86)Microsoft.NET
O43 – CFD: 12/05/2013 – 18:11:01 – [] —-D C:Program Files (x86)MiKTeX 2.9
O43 – CFD: 15/11/2014 – 00:04:29 – [] —-D C:Program Files (x86)Mozilla Firefox
O43 – CFD: 16/11/2014 – 09:00:14 – [] —-D C:Program Files (x86)Mozilla Maintenance Service
O43 – CFD: 20/10/2014 – 15:09:36 – [] —-D C:Program Files (x86)Mozilla Thunderbird =>.Mozilla Corporation
O43 – CFD: 4/12/2012 – 18:43:33 – [] —-D C:Program Files (x86)MSBuild
O43 – CFD: 1/03/2014 – 18:16:59 – [] —-D C:Program Files (x86)MSECache
O43 – CFD: 23/10/2012 – 23:35:47 – [0] —-D C:Program Files (x86)MSXML 4.0
O43 – CFD: 21/10/2014 – 18:15:34 – [] —-D C:Program Files (x86)National Instruments
O43 – CFD: 21/05/2012 – 11:40:32 – [] —-D C:Program Files (x86)NVIDIA Corporation
O43 – CFD: 21/05/2012 – 11:43:49 – [] —-D C:Program Files (x86)Qualcomm Atheros WiFi Driver Installation
O43 – CFD: 21/05/2012 – 11:42:27 – [] —-D C:Program Files (x86)Realtek
O43 – CFD: 14/07/2009 – 06:32:38 – [] —-D C:Program Files (x86)Reference Assemblies
O43 – CFD: 27/09/2013 – 13:25:34 – [] —-D C:Program Files (x86)ScienceActive
O43 – CFD: 4/03/2014 – 20:53:31 – [] R—D C:Program Files (x86)Skype
O43 – CFD: 6/11/2014 – 21:41:16 – [] —-D C:Program Files (x86)Steam
O43 – CFD: 21/05/2012 – 11:41:48 – [0] –H-D C:Program Files (x86)Temp
O43 – CFD: 27/09/2013 – 14:31:01 – [] —-D C:Program Files (x86)TexMakerX
O43 – CFD: 14/07/2009 – 05:57:06 – [0] –H-D C:Program Files (x86)Uninstall Information
O43 – CFD: 9/09/2012 – 15:13:38 – [] —-D C:Program Files (x86)VideoLAN
O43 – CFD: 10/07/2013 – 20:42:53 – [] —-D C:Program Files (x86)Windows Defender
O43 – CFD: 24/02/2012 – 03:39:42 – [] —-D C:Program Files (x86)Windows Live
O43 – CFD: 11/09/2012 – 21:43:31 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
O43 – CFD: 12/12/2013 – 12:48:55 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
O43 – CFD: 14/07/2009 – 06:32:38 – [] —-D C:Program Files (x86)Windows NT
O43 – CFD: 11/09/2012 – 21:43:30 – [] —-D C:Program Files (x86)Windows Photo Viewer
O43 – CFD: 18/02/2011 – 21:09:10 – [] —-D C:Program Files (x86)Windows Portable Devices
O43 – CFD: 11/09/2012 – 21:43:34 – [] —-D C:Program Files (x86)Windows Sidebar
O43 – CFD: 15/06/2014 – 10:26:13 – [] —-D C:Program Files (x86)WinRAR
O43 – CFD: 19/10/2014 – 12:25:42 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
O43 – CFD: 8/09/2012 – 10:30:41 – [] —-D C:Program Files (x86)Common FilesAdobe
O43 – CFD: 21/05/2012 – 11:44:18 – [] —-D C:Program Files (x86)Common FilesAtheros
O43 – CFD: 9/02/2014 – 12:40:50 – [] —-D C:Program Files (x86)Common FilesAtlence
O43 – CFD: 16/01/2013 – 18:27:12 – [] —-D C:Program Files (x86)Common FilesBattlEye
O43 – CFD: 17/09/2014 – 09:25:03 – [] —-D C:Program Files (x86)Common FilesBlizzard Entertainment
O43 – CFD: 15/05/2014 – 07:08:16 – [] —-D C:Program Files (x86)Common FilesDESIGNER
O43 – CFD: 1/03/2014 – 18:15:29 – [] —-D C:Program Files (x86)Common FilesGestionnaire d'installation SolidWorks
O43 – CFD: 28/12/2013 – 16:24:25 – [] —-D C:Program Files (x86)Common FilesInstallShield
O43 – CFD: 18/11/2014 – 16:53:30 – [] —-D C:Program Files (x86)Common FilesJava
O43 – CFD: 1/03/2014 – 18:15:00 – [] —-D C:Program Files (x86)Common FilesMacrovision Shared
O43 – CFD: 21/10/2014 – 18:20:06 – [] —-D C:Program Files (x86)Common FilesMerge Modules
O43 – CFD: 1/03/2014 – 18:18:22 – [] —-D C:Program Files (x86)Common Filesmicrosoft shared
O43 – CFD: 24/02/2012 – 03:42:35 – [] —-D C:Program Files (x86)Common FilesOberon Media
O43 – CFD: 21/05/2012 – 11:40:39 – [] —-D C:Program Files (x86)Common FilespostureAgent
O43 – CFD: 21/05/2012 – 11:52:08 – [] —-D C:Program Files (x86)Common FilesSceneSwitch
O43 – CFD: 14/07/2009 – 04:20:08 – [] —-D C:Program Files (x86)Common FilesServices
O43 – CFD: 10/06/2013 – 18:53:40 – [] —-D C:Program Files (x86)Common FilesSkype
O43 – CFD: 1/03/2014 – 18:28:11 – [] —-D C:Program Files (x86)Common FilesSolidWorks Shared
O43 – CFD: 14/07/2009 – 04:20:08 – [] —-D C:Program Files (x86)Common FilesSpeechEngines
O43 – CFD: 6/11/2014 – 21:31:06 – [] —-D C:Program Files (x86)Common FilesSteam
O43 – CFD: 5/12/2012 – 22:58:22 – [] —-D C:Program Files (x86)Common FilesSystem
O43 – CFD: 24/02/2012 – 03:29:35 – [] —-D C:Program Files (x86)Common FilesWindows Live
O43 – CFD: 12/04/2013 – 11:17:19 – [] —-D C:ProgramDataAdobe
O43 – CFD: 1/03/2014 – 18:20:51 – [] —-D C:ProgramDataApple
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataApplication Data
O43 – CFD: 7/09/2012 – 17:40:24 – [] —-D C:ProgramDataAsus
O43 – CFD: 24/02/2012 – 03:42:14 – [] —-D C:ProgramDataASUS WebStorage
O43 – CFD: 7/09/2012 – 17:24:05 – [] —-D C:ProgramDataAtheros
O43 – CFD: 13/12/2013 – 08:25:06 – [] —-D C:ProgramDataAVAST Software
O43 – CFD: 11/09/2012 – 10:17:04 – [] —-D C:ProgramDataBattle.net
O43 – CFD: 11/09/2012 – 10:40:30 – [] —-D C:ProgramDataBlizzard Entertainment
O43 – CFD: 6/02/2013 – 11:16:05 – [] —-D C:ProgramDataBohemia Interactive Studio
O43 – CFD: 7/09/2012 – 17:24:16 – [] —-D C:ProgramDataChangeFolderView
O43 – CFD: 21/05/2012 – 11:54:37 – [] —-D C:ProgramDataCyberLink
O43 – CFD: 25/10/2012 – 21:11:30 – [] —-D C:ProgramDataDAEMON Tools Lite =>.DT Soft Ltd
O43 – CFD: 4/03/2014 – 16:59:09 – [] —-D C:ProgramDataDassaultSystemes
O43 – CFD: 24/02/2012 – 03:43:10 – [] —-D C:ProgramDataDeadtime Stories
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataDesktop
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataDocuments
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataFavorites
O43 – CFD: 1/03/2014 – 18:15:11 – [] —-D C:ProgramDataFLEXnet
O43 – CFD: 7/09/2012 – 17:21:16 – [] —-D C:ProgramDataFolderView
O43 – CFD: 22/09/2012 – 13:06:40 – [] —-D C:ProgramDataHewlett-Packard
O43 – CFD: 21/05/2012 – 11:41:06 – [] —-D C:ProgramDataIntel
O43 – CFD: 19/10/2014 – 11:39:42 – [] —-D C:ProgramDataMalwarebytes
O43 – CFD: 10/11/2012 – 09:35:13 – [] —-D C:ProgramDataMcAfee
O43 – CFD: 20/12/2013 – 19:00:53 – [] -S–D C:ProgramDataMicrosoft
O43 – CFD: 13/11/2014 – 01:13:51 – [] —-D C:ProgramDataMicrosoft Help
O43 – CFD: 17/02/2013 – 13:04:40 – [] —-D C:ProgramDataMiKTeX
O43 – CFD: 7/09/2012 – 19:52:51 – [] —-D C:ProgramDataMozilla
O43 – CFD: 8/11/2014 – 14:06:51 – [] —-D C:ProgramDataNational Instruments
O43 – CFD: 20/12/2013 – 19:15:22 – [] —-D C:ProgramDataNVIDIA
O43 – CFD: 21/05/2012 – 11:38:32 – [] —-D C:ProgramDataNVIDIA Corporation
O43 – CFD: 18/11/2014 – 16:53:54 – [0] —-D C:ProgramDataOracle
O43 – CFD: 21/05/2012 – 11:49:32 – [] —-D C:ProgramDataP4G
O43 – CFD: 21/10/2014 – 18:14:46 – [] —-D C:ProgramDataPXISA
O43 – CFD: 21/05/2012 – 11:42:35 – [] —-D C:ProgramDataQualcomm Atheros
O43 – CFD: 4/03/2014 – 20:53:19 – [] —-D C:ProgramDataSkype
O43 – CFD: 4/07/2014 – 15:15:35 – [0] —-D C:ProgramDataSolid State Networks
O43 – CFD: 1/03/2014 – 18:22:22 – [] —-D C:ProgramDataSolidWorks
O43 – CFD: 21/05/2012 – 11:41:44 – [] —-D C:ProgramDataSonicFocus
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataStart Menu
O43 – CFD: 3/09/2014 – 09:32:31 – [] —-D C:ProgramDataSun
O43 – CFD: 21/05/2012 – 11:56:18 – [] —-D C:ProgramDataTemp
O43 – CFD: 14/07/2009 – 06:08:56 – [] -SH-D C:ProgramDataTemplates
O43 – CFD: 21/05/2012 – 11:53:58 – [] —-D C:ProgramDataUSBChargerPlus
O43 – CFD: 8/09/2014 – 19:57:02 – [] —-D C:UsersSimonAppDataRoaming.minecraft
O43 – CFD: 8/09/2012 – 10:08:13 – [] —-D C:UsersSimonAppDataRoamingAdobe
O43 – CFD: 7/09/2012 – 17:41:06 – [] —-D C:UsersSimonAppDataRoamingASUS WebStorage
O43 – CFD: 7/09/2012 – 17:23:55 – [] —-D C:UsersSimonAppDataRoamingAtheros
O43 – CFD: 13/12/2013 – 08:31:43 – [] —-D C:UsersSimonAppDataRoamingAVAST Software
O43 – CFD: 17/05/2014 – 21:08:07 – [] —-D C:UsersSimonAppDataRoamingBattle.net
O43 – CFD: 12/12/2013 – 13:33:37 – [] —-D C:UsersSimonAppDataRoamingbenibela
O43 – CFD: 11/07/2014 – 20:36:38 – [] —-D C:UsersSimonAppDataRoamingBigHugeEngine
O43 – CFD: 10/05/2014 – 09:33:21 – [] —-D C:UsersSimonAppDataRoamingCodeBlocks
O43 – CFD: 18/10/2014 – 20:08:49 – [] —-D C:UsersSimonAppDataRoamingDAEMON Tools Lite =>.DT Soft Ltd
O43 – CFD: 1/03/2014 – 18:32:09 – [0] —-D C:UsersSimonAppDataRoamingDassaultSystemes
O43 – CFD: 21/11/2014 – 09:06:14 – [] —-D C:UsersSimonAppDataRoamingDropbox
O43 – CFD: 4/07/2013 – 14:10:17 – [] —-D C:UsersSimonAppDataRoamingdvdcss
O43 – CFD: 11/09/2014 – 11:31:20 – [] —-D C:UsersSimonAppDataRoamingGuild Wars 2
O43 – CFD: 1/03/2014 – 18:38:43 – [] —-D C:UsersSimonAppDataRoaminghelp_images_otherUI
O43 – CFD: 7/09/2012 – 17:21:55 – [] —-D C:UsersSimonAppDataRoamingIdentities
O43 – CFD: 9/09/2012 – 15:37:52 – [] —-D C:UsersSimonAppDataRoamingLibreOffice
O43 – CFD: 1/05/2013 – 16:31:44 – [] —-D C:UsersSimonAppDataRoamingLyX2.0
O43 – CFD: 7/09/2012 – 17:41:06 – [] —-D C:UsersSimonAppDataRoamingMacromedia
O43 – CFD: 15/12/2013 – 18:49:02 – [] —-D C:UsersSimonAppDataRoamingMalwarebytes
O43 – CFD: 27/09/2013 – 14:22:46 – [] —-D C:UsersSimonAppDataRoamingMathWorks
O43 – CFD: 14/07/2009 – 08:44:38 – [0] —-D C:UsersSimonAppDataRoamingMedia Center Programs
O43 – CFD: 1/03/2014 – 18:32:15 – [] -S–D C:UsersSimonAppDataRoamingMicrosoft
O43 – CFD: 17/02/2013 – 13:19:24 – [] —-D C:UsersSimonAppDataRoamingMiKTeX
O43 – CFD: 7/09/2012 – 19:53:08 – [] —-D C:UsersSimonAppDataRoamingMozilla
O43 – CFD: 14/10/2012 – 16:29:26 – [] —-D C:UsersSimonAppDataRoamingNVIDIA
O43 – CFD: 28/12/2013 – 16:27:30 – [] R-H-D C:UsersSimonAppDataRoamingSecuROM
O43 – CFD: 4/05/2014 – 15:13:38 – [] —-D C:UsersSimonAppDataRoamingSkype
O43 – CFD: 13/05/2014 – 08:48:44 – [] —-D C:UsersSimonAppDataRoamingSolidWorks
O43 – CFD: 25/10/2012 – 22:30:06 – [] —-D C:UsersSimonAppDataRoamingSpirited Machine
O43 – CFD: 27/09/2013 – 15:05:28 – [] —-D C:UsersSimonAppDataRoamingSubversion
O43 – CFD: 18/10/2014 – 14:08:45 – [] —-D C:UsersSimonAppDataRoamingTeeworlds
O43 – CFD: 13/04/2014 – 15:02:24 – [] —-D C:UsersSimonAppDataRoamingTERA
O43 – CFD: 9/09/2012 – 15:46:47 – [] —-D C:UsersSimonAppDataRoamingThunderbird =>.Mozilla Corporation
O43 – CFD: 29/09/2013 – 13:50:12 – [] —-D C:UsersSimonAppDataRoamingTortoiseSVN
O43 – CFD: 19/11/2014 – 23:49:33 – [] —-D C:UsersSimonAppDataRoamingvlc
O43 – CFD: 14/10/2012 – 16:44:27 – [] —-D C:UsersSimonAppDataRoamingWinRAR
O43 – CFD: 25/05/2014 – 15:57:21 – [] —-D C:UsersSimonAppDataRoamingWorldPainter
O43 – CFD: 21/11/2014 – 15:02:11 – [] —-D C:UsersSimonAppDataRoamingZHP =>.Nicolas Coolman
O43 – CFD: 10/09/2012 – 19:39:58 – [] —-D C:UsersSimonAppDataLocalActivision
O43 – CFD: 2/11/2014 – 12:20:15 – [] —-D C:UsersSimonAppDataLocalAdobe
O43 – CFD: 7/09/2012 – 17:20:30 – [] -SH-D C:UsersSimonAppDataLocalApplication Data
O43 – CFD: 25/10/2012 – 22:15:58 – [] —-D C:UsersSimonAppDataLocalArmA 2
O43 – CFD: 11/11/2013 – 09:42:05 – [] —-D C:UsersSimonAppDataLocalArmA 2 OA
O43 – CFD: 7/09/2012 – 17:40:21 – [] —-D C:UsersSimonAppDataLocalASUS
O43 – CFD: 8/09/2012 – 16:46:01 – [] —-D C:UsersSimonAppDataLocalAxialis
O43 – CFD: 7/11/2014 – 19:18:21 – [] —-D C:UsersSimonAppDataLocalBattle.net
O43 – CFD: 3/03/2013 – 17:41:13 – [] —-D C:UsersSimonAppDataLocalBlack_Tree_Gaming
O43 – CFD: 17/05/2014 – 21:08:21 – [] —-D C:UsersSimonAppDataLocalBlizzard
O43 – CFD: 17/05/2014 – 20:54:15 – [] —-D C:UsersSimonAppDataLocalBlizzard Entertainment
O43 – CFD: 7/09/2012 – 17:24:04 – [] —-D C:UsersSimonAppDataLocalBMExplorer
O43 – CFD: 19/11/2014 – 18:22:33 – [] —-D C:UsersSimonAppDataLocalCrashDumps
O43 – CFD: 1/03/2014 – 18:32:09 – [0] —-D C:UsersSimonAppDataLocalDassaultSystemes
O43 – CFD: 2/11/2012 – 16:08:02 – [] —-D C:UsersSimonAppDataLocalDayZCommander
O43 – CFD: 2/11/2014 – 13:27:36 – [0] —-D C:UsersSimonAppDataLocalDiagnostics
O43 – CFD: 28/12/2013 – 16:24:28 – [] —-D C:UsersSimonAppDataLocalDownloaded Installations
O43 – CFD: 20/10/2014 – 08:14:31 – [] —-D C:UsersSimonAppDataLocalElevatedDiagnostics
O43 – CFD: 3/09/2014 – 09:19:32 – [] -SH-D C:UsersSimonAppDataLocalEmieSiteList
O43 – CFD: 3/09/2014 – 09:19:32 – [] -SH-D C:UsersSimonAppDataLocalEmieUserList
O43 – CFD: 11/06/2013 – 10:01:34 – [] —-D C:UsersSimonAppDataLocalGoogle
O43 – CFD: 7/09/2012 – 17:20:30 – [] -SH-D C:UsersSimonAppDataLocalHistorique
O43 – CFD: 10/09/2012 – 18:02:47 – [] —-D C:UsersSimonAppDataLocalMacromedia
O43 – CFD: 1/03/2014 – 18:32:16 – [] —-D C:UsersSimonAppDataLocalMicrosoft
O43 – CFD: 18/11/2014 – 16:35:00 – [] —-D C:UsersSimonAppDataLocalMicrosoft Games
O43 – CFD: 26/01/2014 – 00:13:43 – [] —-D C:UsersSimonAppDataLocalMicrosoft Help
O43 – CFD: 17/02/2013 – 13:06:44 – [] —-D C:UsersSimonAppDataLocalMiKTeX
O43 – CFD: 3/10/2013 – 21:31:30 – [] —-D C:UsersSimonAppDataLocalMozilla
O43 – CFD: 8/11/2014 – 14:19:06 – [] —-D C:UsersSimonAppDataLocalNational Instruments
O43 – CFD: 7/09/2012 – 19:24:48 – [] —-D C:UsersSimonAppDataLocalPower2Go
O43 – CFD: 15/12/2013 – 18:47:37 – [] —-D C:UsersSimonAppDataLocalPrograms
O43 – CFD: 14/12/2013 – 17:10:51 – [] —-D C:UsersSimonAppDataLocalSkyrim
O43 – CFD: 4/03/2014 – 17:00:15 – [] —-D C:UsersSimonAppDataLocalSolidWorks
O43 – CFD: 25/10/2012 – 22:32:36 – [] —-D C:UsersSimonAppDataLocalSpirited_Machine
O43 – CFD: 21/11/2014 – 14:27:31 – [] —-D C:UsersSimonAppDataLocalTemp
O43 – CFD: 11/05/2014 – 14:54:19 – [] —-D C:UsersSimonAppDataLocalTempFichierSauvegardeSW
O43 – CFD: 7/09/2012 – 17:20:30 – [] -SH-D C:UsersSimonAppDataLocalTemporary Internet Files
O43 – CFD: 29/09/2013 – 15:43:27 – [] —-D C:UsersSimonAppDataLocalTGitCache
O43 – CFD: 8/03/2014 – 19:58:30 – [] —-D C:UsersSimonAppDataLocalThe Witcher
O43 – CFD: 17/09/2014 – 13:45:20 – [] —-D C:UsersSimonAppDataLocalThunderbird =>.Mozilla Corporation
O43 – CFD: 29/09/2013 – 15:49:38 – [] —-D C:UsersSimonAppDataLocalTSVNCache
O43 – CFD: 9/09/2012 – 15:25:21 – [] —-D C:UsersSimonAppDataLocalVirtualStore
O43 – CFD: 14/07/2009 – 05:54:32 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
O43 – CFD: 29/09/2013 – 18:26:16 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsActiveState ActiveTcl 8.5.14.0
O43 – CFD: 14/08/2014 – 16:06:27 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
O43 – CFD: 9/09/2012 – 15:21:54 – [0] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsAudiograbber
O43 – CFD: 22/09/2012 – 12:37:55 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsBlueJ
O43 – CFD: 25/10/2012 – 22:36:32 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsBohemia Interactive
O43 – CFD: 20/11/2014 – 18:05:15 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsBT Devices
O43 – CFD: 5/02/2014 – 16:12:05 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsCodeBlocks
O43 – CFD: 21/11/2014 – 09:05:34 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsDropbox
O43 – CFD: 25/11/2012 – 16:46:16 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsFender FUSE
O43 – CFD: 18/10/2014 – 20:16:53 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsGames
O43 – CFD: 14/07/2009 – 05:49:38 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
O43 – CFD: 14/08/2014 – 16:06:27 – [] R—D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
O43 – CFD: 24/12/2012 – 23:47:01 – [] —-D C:UsersSimonAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam
~ 3 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 230 Scanned in 00mn 00s—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.8A8CB073A4B9F9D97CFA8CA9C1C851CE] – 11/11/2014 – 04:08:48 —A- . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll [728064]
O44 – LFC:[MD5.1306E6A1BF4D506CD687DF9F947270F2] – 11/11/2014 – 04:08:52 —A- . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll [241152]
O44 – LFC:[MD5.B938AF16A521C913791C6F7AFF032757] – 12/11/2014 – 07:46:56 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32oleaut32.dll [861696]
O44 – LFC:[MD5.2720C94ADCC1727A66365CCB1CE456C4] – 12/11/2014 – 07:47:02 —A- . (.Microsoft Corporation – Windows Installer.) — C:WindowsSystem32msi.dll [3241984]
O44 – LFC:[MD5.93C055B6AAD76360A60CB7E59A491531] – 12/11/2014 – 07:47:05 —A- . (.Microsoft Corporation – Pilote Win32 multi-utilisateurs.) — C:WindowsSystem32win32k.sys [3198976]
O44 – LFC:[MD5.934735F508E297504460935B71E99F0B] – 12/11/2014 – 07:47:08 —A- . (.Microsoft Corporation – Gestionnaire de liaisons d’objets2.) — C:WindowsSystem32packager.dll [77824]
O44 – LFC:[MD5.336BA030AB7B05300CB0B5C6AFB27176] – 12/11/2014 – 07:47:19 —A- . (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll [22016]
O44 – LFC:[MD5.DF30FC54FFF79BC744B22A4850A3CF92] – 12/11/2014 – 07:47:19 —A- . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32TSpkg.dll [86528]
O44 – LFC:[MD5.47C48C705F4F1EFC99B50B43AE4301FE] – 12/11/2014 – 07:47:20 —A- . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll [314880]
O44 – LFC:[MD5.55F0CF40479A1FC89CFA578909A540F2] – 12/11/2014 – 07:47:20 —A- . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll [210944]
O44 – LFC:[MD5.109CC0DF72CC07A6CB59D2995255A1DA] – 12/11/2014 – 07:47:24 —A- . (.Microsoft Corporation – Bibliothèque de chiffrement Windows.) — C:WindowsSystem32ncrypt.dll [309760]
O44 – LFC:[MD5.A71B81AC2C14ABA013CCF1225D9E3E36] – 12/11/2014 – 07:47:24 —A- . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll [342016]
O44 – LFC:[MD5.FAFCB80D42A65964B6F4945283B8C10F] – 12/11/2014 – 07:47:29 —A- . (.Microsoft Corporation – Session audio.) — C:WindowsSystem32AudioSes.dll [296448]
O44 – LFC:[MD5.A2C9E45F4069A002E985D1563D16813B] – 12/11/2014 – 07:47:30 —A- . (.Microsoft Corporation – Audio Engine.) — C:WindowsSystem32AudioEng.dll [440832]
O44 – LFC:[MD5.B1BB7B91C3C878FDB2874138CE81C4EF] – 12/11/2014 – 07:47:30 —A- . (.Microsoft Corporation – Media Foundation Crash Dump Encryption DLL.) — C:WindowsSystem32EncDump.dll [284672]
O44 – LFC:[MD5.9383B21A4B77C130940262DDC5F3F49B] – 12/11/2014 – 07:47:32 —A- . (.Microsoft Corporation – Audio Ks Endpoint.) — C:WindowsSystem32AUDIOKSE.dll [500224]
O44 – LFC:[MD5.DE3E38431B00C2EA247C53675DCF01A0] – 12/11/2014 – 07:47:32 —A- . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32audiosrv.dll [680960]
O44 – LFC:[MD5.1FEBD408F32DFC523882E7DA5AC57819] – 12/11/2014 – 07:47:33 —A- . (.Microsoft Corporation – Microsoft IME.) — C:WindowsSystem32IMJP10K.DLL [878080]
O44 – LFC:[MD5.364ECFF4ABD9D575F4F7CF7EB7928EF3] – 12/11/2014 – 07:47:35 —A- . (.Microsoft Corporation – MSXML 3.0 SP11.) — C:WindowsSystem32msxml3.dll [1882624]
O44 – LFC:[MD5.D005697F0467BBDDAB7638496DA5DB52] – 12/11/2014 – 07:47:35 —A- . (.Microsoft Corporation – XML Resources.) — C:WindowsSystem32msxml3r.dll [2048]
O44 – LFC:[MD5.BBD6A636AAA65D874F3863280CD8373D] – 12/11/2014 – 07:47:46 —A- . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll [25110016]
O44 – LFC:[MD5.4B6D9AB2ECD11AF5F6B1C42D938E0A85] – 12/11/2014 – 07:47:47 —A- . (.Microsoft Corporation – DAC for Trident DOM.) — C:WindowsSystem32MshtmlDac.dll [88064]
O44 – LFC:[MD5.EE3592B010E3F69D141323E592C01A1A] – 12/11/2014 – 07:47:47 —A- . (.Microsoft Corporation – DLL de gestion d'utilisateur local et de co.) — C:WindowsSystem32msrating.dll [199680]
O44 – LFC:[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] – 12/11/2014 – 07:47:48 —A- . (.Microsoft Corporation – Extensions Internet pour Win32.) — C:WindowsSystem32wininet.dll [2365440]
O44 – LFC:[MD5.B6DC4597FF946B0C8B29650A71F52D4E] – 12/11/2014 – 07:47:48 —A- . (.Microsoft Corporation – Microsoft ® VBScript.) — C:WindowsSystem32vbscript.dll [580096]
O44 – LFC:[MD5.98088A13F65BE35DA3693F264740CEEC] – 12/11/2014 – 07:47:49 —A- . (.Microsoft Corporation – Microsoft (R) HTML Media DLL.) — C:WindowsSystem32mshtmlmedia.dll [1359360]
O44 – LFC:[MD5.F208D7FB40FD80EA9F123BABF687359C] – 12/11/2014 – 07:47:49 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript9.dll [6040064]
O44 – LFC:[MD5.7EC80DB959695D4F927D2D601DA59F35] – 12/11/2014 – 07:47:49 —A- . (.Microsoft Corporation – Microsoft ® JScript Diagnostics.) — C:WindowsSystem32jscript9diag.dll [814080]
O44 – LFC:[MD5.7EE5FBD190BF5B27F7977EA6CBF0DCAC] – 12/11/2014 – 07:47:50 —A- . (.Microsoft Corporation – Microsoft® HTML Editing Component.) — C:WindowsSystem32mshtmled.dll [92160]
O44 – LFC:[MD5.69602F6259598A7837CB83D3608FE293] – 12/11/2014 – 07:47:50 —A- . (.Microsoft Corporation – Moteur de l’interface utilisateur d’Interne.) — C:WindowsSystem32ieui.dll [633856]
O44 – LFC:[MD5.154B8555A118BCFD95F358390E418B00] – 12/11/2014 – 07:47:50 —A- . (.Microsoft Corporation – Navigateur Internet.) — C:WindowsSystem32ieframe.dll [14390272]
O44 – LFC:[MD5.31F2A5ECFD2C75F970A3007ACD5627C7] – 12/11/2014 – 07:47:51 —A- . (.Microsoft Corporation – JScript Proxy Auto-Configuration.) — C:WindowsSystem32jsproxy.dll [54784]
O44 – LFC:[MD5.08BCDD6C9E23D00309F359620461DFE8] – 12/11/2014 – 07:47:51 —A- . (.Microsoft Corporation – Outil d’installation sans assistance d’IE 7.) — C:WindowsSystem32ieUnatt.exe [144384]
O44 – LFC:[MD5.5C9D58591D0091630452B04F35527240] – 12/11/2014 – 07:47:52 —A- . (.Microsoft Corporation – Panneau de configuration Internet.) — C:WindowsSystem32inetcpl.cpl [2124288]
O44 – LFC:[MD5.BA4EC6139B8830BBA9CC5D065CA5796C] – 12/11/2014 – 07:47:52 —A- . (.Microsoft Corporation – Run time utility for Internet Explorer.) — C:WindowsSystem32iertutil.dll [2884096]
O44 – LFC:[MD5.6507CA9349500A535AF70670F248E525] – 12/11/2014 – 07:47:53 —A- . (.Microsoft Corporation – IOD Version Map.) — C:WindowsSystem32iesetup.dll [66560]
O44 – LFC:[MD5.BD708EBEDB35E474F1A19747154ACC47] – 12/11/2014 – 07:47:53 —A- . (.Microsoft Corporation – Microsoft SmartScreen Filter.) — C:WindowsSystem32ieapfltr.dll [799232]
O44 – LFC:[MD5.1E30BECF0DB35481588FB72C9CF97CA2] – 12/11/2014 – 07:47:54 —A- . (.Microsoft Corporation – Microsoft Feeds Manager.) — C:WindowsSystem32msfeeds.dll [800768]
O44 – LFC:[MD5.E17C34BECCD1388E9B386A9F82F01222] – 12/11/2014 – 07:47:55 —A- . (.Microsoft Corporation – IE ETW Collector Service Resources.) — C:WindowsSystem32ieetwcollectorres.dll [4096]
O44 – LFC:[MD5.C6A719FD0B07B2DD0ADACD07636F4BAD] – 12/11/2014 – 07:47:55 —A- . (.Microsoft Corporation – Microsoft Spell Checking Facility.) — C:WindowsSystem32MsSpellCheckingFacility.exe [968704]
O44 – LFC:[MD5.56651A76C63DAF2C593F1F767FC8A856] – 12/11/2014 – 07:47:57 —A- . (.Microsoft Corporation – Extensions OLE32 pour Win32.) — C:WindowsSystem32urlmon.dll [1550336]
O44 – LFC:[MD5.33098C85B789630865CD3F5D22FB0DFC] – 12/11/2014 – 07:48:01 —A- . (.Microsoft Corporation – JavaScript Performance Collection Agent.) — C:WindowsSystem32JavaScriptCollectionAgent.dll [77824]
O44 – LFC:[MD5.1F3794CE1AEA5DA12ACF90210EAE4ECB] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – IE ETW Collector Proxy Stub Resources.) — C:WindowsSystem32ieetwproxystub.dll [48640]
O44 – LFC:[MD5.7293701905DF1F40760C851F20DDC9EC] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – IE ETW Collector Service.) — C:WindowsSystem32ieetwcollector.exe [114688]
O44 – LFC:[MD5.854B230F5D77486B67D809FFB8A10C7E] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – Microsoft® MSHTML Typelib.) — C:WindowsSystem32mshtml.tlb [2724864]
O44 – LFC:[MD5.26BC4EC95E363DD59171710E22108F15] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – Traitement de RunOnce complet avec interfac.) — C:WindowsSystem32iernonce.dll [34304]
O44 – LFC:[MD5.4E47ABA3C6C5032446A2AF7EFD026037] – 12/11/2014 – 07:48:03 —A- . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Expl.) — C:WindowsSystem32ie4uinit.exe [716800]
O44 – LFC:[MD5.7184AEACDA13E64B10F84E9DD79C8A01] – 12/11/2014 – 07:48:09 —A- . (.Microsoft Corporation – DLL des événements d’audit de la sécurité.) — C:WindowsSystem32msaudite.dll [146432]
O44 – LFC:[MD5.58F87BF5659C8EBC61EB439C916F2F9A] – 12/11/2014 – 07:48:11 —A- . (.Microsoft Corporation – DLL du schéma d’audit de sécurité.) — C:WindowsSystem32adtschema.dll [681984]
O44 – LFC:[MD5.C4C1B73FC2FF151BA08E1EAFDE2A2FAF] – 12/11/2014 – 07:48:11 —A- . (.Microsoft Corporation – DLL serveur LSA.) — C:WindowsSystem32lsasrv.dll [1460736]
O44 – LFC:[MD5.41774FF331F609EF442B7398EE6202B1] – 12/11/2014 – 07:48:11 —A- . (.Microsoft Corporation – Kernel Security Support Provider Interface.) — C:WindowsSystem32Driversksecpkg.sys [155064]
O44 – LFC:[MD5.008CD4EBFABCF78D0F19B3778492648C] – 12/11/2014 – 07:48:12 —A- . (.Microsoft Corporation – Gestionnaire des connexions distantes du se.) — C:WindowsSystem32termsrv.dll [683520]
O44 – LFC:[MD5.6021CF6A11DE9B5FC1BD210B6855C497] – 12/11/2014 – 07:48:13 —A- . (.Microsoft Corporation – Application Experience Program Inventory Co.) — C:WindowsSystem32aeinv.dll [424448]
O44 – LFC:[MD5.9F1FA4F36406693C77CC5779AA7E532D] – 12/11/2014 – 07:48:14 —A- . (.Microsoft Corporation – Mise à jour des données de compatibilité de.) — C:WindowsSystem32aepdu.dll [228864]
O44 – LFC:[MD5.F992AAE3F2DF1D7D2A75B681B0C5280E] – 12/11/2014 – 07:48:15 —A- . (.Microsoft Corporation – General Telemetry.) — C:WindowsSystem32generaltel.dll [304640]
O44 – LFC:[MD5.D92FB5770CBDE049A4732B76A77F6864] – 13/11/2014 – 01:06:06 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32MRT.exe [103374192]
O44 – LFC:[MD5.2C9EA95BE71D6C24A7B25774B577484A] – 13/11/2014 – 08:10:31 —A- . (…) — C:WindowsSystem32FNTCACHE.DAT [480504]
O44 – LFC:[MD5.83CA6203E1C69DEFE6CDE3A833DB01F4] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1669584]
O44 – LFC:[MD5.85BF0E329F34DDF87A6CAA3B981D1FBB] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfc009.dat [122336]
O44 – LFC:[MD5.9C98BD0F0BFF24FFA314112DC185A0BF] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfc00C.dat [150386]
O44 – LFC:[MD5.0EA1704483F3FB739E9B370643D68314] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfh009.dat [654464]
O44 – LFC:[MD5.DDBA87A0128051396D56FD67F31B8966] – 21/11/2014 – 13:32:13 —A- . (…) — C:WindowsSystem32perfh00C.dat [747894]
O44 – LFC:[MD5.E7F977C266C1DF2DA7117A52441EBCF6] – 21/11/2014 – 14:24:36 —A- . (…) — C:WindowsPFRO.log [6006]
O44 – LFC:[MD5.E8D8501D471B93E97557EED394C440A8] – 21/11/2014 – 14:24:38 —A- . (…) — C:Windowssetupact.log [5924]
O44 – LFC:[MD5.CB65F207405A2B479136BF2ADF13D209] – 21/11/2014 – 14:24:38 -S-A- . (…) — C:Windowsbootstat.dat [67584]
O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 21/11/2014 – 14:30:31 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
O44 – LFC:[MD5.7DEF2E0FCD19BB030F52C5739755EF0B] – 21/11/2014 – 14:30:41 —A- . (…) — C:WindowsWindowsUpdate.log [1517284]
O44 – LFC:[MD5.1C216980E7D21100A357B52B3C45F78D] – 7/11/2014 – 20:49:08 —A- . (.Microsoft Corporation – Personnalisation d’IEAK.) — C:WindowsSystem32iedkcs32.dll [388272]
O44 – LFC:[MD5.88F06328527A204A5F4EA75A42067ED1] – 9/11/2014 – 21:30:23 –HA- . (…) — C:WindowsSystem32GelSprinter GX e2600.CAC [559]
~ Files: 71 Scanned in 00mn 16s[/spoiler:1u54s8t0] -
ZHPDiag: (partie3)
[spoiler:3h92hqo9]—\ Déni du service (Local Security Authority) (O48)
O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corp. – LiveSSP.) — C:WindowsSystem32livessp.dll
~ LSA: 9 Scanned in 00mn 00s—\ Contrôle du Safe Boot (CSB) (O49)
O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (.Microsoft Corporation – RDP Encoder Miniport.) — C:WindowsSystem32Driversrdpencdd.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
~ CSB: 13 Scanned in 00mn 00s—\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s—\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 – SMSR:HKLM…startupregACMON [Key] . (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe
O53 – SMSR:HKLM…startupregAdobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe
O53 – SMSR:HKLM…startupregASUS Screen Saver Protector [Key] . (.ASUS – AsScrPro.) — C:WindowsAsScrPro.exe
O53 – SMSR:HKLM…startupregCLMLServer [Key] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
O53 – SMSR:HKLM…startupregRTHDVCPL [Key] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
~ SMSR Keys: 5 Scanned in 00mn 00s—\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
~ MSCP: 2 Scanned in 00mn 00s—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=5
O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=3
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPath”=1
~ MWPS: 17 Scanned in 00mn 00s—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKCU…policiesExplorer] – “NoDriveAutoRun”=0
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktop”=1
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
O56 – MWPE:[HKLM…policiesExplorer] – “ForceActiveDesktopOn”=0
~ MWPE Keys: 4 Scanned in 00mn 00s—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:21/08/2014 – 01:51:38 —A- . (.Advanced Card Systems Ltd. – PCSC/CCID IFD Handler.) — C:WindowsSystem32Driversa38usb.sys [62848]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [491088]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SATA Storport Driver.) — C:WindowsSystem32Driversadpahci.sys [339536]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec StorPort Ultra320 SCSI Driver (X64).) — C:WindowsSystem32Driversadpu320.sys [182864]
O58 – SDL:10/06/2009 – 22:01:06 —A- . (.LSI Corp – SoftModem Device Driver.) — C:WindowsSystem32Driversagrsm64.sys [1146880]
O58 – SDL:29/02/2012 – 19:08:34 —A- . (.ASUSTek Computer Inc. – ASUS Charger driver.) — C:WindowsSystem32DriversAiCharger.sys [17152]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Acer Laboratories Inc. – ALi mini IDE Driver.) — C:WindowsSystem32Driversaliide.sys [15440]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.Advanced Micro Devices – AHCI 1.2 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [107904]
O58 – SDL:14/07/2009 – 02:52:20 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [194128]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [27008]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec RAID Storport Driver.) — C:WindowsSystem32Driversarc.sys [87632]
O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [97856]
O58 – SDL:21/12/2011 – 22:15:56 —A- . (.Windows (R) Win 7 DDK provider – ASUS Virtual Bus.) — C:WindowsSystem32DriversAsusVBus.sys [35968]
O58 – SDL:8/11/2011 – 03:48:28 —A- . (.Windows (R) Win 7 DDK provider – ASUS HID mini driver for Virtual Touch Device.) — C:WindowsSystem32DriversAsusVTouch.sys [16512]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [29208] =>.ALWIL Software
O58 – SDL:11/07/2014 – 10:34:43 —A- . (.AVAST Software – avast! File System Minifilter for Windows 2003/Vista.) — C:WindowsSystem32DriversaswMonFlt.sys [79184]
O58 – SDL:11/07/2014 – 10:34:42 —A- . (.AVAST Software – avast! WFP Redirect Driver.) — C:WindowsSystem32DriversaswRdr2.sys [93568]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65776] =>.ALWIL Software
O58 – SDL:11/07/2014 – 10:34:43 —A- . (.AVAST Software – avast! Virtualization Driver.) — C:WindowsSystem32Driversaswsnx.sys [1041168]
O58 – SDL:11/07/2014 – 10:34:54 —A- . (.AVAST Software – avast! self protection module.) — C:WindowsSystem32Driversaswsp.sys [427360]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (.AVAST Software – Stream Filter.) — C:WindowsSystem32Driversaswstm.sys [92008]
O58 – SDL:11/07/2014 – 10:34:43 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [224896] =>.ALWIL Software
O58 – SDL:28/12/2011 – 05:44:26 —A- . (.Atheros Communications, Inc. – Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32Driversathrx.sys [2797056]
O58 – SDL:10/06/2009 – 21:34:23 —A- . (.Broadcom Corporation – Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) — C:WindowsSystem32Driversb57nd60a.sys [270848]
O58 – SDL:10/06/2009 – 21:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) — C:WindowsSystem32DriversBrFiltLo.sys [18432]
O58 – SDL:10/06/2009 – 21:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) — C:WindowsSystem32DriversBrFiltUp.sys [8704]
O58 – SDL:14/07/2009 – 02:19:07 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32DriversBrSerId.sys [286720]
O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother Serial driver (WDM version).) — C:WindowsSystem32DriversBrSerWdm.sys [47104]
O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother USB MDM Driver.) — C:WindowsSystem32DriversBrUsbMdm.sys [14976]
O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother USB Serial Driver.) — C:WindowsSystem32DriversBrUsbSer.sys [14720]
O58 – SDL:29/12/2011 – 23:16:18 —A- . (.Atheros – Atheros A2DP driver.) — C:WindowsSystem32Driversbtath_a2dp.sys [338592]
O58 – SDL:29/12/2011 – 23:16:36 —A- . (.Atheros – Atheros Bluetooth AVDT driver.) — C:WindowsSystem32Driversbtath_avdt.sys [110752]
O58 – SDL:29/12/2011 – 23:16:54 —A- . (.Atheros – Atheros BUS driver.) — C:WindowsSystem32Driversbtath_bus.sys [30368]
O58 – SDL:29/12/2011 – 23:17:06 —A- . (.Atheros – Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_flt.sys [36000]
O58 – SDL:29/12/2011 – 23:17:24 —A- . (.Atheros – Atheros HCRP driver.) — C:WindowsSystem32Driversbtath_hcrp.sys [167584]
O58 – SDL:29/12/2011 – 23:17:54 —A- . (.Atheros – Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_lwflt.sys [68256]
O58 – SDL:29/12/2011 – 23:18:06 —A- . (.Atheros – Atheros AVRCP driver.) — C:WindowsSystem32Driversbtath_rcp.sys [280992]
O58 – SDL:29/12/2011 – 23:18:54 —A- . (.Atheros – BtFilter Driver.) — C:WindowsSystem32Driversbtfilter.sys [548000]
O58 – SDL:10/06/2009 – 21:34:28 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [468480]
O58 – SDL:14/07/2009 – 02:52:31 —A- . (.CMD Technology, Inc. – CMD PCI IDE Bus Driver.) — C:WindowsSystem32Driverscmdide.sys [17488]
O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
O58 – SDL:19/02/2012 – 19:16:24 —A- . (.ELAN Microelectronics Corp. – ETD Kernel Center.) — C:WindowsSystem32DriversETD.sys [200488]
O58 – SDL:10/06/2009 – 21:34:33 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3286016]
O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
O58 – SDL:17/07/2012 – 18:12:08 —A- . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversHECIx64.sys [62784]
O58 – SDL:20/11/2010 – 14:33:36 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [78720]
O58 – SDL:29/11/2011 – 12:40:32 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver – x64.) — C:WindowsSystem32DriversiaStor.sys [568600]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [410496]
O58 – SDL:14/12/2012 – 02:42:22 —A- . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd64.sys [5353888]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.Intel Corp./ICP vortex GmbH – Intel/ICP Raid Storport Driver.) — C:WindowsSystem32Driversiirsp.sys [44112]
O58 – SDL:6/12/2011 – 12:23:10 —A- . (.Intel(R) Corporation – Intel(R) Display Audio Driver.) — C:WindowsSystem32DriversIntcDAud.sys [331264]
O58 – SDL:27/02/2012 – 12:01:00 —A- . (.Intel Corporation – Intel(R) USB 3.0 Host Controller Switch Driver.) — C:WindowsSystem32Driversiusb3hcs.sys [16152]
O58 – SDL:27/02/2012 – 12:01:00 —A- . (.Intel Corporation – Intel(R) USB 3.0 Hub Driver.) — C:WindowsSystem32Driversiusb3hub.sys [356120]
O58 – SDL:27/02/2012 – 12:01:00 —A- . (.Intel Corporation – Intel(R) USB 3.0 eXtensible Host Controller Driver.) — C:WindowsSystem32Driversiusb3xhc.sys [788760]
O58 – SDL:20/07/2009 – 10:29:40 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [15416]
O58 – SDL:10/06/2009 – 21:34:18 —A- . (.Atheros Communications, Inc. – Atheros L1c PCI-E Gigabit Ethernet Controller.) — C:WindowsSystem32DriversL1C62x64.sys [57344]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT FC Driver (StorPort).) — C:WindowsSystem32Driverslsi_fc.sys [114752]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [106560]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [65600]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SCSI Driver (StorPort).) — C:WindowsSystem32Driverslsi_scsi.sys [115776]
O58 – SDL:17/06/2013 – 08:42:50 —A- . (.National Instruments Corporation – LabVIEW Timed Loop Scheduler's Kernel/User Mode Pipe.) — C:WindowsSystem32Driverslvalarmk.sys [27528]
O58 – SDL:1/10/2014 – 10:11:12 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
O58 – SDL:1/10/2014 – 10:11:16 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
O58 – SDL:21/11/2014 – 14:30:31 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows 7Server 2008 R2 for.) — C:WindowsSystem32Driversmegasas.sys [35392]
O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32DriversMegaSR.sys [284736]
O58 – SDL:1/10/2014 – 10:11:26 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [63704]
O58 – SDL:14/07/2009 – 02:48:26 —A- . (.IBM Corporation – IBM ServeRAID Controller Driver.) — C:WindowsSystem32Driversnfrd960.sys [51264]
O58 – SDL:12/02/2013 – 10:09:00 —A- . (.National Instruments Corporation – 1006 Chassis Component.) — C:WindowsSystem32Driversni1006k.sys [30800]
O58 – SDL:12/02/2013 – 10:09:02 —A- . (.National Instruments Corporation – 1045 Chassis Component.) — C:WindowsSystem32Driversni1045kl.sys [12984]
O58 – SDL:12/02/2013 – 10:09:04 —A- . (.National Instruments Corporation – 1065 Chassis Component.) — C:WindowsSystem32Driversni1065k.sys [27832]
O58 – SDL:23/07/2012 – 19:41:06 —A- . (.National Instruments Corporation – NI cDAQ Common Components.) — C:WindowsSystem32Driversnicdcckl.sys [12992]
O58 – SDL:21/07/2011 – 13:48:16 —A- . (.National Instruments Corporation – NI Common Digital Runtime.) — C:WindowsSystem32Driversnicdrkl.sys [11864]
O58 – SDL:25/06/2013 – 14:27:30 —A- . (.National Instruments Corporation – NI Conditioned Measurements Runtime.) — C:WindowsSystem32Driversnicmrkl.sys [13456]
O58 – SDL:25/06/2013 – 14:27:38 —A- . (.National Instruments Corporation – NI Condor Runtime.) — C:WindowsSystem32Driversnicondrkl.sys [13416]
O58 – SDL:25/06/2013 – 14:27:16 —A- . (.National Instruments Corporation – NI C Series Runtime.) — C:WindowsSystem32Driversnicsrkl.sys [15176]
O58 – SDL:28/06/2012 – 16:44:32 —A- . (.National Instruments Corporation – NI Device Interconnect Manager.) — C:WindowsSystem32Driversnidimkl.sys [13000]
O58 – SDL:4/03/2013 – 13:44:58 —A- . (.National Instruments Corporation – NI-DAQmx Framework.) — C:WindowsSystem32Driversnidmxfkl.sys [13416]
O58 – SDL:13/02/2013 – 09:46:02 —A- . (.National Instruments Corporation – NI DSA Runtime Component.) — C:WindowsSystem32Driversnidsarkl.sys [13432]
O58 – SDL:12/01/2012 – 16:20:58 —A- . (.National Instruments Corporation – NI Ethernet Device Enumerator Driver.) — C:WindowsSystem32Driversniede.sys [38064]
O58 – SDL:25/06/2013 – 14:28:18 —A- . (.National Instruments Corporation – NI Embedded Runtime.) — C:WindowsSystem32Driversniemrkl.sys [15176]
O58 – SDL:25/06/2013 – 14:29:14 —A- . (.National Instruments Corporation – NI E Series Runtime.) — C:WindowsSystem32Driversniesrkl.sys [15176]
O58 – SDL:13/02/2013 – 13:10:32 —A- . (.National Instruments Corporation – NI Fusion Standard Library.) — C:WindowsSystem32Driversnifslkl.sys [13432]
O58 – SDL:28/06/2012 – 16:26:46 —A- . (.National Instruments Corporation – NI Measurements DeBuG Library.) — C:WindowsSystem32Driversnimdbgkl.sys [13000]
O58 – SDL:28/06/2012 – 18:17:38 —A- . (.National Instruments Corporation – NI Measurement Routing Utilities.) — C:WindowsSystem32Driversnimru2kl.sys [13008]
O58 – SDL:4/03/2013 – 13:43:24 —A- . (.National Instruments Corporation – NI Measurements Streaming DMA Runtime Component.) — C:WindowsSystem32Driversnimsdrkl.sys [13480]
O58 – SDL:4/03/2013 – 13:46:08 —A- . (.National Instruments Corporation – NI Measurements Status Component.) — C:WindowsSystem32Driversnimstskl.sys [13448]
O58 – SDL:28/06/2012 – 17:47:16 —A- . (.National Instruments Corporation – NI mx Driver Framework.) — C:WindowsSystem32Driversnimxdfkl.sys [12984]
O58 – SDL:4/03/2013 – 13:46:16 —A- . (.National Instruments Corporation – NI Measurements eXtensions for PAL.) — C:WindowsSystem32Driversnimxpkl.sys [13448]
O58 – SDL:9/10/2012 – 09:50:36 —A- . (.National Instruments Corporation – NI 6535-7 Driver for DAQmx (a).) — C:WindowsSystem32Driversninshsdkl.sys [13000]
O58 – SDL:28/06/2012 – 15:23:58 —A- . (.National Instruments Corporation – NI Object Request Broker.) — C:WindowsSystem32Driversniorbkl.sys [12992]
O58 – SDL:19/12/2012 – 22:11:28 —A- . (.National Instruments Corporation – NI-PAL 1394 Export Driver for Windows.) — C:WindowsSystem32Driversnipalfwed.sys [42792]
O58 – SDL:19/12/2012 – 22:11:54 —A- . (.National Instruments Corporation – NI-PAL 1394 Legacy Wrapper Driver for Windows.) — C:WindowsSystem32Driversnipalfwedl.sys [13624] =>PUP.weDownloadManager
O58 – SDL:19/12/2012 – 21:55:28 —A- . (.National Instruments Corporation – NI-PAL Driver for Windows.) — C:WindowsSystem32Driversnipalk.sys [926992]
O58 – SDL:19/12/2012 – 22:09:42 —A- . (.National Instruments Corporation – NI-PAL USB Export Driver for Windows.) — C:WindowsSystem32Driversnipalusbed.sys [71976]
O58 – SDL:19/12/2012 – 22:10:16 —A- . (.National Instruments Corporation – NI-PAL USB Legacy Wrapper Driver for Windows.) — C:WindowsSystem32Driversnipalusbedl.sys [13624]
O58 – SDL:18/12/2012 – 09:40:34 —A- . (.National Instruments Corporation – NI PCI Bridge Class Filter.) — C:WindowsSystem32Driversnipbcfk.sys [16984]
O58 – SDL:11/02/2013 – 10:27:04 —A- . (.National Instruments Corporation – National Instruments PXI Bridge Access Filter Driver.) — C:WindowsSystem32Driversnipxibaf.sys [87288]
O58 – SDL:6/03/2013 – 11:13:18 —A- . (.National Instruments Corporation – National Instruments PXI Bridge Configuration Filter Driver.) — C:WindowsSystem32Driversnipxibrc.sys [70336]
O58 – SDL:9/08/2011 – 15:18:20 —A- . (.National Instruments Corporation – Generic PXI Chassis Pilot.) — C:WindowsSystem32Driversnipxigpk.sys [22680]
O58 – SDL:14/03/2013 – 16:32:46 —A- . (.National Instruments Corporation – NI PXI Resource Manager.) — C:WindowsSystem32Driversnipxirmkl.sys [13432]
O58 – SDL:25/06/2013 – 14:28:42 —A- . (.National Instruments Corporation – NI Raptor Runtime.) — C:WindowsSystem32Driversniraptrkl.sys [15176]
O58 – SDL:25/06/2013 – 14:28:42 —A- . (.National Instruments Corporation – NI Raptor Runtime.) — C:WindowsSystem32Driversniraptrkw.sys [14664]
O58 – SDL:7/03/2012 – 20:07:52 —A- . (.National Instruments Corporation – NI Signal Conditioning Driver Component.) — C:WindowsSystem32Driversniscdkl.sys [12984]
O58 – SDL:2/07/2012 – 16:17:36 —A- . (.National Instruments Corporation – NI Static Digital Component.) — C:WindowsSystem32Driversnisdigkl.sys [12960]
O58 – SDL:1/06/2012 – 13:43:02 —A- . (.National Instruments Corporation – NI-6533/4 Device Driver.) — C:WindowsSystem32Driversnisftkl.sys [12952]
O58 – SDL:30/01/2013 – 20:52:38 —A- . (.National Instruments Corporation – National Instruments SMBus Export Driver.) — C:WindowsSystem32Driversnismbusw.sys [98968]
O58 – SDL:7/03/2012 – 20:21:02 —A- . (.National Instruments Corporation – NI Signal Conditioning Driver Component.) — C:WindowsSystem32Driversnispdkl.sys [12984]
O58 – SDL:25/06/2013 – 14:29:14 —A- . (.National Instruments Corporation – NI S Series Runtime.) — C:WindowsSystem32Driversnissrkl.sys [15176]
O58 – SDL:5/01/2009 – 09:19:30 —A- . (.National Instruments Corporation – NI STC2.) — C:WindowsSystem32Driversnistc2kl.sys [11824]
O58 – SDL:7/02/2013 – 16:24:36 —A- . (.National Instruments Corporation – NI STC3 Runtime.) — C:WindowsSystem32Driversnistc3rkl.sys [13416]
O58 – SDL:18/07/2011 – 18:33:10 —A- . (.National Instruments Corporation – NI STC Counter Runtime Library.) — C:WindowsSystem32Driversnistcrkl.sys [12968]
O58 – SDL:24/05/2013 – 14:15:32 —A- . (.National Instruments Corporation – NI Switch Drivers.) — C:WindowsSystem32Driversniswdkl.sys [15176]
O58 – SDL:7/02/2013 – 15:18:28 —A- . (.National Instruments Corporation – NI TIO Counter Runtime Library.) — C:WindowsSystem32Driversnitiorkl.sys [13440]
O58 – SDL:8/10/2012 – 13:01:02 —A- . (.National Instruments Corporation – NI Umber Firmware Updater Runtime.) — C:WindowsSystem32Driversniufurkl.sys [13008]
O58 – SDL:8/10/2012 – 13:01:02 —A- . (.National Instruments Corporation – NI Umber Firmware Updater Runtime.) — C:WindowsSystem32Driversniufurkw.sys [12496]
O58 – SDL:25/06/2013 – 14:29:14 —A- . (.National Instruments Corporation – NI AO Series Runtime.) — C:WindowsSystem32Driversniwfrkl.sys [15176]
O58 – SDL:25/06/2013 – 14:28:18 —A- . (.National Instruments Corporation – NI M Series Runtime.) — C:WindowsSystem32Driversnixsrkl.sys [15176]
O58 – SDL:8/04/2013 – 13:32:26 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 311.44.) — C:WindowsSystem32Driversnvlddmkm.sys [11077920]
O58 – SDL:8/04/2013 – 13:32:30 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 311.44.) — C:WindowsSystem32Driversnvpciflt.sys [30496]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [148352]
O58 – SDL:24/02/2012 – 01:56:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [166272]
O58 – SDL:14/07/2009 – 02:45:46 —A- . (.QLogic Corporation – QLogic Fibre Channel Stor Miniport Driver.) — C:WindowsSystem32Driversql2300.sys [1524816]
O58 – SDL:14/07/2009 – 02:45:45 —A- . (.QLogic Corporation – QLogic iSCSI Storport Miniport Driver.) — C:WindowsSystem32Driversql40xx.sys [128592]
O58 – SDL:29/09/2011 – 10:30:34 —A- . (.Realtek – Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) — C:WindowsSystem32DriversRt64win7.sys [646248]
O58 – SDL:27/12/2011 – 14:12:22 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [4727656]
O58 – SDL:17/08/2011 – 07:27:06 —A- . (.Realtek Semiconductor Corp. – Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) — C:WindowsSystem32DriversRtsUStor.sys [251496]
O58 – SDL:10/06/2009 – 21:37:19 —A- . (…) — C:WindowsSystem32Driverssecdrv.sys [23040]
O58 – SDL:10/06/2009 – 21:35:57 —A- . (.Silicon Integrated Systems Corp. – NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device.) — C:WindowsSystem32DriversSiSG664.sys [56832]
O58 – SDL:14/07/2009 – 02:45:45 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [43584]
O58 – SDL:14/07/2009 – 02:45:46 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [80464]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
O58 – SDL:18/12/2013 – 17:19:54 —A- . (.Oracle Corporation – VirtualBox Support Driver.) — C:WindowsSystem32DriversVBoxDrv.sys [252688]
O58 – SDL:18/12/2013 – 17:16:44 —A- . (.Oracle Corporation – VirtualBox Host-Only Network Adapter Driver.) — C:WindowsSystem32DriversVBoxNetAdp.sys [140560]
O58 – SDL:18/12/2013 – 17:16:44 —A- . (.Oracle Corporation – VirtualBox Bridged Networking Driver.) — C:WindowsSystem32DriversVBoxNetFlt.sys [154896]
O58 – SDL:18/12/2013 – 17:16:44 —A- . (.Oracle Corporation – VirtualBox USB Monitor Driver.) — C:WindowsSystem32DriversVBoxUSBMon.sys [126736]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [17488]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [161872]
O58 – SDL:28/12/2011 – 05:44:26 —A- . (.Atheros Communications, Inc. – Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32athrx.sys [2797056]
O58 – SDL:29/02/2012 – 19:08:34 —A- . (.ASUSTek Computer Inc. – ASUS Charger driver.) — C:WindowsSysWOW64driversAiCharger.sys [17152]
O58 – SDL:8/10/2002 – 00:07:38 R–A- . (…) — C:WindowsSysWOW64driversSECDRV.SYS [11376]
~ Drivers: 141 Scanned in 00mn 05s—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 14/11/2014 – 15:02:54 —A- . (…) — C:UsersSimonAppDataLocalGoogleChromeUser DataWidevineCDM1.4.6.703_platform_specificwin_x86widevinecdmadapter.dll [146760]
O61 – LFC: 15/11/2014 – 15:02:54 —A- . (…) — C:UsersSimonAppDataLocalGoogleChromeUser Datanacl_validation_cache.bin [524]
O61 – LFC: 18/11/2014 – 15:02:58 —A- . (…) — C:UsersSimonAppDataLocalLowSunJavajre1.7.0_71lzma.exe [145408]
O61 – LFC: 19/11/2014 – 15:02:54 —A- . (…) — C:UsersSimonAppDataLocalGoogleChromeUser DataEVWhitelist4_platform_specificallev_hashes_whitelist.bin [713907]
O61 – LFC: 21/11/2014 – 15:02:57 —A- . (…) — C:UsersSimonAppDataLocalTempdropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprnpmlb.dll [43008]
O61 – LFC: 21/11/2014 – 15:02:58 —A- . (…) — C:UsersSimonAppDataLocalTempnss89A.tmpDropboxNSISTools.dll [68096]
O61 – LFC: 21/11/2014 – 15:02:58 —A- . (…) — C:UsersSimonAppDataLocalTempnss89A.tmpUAC.dll [30208]
O61 – LFC: 21/11/2014 – 15:03:16 —A- . (…) — C:UsersSimonAppDataRoamingsp_data.sys [380]
O61 – LFC: 21/11/2014 – 15:03:16 —A- . (…) — C:UsersSimonDesktopAdwCleaner.exe [2140160]
~ 141 Fichiers temporaires (Temporary files)
~ 6 Fichiers cookies (Cookies files)
~ Files: 9 Scanned in 00mn 37s—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 3/07/2009 – C:Program Files (x86)ASUSATK PackageATKGFNEXASMMAP64.sys (ASMMAP64) .(.ASUS – Memory mapping Driver.) – LEGACY_ASMMAP64
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswMonFlt.sys (aswMonFlt) .(.AVAST Software – avast! File System Minifilter for Windows 2.) – LEGACY_ASWMONFLT
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswRdr2.sys (aswRdr) .(.AVAST Software – avast! WFP Redirect Driver.) – LEGACY_ASWRDR
O64 – Services: CurCS – 11/07/2014 – C:WindowsSystem32DriversaswRvrt.sys (aswRvrt) .(…) – LEGACY_ASWRVRT
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswSnx.sys (aswSnx) .(.AVAST Software – avast! Virtualization Driver.) – LEGACY_ASWSNX
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswSP.sys (aswSP) .(.AVAST Software – avast! self protection module.) – LEGACY_ASWSP
O64 – Services: CurCS – 11/07/2014 – C:Windowssystem32driversaswStm.sys (aswStm) .(.AVAST Software – Stream Filter.) – LEGACY_ASWSTM
O64 – Services: CurCS – 11/07/2014 – C:WindowsSystem32DriversaswVmm.sys (aswVmm) .(…) – LEGACY_ASWVMM
O64 – Services: CurCS – 7/09/2011 – C:Program Files (x86)ASUSATK PackageATK WMIACPIatkwmiacpi64.sys (ATKWMIACPIIO) .(.ASUS – ATK WMIACPI Utility.) – LEGACY_ATKWMIACPIIO
O64 – Services: CurCS – 27/02/2012 – C:WindowsSystem32DRIVERSiusb3hcs.sys (iusb3hcs) .(.Intel Corporation – Intel(R) USB 3.0 Host Controller Switch Dri.) – LEGACY_IUSB3HCS
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnidimkl.sys (nidimk) .(.National Instruments Corporation – NI Device Interconnect Manager.) – LEGACY_NIDIMK
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnimdbgkl.sys (nimdbgk) .(.National Instruments Corporation – NI Measurements DeBuG Library.) – LEGACY_NIMDBGK
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnimru2kl.sys (nimru2k) .(.National Instruments Corporation – NI Measurement Routing Utilities.) – LEGACY_NIMRU2K
O64 – Services: CurCS – 28/06/2012 – C:Windowssystem32driversnimxdfkl.sys (nimxdfk) .(.National Instruments Corporation – NI mx Driver Framework.) – LEGACY_NIMXDFK
O64 – Services: CurCS – 19/12/2012 – C:WindowsSystem32driversnipalk.sys (NIPALK) .(.National Instruments Corporation – NI-PAL Driver for Windows.) – LEGACY_NIPALK
O64 – Services: CurCS – 14/03/2013 – C:Windowssystem32driversnipxirmkl.sys (nipxirmk) .(.National Instruments Corporation – NI PXI Resource Manager.) – LEGACY_NIPXIRMK
O64 – Services: CurCS – 18/12/2013 – C:WindowsSystem32DRIVERSVBoxDrv.sys (VBoxDrv) .(.Oracle Corporation – VirtualBox Support Driver.) – LEGACY_VBOXDRV
O64 – Services: CurCS – 18/12/2013 – C:WindowsSystem32DRIVERSVBoxUSBMon.sys (VBoxUSBMon) .(.Oracle Corporation – VirtualBox USB Monitor Driver.) – LEGACY_VBOXUSBMON
~ Legacy: 103 Scanned in 00mn 00s—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s—\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {F77847E6-BA53-4002-BED8-3B63DAFA8405} – (Google) – http://www.google.be” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s—\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [72192]
O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [236032]
O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [777728]
O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [859648]
O83 – Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32Audiosrv.dll [680960]
O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [99328]
O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire de connexions d’accès distant.) — C:WindowsSystem32rasmans.dll [344064]
O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [97792]
O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [64512]
O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [359424]
O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [316928]
O83 – Search Svchost Services: TermService (TermService) . (.Microsoft Corporation – Gestionnaire des connexions distantes du serveur hôte de session Burea.) — C:WindowsSystem32termsrv.dll [683520]
O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [2477536]
O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [849920]
O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [370688]
O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [569344]
O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [70144]
O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [156672]
O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [67584]
O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [242688]
O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [121856]
O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [136704]
O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [111104]
O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1110016]
O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [90624]
O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [84480]
O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [209920]
O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [44544]
O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][6/10/2010] (…) — C:ProgramDataFullRemove.exe [131984]
[MD5.51687E46B122CAFBD9BA6BF8480E913C] [SPRF][21/11/2014] (…) — C:UsersSimonAppDataRoamingsp_data.sys [380]
[MD5.6504113C2218667814D4F54847BA046A] [SPRF][21/11/2014] (.Pas de propriétaire – Aut2Exe.) — C:UsersSimonDesktopAdwCleaner.exe [2140160]
[MD5.33398D340008A0577507FCA7FD443622] [SPRF][19/10/2014] (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:UsersSimonDesktopmbam-setup-2.0.3.1025.exe [19828376]
[MD5.3C166BAE84553D4CB27AF8ABDC61712D] [SPRF][2/09/2013] (…) — C:UsersSimonDesktopMinecraft.exe [675988]
[MD5.3D451F62411C7E1758924458A69703C1] [SPRF][19/10/2014] (.Nicolas Coolman – ZHPDiag Setup.) — C:UsersSimonDesktopZHPDiag2.exe [6862284]
~ Files: 6 Scanned in 00mn 01s—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 – PUC: “537E56336A8449149988EC95CAA55E30” . (.Bing Bar.) — C:WindowsInstaller{3365E735-48A6-4194-9988-CE59AC5AE503}icon_installer_ico =>Toolbar.Bing
~ Update Products: 1 Scanned in 00mn 01s—\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 – MNS: ASUS WebStorage Drive – {d6044399-0b9e-4084-a9ac-c4b7c7800fcf}
~ MNS: 1 Scanned in 00mn 00s—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.5D3A30ADD585A102F1B60C0BA313ECEE] [WIS][11/03/2014] (.Microsoft Corporation – Bing Bar.) — C:WindowsInstallercadd3.msi [741376] =>Toolbar.Bing
~ WIS: 1 Scanned in 00mn 09s—\ Recherche de clés de registre CLSID (O101)
[HKCRCLSID{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing
[HKCRCLSID{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing
~ BCK: 6321 Scanned in 00mn 14s—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 12/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
SS – | Auto 11/03/2014 193696 | (BBSvc) . (.Microsoft Corporation..) – C:Program Files (x86)MicrosoftBingBar7.3.132.0BBSvc.exe =>Toolbar.Bing
SS – | Demand 2/06/2013 49152 | (BEService) . (…) – C:Program Files (x86)Common FilesBattlEyeBEService.exe
SS – | Demand 28/03/2013 77352 | (CoordinatorServiceHost) . (.Dassault Systèmes SolidWorks Corp..) – C:Program FilesSolidWorks CorpSolidWorksswSchedulerDTSCoordinatorService.exe
SS – | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
SS – | Demand 1/03/2014 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) – C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
SS – | Demand 1/03/2014 1431888 | (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe
SS – | Auto 19/10/2014 107912 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 19/10/2014 107912 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 4/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
SS – | Demand 15/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
SS – | Disabled 8/06/2013 81248 | (NIApplicationWebServer64) . (.National Instruments Corporation.) – C:Program FilesNational InstrumentsSharedNI WebServerApplicationWebServer.exe
SS – | Demand 2/08/2010 1427688 | (NILM License Manager) . (.Macrovision Corporation.) – C:Program Files (x86)National InstrumentsSharedLicense ManagerBinlmgrd.exe
SS – | Auto 8/04/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
SS – | Demand 1/03/2014 79360 | (SolidWorks Licensing Service) . (.SolidWorks.) – C:Program Files (x86)Common FilesSolidWorks SharedServiceSolidWorksLicensing.exe
SS – | Demand 28/08/2014 833728 | (Steam Client Service) . (.Valve Corporation.) – C:Program Files (x86)Common FilesSteamSteamService.exe
SR – | Auto 4/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
SR – | Auto 4/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) – C:Windowssystem32FBAgent.exe
SR – | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
SR – | Auto 17/02/2012 277120 | (ASUS InstantOn) . (.ASUS.) – C:Program Files (x86)ASUSInstantOn for NBInsOnSrv.exe
SR – | Auto 29/12/2011 106144 | (AtherosSvc) . (.Atheros Commnucations.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
SR – | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
SR – | Auto 11/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SR – | Demand 11/03/2014 247968 | (BBUpdate) . (.Microsoft Corporation..) – C:Program Files (x86)MicrosoftBingBar7.3.132.0SeaPort.exe =>Toolbar.Bing
SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
SR – | Auto 3/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
SR – | Auto 21/02/2012 128280 | (Intel(R) ME Service) . (…) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
SR – | Auto 21/02/2012 161560 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
SR – | Auto 27/10/2010 695136 | (LkCitadelServer) . (.National Instruments, Inc..) – C:WindowsSysWOW64lkcitdl.exe
SR – | Auto 12/06/2013 53544 | (lkClassAds) . (.National Instruments Corporation.) – C:WindowsSysWOW64lkads.exe
SR – | Auto 12/06/2013 63792 | (lkTimeSync) . (.National Instruments Corporation.) – C:WindowsSysWOW64lktsrv.exe
SR – | Auto 28/02/2012 277784 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
SR – | Auto 10/06/2013 83768 | (mxssvr) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsMAXnimxs.exe
SR – | Auto 8/06/2013 57696 | (NIApplicationWebServer) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedNI WebServerApplicationWebServer.exe
SR – | Auto 4/03/2013 102040 | (nidevldu) . (.National Instruments Corporation.) – C:WindowsSysWOW64nidevldu.exe
SR – | Auto 12/06/2013 380720 | (NIDomainService) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedSecuritynidmsrv.exe
SR – | Auto 11/05/2013 260976 | (nimDNSResponder) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedmDNS RespondernimdnsResponder.exe
SR – | Auto 19/06/2013 176512 | (NINetworkDiscovery) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedNI Network DiscoveryniDiscSvc.exe
SR – | Auto 14/03/2013 19056 | (nipxirmu) . (.National Instruments Corporation.) – C:WindowsSysWOW64nipxism.exe
SR – | Auto 7/06/2013 90440 | (NiSvcLoc) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedniSvcLocnisvcloc.exe
SR – | Auto 8/06/2013 57680 | (NISystemWebServer) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedNI WebServerSystemWebServer.exe
SR – | Auto 14/06/2011 676016 | (NITaggerService) . (.National Instruments Corporation.) – C:Program Files (x86)National InstrumentsSharedTaggertagsrv.exe
SR – | Auto 14/03/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
SR – | Auto 28/02/2012 363800 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 29/12/2011 158880 | (ZAtheros Bt&Wlan Coex Agent) . (.Atheros.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
~ Services: Scanned in 00mn 16s—\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Simon at 21/11/2014 15:08:33
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s—\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
Run by Simon at 21/11/2014 15:08:35
********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s—\ Scan Additionnel (O88)
Database Version : 13026 – (18/10/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 7[HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^
[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{3365E735-48A6-4194-9988-CE59AC5AE503}] =>Toolbar.Bing^
[HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f} =>Toolbar.Bing^
C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_HP_rmv.job =>Toolbar.AVGSearch^
C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_HP_rmv =>Toolbar.AVGSearch^
C:WindowsTasksAVG-Secure-Search-Update_JUNE2013_TB_rmv.job =>Toolbar.AVGSearch^
C:WindowsSystem32TasksAVG-Secure-Search-Update_JUNE2013_TB_rmv =>Toolbar.AVGSearch^
C:WindowsInstallercadd3.msi =>Toolbar.Bing^
[HKCRCLSID{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar) =>Toolbar.Bing^
[HKCRCLSID{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper) =>Toolbar.Bing^
~ Additionnel Scan: 673004 Items scanned in 00mn 44s—\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/” onclick=”window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/” onclick=”window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Scanned in 00mn 00s—\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-wedownloadmanager” onclick=”window.open(this.href);return false; =>PUP.weDownloadManager
~ MSI: 1 link(s) detected in 00mn 00sEnd of the scan (1596 lines in 08mn 21s)(0)[/spoiler:3h92hqo9]
Merci d’avance pour vos conseils éclairés.
-
salut c’es du faux positif de la part d’avast , comme d’habitude….
-
AuteurMessages
Le sujet ‘Avast vs Evo-gen, et nettoyage éventuel’ est fermé à de nouvelles réponses.