15 sujets de 1 à 15 (sur un total de 23)
  • Auteur
    Messages
  • dariuss
    Participant
    Nombre d'articles : 49

    bonjour,

    je viens d’être contaminé par ce virus relativement stressant durant les premières secondes, pourriez-vous m’aidez à le virer?
    merci beaucoup :)

    je veux installer malwaebytes mais le programme me dit que ma version d’essai n’est plus valide…

    buckhulk
    Participant
    Nombre d'articles : 2398

    bonjour,
    tu vas passer Rkill et juste après Roguekiller :

    [center:3ex41hbt][/center:3ex41hbt]

    RKill
    RKill est un petit logiciel de secours, celui-ci permet de terminer les processus malveillants en cours et restaurer des clés importantes de la base de registre pour exécuter vos programmes.

    Téléchargement de RKill

    RKill ne va rien supprimer, il va uniquement tuer les processus qui empêchent d’utiliser des logiciels de sécurité comme votre antivirus ou vos logiciels anti-spywares.

    Dès qu’il a été exécuté un rapport va s’afficher, si RKill ne peut être utilisé, essayes RogueKiller. >> https://www.sosvirus.net/telecharger/roguekiller-64/?wpdmdl=5411

    [glow=red:3ex41hbt]Le tuto[/glow:3ex41hbt] https://www.sosvirus.net/roguekiller-tigzy-t82354.html
    Attention certains des liens ci-dessous peuvent être détectés par votre antivirus comme malveillant (c’est tout à fait normal), il faut donc désactiver celui-ci avant de les télécharger et de les utiliser.

    [center:3ex41hbt]
    Roguekiller
    [/center:3ex41hbt]

    RogueKiller est un outil (créé par Tigzy) permettant de tuer les processus appartenant à des rogues de manière automatique. Dans la mesure où certaines infections empêchent l’exécution des scans antivirus/antimalware habituels, cet outil est un outil préliminaire à un processus complet de désinfection.

    Roguekiller

    Ou >> Téléchargement : Roguekiller officiel

    Attention, afin d’éviter tout désagrément dû aux anciennes versions de Roguekiller, il est fortement recommandé d’utiliser le lien de téléchargement officiel de Roguekiller

    bien choisir sa version :

    1/ Quitter tous les programmes en cours.

    2/ Sous Vista/Seven, clique droit => Éxécuter en tant qu’administrateur

    3/ Sinon lancer simplement RogueKiller.exe

    Si Roguekiller ne se lance pas, il ne faut pas hésiter à le renommer en Winlogon.

    4/ Cliquer sur Scan .

    5/ Attendre la fin du scan. A ce stade aucune modification n’a été apportée au système (vous pouvez vérifier dans les différents onglets)

    relancer Roguekiller et cocher toutes les entrées du registre et aussi, vérifier les autres onglet

    6/ Cliquer sur le bouton Suppression….SI…
    A l’inverse du bouton Scan, ce bouton supprime les infections de type rogue et modifie donc le système.
    Le rapport a été généré sur le bureau.

    7/ Poster le rapport :(CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller)

    Important : Pour quitter l’outil

    Il faut passer par le bouton Fichier -> Quitter.

    Ce mode est le moyen de fermer l’outil correctement. En effet, si l’on ferme RogueKiller sans avoir utilisé ce mode, le driver créé par l’outil ne sera pas supprimé.

    Important : Toute sorte de manipulation avec un logiciel de désinfection peut planter le PC.
    Si vous utilisez seul un logiciel, c’est à vos risques et périls

    tutoriel officiel
    ICI

    si cela ne fonctionne pas essaye le tout en mode sans echec !

    dariuss
    Participant
    Nombre d'articles : 49

    merci, je fais ca de suite, mais j ai un autre probleme, mon pc ne veut plus se connecter a internet… je recois comme message, le peripherique ou la ressource distante n accepte pas la connexion.

    buckhulk
    Participant
    Nombre d'articles : 2398

    tu me parle avec quoi là ??

    dariuss
    Participant
    Nombre d'articles : 49

    j’étais sur le pc de qq d’autre :) problème réglé, avec roguekiller ca à arrangé le souci.

    je dois poster les rapports qq part?

    buckhulk
    Participant
    Nombre d'articles : 2398
    je dois poster les rapports qq part?

    As-tu passé Rkill avant ?

    Oui s’il te plait et ensuite tu fais ZHPCleaner et ZHPDiag s’il te plait :merci2:

    les logiciels sont là :

    Je m’appelle buckhulk… ^^

    C’est moi qui vais prendre en charge le soucis …. :P:

    Nous allons commencer par passer ZHPCleaner afin de simplifier le téléchargement des outils qui suivront .

    ZHPCleaner ICI

    Ensuite pour bien continuer il va falloir que tu fasses un ZHPDiag : ZHPDiag ICI

    Donc 3 rapports s’il te plait, Merci { ZHPCleaner (2) ZHPDiag (1) }

    Ne suis pas deux désinfections en même temps et si tu as un problème avec un outil parles-en .

    Ensuite donne moi des “nouvelles de ton ordinateur assez fréquement (comme un médecin pour adapter les “médicaments”) et héberges bien les rapports .

    Les outils doivent être téléchargés sur le bureau (c’est à dire dans un raccourcis de ton dossier téléchargement, puis tranférés sur ton bureau )

    Ouvert avec un clic droit (exécuter en tant que..).

    Même si ton ordinateur à l’air de mieux fonctionner , une désinfection doit être faite complètement
    ^^

    dariuss
    Participant
    Nombre d'articles : 49

    oui, rkill a été fait avant :)
    voici sont rapport:

    Rkill 2.6.8 by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/” onclick=”window.open(this.href);return false;
    Copyright 2008-2014 BleepingComputer.com
    More Information about Rkill can be found at this link:
    http://www.bleepingcomputer.com/forums/topic308364.html” onclick=”window.open(this.href);return false;

    Program started at: 11/14/2014 12:32:49 PM in x64 mode.
    Windows Version: Windows 8.1

    Checking for Windows services to stop:

    * No malware services found to stop.

    Checking for processes to terminate:

    * C:WindowsSysWOW64ACEngSvr.exe (PID: 6440) [WD-HEUR]

    1 proccess terminated!

    Active Proxy Server Detected

    * Proxy Disabled.
    * ProxyOverride value deleted.
    * ProxyServer value deleted.
    * AutoConfigURL value deleted.
    * Proxy settings were backed up to Registry file.

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Backup Registry file created at:
    C:UsersDariusDesktoprkillrkill-11-14-2014-12-32-55.reg

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * No issues found.

    Checking Windows Service Integrity:

    * MsKeyboardFilter [Missing Service]
    * CSC [Missing Service]
    * E1G60 [Missing Service]
    * HdAudAddService [Missing Service]
    * kbldfltr [Missing Service]
    * storvsp [Missing Service]

    dariuss
    Participant
    Nombre d'articles : 49

    et le rapport de rogue killer:

    RogueKiller V10.0.6.0 (x64) [Nov 13 2014] par Adlice Software
    email : http://www.adlice.com/contact/” onclick=”window.open(this.href);return false;
    Remontées : http://forum.adlice.com” onclick=”window.open(this.href);return false;
    Site web : http://www.adlice.com/fr/logiciels/roguekiller/” onclick=”window.open(this.href);return false;
    Blog : http://www.adlice.com” onclick=”window.open(this.href);return false;

    Système d’exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
    Démarré en : Mode normal
    Utilisateur : Darius [Administrateur]
    Mode : Suppression — Date : 11/14/2014 12:57:09

    ¤¤¤ Processus : 0 ¤¤¤

    ¤¤¤ Registre : 0 ¤¤¤

    ¤¤¤ Tâches : 0 ¤¤¤

    ¤¤¤ Fichiers : 0 ¤¤¤

    ¤¤¤ Fichier Hosts : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

    ¤¤¤ Navigateurs web : 1 ¤¤¤
    [FIREFX:Addon] 27dgj3jh.default : RealDownloader [{7C9C2591-51ED-44FA-8D03-450B92643F95}] -> Supprimé(e)

    ¤¤¤ Vérification MBR : ¤¤¤
    +++++ PhysicalDrive0: KINGSTON SVP200S37A256G +++++
    — User —
    [MBR] 452f1063821a9da017b29dc4281a65ae
    [BSP] daf0f34305b3c3b6c4c987776e6a77c5 : Empty MBR Code
    Partition table:
    0 – [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
    User = LL1 … OK
    User = LL2 … OK

    +++++ PhysicalDrive1: ST1000LM024 HN-M101MBB +++++
    — User —
    [MBR] 1cd78b129dc7670831cc65ad8445d2e5
    [BSP] 41ca44ac0d8392d4cc41e95f1caad114 : Empty MBR Code
    Partition table:
    0 – [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
    User = LL1 … OK
    User = LL2 … OK

    +++++ PhysicalDrive2: USB DISK 3.0 USB Device +++++
    — User —
    [MBR] 485ffc0f0f8420c2b2f0dbbc23669799
    [BSP] 33825288f0fac14652d27c2c46b56730 : Windows XP MBR Code
    Partition table:

    dariuss
    Participant
    Nombre d'articles : 49

    le rapport de zhpcleaner après le scan:

    ~ ZHPCleaner v2014.11.14.224 by Nicolas Coolman (14/11/2014)
    ~ Run by Darius (Administrator) (15/11/2014 10:53:00)
    ~ Forum : http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Facebook : https://www.facebook.com/nicolascoolman1” onclick=”window.open(this.href);return false;
    ~ State version : Version OK
    ~ Type : Réparer
    ~ Report : C:UsersDariusDesktopZHPCleaner.txt
    ~ Quarantine : C:UsersDariusAppDataRoamingZHPZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Windows 81, 64-bit (Build 9600)

    —\ Service. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Navigateur internet. (1)
    TROUVÉ FF: C:UsersDariusAppDataRoamingMozillaFirefoxProfiles27dgj3jh.defaultprefs.js

    —\ Fichier hôte. (1)
    ~ Le fichier hôte est légitime. (21)

    —\ Tâche planifiée. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Explorateur ( Dossiers, Fichiers ). (8)
    DEPLACÉ: C:Program Files (x86)Optimizer Pro (PUP.OptimizerPro)
    DEPLACÉ: C:UsersDariusAppDataRoamingap_logs (PUP.Agent)
    DEPLACÉ: C:UsersDariusDocumentsOptimizer Pro (PUP.OptimizerPro)
    DEPLACÉ: C:UsersDariusDocumentsOptimizer ProCookiesException.txt [ – ] (PUP.OptimizerPro)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.01net.com_0.localstorage[] (Toolbar.Conduit)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.01net.com_0.localstorage-journal[] (Toolbar.Conduit)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.sweet-page.com_0.localstorage[] (PUP.SweetPage)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.sweet-page.com_0.localstorage-journal[] (PUP.SweetPage)

    —\ Base de Registres ( Clés, Valeurs, Données ). (10)
    SUPPRIMÉ: HKCUSOFTWAREf863f8c47160ff9d25e9236d32ea3f38 [] ()
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
    SUPPRIMÉ: HKCUSoftwareOptimizer Pro (PUP.OptimizerPro)
    SUPPRIMÉ: [X64] HKLMSOFTWAREWow6432NodeMicrosoftTracingDesktopWeatherAlertsApp_RASAPI32 (PUP.DesktopWeatherAlerts)
    SUPPRIMÉ: [X64] HKLMSOFTWAREWow6432NodeMicrosoftTracingDesktopWeatherAlertsApp_RASMANCS (PUP.DesktopWeatherAlerts)

    —\ Bilan de la réparation
    ~ Réparation réalisée avec succès.
    ~ Ce navigateur est absent (Opera Software)

    End of clean at 10:58:34

    dariuss
    Participant
    Nombre d'articles : 49

    le rapport zhpcleaner après réparation:

    ~ ZHPCleaner v2014.11.14.224 by Nicolas Coolman (14/11/2014)
    ~ Run by Darius (Administrator) (15/11/2014 10:53:00)
    ~ Forum : http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Facebook : https://www.facebook.com/nicolascoolman1” onclick=”window.open(this.href);return false;
    ~ State version : Version OK
    ~ Type : Réparer
    ~ Report : C:UsersDariusDesktopZHPCleaner.txt
    ~ Quarantine : C:UsersDariusAppDataRoamingZHPZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Windows 81, 64-bit (Build 9600)

    —\ Service. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Navigateur internet. (1)
    TROUVÉ FF: C:UsersDariusAppDataRoamingMozillaFirefoxProfiles27dgj3jh.defaultprefs.js

    —\ Fichier hôte. (1)
    ~ Le fichier hôte est légitime. (21)

    —\ Tâche planifiée. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Explorateur ( Dossiers, Fichiers ). (8)
    DEPLACÉ: C:Program Files (x86)Optimizer Pro (PUP.OptimizerPro)
    DEPLACÉ: C:UsersDariusAppDataRoamingap_logs (PUP.Agent)
    DEPLACÉ: C:UsersDariusDocumentsOptimizer Pro (PUP.OptimizerPro)
    DEPLACÉ: C:UsersDariusDocumentsOptimizer ProCookiesException.txt [ – ] (PUP.OptimizerPro)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.01net.com_0.localstorage[] (Toolbar.Conduit)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.01net.com_0.localstorage-journal[] (Toolbar.Conduit)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.sweet-page.com_0.localstorage[] (PUP.SweetPage)
    DEPLACÉ: C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_www.sweet-page.com_0.localstorage-journal[] (PUP.SweetPage)

    —\ Base de Registres ( Clés, Valeurs, Données ). (10)
    SUPPRIMÉ: HKCUSOFTWAREf863f8c47160ff9d25e9236d32ea3f38 [] ()
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
    SUPPRIMÉ: HKCUSoftwareOptimizer Pro (PUP.OptimizerPro)
    SUPPRIMÉ: [X64] HKLMSOFTWAREWow6432NodeMicrosoftTracingDesktopWeatherAlertsApp_RASAPI32 (PUP.DesktopWeatherAlerts)
    SUPPRIMÉ: [X64] HKLMSOFTWAREWow6432NodeMicrosoftTracingDesktopWeatherAlertsApp_RASMANCS (PUP.DesktopWeatherAlerts)

    —\ Bilan de la réparation
    ~ Réparation réalisée avec succès.
    ~ Ce navigateur est absent (Opera Software)

    End of clean at 10:58:34

    dariuss
    Participant
    Nombre d'articles : 49

    et le rapport de zhpdiag:

    ~ Rapport de ZHPDiag v2014.11.13.163 – Nicolas Coolman (13-11-14)
    ~ Lancé par Darius (15-11-14 11:06:03)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Désactivée par l’utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17416
    MFIE: Mozilla Firefox 33.1 (Defaut)
    GCIE: Google Chrome v38.0.2125.111

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8.1, 64-bit (Build 9600)
    Windows Server License Manager Script : OK
    ~ Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : TVGBG
    Windows License : OK
    ~ Windows Remaining Initializations Number : 1000
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Malwarebytes Anti-Malware version 2.0.3.1025
    Windows Defender W8 (Activate)

    —\ Logiciels d’optimisation du système

    —\ Logiciels de partage PeerToPeer
    Vuze Toolbar v12.10.0.3487 =>P2P.Azureus

    —\ Surveillance de Logiciels
    Adobe Flash Player 15 Plugin
    Adobe Reader X

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 12239 MB (84% free)
    System Restore: Activé (Enable)
    System drive C: has 12 GB (12%) free of 95 GB

    —\ Mode de connexion au système
    ~ Computer Name: NUMÉRI-MOI
    ~ User Name: Darius
    ~ All Users Names: HomeGroupUser$, Darius, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersDariusAppDataRoamingZHP
    ~ %AppData% : C:UsersDariusAppDataRoaming
    ~ %Desktop% : C:UsersDariusDesktop
    ~ %Favorites% : C:UsersDariusFavorites
    ~ %LocalAppData% : C:UsersDariusAppDataLocal
    ~ %StartMenu% : C:UsersDariusAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 12 Go of 95 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 122 Go of 122 Go)
    E: Hard drive, Flash drive, Thumb drive (Free 347 Go of 466 Go)
    F: Hard drive, Flash drive, Thumb drive (Free 329 Go of 466 Go)
    G: CD-ROM drive (Not Inserted)
    I: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoFolderOptions: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 46 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] – (.Microsoft Corporation – Explorateur Windows.) (.23-08-14 – 08:48:28.) — C:WindowsExplorer.exe [2374784]
    [MD5.48CFA7BE561A7BE144C29BB912055016] – (.Microsoft Corporation – Application de démarrage de Windows.) (.22-08-13 – 10:58:29.) — C:WindowsSystem32Wininit.exe [144384]
    [MD5.BF1FC65A307B31939ADF7F976FDE033C] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.31-10-14 – 04:45:17.) — C:WindowsSystem32wininet.dll [2365440]
    [MD5.306EB21E5B480AE9065EA55AC8C35936] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.18-03-14 – 11:09:53.) — C:WindowsSystem32Winlogon.exe [562176]
    [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] – (.Microsoft Corporation – Bibliothèque de licences.) (.18-03-14 – 11:09:55.) — C:WindowsSystem32sppcomapi.dll [447488]
    [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.09-07-14 – 08:29:26.) — C:Windowssystem32DriversAFD.sys [563200]
    [MD5.74B14192CF79A72F7536B27CB8814FBD] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.22-08-13 – 13:43:41.) — C:Windowssystem32Driversatapi.sys [26464]
    [MD5.2FA6510E33F7DEFEC03658B74101A9B9] – (.Microsoft Corporation – CD-ROM File System Driver.) (.22-08-13 – 12:40:15.) — C:Windowssystem32DriversCdfs.sys [88576]
    [MD5.C6796EA22B513E3457514D92DCDB1A3D] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.22-08-13 – 09:46:35.) — C:Windowssystem32DriversCdrom.sys [164352]
    [MD5.A03F362C5557E238CBFA914689C77248] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.09-07-14 – 08:30:35.) — C:Windowssystem32DriversDfsC.sys [134144]
    [MD5.D4B7ED39C7900384D9E5C1283F1E7926] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.24-07-14 – 12:45:39.) — C:Windowssystem32DriversHDAudBus.sys [76800]
    [MD5.84CFC5EFA97D0C965EDE1D56F116A541] – (.Microsoft Corporation – Pilote de port i8042.) (.22-08-13 – 12:39:15.) — C:Windowssystem32Driversi8042prt.sys [107520]
    [MD5.B7342B3C58E91107F6E946A93D9D4EFD] – (.Microsoft Corporation – IP Network Address Translator.) (.18-03-14 – 11:09:57.) — C:Windowssystem32DriversIpNat.sys [142848]
    [MD5.7A1A3F213CDB3363D179D5014272025D] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.30-04-14 – 07:41:46.) — C:Windowssystem32DriversMRxSmb.sys [402432]
    [MD5.0217532E19A748F0E5D569307363D5FD] – (.Microsoft Corporation – MBT Transport driver.) (.22-08-13 – 12:37:02.) — C:Windowssystem32DriversnetBT.sys [282624]
    [MD5.038C77D577900EE39410662478BB0D50] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24-07-14 – 16:07:52.) — C:Windowssystem32Driversntfs.sys [2009920]
    [MD5.764B1121867B2D9B31C491668AC72B2B] – (.Microsoft Corporation – Pilote de port parallèle.) (.22-08-13 – 12:40:02.) — C:Windowssystem32DriversParport.sys [94208]
    [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.22-08-13 – 12:35:51.) — C:Windowssystem32DriversRasl2tp.sys [120832]
    [MD5.680C1DAE268B6FB67FA21B389A8B79EF] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.18-03-14 – 10:41:24.) — C:Windowssystem32Driversrdpdr.sys [195584]
    [MD5.FFF28F9F6823EB1756C60F1649560BBF] – (.Microsoft Corporation – TDI Translation Driver.) (.22-08-13 – 14:25:35.) — C:Windowssystem32Driverstdx.sys [107520]
    [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.19-06-14 – 03:13:36.) — C:Windowssystem32Driversvolsnap.sys [310080]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4
    ~ Mes Videos (My Videos) : 1/3
    ~ Mes Favoris (My Favorites) : 1/13
    ~ Mes Documents (My Documents) : 2/185
    ~ Mon Bureau (My Desktop) : 1/1290
    ~ Menu demarrer (Programs) : 1/32
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.97432AB9F1B3B3E63E778C1E69E71E91] – (.ASUSTek Computer Inc. – ASUS USB Charger Plus.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1124032] [PID.8636]
    [MD5.C56AEF21A76A6E2BB36A384B2C96389F] – (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [2403104] [PID.9440]
    [MD5.2D32F0EF950AED6AD007D042676FD39E] – (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [328064] [PID.14876]
    [MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] – (.ASUSTek Computer Inc. – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [205184] [PID.17936]
    [MD5.B7BCA8A30CE13A283CDBDECEF5616C39] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [107192] [PID.11340]
    [MD5.97202E9C0D86387888435470CCAF45BE] – (.ASUSTeK – ACEngSvr Module.) — C:WindowsSysWOW64ACEngSvr.exe [192000] [PID.14404]
    [MD5.055AD533D65C01CC037C7683BB33D9DF] – (.TechSmith Corporation – Snagit.) — C:Program Files (x86)TechSmithSnagit 12Snagit32.exe [7340864] [PID.13584]
    [MD5.45D5AFF33A714C7FA5837C13C318A06A] – (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program Files (x86)RealRealPlayerUpdaterealsched.exe [296520] [PID.4360]
    [MD5.5DAA7C935FC47423825BA5A9AA2670A5] – (.TechSmith Corporation – Snagit RPC Helper.) — C:Program Files (x86)TechSmithSnagit 12SnagPriv.exe [138048] [PID.3924]
    [MD5.0A1810F3CF866F67856C8A4E98194493] – (.TechSmith Corporation – TechSmith HTML Help Helper.) — C:Program Files (x86)TechSmithSnagit 12TSCHelp.exe [46080] [PID.11004]
    [MD5.EC812EF1DD8F595946D3F5E92DC17D24] – (.TechSmith Corporation – Snagit Editor.) — C:Program Files (x86)TechSmithSnagit 12snagiteditor.exe [8447808] [PID.2544]
    [MD5.DB0C938BC311B31CF90C13821AE682B3] – (.ASUSTeK Computer Inc. – ASUS Live Update.) — C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe [1559936] [PID.2240]
    [MD5.DE8D08AA7323CEA0A7D8BBF8908457D4] – (.RealNetworks, Inc. – RealDownloader.) — C:Program Files (x86)RealNetworksRealDownloaderrecordingmanager.exe [368728] [PID.6872]
    [MD5.61AA3949634234450E31F81AA143E54F] – (.RealNetworks, Inc. – RealPlayer Cloud.) — C:Program Files (x86)RealRealPlayerRealPlay.exe [266824] [PID.11620]
    [MD5.A0DA0ED7F15F4E3259C8FF3ADAE1B495] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8126464] [PID.6232]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersDariusAppDataLocalGoogleChromeUser DataDefaultPreferences

    —\ Liste des dossiers d’extension Google Chrome
    ~ Google Lines Browser: 0 Scanned in 00mn 06s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersDariusAppDataRoamingMozillaFirefoxProfiles27dgj3jh.defaultprefs.js
    P2 – FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. – RealPlayer(tm) LiveConnect-Enabled Plug-In.) — C:Program Files (x86)Mozilla FirefoxPluginsnppl3260.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program Files (x86)Mozilla FirefoxPluginsnpqtplugin.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program Files (x86)Mozilla FirefoxPluginsnpqtplugin2.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program Files (x86)Mozilla FirefoxPluginsnpqtplugin3.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program Files (x86)Mozilla FirefoxPluginsnpqtplugin4.dll
    P2 – FPN:Firefox Plugin Navigator . (.Apple Inc. – The QuickTime Plugin allows you to view a wide variety of multimedia c.) — C:Program Files (x86)Mozilla FirefoxPluginsnpqtplugin5.dll
    P2 – FPN:Firefox Plugin Navigator . (.RealPlayer Cloud – RealPlayer Download Plugin.) — C:Program Files (x86)Mozilla FirefoxPluginsnprpplugin.dll
    P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:WINDOWSsystem32MacromedFlashNPSWF64_15_0_0_223.dll
    P2 – FPN: [HKLM] [@java.com/DTPlugin,version=10.4.0] – (.Oracle Corporation – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:WINDOWSsystem32npDeployJava1.dll
    P2 – FPN: [HKLM] [@java.com/JavaPlugin,version=10.4.0] – (.Oracle Corporation – Next Generation Java Plug-in 10.4.0 for Mozilla browsers.) — C:Program FilesJavajre7binplugin2npjp2.dll
    P2 – FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] – (.Microsoft Corporation – Office Authorization plug-in for NPAPI browsers.) — C:Program FilesMicrosoft OfficeOffice14NPAUTHZ.dll
    P2 – FPN: [HKLM] [adobe.com/AdobeAAMDetect] – (.Adobe Systems – A plugin to detect whether the Adobe Application Manager is installed.) — C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll
    ~ Firefox Browser: 19 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = about:blank
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17351 (winblue_r3.140925-1500)) — C:WindowsSysWOW64ieframe.dll
    ~ IE Browser: 16 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (21)
    ~ Hosts File: Scanned in 00mn 00s

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: RealNetworks Download and Record Plugin for Internet Explorer [64Bits] – {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader – RealPlayer Video Downloader.) — C:Program Files (x86)RealNetworksRealDownloaderBrowserPluginsIErndlbrowserrecordplugin.dll
    O2 – BHO: Groove GFS Browser Helper [64Bits] – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation – Microsoft SharePoint Workspace Extensions.) — C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.dll
    O2 – BHO: Java(tm) Plug-In SSV Helper [64Bits] – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binssv.dll
    O2 – BHO: URLRedirectionBHO [64Bits] – {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation – Microsoft Office Document Cache Handler.) — C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binjp2ssv.dll
    O2 – BHO: Adblock Plus for IE Browser Helper Object [64Bits] – {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus – Adblock Plus Module.) — C:Program FilesAdblock Plus for IEAdblockPlus32.dll
    O2 – BHO: IESpeakDoc [64Bits] – {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} Clé orpheline
    ~ BHO: 13 Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Vuze.lnk . (.Azureus Software, Inc – Vuze Launcher.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O4 – GSProgram [Public]: Vuze.lnk . (.Azureus Software, Inc – Vuze Launcher.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O4 – GSQuickLaunch [Darius]: Vuze.lnk . (.Azureus Software, Inc – Vuze Launcher.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    ~ Global Startup: 3 Scanned in 00mn 01s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [BtTray] . (.Qualcomm Atheros – BtTray.) — C:Program Files (x86)Bluetooth SuiteBtTray.exe
    O4 – HKLM..Run: [BtvStack] . (.Qualcomm Atheros Commnucations – Extension Core.) — C:Program Files (x86)Bluetooth SuiteBtvStack.exe
    O4 – HKLM..Run: [SynAsusGestureAPIMgr] C:Program Files (x86)SynapticsSynTPSynAsusGestureAPIMgr.exe (.not file.)
    O4 – HKLM..Run: [AsusNewUI] C:Program Files (x86)SynapticsSynTPAsusNewUI35.exe (.not file.)
    O4 – HKLM..Run: [ACMON] . (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe
    O4 – HKLM..Run: [BCSSync] . (.Microsoft Corporation – Microsoft Office 2010 component.) — C:Program FilesMicrosoft OfficeOffice14BCSSync.exe =>.Microsoft Corporation
    O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
    O4 – HKLM..Run: [NvBackend] . (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
    O4 – HKLM..Run: [ShadowPlay] . (.NVIDIA Corporation – NVIDIA Capture Server Proxy.) — C:WINDOWSsystem32nvspcap64.dll
    O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
    O4 – HKCU..Run: [DAEMON Tools Lite] . (.Disc Soft Ltd – DAEMON Tools Lite.) — C:Program Files (x86)DAEMON Tools LiteDTLite.exe =>.DT Soft Ltd
    O4 – HKCU..Run: [Autodesk Sync] . (.Autodesk, Inc. – Autodesk 360.) — C:Program FilesAutodeskAutodesk SyncAdSync.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKLM..Wow6432NodeRun: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
    O4 – HKLM..Wow6432NodeRun: [ASUSWebStorage] . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe
    O4 – HKLM..Wow6432NodeRun: [mcui_exe] C:Program FilesMcAfee.comAgentmcagent.exe (.not file.)
    O4 – HKLM..Wow6432NodeRun: [RemoteControl10] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
    O4 – HKLM..Wow6432NodeRun: [BDRegion] . (.cyberlink – brs.) — C:Program Files (x86)CyberlinkShared filesbrs.exe
    O4 – HKLM..Wow6432NodeRun: [ROGNB] . (.Pas de propriétaire – ASUS ROG Gaming Mouse hid.) — C:Program Files (x86)ASUS Gaming Mousehid.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..Wow6432NodeRun: [DivXMediaServer] C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe (.not file.)
    O4 – HKLM..Wow6432NodeRun: [ADSKAppManager] . (.Autodesk Inc. – Autodesk Application Manager.) — C:Program Files (x86)Common FilesAutodesk SharedAppManagerR1AdAppMgr.exe
    O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program Files (x86)QuickTimeQTTask.exe
    O4 – HKLM..Wow6432NodeRun: [TkBellExe] . (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program Files (x86)RealRealPlayerupdaterealsched.exe =>.RealNetworks, Inc
    O4 – HKUS.DEFAULT..Run: [Autodesk Sync] . (.Autodesk, Inc. – Autodesk 360.) — C:Program FilesAutodeskAutodesk SyncAdSync.exe
    O4 – HKUSS-1-5-18..Run: [Autodesk Sync] . (.Autodesk, Inc. – Autodesk 360.) — C:Program FilesAutodeskAutodesk SyncAdSync.exe
    O4 – HKUSS-1-5-21-305947040-4040144145-2482029305-1002..Run: [DAEMON Tools Lite] . (.Disc Soft Ltd – DAEMON Tools Lite.) — C:Program Files (x86)DAEMON Tools LiteDTLite.exe =>.DT Soft Ltd
    O4 – HKUSS-1-5-21-305947040-4040144145-2482029305-1002..Run: [Autodesk Sync] . (.Autodesk, Inc. – Autodesk 360.) — C:Program FilesAutodeskAutodesk SyncAdSync.exe
    O4 – HKUSS-1-5-21-305947040-4040144145-2482029305-1002..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    ~ Application: Scanned in 00mn 01s

    —\ Invisibilité de l’icône d’options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: &Envoyer à OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program Files (x86)MICROS~1Office14ONBttnIE.dll =>.Microsoft Corporation
    O9 – Extra button: Send by Bluetooth to [64Bits] – {7815BE26-237D-41A8-A98F-F7BD75F71086} — Clé orpheline
    O9 – Extra button: Notes &liées OneNote [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program Files (x86)MICROS~1Office14ONBTTN~1.dll =>.Microsoft Corporation
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:WINDOWSsystem32napinsp.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:WINDOWSsystem32pnrpnsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:WINDOWSsystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:WINDOWSsystem32NLAapi.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:WINDOWSsystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:WINDOWSsystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:WINDOWSsystem32wshbth.dll
    ~ Winsock: 7 Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{C757511B-23B9-4BA8-A146-1EBCD335573C}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCCSServicesTcpip..{EB821C2D-368F-434C-85D2-95D46E08BAAE}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{C757511B-23B9-4BA8-A146-1EBCD335573C}: DhcpDomain = lan
    O17 – HKLMSystemCS1ServicesTcpip..{C757511B-23B9-4BA8-A146-1EBCD335573C}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCS1ServicesTcpip..{EB821C2D-368F-434C-85D2-95D46E08BAAE}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{C757511B-23B9-4BA8-A146-1EBCD335573C}: DhcpDomain = lan
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (…) – C:Program Files (x86)NVIDIA~13DVISI~1NVSTIN~1.dll (.not file.)
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. – ASLDR Service.) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
    O23 – Service: ASUS InstantOn Service (ASUS InstantOn) . (.ASUS – ASUS InstantOn Program.) – C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe
    O23 – Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations – AdminService Application.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
    O23 – Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS – GFNEXSrv.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    O23 – Service: CyberLink Product – 2013/04/19 21:24:28 (CLKMSVC10_38F51D56) . (.CyberLink – CyberLink KM Service.) – C:Program Files (x86)CyberLinkPowerDVD10NavFilterkmsvc.exe
    O23 – Service: Fan Filter Checker Service (FanChkService) . (.ASUSTek Computer Inc. – Fan Filter Checker Service Application.) – C:Program Files (x86)ASUSASUS Fan Filter CheckerFanChkSrv.exe
    O23 – Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation – Intel(R) Capability Licensing Service Inter.) – C:Program FilesInteliCLS ClientHeciServer.exe
    O23 – Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation – Intel(R) ME Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    O23 – Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Local Manageability Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    O23 – Service: McNeel Update Service 5.0 (McNeelUpdate) . (.Robert McNeel & Associates – McNeelUpdateService.) – C:Program Files (x86)McNeelUpdate5.0McNeelUpdateService.exe
    O23 – Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation – NVIDIA Network Service.) – C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
    O23 – Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation – NVIDIA Streamer Service.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    O23 – Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 344.6.) – C:WINDOWSsystem32nvvsvc.exe
    O23 – Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    O23 – Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation – User Notification Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    O23 – Service: ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent) . (.Atheros – Atheros Coex Service Application.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
    ~ Services: 17 Scanned in 00mn 07s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.D51145F6B0CE987850F13A61DAD5E531] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe [267440]
    [MD5.3BCB17DC9584A9A37E2187089FFDC2E7] [APT] [ASUS InstantOn Config] (.ASUS.) — C:Program Files (x86)ASUSASUS InstantOnInsOnCfg.exe [1122688]
    [MD5.DB0C938BC311B31CF90C13821AE682B3] [APT] [ASUS Live Update] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe [1559936]
    [MD5.0BC5A4142F38A6BB35DECD01A2BC2ED7] [APT] [ASUS P4G] (.ASUS.) — C:Program FilesASUSP4GBatteryLife.exe [1018240]
    [MD5.97432AB9F1B3B3E63E778C1E69E71E91] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1124032]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.DE8D08AA7323CEA0A7D8BBF8908457D4] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-305947040-4040144145-2482029305-1002] (.RealNetworks, Inc..) — C:Program Files (x86)RealNetworksRealDownloaderrecordingmanager.exe [368728]
    [MD5.D49683E71198A440B165B00FD643E2A2] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-305947040-4040144145-2482029305-1002] (.RealNetworks, Inc..) — C:Program Files (x86)RealNetworksRealDownloaderrealupgrade.exe [147016]
    [MD5.D49683E71198A440B165B00FD643E2A2] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-305947040-4040144145-2482029305-1002] (.RealNetworks, Inc..) — C:Program Files (x86)RealNetworksRealDownloaderrealupgrade.exe [147016]
    [MD5.E0DEBE808C0FC71F6CAAB979547F84CD] [APT] [TechSmith Updater] (.TechSmith Corporation.) — C:Program Files (x86)Common FilesTechSmith SharedUpdaterTSCUpdClt.exe [56704]
    [MD5.00000000000000000000000000000000] [APT] [{0BAE14EF-5298-471C-B33F-DB65160BD062}] (…) — J:Permis.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{A8A00534-09F1-4DDC-9E26-935F246B78C7}] (…) — C:ProgramDataDivXSetupDivXSetup.exe (.not file.) [0]
    [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) — C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [561984]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1094]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1094]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1098]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1098]
    O39 – APT: – (..) — C:WindowsTasksSynaptics TouchPad Enhancements.job [264]
    O39 – APT: – (..) — C:WindowsSystem32TasksSynaptics TouchPad Enhancements [264]
    ~ Scheduled Task: 19 Scanned in 00mn 03s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:WindowsSystem32mscories.dll
    ~ Active Setup: 9 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: C:WindowsSystem32driversahcache.sys (ahcache) . (.Microsoft Corporation – Application Compatibility Cache.) – C:WindowsSystem32DRIVERSahcache.sys
    O41 – Driver: (ATKWMIACPIIO) . (.ASUS – ATK WMIACPI Utility.) – C:Program Files (x86)ASUSATK PackageATK WMIACPIatkwmiacpi64.sys
    O41 – Driver: (BasicDisplay) . (.Microsoft Corporation – Microsoft Basic Display Driver.) – C:Windowssystem32driversBasicDisplay.sys
    O41 – Driver: (BasicRender) . (.Microsoft Corporation – Microsoft Basic Render Driver.) – C:Windowssystem32driversBasicRender.sys
    O41 – Driver: cdrom.inf (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:Windowssystem32driverscdrom.sys
    O41 – Driver: C:WindowsSystem32driversdam.sys (dam) . (.Microsoft Corporation – DAM Kernel Driver.) – C:WindowsSystem32driversdam.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (Dfsc) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: oem31.inf (dtsoftbus01) . (.Disc Soft Ltd – DAEMON Tools Virtual Bus Driver.) – C:Windowssystem32driversdtsoftbus01.sys
    O41 – Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:Windowssystem32driversmssmbios.sys
    O41 – Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation – Named pipe service triggers.) – C:Windowssystem32driversnpsvctrig.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:Windowssystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:Windowssystem32DRIVERStdx.sys
    O41 – Driver: C:WindowsSystem32driversvwififlt.sys (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:Windowssystem32DRIVERSvwififlt.sys
    O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:Windowssystem32DRIVERSwanarp.sys
    ~ Drivers: 38 Scanned in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: ASUS Fan Filter Checker – (.ASUS.) [HKLM][64Bits] — {2B0E8920-47D0-4F4D-BE03-76397409B837}
    O42 – Logiciel: ASUS Instant Connect – (.ASUS.) [HKLM][64Bits] — {89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}
    O42 – Logiciel: ASUS InstantOn – (.ASUS.) [HKLM][64Bits] — {749F674B-2674-47E8-879C-5626A06B2A91}
    O42 – Logiciel: ASUS LifeFrame3 – (.ASUS.) [HKLM][64Bits] — {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
    O42 – Logiciel: ASUS Live Update – (.ASUS.) [HKLM][64Bits] — {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
    O42 – Logiciel: ASUS Power4Gear Hybrid – (.ASUS.) [HKLM][64Bits] — {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
    O42 – Logiciel: ASUS ROG Gaming Mouse – (.ASUS.) [HKLM][64Bits] — {3B9E171F-A955-4834-B877-447C0A437260}
    O42 – Logiciel: ASUS Screen Saver – (.ASUS.) [HKLM][64Bits] — {0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
    O42 – Logiciel: ASUS Splendid Video Enhancement Technology – (.ASUS.) [HKLM][64Bits] — {0969AF05-4FF6-4C00-9406-43599238DE0D}
    O42 – Logiciel: ASUS Tutor – (.ASUS.) [HKLM][64Bits] — {58172D66-2F69-4215-9AEC-ED8196023736}
    O42 – Logiciel: ASUS USB Charger Plus – (.ASUS.) [HKLM][64Bits] — {A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
    O42 – Logiciel: ASUS WebStorage Sync Agent – (.ASUS Cloud Corporation.) [HKLM][64Bits] — ASUS WebStorage
    O42 – Logiciel: ASUSDVD – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
    O42 – Logiciel: ASUSDVD – (.CyberLink Corp..) [HKLM][64Bits] — {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
    O42 – Logiciel: ATK Package – (.ASUS.) [HKLM][64Bits] — {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
    O42 – Logiciel: Adblock Plus pour IE (32-bits et 64-bits) – (.Eyeo GmbH.) [HKLM][64Bits] — {2AB7FF34-79B5-44AE-B59F-F9E94CEB879A}
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe AIR
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {FE23D063-934D-4829-A0D8-00634CE79B4A}
    O42 – Logiciel: Adobe Flash Player 15 Plugin – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player Plugin
    O42 – Logiciel: Adobe Help Manager – (.Adobe Systems Incorporated.) [HKLM][64Bits] — chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    O42 – Logiciel: Adobe Help Manager – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AF37176A-78CA-545B-34EF-8B6A21514DD1}
    O42 – Logiciel: Adobe InDesign CC 2014 – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}
    O42 – Logiciel: Adobe Reader X (10.1.10) MUI – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
    O42 – Logiciel: Alcor Micro USB Card Reader – (.Alcor Micro Corp..) [HKLM][64Bits] — AmUStor
    O42 – Logiciel: Apple Application Support – (.Apple Inc..) [HKLM][64Bits] — {46F044A5-CE8B-4196-984E-5BD6525E361D}
    O42 – Logiciel: Apple Software Update – (.Apple Inc..) [HKLM][64Bits] — {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
    O42 – Logiciel: Applications recommandées Autodesk – (.Autodesk.) [HKLM][64Bits] — {EDDEE94B-214D-4B07-9727-A3E46F3E379A}
    O42 – Logiciel: ArchiCAD 18 INT – (.GRAPHISOFT.) [HKLM][64Bits] — 001FFF2FFF18FF00FF0701F01F02F000-R1
    O42 – Logiciel: Artlantis Studio 5.1.2.2 (64 bit) – (.Abvent R&D.) [HKLM][64Bits] — Artlantis Studio 5 (64 bit)
    O42 – Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver – (.Atheros Communications Inc..) [HKLM][64Bits] — {3108C217-BE83-42E4-AE9E-A56A2A92E549}
    O42 – Logiciel: AutoCAD 2015 – English – (.Autodesk.) [HKLM][64Bits] — {5783F2D7-E001-0000-0102-0060B0CE6BBA}
    O42 – Logiciel: Autodesk 360 – (.Autodesk.) [HKLM][64Bits] — {556966D9-F7F6-421B-9707-D07901604DDF}
    O42 – Logiciel: Autodesk 3ds Max 2015 – (.Autodesk.) [HKLM][64Bits] — Autodesk 3ds Max 2015
    O42 – Logiciel: Autodesk 3ds Max 2015 – (.Autodesk.) [HKLM][64Bits] — {52B37EC7-D836-0410-0264-3C24BCED2010}
    O42 – Logiciel: Autodesk 3ds Max 2015 Populate Data – (.Autodesk.) [HKLM][64Bits] — {57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}
    O42 – Logiciel: Autodesk App Manager – (.Autodesk.) [HKLM][64Bits] — {C8125548-F2D5-4059-823F-1F3C5BBD9F19}
    O42 – Logiciel: Autodesk Application Manager – (.Autodesk.) [HKLM][64Bits] — Autodesk Application Manager
    O42 – Logiciel: Autodesk AutoCAD 2015 – English – (.Autodesk.) [HKLM][64Bits] — AutoCAD 2015 – English
    O42 – Logiciel: Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 – (.Autodesk.) [HKLM][64Bits] — {85735431-6CD3-4B16-BEC8-95332034E53B}
    O42 – Logiciel: Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit – (.Autodesk.) [HKLM][64Bits] — {9D589081-AFC2-4932-9071-AC585AC1EA83}
    O42 – Logiciel: Autodesk Backburner 2015 – (.Autodesk.) [HKLM][64Bits] — {8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}
    O42 – Logiciel: Autodesk Content Service – (.Autodesk.) [HKLM][64Bits] — Autodesk Content Service
    O42 – Logiciel: Autodesk Content Service Language Pack – (.Autodesk.) [HKLM][64Bits] — {A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}
    O42 – Logiciel: Autodesk DirectConnect 2015 64-bit – (.Autodesk.) [HKLM][64Bits] — Autodesk DirectConnect 2015 64-bit
    O42 – Logiciel: Autodesk Inventor Server Engine for 3ds Max 2015 – (.Autodesk.) [HKLM][64Bits] — {9167CA34-4E48-49E3-8892-3C439739D2D3}
    O42 – Logiciel: Autodesk Material Library 2015 – (.Autodesk.) [HKLM][64Bits] — {427F733F-4D6C-45BC-9324-EB743104C321}
    O42 – Logiciel: Autodesk Material Library Base Resolution Image Library 2015 – (.Autodesk.) [HKLM][64Bits] — {ABE2F70B-8D94-44E9-AA04-F0DB35063D62}
    O42 – Logiciel: Autodesk Material Library Medium Resolution Image Library 2015 – (.Autodesk.) [HKLM][64Bits] — {9F6466D9-6EFC-4A10-B931-C72D1A3F1763}
    O42 – Logiciel: Autodesk ReCap – (.Autodesk.) [HKLM][64Bits] — Autodesk ReCap
    O42 – Logiciel: Autodesk Revit Interoperability for 3ds Max 2015 – (.Autodesk.) [HKLM][64Bits] — Autodesk Revit Interoperability for 3ds Max 2015
    O42 – Logiciel: Autodesk Revit Interoperability for 3ds Max 2015 – (.Autodesk.) [HKLM][64Bits] — {0BB716E0-1500-0610-0000-097DC2F354DF}
    O42 – Logiciel: CPUID CPU-Z 1.71 – (…) [HKLM][64Bits] — CPUID CPU-Z_is1
    O42 – Logiciel: CodeMeter Runtime Kit v5.10a – (.WIBU-SYSTEMS AG.) [HKLM][64Bits] — {CADFF08A-A157-474F-B6A8-8F26F81F7ABE}
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: DAEMON Tools Lite – (.Disc Soft Ltd.) [HKLM][64Bits] — DAEMON Tools Lite =>.DT Soft Ltd
    O42 – Logiciel: Divinity Original Sin – (…) [HKLM][64Bits] — RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1
    O42 – Logiciel: FARO LS 1.1.501.0 (64bit) – (.FARO Scanner Production.) [HKLM][64Bits] — {8A470330-70B2-49AD-86AF-79885EF9898A}
    O42 – Logiciel: Feu Vert pour le permis de conduire – (…) [HKLM][64Bits] — {26284E06-C005-4C6A-ADA6-1E99D843B08E}
    O42 – Logiciel: Fotogalerie – (.Microsoft Corporation.) [HKLM][64Bits] — {3CBD94C1-BA15-488C-888B-D8DD296CC6DC}
    O42 – Logiciel: GIMP 2.8.10 – (.The GIMP Team.) [HKLM][64Bits] — GIMP-2_is1
    O42 – Logiciel: Galerie de photos – (.Microsoft Corporation.) [HKLM][64Bits] — {446CC8CE-0E90-44F7-ADD0-774B243EF090}
    O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM][64Bits] — Google Chrome
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM][64Bits] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 – Logiciel: Importation de SketchUp – (.Autodesk.) [HKLM][64Bits] — {C403E867-FCF1-432B-BCC1-8FFD40A10A6E}
    O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 – Logiciel: Intel® Trusted Connect Service Client – (.Intel Corporation.) [HKLM][64Bits] — {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
    O42 – Logiciel: Java 7 Update 60 – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F83217021FF}
    O42 – Logiciel: Java(TM) 7 Update 4 (64-bit) – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F86417004FF}
    O42 – Logiciel: Kolor Autopano Giga 3.6 – (.Kolor.) [HKLM][64Bits] — AutopanoGiga3.6
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: MSVCRT110 – (.Microsoft.) [HKLM][64Bits] — {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
    O42 – Logiciel: MSVCRT110_amd64 – (.Microsoft.) [HKLM][64Bits] — {E9FA781F-3E80-4399-825A-AD3E11C28C77}
    O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.3.1025 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
    O42 – Logiciel: Microsoft OneDrive – (.Microsoft Corporation.) [HKCU][64Bits] — OneDriveSetup.exe
    O42 – Logiciel: Mozilla Firefox 33.1 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Firefox 33.1 (x86 fr)
    O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM][64Bits] — MozillaMaintenanceService
    O42 – Logiciel: MyBitCast 2.0 – (.ASUS.) [HKLM][64Bits] — MyBitCast
    O42 – Logiciel: NVIDIA GeForce Experience 2.1.1 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
    O42 – Logiciel: NVIDIA Logiciel système PhysX 9.14.0702 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
    O42 – Logiciel: NVIDIA PhysX – (.NVIDIA Corporation.) [HKLM][64Bits] — {B455E95A-B804-439F-B533-336B1635AE97}
    O42 – Logiciel: NVIDIA Pilote 3D Vision 344.65 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
    O42 – Logiciel: NVIDIA Pilote audio HD : 1.3.32.1 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
    O42 – Logiciel: NVIDIA Pilote du contrôleur 3D Vision 344.65 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
    O42 – Logiciel: NVIDIA Pilote graphique 344.65 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
    O42 – Logiciel: NVIDIA Stereoscopic 3D Driver – (.NVIDIA Corporation.) [HKLM][64Bits] — NVIDIAStereo
    O42 – Logiciel: PCSX2 – Playstation 2 Emulator – (…) [HKLM][64Bits] — pcsx2-r5875
    O42 – Logiciel: Qualcomm Atheros Bluetooth Suite (64) – (.Qualcomm Atheros Communications.) [HKLM][64Bits] — {A84A4FB1-D703-48DB-89E0-68B6499D2801}
    O42 – Logiciel: Qualcomm Atheros Client Installation Program – (.Qualcomm Atheros.) [HKLM][64Bits] — {28006915-2739-4EBE-B5E8-49B25D32EB33}
    O42 – Logiciel: QuickTime 7 – (.Apple Inc..) [HKLM][64Bits] — {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
    O42 – Logiciel: Raccolta foto – (.Microsoft Corporation.) [HKLM][64Bits] — {D04EBB49-C985-4A38-8695-62000861293A}
    O42 – Logiciel: RealDownloader – (.RealNetworks, Inc..) [HKLM][64Bits] — {7722483A-5FB8-4A2E-9422-6DA527A9173F}
    O42 – Logiciel: RealPlayer Cloud – (.RealNetworks.) [HKLM][64Bits] — RealPlayer 17.0
    O42 – Logiciel: RealUpgrade 1.1 – (.RealNetworks, Inc..) [HKLM][64Bits] — {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
    O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 – Logiciel: Rhinoceros 5 (64-bit) – (.Robert McNeel & Associates.) [HKLM][64Bits] — {D7B0FC7F-827E-4664-9DC8-32AD32C875A7}
    O42 – Logiciel: Shared C Run-time for x64 – (.McAfee.) [HKLM][64Bits] — {EF79C448-6946-4D71-8134-03407888C054}
    O42 – Logiciel: SketchUp 2014 – (.Trimble Navigation Limited.) [HKLM][64Bits] — {A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}
    O42 – Logiciel: SketchUp 2015 – (.Trimble Navigation Limited.) [HKLM][64Bits] — {90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}
    O42 – Logiciel: Skype™ 6.20 – (.Skype Technologies S.A..) [HKLM][64Bits] — {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
    O42 – Logiciel: Snagit 12 – (.TechSmith Corporation.) [HKLM][64Bits] — {8f4df1fe-49bb-4295-99d2-0e29ad8f99c6}
    O42 – Logiciel: Snagit 12 – (.TechSmith Corporation.) [HKLM][64Bits] — {FDEC2BE1-5F84-4249-943B-4364251A56BE}
    O42 – Logiciel: Synaptics Pointing Device Driver – (.Synaptics Incorporated.) [HKLM][64Bits] — SynTPDeinstKey
    O42 – Logiciel: UpdateService – (.RealNetworks, Inc..) [HKLM][64Bits] — {E3AE96D6-E196-45B4-AF62-2B41998B9E37}
    O42 – Logiciel: VC80CRTRedist – 8.0.50727.6195 – (.DivX, Inc.) [HKLM][64Bits] — {933B4015-4618-4716-A828-5289FC03165F}
    O42 – Logiciel: VLC media player 2.1.3 – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
    O42 – Logiciel: Vuze – (.Azureus Software, Inc..) [HKLM][64Bits] — 8461-7759-5462-8226 =>P2P.Azureus
    O42 – Logiciel: Vuze Toolbar – (.APN, LLC.) [HKLM][64Bits] — {53475433-2D56-3700-76A7-A758B70C0A00} =>Toolbar.Avira
    O42 – Logiciel: WinFlash – (.ASUS.) [HKLM][64Bits] — {8F21291E-0444-4B1D-B9F9-4370A73E346D}
    O42 – Logiciel: WinRAR 5.01 (32-bit) – (.win.rar GmbH.) [HKLM][64Bits] — WinRAR archiver
    ~ Logic: 71 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareASUS]
    [HKCUSoftwareAbvent]
    [HKCUSoftwareAdblockPlus]
    [HKCUSoftwareAdobe]
    [HKCUSoftwareAffinix]
    [HKCUSoftwareAnkama]
    [HKCUSoftwareAppDataLowSoftwareJavaSoft]
    [HKCUSoftwareAppDataLow{1146AC44-2F03-4431-B4FD-889BC837521F}]
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareApple Computer, Inc.]
    [HKCUSoftwareApple Inc.]
    [HKCUSoftwareAtheros]
    [HKCUSoftwareAutodesk]
    [HKCUSoftwareAzureus] =>P2P.Azureus
    [HKCUSoftwareBugSplat]
    [HKCUSoftwareCarpet]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareCreativePark]
    [HKCUSoftwareCyberLink]
    [HKCUSoftwareDisc Soft]
    [HKCUSoftwareDivXNetworks]
    [HKCUSoftwareECAREME]
    [HKCUSoftwareGNU]
    [HKCUSoftwareGRAPHISOFT]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareHaali]
    [HKCUSoftwareIM Providers]
    [HKCUSoftwareImagenomic]
    [HKCUSoftwareJavaSoft]
    [HKCUSoftwareKolor]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMagnet]
    [HKCUSoftwareMainConcept]
    [HKCUSoftwareMcNeel]
    [HKCUSoftwareMine]
    [HKCUSoftwareMootools]
    [HKCUSoftwareMotion Analysis]
    [HKCUSoftwareMozillaPlugins]
    [HKCUSoftwareMozilla]
    [HKCUSoftwareNVIDIA Corporation]
    [HKCUSoftwareNetscape]
    [HKCUSoftwareNik Software]
    [HKCUSoftwareODBC]
    [HKCUSoftwarePACE Anti-Piracy]
    [HKCUSoftwarePCSX2]
    [HKCUSoftwarePolicies]
    [HKCUSoftwareRealNetworks]
    [HKCUSoftwareRealtek]
    [HKCUSoftwareRegisteredApplications]
    [HKCUSoftwareSecuredDownload]
    [HKCUSoftwareSketchUp]
    [HKCUSoftwareSkype]
    [HKCUSoftwareSynaptics]
    [HKCUSoftwareTechSmith]
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareVRTS]
    [HKCUSoftwareValve]
    [HKCUSoftwareWIBU-SYSTEMS]
    [HKCUSoftwareWebApp]
    [HKCUSoftwareWinRAR SFX]
    [HKCUSoftwareWinRAR]
    [HKCUSoftwareWow6432Node]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKCUSoftwareej-technologies]
    [HKCUSoftwaremitsuba-renderer.org]
    [HKLMSoftwareAGEIA Technologies]
    [HKLMSoftwareASUS]
    [HKLMSoftwareATI Technologies]
    [HKLMSoftwareAdblock Plus for IE]
    [HKLMSoftwareAdobe]
    [HKLMSoftwareAgere]
    [HKLMSoftwareAtheros]
    [HKLMSoftwareAutodesk]
    [HKLMSoftwareCPUID]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareDTS]
    [HKLMSoftwareDirectConnect]
    [HKLMSoftwareDivX]
    [HKLMSoftwareDolby]
    [HKLMSoftwareECAREME]
    [HKLMSoftwareIM Providers]
    [HKLMSoftwareInstalledOptions]
    [HKLMSoftwareIntel]
    [HKLMSoftwareJavaSoft]
    [HKLMSoftwareKhronos]
    [HKLMSoftwareKnowles]
    [HKLMSoftwareKolor]
    [HKLMSoftwareLSI]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMacrovision]
    [HKLMSoftwareMcAfee.com]
    [HKLMSoftwareMcAfee]
    [HKLMSoftwareMcNeel]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareMozilla]
    [HKLMSoftwareNVIDIA Corporation]
    [HKLMSoftwareODBC]
    [HKLMSoftwarePolicies]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareSRS Labs]
    [HKLMSoftwareSketchUp]
    [HKLMSoftwareSonicFocus]
    [HKLMSoftwareSynaptics]
    [HKLMSoftwareWIBU-SYSTEMS]
    [HKLMSoftwareWaves Audio]
    [HKLMSoftwareWow6432NodeAGEIA Technologies]
    [HKLMSoftwareWow6432NodeASIO]
    [HKLMSoftwareWow6432NodeASUS]
    [HKLMSoftwareWow6432NodeAdobe]
    [HKLMSoftwareWow6432NodeAdwCleaner]
    [HKLMSoftwareWow6432NodeApple Computer, Inc.]
    [HKLMSoftwareWow6432NodeApple Inc.]
    [HKLMSoftwareWow6432NodeAsLdr]
    [HKLMSoftwareWow6432NodeAtheros Communications Inc.]
    [HKLMSoftwareWow6432NodeAtheros]
    [HKLMSoftwareWow6432NodeAutodesk]
    [HKLMSoftwareWow6432NodeAzureus] =>P2P.Azureus
    [HKLMSoftwareWow6432NodeCDDB]
    [HKLMSoftwareWow6432NodeClasses]
    [HKLMSoftwareWow6432NodeClients]
    [HKLMSoftwareWow6432NodeCyberLink]
    [HKLMSoftwareWow6432NodeDe Boeck & Larcier S.A.]
    [HKLMSoftwareWow6432NodeDe Boeck]
    [HKLMSoftwareWow6432NodeDisc Soft]
    [HKLMSoftwareWow6432NodeDivX]
    [HKLMSoftwareWow6432NodeDofus2]
    [HKLMSoftwareWow6432NodeECAREME]
    [HKLMSoftwareWow6432NodeGoogle]
    [HKLMSoftwareWow6432NodeHaaliMkx]
    [HKLMSoftwareWow6432NodeIM Providers]
    [HKLMSoftwareWow6432NodeInstallShield]
    [HKLMSoftwareWow6432NodeIntel]
    [HKLMSoftwareWow6432NodeJavaSoft]
    [HKLMSoftwareWow6432NodeJreMetrics]
    [HKLMSoftwareWow6432NodeKhronos]
    [HKLMSoftwareWow6432NodeLake]
    [HKLMSoftwareWow6432NodeLicenses]
    [HKLMSoftwareWow6432NodeMacromedia]
    [HKLMSoftwareWow6432NodeMagnet]
    [HKLMSoftwareWow6432NodeMalwarebytes’ Anti-Malware]
    [HKLMSoftwareWow6432NodeMcAfee]
    [HKLMSoftwareWow6432NodeMcNeel]
    [HKLMSoftwareWow6432NodeMimarSinan]
    [HKLMSoftwareWow6432NodeMozillaPlugins]
    [HKLMSoftwareWow6432NodeMozilla]
    [HKLMSoftwareWow6432NodeNVIDIA Corporation]
    [HKLMSoftwareWow6432NodeODBC]
    [HKLMSoftwareWow6432NodePolicies]
    [HKLMSoftwareWow6432NodeQualcomm Atheros]
    [HKLMSoftwareWow6432NodeRealNetworks]
    [HKLMSoftwareWow6432NodeRealtek Semiconductor Corp.]
    [HKLMSoftwareWow6432NodeRealtek]
    [HKLMSoftwareWow6432NodeRegisteredApplications]
    [HKLMSoftwareWow6432NodeSiteSee]
    [HKLMSoftwareWow6432NodeSketchUp]
    [HKLMSoftwareWow6432NodeSkype]
    [HKLMSoftwareWow6432NodeSuppHelpDir]
    [HKLMSoftwareWow6432NodeTechSmith]
    [HKLMSoftwareWow6432NodeValve]
    [HKLMSoftwareWow6432NodeVideoLAN]
    [HKLMSoftwareWow6432NodeVolatile]
    [HKLMSoftwareWow6432NodeWIBU-SYSTEMS]
    [HKLMSoftwareWow6432NodeWinRAR]
    [HKLMSoftwareWow6432NodeXing Technology Corp.]
    [HKLMSoftwareWow6432Nodeej-technologies]
    [HKLMSoftwareWow6432Nodemozilla.org]
    [HKLMSoftwareWow6432Node]
    ~ Key Software: 352 Scanned in 00mn 00s

    dariuss
    Participant
    Nombre d'articles : 49

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 27-08-14 – 10:37:28 – [] —-D C:Program Files (x86)Adobe
    O43 – CFD: 14-11-14 – 23:15:40 – [0] —-D C:Program Files (x86)AGEIA Technologies
    O43 – CFD: 19-04-13 – 21:20:54 – [] —-D C:Program Files (x86)AmIcoSingLun
    O43 – CFD: 10-08-14 – 22:15:41 – [] —-D C:Program Files (x86)Apple Software Update =>.Apple Inc
    O43 – CFD: 19-04-13 – 21:24:36 – [] —-D C:Program Files (x86)ASUS
    O43 – CFD: 19-04-13 – 21:24:30 – [] —-D C:Program Files (x86)ASUS Gaming Mouse
    O43 – CFD: 28-08-14 – 10:44:32 – [] —-D C:Program Files (x86)Autodesk
    O43 – CFD: 09-07-14 – 09:43:35 – [] —-D C:Program Files (x86)Bluetooth Suite
    O43 – CFD: 13-08-14 – 18:05:23 – [] —-D C:Program Files (x86)CodeMeter
    O43 – CFD: 06-10-14 – 23:02:07 – [] —-D C:Program Files (x86)Common Files
    O43 – CFD: 19-04-13 – 21:24:28 – [] —-D C:Program Files (x86)CyberLink
    O43 – CFD: 20-07-14 – 17:33:52 – [] —-D C:Program Files (x86)DAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 07-09-14 – 12:57:07 – [] —-D C:Program Files (x86)Divinity Original Sin
    O43 – CFD: 01-08-14 – 19:49:52 – [0] —-D C:Program Files (x86)DivX
    O43 – CFD: 08-10-14 – 16:33:51 – [] —-D C:Program Files (x86)Google
    O43 – CFD: 07-09-14 – 18:37:32 – [] –H-D C:Program Files (x86)InstallShield Installation Information
    O43 – CFD: 19-04-13 – 21:15:26 – [] —-D C:Program Files (x86)Intel
    O43 – CFD: 13-11-14 – 02:43:50 – [] —-D C:Program Files (x86)Internet Explorer
    O43 – CFD: 07-06-14 – 13:15:48 – [] —-D C:Program Files (x86)Java
    O43 – CFD: 14-11-14 – 00:10:37 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
    O43 – CFD: 28-08-14 – 11:15:36 – [] —-D C:Program Files (x86)McNeelUpdate
    O43 – CFD: 07-06-14 – 17:01:12 – [] —-D C:Program Files (x86)Microsoft Analysis Services
    O43 – CFD: 07-06-14 – 17:28:54 – [] —-D C:Program Files (x86)Microsoft Office
    O43 – CFD: 27-11-12 – 05:09:40 – [] —-D C:Program Files (x86)Microsoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 27-11-12 – 05:10:28 – [] —-D C:Program Files (x86)Microsoft SQL Server Compact Edition
    O43 – CFD: 07-06-14 – 17:01:24 – [] —-D C:Program Files (x86)Microsoft Visual Studio 8
    O43 – CFD: 09-07-14 – 07:41:20 – [] —-D C:Program Files (x86)Microsoft.NET
    O43 – CFD: 14-11-14 – 12:49:42 – [] —-D C:Program Files (x86)Mozilla Firefox
    O43 – CFD: 14-11-14 – 12:49:42 – [] —-D C:Program Files (x86)Mozilla Maintenance Service
    O43 – CFD: 09-07-14 – 07:41:58 – [] —-D C:Program Files (x86)MSBuild
    O43 – CFD: 14-11-14 – 23:15:13 – [] —-D C:Program Files (x86)NVIDIA Corporation
    O43 – CFD: 30-10-14 – 16:53:22 – [] —-D C:Program Files (x86)PCSX2 1.2.1
    O43 – CFD: 19-04-13 – 21:17:47 – [] —-D C:Program Files (x86)Qualcomm Atheros
    O43 – CFD: 10-08-14 – 22:16:28 – [] —-D C:Program Files (x86)QuickTime
    O43 – CFD: 01-10-14 – 22:10:10 – [] —-D C:Program Files (x86)Real
    O43 – CFD: 01-10-14 – 22:10:03 – [] —-D C:Program Files (x86)RealNetworks
    O43 – CFD: 19-04-13 – 21:15:33 – [] —-D C:Program Files (x86)Realtek
    O43 – CFD: 09-07-14 – 08:27:07 – [] —-D C:Program Files (x86)Reference Assemblies
    O43 – CFD: 08-09-14 – 00:02:58 – [0] —-D C:Program Files (x86)SiteLookup
    O43 – CFD: 03-08-14 – 17:06:31 – [] —-D C:Program Files (x86)SketchUp
    O43 – CFD: 06-10-14 – 23:02:07 – [] R—D C:Program Files (x86)Skype
    O43 – CFD: 21-09-14 – 20:00:02 – [] —-D C:Program Files (x86)TechSmith
    O43 – CFD: 19-04-13 – 21:16:53 – [0] –H-D C:Program Files (x86)Temp
    O43 – CFD: 07-06-14 – 18:05:20 – [] —-D C:Program Files (x86)VideoLAN
    O43 – CFD: 07-09-14 – 18:25:36 – [] —-D C:Program Files (x86)Vuze =>P2P.Azureus
    O43 – CFD: 07-06-14 – 13:03:31 – [] —-D C:Program Files (x86)WIBU-SYSTEMS
    O43 – CFD: 13-11-14 – 02:43:52 – [] —-D C:Program Files (x86)Windows Defender
    O43 – CFD: 27-11-12 – 05:10:27 – [] —-D C:Program Files (x86)Windows Live
    O43 – CFD: 09-07-14 – 07:41:21 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
    O43 – CFD: 09-07-14 – 07:41:21 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
    O43 – CFD: 18-03-14 – 11:28:58 – [] —-D C:Program Files (x86)Windows Multimedia Platform
    O43 – CFD: 22-08-13 – 16:36:30 – [] —-D C:Program Files (x86)Windows NT
    O43 – CFD: 09-07-14 – 07:41:21 – [] —-D C:Program Files (x86)Windows Photo Viewer
    O43 – CFD: 18-03-14 – 11:28:58 – [] —-D C:Program Files (x86)Windows Portable Devices
    O43 – CFD: 09-07-14 – 07:41:21 – [] -SH-D C:Program Files (x86)Windows Sidebar
    O43 – CFD: 22-08-13 – 16:36:30 – [] —-D C:Program Files (x86)WindowsPowerShell
    O43 – CFD: 13-06-14 – 13:44:17 – [] —-D C:Program Files (x86)WinRAR
    O43 – CFD: 15-11-14 – 11:05:50 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
    O43 – CFD: 26-09-14 – 15:36:12 – [] —-D C:Program Files (x86)Common FilesAdobe
    O43 – CFD: 07-06-14 – 13:40:22 – [] —-D C:Program Files (x86)Common FilesAdobe AIR
    O43 – CFD: 10-08-14 – 22:15:45 – [] —-D C:Program Files (x86)Common FilesApple
    O43 – CFD: 19-04-13 – 21:18:10 – [] —-D C:Program Files (x86)Common FilesAtheros
    O43 – CFD: 28-08-14 – 10:46:15 – [] —-D C:Program Files (x86)Common FilesAutodesk Shared
    O43 – CFD: 01-08-14 – 19:49:52 – [] —-D C:Program Files (x86)Common FilesDivX Shared
    O43 – CFD: 17-08-14 – 17:24:46 – [] —-D C:Program Files (x86)Common FilesInstallShield
    O43 – CFD: 07-06-14 – 13:15:49 – [] —-D C:Program Files (x86)Common FilesJava
    O43 – CFD: 07-06-14 – 13:32:51 – [] —-D C:Program Files (x86)Common FilesMcNeel Shared
    O43 – CFD: 09-07-14 – 07:41:20 – [] —-D C:Program Files (x86)Common FilesMicrosoft Shared
    O43 – CFD: 19-04-13 – 21:15:14 – [] —-D C:Program Files (x86)Common FilespostureAgent
    O43 – CFD: 19-04-13 – 21:18:53 – [] —-D C:Program Files (x86)Common FilesQCA_Bluetooth
    O43 – CFD: 22-08-13 – 16:36:33 – [] —-D C:Program Files (x86)Common FilesServices
    O43 – CFD: 06-10-14 – 23:02:07 – [] —-D C:Program Files (x86)Common FilesSkype
    O43 – CFD: 09-07-14 – 07:41:20 – [] —-D C:Program Files (x86)Common FilesSystem
    O43 – CFD: 21-09-14 – 20:00:09 – [] —-D C:Program Files (x86)Common FilesTechSmith Shared
    O43 – CFD: 27-11-12 – 05:09:32 – [] —-D C:Program Files (x86)Common FilesWindows Live
    O43 – CFD: 01-10-14 – 22:09:54 – [] —-D C:Program Files (x86)Common Filesxing shared
    O43 – CFD: 07-06-14 – 13:15:23 – [] —-D C:ProgramDataAbvent
    O43 – CFD: 27-09-14 – 13:51:43 – [] —-D C:ProgramDataAdobe
    O43 – CFD: 19-04-13 – 21:20:53 – [] —-D C:ProgramDataAmUStor
    O43 – CFD: 10-08-14 – 22:15:41 – [] —-D C:ProgramDataApple
    O43 – CFD: 10-08-14 – 22:16:20 – [] —-D C:ProgramDataApple Computer
    O43 – CFD: 22-08-13 – 15:45:52 – [] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 27-09-14 – 15:14:55 – [] —-D C:ProgramDataASUS
    O43 – CFD: 27-11-12 – 05:09:15 – [] —-D C:ProgramDataASUS WebStorage
    O43 – CFD: 27-11-12 – 05:08:26 – [] —-D C:ProgramDataASUSLogos
    O43 – CFD: 07-06-14 – 12:58:27 – [] —-D C:ProgramDataAtheros
    O43 – CFD: 28-08-14 – 10:50:18 – [] —-D C:ProgramDataAutodesk
    O43 – CFD: 07-06-14 – 12:49:44 – [] -SH-D C:ProgramDataBureau
    O43 – CFD: 07-06-14 – 13:00:14 – [] —-D C:ProgramDataChangeFolderView
    O43 – CFD: 13-08-14 – 18:05:11 – [] —-D C:ProgramDataCodeMeter
    O43 – CFD: 17-08-14 – 17:25:15 – [] —-D C:ProgramDataCreativePark
    O43 – CFD: 19-04-13 – 21:29:15 – [] —-D C:ProgramDataCyberLink
    O43 – CFD: 20-07-14 – 18:28:02 – [] —-D C:ProgramDataDAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 22-08-13 – 15:45:52 – [] -SH-D C:ProgramDataDesktop
    O43 – CFD: 01-08-14 – 19:49:52 – [] —-D C:ProgramDataDivX
    O43 – CFD: 22-08-13 – 15:45:52 – [] -SH-D C:ProgramDataDocuments
    O43 – CFD: 07-06-14 – 17:23:11 – [] —-D C:ProgramDataFARO
    O43 – CFD: 07-06-14 – 17:23:48 – [] —-D C:ProgramDataFLEXnet
    O43 – CFD: 07-06-14 – 12:57:14 – [] —-D C:ProgramDataFolderView
    O43 – CFD: 27-08-14 – 12:29:33 – [] —-D C:ProgramDataGoogle
    O43 – CFD: 19-04-13 – 21:15:27 – [] —-D C:ProgramDataIntel
    O43 – CFD: 03-08-14 – 15:54:26 – [] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 13-08-14 – 17:43:08 – [] —-D C:ProgramDataMcAfee
    O43 – CFD: 28-08-14 – 11:01:45 – [] —-D C:ProgramDataMcNeel
    O43 – CFD: 07-06-14 – 12:49:44 – [] -SH-D C:ProgramDataMenu Démarrer
    O43 – CFD: 01-08-14 – 19:47:39 – [] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 07-06-14 – 17:04:00 – [] —-D C:ProgramDataMicrosoft Help
    O43 – CFD: 01-09-14 – 12:51:30 – [] —-D C:ProgramDataMicrosoft OneDrive
    O43 – CFD: 27-11-12 – 05:09:40 – [] —-D C:ProgramDataMicrosoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 07-06-14 – 12:49:44 – [] -SH-D C:ProgramDataModèles
    O43 – CFD: 07-06-14 – 13:10:53 – [] —-D C:ProgramDataMozilla
    O43 – CFD: 14-11-14 – 23:15:21 – [] —-D C:ProgramDataNVIDIA
    O43 – CFD: 27-08-14 – 10:19:49 – [] —-D C:ProgramDataNVIDIA Corporation
    O43 – CFD: 07-06-14 – 13:15:52 – [0] —-D C:ProgramDataOracle
    O43 – CFD: 19-04-13 – 21:22:23 – [] —-D C:ProgramDataP4G
    O43 – CFD: 07-06-14 – 13:46:38 – [] —-D C:ProgramDataPACE Anti-Piracy
    O43 – CFD: 30-10-14 – 16:51:50 – [] —-D C:ProgramDataPackage Cache
    O43 – CFD: 09-07-14 – 07:41:22 – [] —-D C:ProgramDataPRICache
    O43 – CFD: 19-04-13 – 21:17:39 – [] —-D C:ProgramDataQualcomm Atheros
    O43 – CFD: 01-10-14 – 22:10:54 – [] —-D C:ProgramDataReal
    O43 – CFD: 01-10-14 – 22:10:02 – [] —-D C:ProgramDataRealNetworks
    O43 – CFD: 26-09-14 – 15:37:48 – [] —-D C:ProgramDataregid.1986-12.com.adobe
    O43 – CFD: 18-03-14 – 10:41:33 – [] —-D C:ProgramDataregid.1991-06.com.microsoft
    O43 – CFD: 21-09-14 – 20:00:16 – [] —-D C:ProgramDataregid.1995-08.com.techsmith
    O43 – CFD: 11-11-14 – 14:15:43 – [0] —-D C:ProgramDataReprise
    O43 – CFD: 14-11-14 – 12:34:08 – [] —-D C:ProgramDataRogueKiller
    O43 – CFD: 11-11-14 – 14:11:36 – [] —-D C:ProgramDataSketchUp
    O43 – CFD: 06-10-14 – 23:02:10 – [] —-D C:ProgramDataSkype
    O43 – CFD: 22-08-13 – 15:45:52 – [] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 20-07-14 – 18:39:37 – [] —-D C:ProgramDataSteam
    O43 – CFD: 07-06-14 – 13:01:04 – [] —-D C:ProgramDataSun
    O43 – CFD: 21-09-14 – 20:00:08 – [] —-D C:ProgramDataTechSmith
    O43 – CFD: 19-04-13 – 21:23:44 – [] —-D C:ProgramDataTemp
    O43 – CFD: 22-08-13 – 15:45:52 – [] -SH-D C:ProgramDataTemplates
    O43 – CFD: 19-04-13 – 21:28:40 – [] —-D C:ProgramDataUSBChargerPlus
    O43 – CFD: 09-09-14 – 17:40:36 – [] —-D C:UsersDariusAppDataRoamingAbvent_Artlantis5
    O43 – CFD: 26-09-14 – 15:46:08 – [] —-D C:UsersDariusAppDataRoamingAdobe
    O43 – CFD: 11-08-14 – 09:59:24 – [] —-D C:UsersDariusAppDataRoamingApple Computer
    O43 – CFD: 07-06-14 – 12:58:26 – [] —-D C:UsersDariusAppDataRoamingASUS
    O43 – CFD: 07-06-14 – 12:58:24 – [] —-D C:UsersDariusAppDataRoamingASUS WebStorage
    O43 – CFD: 07-06-14 – 12:58:21 – [] —-D C:UsersDariusAppDataRoamingAtheros
    O43 – CFD: 28-08-14 – 11:10:00 – [] —-D C:UsersDariusAppDataRoamingAutodesk
    O43 – CFD: 13-11-14 – 13:48:49 – [] —-D C:UsersDariusAppDataRoamingAzureus =>P2P.Azureus
    O43 – CFD: 20-07-14 – 18:28:02 – [] —-D C:UsersDariusAppDataRoamingDAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 01-08-14 – 19:31:26 – [] —-D C:UsersDariusAppDataRoamingDivX
    O43 – CFD: 13-08-14 – 18:31:37 – [] —-D C:UsersDariusAppDataRoamingGraphisoft
    O43 – CFD: 09-07-14 – 08:38:08 – [] —-D C:UsersDariusAppDataRoamingIdentities
    O43 – CFD: 13-08-14 – 17:46:59 – [] —-D C:UsersDariusAppDataRoamingInstall.GS
    O43 – CFD: 07-06-14 – 12:56:35 – [] —-D C:UsersDariusAppDataRoamingMacromedia
    O43 – CFD: 13-08-14 – 18:31:53 – [] —-D C:UsersDariusAppDataRoamingMAXON
    O43 – CFD: 28-08-14 – 11:01:43 – [] —-D C:UsersDariusAppDataRoamingMcNeel
    O43 – CFD: 26-09-14 – 15:48:53 – [] -S–D C:UsersDariusAppDataRoamingMicrosoft
    O43 – CFD: 07-06-14 – 13:11:07 – [] —-D C:UsersDariusAppDataRoamingMozilla
    O43 – CFD: 07-06-14 – 17:00:25 – [] —-D C:UsersDariusAppDataRoamingNVIDIA
    O43 – CFD: 07-06-14 – 13:46:38 – [] —-D C:UsersDariusAppDataRoamingPACE Anti-Piracy
    O43 – CFD: 01-10-14 – 22:19:14 – [] —-D C:UsersDariusAppDataRoamingReal
    O43 – CFD: 01-10-14 – 22:10:30 – [] —-D C:UsersDariusAppDataRoamingRealNetworks
    O43 – CFD: 11-11-14 – 14:15:43 – [] —-D C:UsersDariusAppDataRoamingSketchUp
    O43 – CFD: 06-10-14 – 23:59:07 – [] —-D C:UsersDariusAppDataRoamingSkype
    O43 – CFD: 07-06-14 – 13:48:00 – [] —-D C:UsersDariusAppDataRoamingStageManager.BD092818F67280F4B42B04877600987F0111B594.1
    O43 – CFD: 13-11-14 – 23:16:58 – [] —-D C:UsersDariusAppDataRoamingvlc
    O43 – CFD: 08-09-14 – 00:02:55 – [0] —-D C:UsersDariusAppDataRoamingWebExtend
    O43 – CFD: 07-06-14 – 17:25:35 – [] —-D C:UsersDariusAppDataRoamingWinRAR
    O43 – CFD: 15-11-14 – 11:06:29 – [] —-D C:UsersDariusAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 28-08-14 – 11:18:37 – [] —-D C:UsersDariusAppDataLocal3dmouse
    O43 – CFD: 07-06-14 – 13:46:38 – [] –H-D C:UsersDariusAppDataLocal8Fygl5nUj
    O43 – CFD: 07-06-14 – 13:46:38 – [] –H-D C:UsersDariusAppDataLocal9qPHWuQpYP5
    O43 – CFD: 14-11-14 – 12:14:06 – [] —-D C:UsersDariusAppDataLocalAdobe
    O43 – CFD: 31-10-14 – 19:35:47 – [] —-D C:UsersDariusAppDataLocalAnkama
    O43 – CFD: 10-08-14 – 22:15:42 – [] —-D C:UsersDariusAppDataLocalApple
    O43 – CFD: 10-08-14 – 22:48:45 – [] —-D C:UsersDariusAppDataLocalApple Computer
    O43 – CFD: 09-07-14 – 07:39:32 – [] -SH-D C:UsersDariusAppDataLocalApplication Data
    O43 – CFD: 08-10-14 – 16:33:16 – [] —-D C:UsersDariusAppDataLocalApps
    O43 – CFD: 21-09-14 – 20:00:27 – [] —-D C:UsersDariusAppDataLocalassembly
    O43 – CFD: 27-09-14 – 15:14:55 – [] —-D C:UsersDariusAppDataLocalASUS
    O43 – CFD: 28-08-14 – 10:49:28 – [] —-D C:UsersDariusAppDataLocalAutodesk
    O43 – CFD: 07-06-14 – 12:58:27 – [] —-D C:UsersDariusAppDataLocalBMExplorer
    O43 – CFD: 14-11-14 – 23:30:00 – [] —-D C:UsersDariusAppDataLocalCrashDumps
    O43 – CFD: 08-10-14 – 16:33:26 – [0] —-D C:UsersDariusAppDataLocalDeployment
    O43 – CFD: 15-11-14 – 10:25:48 – [] —-D C:UsersDariusAppDataLocalDiagnostics
    O43 – CFD: 14-11-14 – 00:52:32 – [] —-D C:UsersDariusAppDataLocalElevatedDiagnostics
    O43 – CFD: 13-11-14 – 21:55:05 – [] -SH-D C:UsersDariusAppDataLocalEmieBrowserModeList
    O43 – CFD: 31-07-14 – 02:29:05 – [] -SH-D C:UsersDariusAppDataLocalEmieSiteList
    O43 – CFD: 31-07-14 – 02:29:05 – [] -SH-D C:UsersDariusAppDataLocalEmieUserList
    O43 – CFD: 10-08-14 – 11:13:39 – [] —-D C:UsersDariusAppDataLocalfontconfig
    O43 – CFD: 10-08-14 – 11:13:38 – [] —-D C:UsersDariusAppDataLocalgegl-0.2
    O43 – CFD: 08-10-14 – 16:33:56 – [] —-D C:UsersDariusAppDataLocalGoogle
    O43 – CFD: 07-06-14 – 13:06:28 – [] —-D C:UsersDariusAppDataLocalGraphisoft
    O43 – CFD: 06-08-14 – 21:55:11 – [] —-D C:UsersDariusAppDataLocalGS-LW-Temp
    O43 – CFD: 11-08-14 – 10:56:54 – [] —-D C:UsersDariusAppDataLocalgtk-2.0
    O43 – CFD: 09-07-14 – 07:39:32 – [] -SH-D C:UsersDariusAppDataLocalHistorique
    O43 – CFD: 07-06-14 – 13:46:38 – [0] –HAD C:UsersDariusAppDataLocalJj1NKRX4lRa5lYp
    O43 – CFD: 17-10-14 – 07:49:20 – [] —-D C:UsersDariusAppDataLocalKolor
    O43 – CFD: 07-06-14 – 13:52:09 – [] —-D C:UsersDariusAppDataLocalMacromedia
    O43 – CFD: 28-08-14 – 11:01:44 – [] —-D C:UsersDariusAppDataLocalMcNeel
    O43 – CFD: 09-10-14 – 18:32:16 – [] —-D C:UsersDariusAppDataLocalMicrosoft
    O43 – CFD: 07-06-14 – 17:01:06 – [0] —-D C:UsersDariusAppDataLocalMicrosoft Help
    O43 – CFD: 07-06-14 – 13:11:08 – [] —-D C:UsersDariusAppDataLocalMozilla
    O43 – CFD: 27-08-14 – 10:20:02 – [] —-D C:UsersDariusAppDataLocalNVIDIA
    O43 – CFD: 27-08-14 – 10:19:47 – [] —-D C:UsersDariusAppDataLocalNVIDIA Corporation
    O43 – CFD: 07-06-14 – 13:46:37 – [0] —-D C:UsersDariusAppDataLocalPACE Anti-Piracy
    O43 – CFD: 24-10-14 – 18:10:14 – [] —-D C:UsersDariusAppDataLocalPackages
    O43 – CFD: 20-07-14 – 18:28:18 – [] —-D C:UsersDariusAppDataLocalPrograms
    O43 – CFD: 07-06-14 – 13:46:38 – [] –H-D C:UsersDariusAppDataLocalrKz9zh0LdoxvU
    O43 – CFD: 14-06-14 – 20:11:47 – [] —-D C:UsersDariusAppDataLocalSKIDROW
    O43 – CFD: 07-06-14 – 18:17:04 – [] —-D C:UsersDariusAppDataLocalSkype
    O43 – CFD: 08-09-14 – 00:02:48 – [0] —-D C:UsersDariusAppDataLocalSparta
    O43 – CFD: 07-06-14 – 13:33:51 – [] —-D C:UsersDariusAppDataLocalSpoon
    O43 – CFD: 21-09-14 – 20:00:02 – [] —-D C:UsersDariusAppDataLocalTechSmith
    O43 – CFD: 15-11-14 – 11:05:53 – [] —-D C:UsersDariusAppDataLocalTemp
    O43 – CFD: 09-07-14 – 07:39:32 – [] -SH-D C:UsersDariusAppDataLocalTemporary Internet Files
    O43 – CFD: 27-09-14 – 15:14:58 – [] —-D C:UsersDariusAppDataLocalVirtualStore
    O43 – CFD: 09-07-14 – 07:39:53 – [] R—D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessibility
    O43 – CFD: 22-08-13 – 16:36:32 – [] R—D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 13-11-14 – 09:12:51 – [] R—D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 31-10-14 – 19:35:24 – [] —-D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsDofus2
    O43 – CFD: 17-10-14 – 07:49:11 – [] —-D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsKolor Autopano Giga 3.6
    O43 – CFD: 22-08-13 – 16:36:32 – [] —-D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 13-11-14 – 09:12:51 – [] R—D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 09-07-14 – 07:39:53 – [] R—D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsSystem Tools
    O43 – CFD: 09-07-14 – 07:41:58 – [] —-D C:UsersDariusAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
    ~ Program Folder: 221 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.F09AA1444F0540D1AC3E21C0A464B004] – 03-11-14 – 12:58:36 —A- . (…) — C:WindowsSystem32nvcoproc.bin [4099264]
    O44 – LFC:[MD5.D9EC7765FC780DC2C2DE63E0AE12F22C] – 03-11-14 – 23:02:38 —A- . (.NVIDIA Corporation – NVIDIA Display Shell Extension.) — C:WindowsSystem32nvshext.dll [61640]
    O44 – LFC:[MD5.D776BB38428875155A5AA834468C7AE4] – 03-11-14 – 23:02:38 —A- . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 344.6.) — C:WindowsSystem32nvsvcr.dll [2558792]
    O44 – LFC:[MD5.103C5A4A296D7958B2E150A15884B240] – 03-11-14 – 23:02:38 —A- . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 344.6.) — C:WindowsSystem32nvvsvc.exe [935232]
    O44 – LFC:[MD5.B631D8FCCC3B1D533FD541569218D694] – 03-11-14 – 23:02:38 —A- . (.NVIDIA Corporation – NVIDIA Media Center Library.) — C:WindowsSystem32nvmctray.dll [385352]
    O44 – LFC:[MD5.75E9E89D1A0ABB5FEA276F0276855E0B] – 03-11-14 – 23:02:41 —A- . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 344.6.) — C:WindowsSystem32nvsvc64.dll [3531464]
    O44 – LFC:[MD5.1404602E187DE50586F0BED23E6B86BB] – 03-11-14 – 23:02:42 —A- . (.NVIDIA Corporation – NVIDIA Display Properties Extension.) — C:WindowsSystem32nvcpl.dll [6882448]
    O44 – LFC:[MD5.358BAE6B663B2B9FA41E274FE75E7700] – 04-11-14 – 01:04:30 —A- . (…) — C:WindowsSystem32nvinfo.pb [27094]
    O44 – LFC:[MD5.6D1813B1732BD79C31D2F78688677E26] – 04-11-14 – 01:04:30 —A- . (.Khronos Group – OpenCL Client DLL.) — C:WindowsSystem32OpenCL.dll [73872]
    O44 – LFC:[MD5.9357CBADD32B54643101DE1FCF1197D9] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – Display Driver Coinstaller.) — C:WindowsSystem32nvdispco6434465.dll [1876296]
    O44 – LFC:[MD5.2B9A14336E20ABE3FE66A33211362C4E] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – Generic Coinstaller.) — C:WindowsSystem32nvdispgenco6434465.dll [1539272]
    O44 – LFC:[MD5.2B9A14336E20ABE3FE66A33211362C4E] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – Generic Coinstaller.) — C:WindowsSystem32nvir3dgenco64.dll [1539272]
    O44 – LFC:[MD5.CB0E76BA56AE13F1F43EFF72EE91927E] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA CUDA 6.5.29 OpenCL 1.1 Driver, Versi.) — C:WindowsSystem32nvopencl.dll [14031448]
    O44 – LFC:[MD5.1FBB76373F6B348CFF1645734BF621C4] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA CUDA Driver, Version 344.65.) — C:WindowsSystem32nvcuda.dll [13943904]
    O44 – LFC:[MD5.5DF63AEC0BB1D7B8C8C9DAD84E3451B4] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA CUDA Video Decode API, Version 344.6.) — C:WindowsSystem32nvcuvid.dll [4289168]
    O44 – LFC:[MD5.1EB3FCD58155491A7E61F1F3A28F81F4] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA Compatible OpenGL ICD.) — C:WindowsSystem32nvoglv64.dll [31891784]
    O44 – LFC:[MD5.7920C1C24CF454946B4B94FD8081771A] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA Compiler, Version 344.65.) — C:WindowsSystem32nvcompiler.dll [20923712]
    O44 – LFC:[MD5.1EAEA4AF684EFCE909B6837EEC1DA933] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA D3D10 Driver, Version 344.65.) — C:WindowsSystem32nvwgf2umx.dll [20985544]
    O44 – LFC:[MD5.84EF6D4B764D858FF9BE1FDF68602217] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA Front Buffer Capture Library, Versio.) — C:WindowsSystem32NvFBC64.dll [934216]
    O44 – LFC:[MD5.8BB7E063E5C1E28C56C44B7DD29CD887] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA In-band Frame Rendering Library, Ver.) — C:WindowsSystem32NvIFR64.dll [962704]
    O44 – LFC:[MD5.0CC321123A72CE2881196480CC1A05E0] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA NVAPI Library, Version 344.65.) — C:WindowsSystem32nvapi64.dll [3238040]
    O44 – LFC:[MD5.8217637AFBBB95012DC3572777240639] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA OpenGL In-band Frame Readback Librar.) — C:WindowsSystem32NvIFROpenGL.dll [391824]
    O44 – LFC:[MD5.35BA591D83EC10BB315BEA17C9BF98E6] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA Video Encoder API, Version 3.0.) — C:WindowsSystem32nvEncodeAPI64.dll [501064]
    O44 – LFC:[MD5.ABF471846F5C08D5660F7C5CDA12220D] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA WDDM D3D Driver, Version 344.65.) — C:WindowsSystem32nvd3dumx.dll [19966344]
    O44 – LFC:[MD5.FDB03499693DEFD0B6754264C187F967] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version.) — C:WindowsSystem32Driversnvlddmkm.sys [13207184]
    O44 – LFC:[MD5.A05C8ACC69CC428E0F8DCEF2D9FEDD6F] – 04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – Stereoscopic 3D USB controller driver.) — C:WindowsSystem32Driversnvstusb.sys [451216]
    O44 – LFC:[MD5.D18149850795E7203610CEE9491515F1] – 04-11-14 – 01:10:18 —A- . (.Microsoft Corporation – General Telemetry.) — C:WindowsSystem32generaltel.dll [304128]
    O44 – LFC:[MD5.91BB0DDA472733457072DA61178FA48E] – 05-11-14 – 00:38:37 —A- . (.Microsoft Corporation – Mise à jour des données de compatibilité de.) — C:WindowsSystem32aepdu.dll [228864]
    O44 – LFC:[MD5.AEDC710D3A7C675E1C27E08F06D73F16] – 06-11-14 – 22:02:48 —A- . (.NVIDIA Corporation – Generic Coinstaller.) — C:WindowsSystem32nvhdagenco6420103.dll [1538880]
    O44 – LFC:[MD5.C87B11EB78428853F9E8495C47E53C10] – 06-11-14 – 22:02:48 —A- . (.NVIDIA Corporation – NVIDIA HDMI Audio Driver.) — C:WindowsSystem32Driversnvhda64v.sys [197408]
    O44 – LFC:[MD5.14D26D0296CF1F2A4BF9C633401A701A] – 06-11-14 – 22:02:48 —A- . (.NVIDIA Corporation – NVIDIA HDMI Audio Driver.) — C:WindowsSystem32nvhdap64.dll [31520]
    O44 – LFC:[MD5.F00E643D9244F31ECF5DE8A98C2C5FC6] – 12-11-14 – 12:49:03 —A- . (.Microsoft Corporation – Application Experience Program Cache.) — C:WindowsSystem32aepic.dll [98816]
    O44 – LFC:[MD5.22ED46DE0E684749DA1BD703526FAA26] – 12-11-14 – 12:49:04 —A- . (.Microsoft Corporation – Application Experience Program Inventory Co.) — C:WindowsSystem32aeinv.dll [537088]
    O44 – LFC:[MD5.9E20A052D83A81AEC35B2EA29F32637A] – 12-11-14 – 12:49:04 —A- . (.Microsoft Corporation – Device Inventory Library.) — C:WindowsSystem32devinv.dll [391168]
    O44 – LFC:[MD5.A92EF73B02686B7E6F070B486512DB88] – 12-11-14 – 12:49:11 —A- . (…) — C:WindowsSystem32ApnDatabase.xml [389176]
    O44 – LFC:[MD5.9C55CE9707B3CA29A6505BCDCC546390] – 12-11-14 – 12:49:11 —A- . (.Microsoft Corporation – Microsoft Fax API Support DLL.) — C:WindowsSystem32FXSAPI.dll [275968]
    O44 – LFC:[MD5.7F23E38C5B6448F91439E4066645191E] – 12-11-14 – 12:49:12 —A- . (.Microsoft Corporation – FWP/IPsec Kernel-Mode API.) — C:WindowsSystem32DriversFWPKCLNT.SYS [428864]
    O44 – LFC:[MD5.6C118AEDD15FDBEAECC0E85C64B5B86B] – 12-11-14 – 12:49:12 —A- . (.Microsoft Corporation – Microsoft Fax Server Extended COM Client In.) — C:WindowsSystem32FXSCOMEX.dll [615424]
    O44 – LFC:[MD5.8758F5DEBD2B950B2D56ED11F9E0B38F] – 12-11-14 – 12:49:12 —A- . (.Microsoft Corporation – NTFS Utility DLL.) — C:WindowsSystem32untfs.dll [545792]
    O44 – LFC:[MD5.66732C13628BDB1AB0D6FD46027327C2] – 12-11-14 – 12:49:12 —A- . (.Microsoft Corporation – Pilote de classe de stockage de masse USB.) — C:WindowsSystem32DriversUSBSTOR.SYS [148800]
    O44 – LFC:[MD5.5416C603B6C85CF0698E8A2A1D28BAA2] – 12-11-14 – 12:49:13 —A- . (.Microsoft Corporation – DLL d’objets PrintUI.) — C:WindowsSystem32puiobj.dll [448512]
    O44 – LFC:[MD5.50E96089F9BE352621997143A56C8E76] – 12-11-14 – 12:49:13 —A- . (.Microsoft Corporation – Fournisseur d’impression de rendu côté clie.) — C:WindowsSystem32win32spl.dll [822272]
    O44 – LFC:[MD5.E3FCE2A6B3533D99A3B498504DF9CC47] – 12-11-14 – 12:49:13 —A- . (.Microsoft Corporation – Network I/O Subsystem.) — C:WindowsSystem32Driversnetio.sys [474432]
    O44 – LFC:[MD5.9CE162EB9057CF079736F4DD00FC0D6C] – 12-11-14 – 12:49:13 —A- . (.Microsoft Corporation – Service WSMan.) — C:WindowsSystem32WsmSvc.dll [2480128]
    O44 – LFC:[MD5.C88B63FE96DB4BCED65DD442BC8E77F5] – 12-11-14 – 12:49:15 —A- . (.Microsoft Corporation – DLL de spouleur local.) — C:WindowsSystem32localspl.dll [1053184]
    O44 – LFC:[MD5.CA729FCE295895515A09BD6FF7903DC8] – 12-11-14 – 12:49:15 —A- . (.Microsoft Corporation – DLL source et récepteur MPEG4 Media Foundat.) — C:WindowsSystem32mfmp4srcsnk.dll [836176]
    O44 – LFC:[MD5.A208498C5CD750A1743C1AC8162A810F] – 12-11-14 – 12:49:15 —A- . (.Microsoft Corporation – Media Foundation Media Engine DLL.) — C:WindowsSystem32MFMediaEngine.dll [941568]
    O44 – LFC:[MD5.CCB3A2BB60FE5073F2DEA63FE83CF8FE] – 12-11-14 – 12:49:15 —A- . (.Microsoft Corporation – Pilote TCP/IP.) — C:WindowsSystem32Driverstcpip.sys [2497344]
    O44 – LFC:[MD5.1907823D5ACFD75D1D8C0D4318299726] – 12-11-14 – 12:49:16 —A- . (.Microsoft Corporation – System Settings Handlers Implementation.) — C:WindowsSystem32SettingsHandlers.dll [2714112]
    O44 – LFC:[MD5.C4306ADC38939CAC60EA38AAD9F170C0] – 12-11-14 – 12:49:16 —A- . (.Microsoft Corporation – TWINUI.) — C:WindowsSystem32twinui.dll [13424128]
    O44 – LFC:[MD5.BCE66E78D388875B87286CA091E7075F] – 12-11-14 – 12:49:18 —A- . (.Microsoft Corporation – NT Kernel & System.) — C:WindowsSystem32ntoskrnl.exe [7484224]
    O44 – LFC:[MD5.1D303CE5BCBD5B80BBA08321F28A3F86] – 12-11-14 – 12:49:20 —A- . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll [21197152]
    O44 – LFC:[MD5.84549E8C8BF76B293A7E625A98D4BCF9] – 12-11-14 – 12:49:22 —A- . (.Microsoft Corporation – Gestionnaire de liaisons d’objets2.) — C:WindowsSystem32packager.dll [81408]
    O44 – LFC:[MD5.B31C4917EC5EADE24A90DDAF37EA00E0] – 12-11-14 – 12:49:22 —A- . (.Microsoft Corporation – Pilote Win32 multi-utilisateurs.) — C:WindowsSystem32win32k.sys [4182016]
    O44 – LFC:[MD5.9F87516BF76C40B41D831F7D729A6044] – 12-11-14 – 12:49:23 —A- . (.Microsoft Corporation – Audio Engine.) — C:WindowsSystem32AudioEng.dll [482872]
    O44 – LFC:[MD5.8085F95BB18A171E7221D2831BC08BC2] – 12-11-14 – 12:49:23 —A- . (.Microsoft Corporation – Audio Ks Endpoint.) — C:WindowsSystem32AUDIOKSE.dll [394120]
    O44 – LFC:[MD5.7F70B1044272982AAEA7C16E83424770] – 12-11-14 – 12:49:23 —A- . (.Microsoft Corporation – Générateur de points de terminaison du serv.) — C:WindowsSystem32AudioEndpointBuilder.dll [226304]
    O44 – LFC:[MD5.DFDFDE2EA4B5CD0606BA6E56ECEE502D] – 12-11-14 – 12:49:23 —A- . (.Microsoft Corporation – Isolation graphique de périphérique audio W.) — C:WindowsSystem32audiodg.exe [272248]
    O44 – LFC:[MD5.BB93DAAAE9006598935192B9CB65E475] – 12-11-14 – 12:49:23 —A- . (.Microsoft Corporation – Media Foundation Crash Dump Encryption DLL.) — C:WindowsSystem32EncDump.dll [108432]
    O44 – LFC:[MD5.C0484CA5C7F87E38909746B63C7FC868] – 12-11-14 – 12:49:23 —A- . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32audiosrv.dll [911360]
    O44 – LFC:[MD5.9C88C9397B44B76E5C9A44B8E2CE53A1] – 12-11-14 – 12:49:23 —A- . (.Microsoft Corporation – Session audio.) — C:WindowsSystem32AudioSes.dll [500016]
    O44 – LFC:[MD5.93645AEBE163230A2ED5050C14AE6603] – 12-11-14 – 12:49:26 —A- . (.Microsoft Corporation – MSXML 3.0.) — C:WindowsSystem32msxml3.dll [2149376]
    O44 – LFC:[MD5.CDC8A85EB301A8CBE55A81A1D55AF5E5] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – ADVPACK.) — C:WindowsSystem32IEAdvpack.dll [132096]
    O44 – LFC:[MD5.4B9C652BD0FD95A9E6123913C35519D6] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – Auto-extracteur de fichier CAB Win32.) — C:WindowsSystem32wextract.exe [143872]
    O44 – LFC:[MD5.D66D11191B48007179B0A77DC0717267] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – DLL du Gestionnaire de licences Microsoft®.) — C:WindowsSystem32licmgr10.dll [33280]
    O44 – LFC:[MD5.A3871DED5ED88F59C0D1396761708F81] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – Hôte des applications HTML de Microsoft(R).) — C:WindowsSystem32mshta.exe [13824]
    O44 – LFC:[MD5.6096209CB47D61499C3608B9C25B073C] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – IE PNG plugin image decoder.) — C:WindowsSystem32pngfilt.dll [64512]
    O44 – LFC:[MD5.161BC2E883A8D8759A4DCF2A85AF9128] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – IE plugin image decoder support DLL.) — C:WindowsSystem32imgutil.dll [51200]
    O44 – LFC:[MD5.E99E2E88BFE584184AE92B1F8995CE93] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – IOD Version Map.) — C:WindowsSystem32iesetup.dll [66560]
    O44 – LFC:[MD5.F54E1190251EB245183BF16D6C315613] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – Internet Shortcut Shell Extension DLL.) — C:WindowsSystem32url.dll [237568]
    O44 – LFC:[MD5.66585D645C4E23A0FD5124BD714AE020] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – Microsoft Feeds Synchronization.) — C:WindowsSystem32msfeedssync.exe [12800]
    O44 – LFC:[MD5.6A7F8D139610E5F3F158182778EF9275] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – Traitement de RunOnce complet avec interfac.) — C:WindowsSystem32iernonce.dll [34304]
    O44 – LFC:[MD5.CA2F3153EF3BCB0BD3A8984C933DF604] – 12-11-14 – 12:49:29 —A- . (.Microsoft Corporation – Wizard.) — C:WindowsSystem32iexpress.exe [167424]
    O44 – LFC:[MD5.2E475D2FCE0125FA0C486DB9D59E739B] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – Convertisseur Microsoft HTML.) — C:WindowsSystem32html.iec [417280]
    O44 – LFC:[MD5.70576D76A11DD5AE54E719297A315F90] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – DAC for Trident DOM.) — C:WindowsSystem32MshtmlDac.dll [88064]
    O44 – LFC:[MD5.F79E5258AF040A8AD83C7C1273A071C3] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – JScript Proxy Auto-Configuration.) — C:WindowsSystem32jsproxy.dll [54784]
    O44 – LFC:[MD5.C9AB2198141844D3DF96B4552CE9D5AB] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – JavaScript Performance Collection Agent.) — C:WindowsSystem32JavaScriptCollectionAgent.dll [77824]
    O44 – LFC:[MD5.2CEACC509889A095828F27115257408D] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – Microsoft® HTML Editing Component.) — C:WindowsSystem32mshtmled.dll [92160]
    O44 – LFC:[MD5.A348DEFC16B6FBC88B7D61C3B861BCB1] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – Moteur d’installation.) — C:WindowsSystem32inseng.dll [107520]
    O44 – LFC:[MD5.DD8FD33C108F14681A410067AB21DDF3] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – Object Control Viewer.) — C:WindowsSystem32occache.dll [152064]
    O44 – LFC:[MD5.85E97591864F3125C5B08FB44E0E8078] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – Synchronisation en arrière-plan des flux Mi.) — C:WindowsSystem32msfeedsbs.dll [60416]
    O44 – LFC:[MD5.00FB2FB8C27C834CF575BC415B80F995] – 12-11-14 – 12:49:30 —A- . (.Microsoft Corporation – TDC ActiveX Control.) — C:WindowsSystem32tdc.ocx [87552]
    O44 – LFC:[MD5.F0A53129AE95A895EC8C4DC36E1797A2] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – Composant Microsoft Office 2000.) — C:WindowsSystem32hlink.dll [108544]
    O44 – LFC:[MD5.3721721151DB49457B0FD35E0C04594C] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – DLL de gestion d’utilisateur local et de co.) — C:WindowsSystem32msrating.dll [199680]
    O44 – LFC:[MD5.E40D3696BE4852956669C285038B37A6] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – IE ETW Collector Service.) — C:WindowsSystem32ieetwcollector.exe [114688]
    O44 – LFC:[MD5.8AE1AC97407CD82D8389390C21430579] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – IE Sysprep Provider.) — C:WindowsSystem32iesysprep.dll [111616]
    O44 – LFC:[MD5.AF28C90094C4C50F083599C10D2DC072] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – Objets homologues Internet Explorer.) — C:WindowsSystem32iepeers.dll [145408]
    O44 – LFC:[MD5.1C3C54FA2D620DF3093F356A56EC5957] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – Outil d’installation sans assistance d’IE 7.) — C:WindowsSystem32ieUnatt.exe [144384]
    O44 – LFC:[MD5.9CD8D475F462F82E6FD8BFCA7186ACD4] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – Personnalisation d’IEAK.) — C:WindowsSystem32iedkcs32.dll [372736]
    O44 – LFC:[MD5.FD7C8FAC461BED1FEEB808E477D884D4] – 12-11-14 – 12:49:31 —A- . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Expl.) — C:WindowsSystem32ie4uinit.exe [716800]
    O44 – LFC:[MD5.853BB696932E4C48EE7034BFF1209A5A] – 12-11-14 – 12:49:32 —A- . (.Microsoft Corporation – Contrôleur de site Web.) — C:WindowsSystem32webcheck.dll [262144]
    O44 – LFC:[MD5.A7F53772ECAE2F44B455D14F71179940] – 12-11-14 – 12:49:32 —A- . (.Microsoft Corporation – IE ETW Collector Proxy Stub Resources.) — C:WindowsSystem32ieetwproxystub.dll [48640]
    O44 – LFC:[MD5.BC3B7CCE855F9A8E7BC96F7062229A02] – 12-11-14 – 12:49:32 —A- . (.Microsoft Corporation – Microsoft SmartScreen Filter.) — C:WindowsSystem32ieapfltr.dll [799232]
    O44 – LFC:[MD5.62E2FCF45F349DE6CAFB3AA7E1D81DA4] – 12-11-14 – 12:49:32 —A- . (.Microsoft Corporation – Panneau de configuration Internet.) — C:WindowsSystem32inetcpl.cpl [2124288]
    O44 – LFC:[MD5.200CEA827BDC503F00C0AED0EA227D49] – 12-11-14 – 12:49:34 —A- . (.Microsoft Corporation – Microsoft Feeds Manager.) — C:WindowsSystem32msfeeds.dll [800768]
    O44 – LFC:[MD5.258C3082AD82C1AAD335DA3FE2D3EB25] – 12-11-14 – 12:49:34 —A- . (.Microsoft Corporation – Microsoft ® VBScript.) — C:WindowsSystem32vbscript.dll [580096]
    O44 – LFC:[MD5.0D03DAD6BB183156C70F863D0F2FA55A] – 12-11-14 – 12:49:35 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript.dll [812544]
    O44 – LFC:[MD5.DE58DE2C6C8439B7174D6D3568AA4A80] – 12-11-14 – 12:49:35 —A- . (.Microsoft Corporation – Microsoft ® JScript Diagnostics.) — C:WindowsSystem32jscript9diag.dll [814080]
    O44 – LFC:[MD5.587DEBB59F5F14C9610966FB14A33607] – 12-11-14 – 12:49:35 —A- . (.Microsoft Corporation – Moteur de l’interface utilisateur d’Interne.) — C:WindowsSystem32ieui.dll [633856]
    O44 – LFC:[MD5.62D54F4673A6208C8CC147758122B3C3] – 12-11-14 – 12:49:36 —A- . (.Microsoft Corporation – ActiveX Interface Marshaling Library.) — C:WindowsSystem32actxprxy.dll [2865152]
    O44 – LFC:[MD5.46B5DD7C4B1851F59E48302185E076DF] – 12-11-14 – 12:49:37 —A- . (.Microsoft Corporation – Microsoft Internet Messaging API Resources.) — C:WindowsSystem32inetcomm.dll [1032704]
    O44 – LFC:[MD5.22CBDB8810CBED0B4F5E4BE69D7E2AE8] – 12-11-14 – 12:49:37 —A- . (.Microsoft Corporation – Utilitaire à l’exécution pour Internet Expl.) — C:WindowsSystem32iertutil.dll [2884096]
    O44 – LFC:[MD5.559E084EEBE44864493B2903433F19B3] – 12-11-14 – 12:49:38 —A- . (.Microsoft Corporation – Extensions OLE32 pour Win32.) — C:WindowsSystem32urlmon.dll [1550336]
    O44 – LFC:[MD5.BF1FC65A307B31939ADF7F976FDE033C] – 12-11-14 – 12:49:39 —A- . (.Microsoft Corporation – Extensions Internet pour Win32.) — C:WindowsSystem32wininet.dll [2365440]
    O44 – LFC:[MD5.079FEE6FC11A74E4309B6A10931C1CB2] – 12-11-14 – 12:49:46 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript9.dll [6040064]
    O44 – LFC:[MD5.BED4D30B7FF094E368333CE2D1CE3195] – 12-11-14 – 12:50:06 —A- . (.Microsoft Corporation – Navigateur Internet.) — C:WindowsSystem32ieframe.dll [14390272]
    O44 – LFC:[MD5.6432F143CDC9D73BD2BF832CAB2EDC01] – 12-11-14 – 12:51:13 —A- . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll [25110016]
    O44 – LFC:[MD5.668417ED63F9FBE7DD8D7A54B04279DA] – 12-11-14 – 12:51:42 —A- . (.Microsoft Corporation – File Risk Estimation.) — C:WindowsSystem32winshfhc.dll [14336]
    O44 – LFC:[MD5.4AD874CDC812EC156265E451B6B09DAB] – 12-11-14 – 12:51:44 —A- . (.Microsoft Corporation – Microsoft Network Realtime Inspection Drive.) — C:WindowsSystem32DriversWdNisDrv.sys [114496]
    O44 – LFC:[MD5.0359607177E5E9F6041136CC0A5CB0B6] – 12-11-14 – 12:51:44 —A- . (.Microsoft Corporation – Microsoft antimalware boot driver.) — C:WindowsSystem32DriversWdBoot.sys [35320]
    O44 – LFC:[MD5.DE8D12B4C3F55FA2C5E9774314F6C58A] – 12-11-14 – 12:51:45 —A- . (.Microsoft Corporation – Microsoft antimalware file system filter dr.) — C:WindowsSystem32DriversWdFilter.sys [258368]
    O44 – LFC:[MD5.F0A117D19873FCDF801F082F33BFBB6C] – 12-11-14 – 12:51:46 —A- . (.Microsoft Corporation – DLL client de l’API uilisateur de Windows m.) — C:WindowsSystem32user32.dll [1519488]
    O44 – LFC:[MD5.4A112AD7D9C7289FE9945D05E97019D0] – 12-11-14 – 12:52:20 —A- . (.Microsoft Corporation – Windows Update Wu exports.) — C:WindowsSystem32wuaext.dll [17408]
    O44 – LFC:[MD5.4D94560FD4982BB52C1FE64AE38E1A9F] – 12-11-14 – 12:52:21 —A- . (.Microsoft Corporation – Windows Update Application Launcher.) — C:WindowsSystem32wuapp.exe [35840]
    O44 – LFC:[MD5.E67B019D23320AA0C5F1E6DE5D30546A] – 12-11-14 – 12:52:21 —A- . (.Microsoft Corporation – Windows Update Modern WuApp.) — C:WindowsSystem32WUSettingsProvider.dll [407552]
    O44 – LFC:[MD5.5D67074419BBFDCA587C2E2A93743E8A] – 12-11-14 – 12:52:21 —A- . (.Microsoft Corporation – Windows Update Vista Web Control.) — C:WindowsSystem32wuwebv.dll [140288]
    O44 – LFC:[MD5.2E66E7D4F1E39F7048A231AA60FD2532] – 12-11-14 – 12:52:21 —A- . (.Microsoft Corporation – Windows Update WUDriver Stub.) — C:WindowsSystem32wudriver.dll [95744]
    O44 – LFC:[MD5.70AC0FA699C9420CB282CCF72993C2E1] – 12-11-14 – 12:52:21 —A- . (.Microsoft Corporation – Windows Update client proxy stub 2.) — C:WindowsSystem32wups2.dll [51712]
    O44 – LFC:[MD5.CCE7F88AD038494253B485EC1B144EB3] – 12-11-14 – 12:52:21 —A- . (.Microsoft Corporation – Windows Update client proxy stub.) — C:WindowsSystem32wups.dll [60416]
    O44 – LFC:[MD5.EA2DF5520D3623F353F43809A2F88086] – 12-11-14 – 12:52:21 —A- . (.Microsoft Corporation – Windows Update.) — C:WindowsSystem32wuauclt.exe [55776]
    O44 – LFC:[MD5.BCC10D47920E83EAC8F2E7E2D414692E] – 12-11-14 – 12:52:22 —A- . (.Microsoft Corporation – API du client Windows Update.) — C:WindowsSystem32wuapi.dll [894976]
    O44 – LFC:[MD5.2585412FC573F298FCBFD6759F8C4C0F] – 12-11-14 – 12:52:22 —A- . (.Microsoft Corporation – Expérience utilisateur du client Windows Up.) — C:WindowsSystem32wucltux.dll [1714176]
    O44 – LFC:[MD5.DCD090318EC800CF6275C6835900B0C6] – 12-11-14 – 12:52:23 —A- . (.Microsoft Corporation – Agent de mise à jour automatique Windows Up.) — C:WindowsSystem32wuaueng.dll [3557376]
    O44 – LFC:[MD5.D1A2E993DB1867C79177CCC9DB6337D0] – 12-11-14 – 12:52:26 —A- . (.Microsoft Corporation – Interface utilisateur de consentement pour.) — C:WindowsSystem32consent.exe [116032]
    O44 – LFC:[MD5.034ED41F13D9C1845C1E081F05B640DB] – 12-11-14 – 12:52:26 —A- . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [110080]
    O44 – LFC:[MD5.D0C15BC83B3D0AF4F9B1D70216D91794] – 12-11-14 – 12:52:27 —A- . (.Microsoft Corporation – Windows® installer.) — C:WindowsSystem32msihnd.dll [428032]
    O44 – LFC:[MD5.D5B41A0C38408814A3E9BAC8C82B2E5B] – 12-11-14 – 12:52:28 —A- . (.Microsoft Corporation – Interface utilisateur d’authentification Wi.) — C:WindowsSystem32authui.dll [2773504]
    O44 – LFC:[MD5.EF745B98D81B8C462DB99FC8B5C4322A] – 12-11-14 – 12:52:28 —A- . (.Microsoft Corporation – Windows Installer.) — C:WindowsSystem32msi.dll [3320320]
    O44 – LFC:[MD5.9A108C0A3092110F4651B3AFB9CC7B3D] – 12-11-14 – 12:52:30 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32oleaut32.dll [789184]
    O44 – LFC:[MD5.A8484FB640E044858BA19FB4F13DD4CE] – 12-11-14 – 12:53:10 —A- . (.Microsoft Corporation – DLL des événements d’audit de la sécurité.) — C:WindowsSystem32msaudite.dll [154112]
    O44 – LFC:[MD5.9F08A6608F98B5407E7DDBCF306573EF] – 12-11-14 – 12:53:10 —A- . (.Microsoft Corporation – Microsoft RDP Video Miniport driver.) — C:WindowsSystem32Driversrdpvideominiport.sys [27456]
    O44 – LFC:[MD5.3D2D2EA099D98FE6B94C7D8C7992C08C] – 12-11-14 – 12:53:10 —A- . (.Microsoft Corporation – Microsoft RemoteFX VM Transport.) — C:WindowsSystem32rfxvmt.dll [40448]
    O44 – LFC:[MD5.D7B23B3154508256C9F434EF9B65B91D] – 12-11-14 – 12:53:10 —A- . (.Microsoft Corporation – UMRDP Display Driver.) — C:WindowsSystem32rdpudd.dll [131584]
    O44 – LFC:[MD5.488CEA4F1B4D2446FFB7A94E3CB385FE] – 12-11-14 – 12:53:11 —A- . (.Microsoft Corporation – Client Microsoft® Active Directory Certific.) — C:WindowsSystem32certcli.dll [445440]
    O44 – LFC:[MD5.1D25CC0A9C480C5D56A5A6CF2B5DEB99] – 12-11-14 – 12:53:11 —A- . (.Microsoft Corporation – DLL RDPCore TS.) — C:WindowsSystem32rdpcorets.dll [3547648]
    O44 – LFC:[MD5.91E59FCB3B32DD84E5DCDA2EA1583807] – 12-11-14 – 12:53:11 —A- . (.Microsoft Corporation – DLL du schéma d’audit de sécurité.) — C:WindowsSystem32adtschema.dll [736768]
    O44 – LFC:[MD5.949E590B76018E4523FC71CE510ED9ED] – 12-11-14 – 12:53:11 —A- . (.Microsoft Corporation – DLL serveur LSA.) — C:WindowsSystem32lsasrv.dll [1441792]
    O44 – LFC:[MD5.4E1207CE16E615B0B7A70DC889F4500E] – 12-11-14 – 12:53:11 —A- . (.Microsoft Corporation – Kernel Cryptography, Next Generation.) — C:WindowsSystem32Driverscng.sys [563976]
    O44 – LFC:[MD5.6D2EE96150E35B9EA49F2B481DE0369A] – 12-11-14 – 12:53:11 —A- . (.Microsoft Corporation – Kernel Security Support Provider Interface.) — C:WindowsSystem32Driversksecpkg.sys [177472]
    O44 – LFC:[MD5.6DE50D5592C6EE18C87B0C2EEEDC1621] – 12-11-14 – 12:53:31 —A- . (.Microsoft Corporation – DPAPI Server.) — C:WindowsSystem32dpapisrv.dll [185856]
    O44 – LFC:[MD5.622928F5A8045F8122F10561D6C35ED0] – 12-11-14 – 12:53:31 —A- . (.Microsoft Corporation – Microsoft SChannel Provider.) — C:WindowsSystem32ncryptsslp.dll [104336]
    O44 – LFC:[MD5.F0CE4A653EEBA09509EAF93AE2226FA9] – 12-11-14 – 12:53:32 —A- . (.Microsoft Corporation – Fournisseur de sécurité TLS/SSL.) — C:WindowsSystem32schannel.dll [426496]
    O44 – LFC:[MD5.D92FB5770CBDE049A4732B76A77F6864] – 12-11-14 – 13:07:09 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32MRT.exe [103374192]
    O44 – LFC:[MD5.779C6F4A8C0D507C91E226A84C7CAA52] – 13-11-14 – 09:12:21 —A- . (…) — C:WindowsSystem32FNTCACHE.DAT [5169768]
    O44 – LFC:[MD5.452F1063821A9DA017B29DC4281A65AE] – 13-11-14 – 23:28:38 —A- . (…) — C:PhysicalDisk0_MBR.bin [512]
    O44 – LFC:[MD5.5C3669B71657F22E67A1D4BD49D2CBE7] – 14-11-14 – 00:10:25 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O44 – LFC:[MD5.D3311B31C470E7681B14D9B014CBF9ED] – 14-11-14 – 00:10:25 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O44 – LFC:[MD5.D1F2D4DF0A5D3B700794E26356A55B44] – 14-11-14 – 00:10:25 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O44 – LFC:[MD5.066D2E36A32A0E4981DB0E8237755CCD] – 14-11-14 – 00:46:41 —A- . (…) — C:WindowsPFRO.log [216868]
    O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 14-11-14 – 12:30:30 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O44 – LFC:[MD5.975F2CAA23B9CF4420EAB6439BE4D233] – 14-11-14 – 12:48:19 —A- . (…) — C:WindowsSystem32DriversTrueSight.sys [37624]
    O44 – LFC:[MD5.02EB7B3C6E7CCFFEB2BDB6E80148BD58] – 14-11-14 – 23:14:58 —A- . (…) — C:Windowssetupact.log [384307]
    O44 – LFC:[MD5.8800C788522D791AA2FBABEFA9CE0FCE] – 14-11-14 – 23:17:02 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1824010]
    O44 – LFC:[MD5.AD0FE0F9CEFE85829513B22AE2A9300E] – 14-11-14 – 23:17:02 —A- . (…) — C:WindowsSystem32perfc009.dat [135592]
    O44 – LFC:[MD5.766BF231B14FBD9809DCAFF8E1FC7FC1] – 14-11-14 – 23:17:02 —A- . (…) — C:WindowsSystem32perfc00C.dat [159412]
    O44 – LFC:[MD5.75329F8DE11F6E2817C3DD0A5453980B] – 14-11-14 – 23:17:02 —A- . (…) — C:WindowsSystem32perfh009.dat [722476]
    O44 – LFC:[MD5.E2238AE3E99FAFB8CA98F6251C462871] – 14-11-14 – 23:17:02 —A- . (…) — C:WindowsSystem32perfh00C.dat [812350]
    O44 – LFC:[MD5.13912FA325CFD025322C8653ABA177DC] – 15-11-14 – 10:17:29 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.D7E84AA8CA441C2933226AC10DDA1652] – 15-11-14 – 11:04:55 —A- . (…) — C:WindowsWindowsUpdate.log [1549941]
    ~ Files: 161 Scanned in 00mn 13s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.4FE02C0654565EBCAD139F0DBB6C01F0] – 13-11-14 – 13:48:35 —A- – C:WindowsPrefetchAZUREUS.EXE-519A8D10.pf =>P2P.Azureus
    O45 – LFCP:[MD5.A452EC3AB419144543BE59A25B32D536] – 07-09-14 – 18:25:07 —A- – C:WindowsPrefetchVUZE_5.4.0.0C_WIN32.EXE-084CFA0D.pf =>P2P.Azureus
    ~ Prefetcher: 2 Scanned in 00mn 00s

    —\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~1MICROS~1Office14GROOVEEX.DLL
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook [64Bits] – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~1MICROS~1Office14GROOVEEX.DLL
    ~ ShellExecuteHooks: Scanned in 00mn 00s

    —\ Export de clé d’application autorisée (O47)
    O47 – AAKE:Key Export SP – “C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe” [Enabled] .(.WIBU-SYSTEMS AG.) — C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
    O47 – AAKE:Key Export DP – “C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe” [Enabled] .(.WIBU-SYSTEMS AG.) — C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
    ~ Keys Export: 2 Scanned in 00mn 00s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Fournisseur de sécurité TLS/SSL.) — C:WindowsSystem32schannel.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Live Security Package.) — C:WindowsSystem32livessp.dll
    ~ LSA: 9 Scanned in 00mn 00s

    dariuss
    Participant
    Nombre d'articles : 49

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimaldxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkdxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (…) — C:WindowsSystem32Driversrdpencdd.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 17 Scanned in 00mn 00s

    —\ Recherche d’infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=5
    O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableCursorSuppression”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=3
    O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “DisableCAD”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “DisableTaskMgr”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “DisableRegistryTools”=0
    ~ MWPS: 20 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKCU…policiesExplorer] – “NoRun”=0
    O56 – MWPE:[HKCU…policiesExplorer] – “NoFolderOptions”=0
    O56 – MWPE:[HKCU…policiesExplorer] – “NoControlPanel”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “ForceActiveDesktopOn”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktop”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “NoRun”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “NoFolderOptions”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “NoControlPanel”=0
    ~ MWPE Keys: 10 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:22-08-13 – 13:43:41 —A- . (.LSI – LSI 3ware SCSI Storport Driver.) — C:WindowsSystem32Drivers3ware.sys [108896]
    O58 – SDL:22-08-13 – 13:43:41 —A- . (.PMC-Sierra – PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) — C:WindowsSystem32Driversadp80xx.sys [782176]
    O58 – SDL:18-09-12 – 12:51:54 —A- . (.ASUSTek Computer Inc. – ASUS Charger driver.) — C:WindowsSystem32DriversAiCharger.sys [17152]
    O58 – SDL:22-08-13 – 13:43:41 —A- . (.Advanced Micro Devices – AHCI 1.3 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [79200]
    O58 – SDL:22-08-13 – 13:43:41 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [259424]
    O58 – SDL:22-08-13 – 13:43:40 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [25952]
    O58 – SDL:22-08-13 – 13:43:41 —A- . (.PMC-Sierra, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [114016]
    O58 – SDL:04-11-13 – 02:32:06 —A- . (.ASUS – HID driver for ASUS Wireless Radio Control.) — C:WindowsSystem32DriversAsHIDSwitch64.sys [20280]
    O58 – SDL:18-06-13 – 15:45:02 —A- . (.Qualcomm Atheros Communications, Inc. – Qualcomm Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32Driversathw8x.sys [3680256]
    O58 – SDL:14-08-13 – 02:42:44 —A- . (.Qualcomm Atheros Communications, Inc. – Qualcomm Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32Driversathwbx.sys [3837440]
    O58 – SDL:13-08-13 – 00:25:46 —A- . (.Windows (R) Win 7 DDK provider – BCM Function 2 Device Driver.) — C:WindowsSystem32Driversbcmfn2.sys [17624]
    O58 – SDL:29-09-12 – 18:43:20 —A- . (.Qualcomm Atheros – Qualcomm Atheros BUS driver.) — C:WindowsSystem32Driversbtath_bus.sys [33944]
    O58 – SDL:29-09-12 – 18:43:20 —A- . (.Qualcomm Atheros – Qualcomm Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_flt.sys [88728]
    O58 – SDL:29-09-12 – 18:43:22 —A- . (.Qualcomm Atheros – Qualcomm Atheros HCRP driver.) — C:WindowsSystem32Driversbtath_hcrp.sys [178840]
    O58 – SDL:29-09-12 – 18:43:22 —A- . (.Qualcomm Atheros – Qualcomm Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_lwflt.sys [76952]
    O58 – SDL:28-01-14 – 14:32:18 —A- . (.Qualcomm Atheros – Qualcomm Atheros BtFilter Driver.) — C:WindowsSystem32Driversbtfilter.sys [593000]
    O58 – SDL:22-08-13 – 13:43:41 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [531296]
    O58 – SDL:20-07-14 – 17:33:52 —A- . (.Disc Soft Ltd – DAEMON Tools Virtual Bus Driver.) — C:WindowsSystem32Driversdtsoftbus01.sys [283064]
    O58 – SDL:22-08-13 – 13:43:45 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3357024]
    O58 – SDL:02-07-12 – 15:16:02 —A- . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversHECIx64.sys [62784]
    O58 – SDL:22-08-13 – 13:43:45 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [64352]
    O58 – SDL:30-07-13 – 19:47:35 —A- . (.Intel Corporation – Intel(R) Serial IO GPIO Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_GPIO.sys [24568]
    O58 – SDL:25-07-13 – 20:05:39 —A- . (.Intel Corporation – Intel(R) Serial IO I2C Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_I2C.sys [99320]
    O58 – SDL:04-02-13 – 02:48:02 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver – x64.) — C:WindowsSystem32DriversiaStorA.sys [652784]
    O58 – SDL:10-08-13 – 01:39:30 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver (inbox) – x64.) — C:WindowsSystem32DriversiaStorAV.sys [651248]
    O58 – SDL:22-08-13 – 13:43:45 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [412000]
    O58 – SDL:02-08-12 – 04:22:48 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [14992]
    O58 – SDL:18-06-13 – 15:44:59 —A- . (.Qualcomm Atheros Co., Ltd. – Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) — C:WindowsSystem32DriversL1C63x64.sys [129224]
    O58 – SDL:22-08-13 – 13:43:44 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [109408]
    O58 – SDL:22-08-13 – 13:43:45 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [93536]
    O58 – SDL:22-08-13 – 13:43:44 —A- . (.LSI Corporation – LSI SAS Gen3 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas3.sys [81760]
    O58 – SDL:22-08-13 – 13:43:45 —A- . (.LSI Corporation – LSI SSS PCIe/Flash Driver (StorPort).) — C:WindowsSystem32Driverslsi_sss.sys [82784]
    O58 – SDL:01-10-14 – 11:11:12 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O58 – SDL:01-10-14 – 11:11:16 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O58 – SDL:14-11-14 – 12:30:30 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O58 – SDL:22-08-13 – 13:43:45 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows.) — C:WindowsSystem32Driversmegasas.sys [56672]
    O58 – SDL:22-08-13 – 13:43:45 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32Driversmegasr.sys [575840]
    O58 – SDL:22-08-13 – 13:43:49 —A- . (.Marvell Semiconductor, Inc. – Marvell Flash Controller Driver.) — C:WindowsSystem32Driversmvumis.sys [63840]
    O58 – SDL:01-10-14 – 11:11:30 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O58 – SDL:06-11-14 – 22:02:48 —A- . (.NVIDIA Corporation – NVIDIA HDMI Audio Driver.) — C:WindowsSystem32Driversnvhda64v.sys [197408]
    O58 – SDL:04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 344.65.) — C:WindowsSystem32Driversnvlddmkm.sys [13207184]
    O58 – SDL:22-08-13 – 13:43:31 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [150368]
    O58 – SDL:22-08-13 – 13:43:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [168288]
    O58 – SDL:04-11-14 – 01:04:30 —A- . (.NVIDIA Corporation – Stereoscopic 3D USB controller driver.) — C:WindowsSystem32Driversnvstusb.sys [451216]
    O58 – SDL:31-03-14 – 17:42:44 —A- . (.NVIDIA Corporation – NVIDIA Virtual Audio Driver.) — C:WindowsSystem32Driversnvvad64v.sys [40392]
    O58 – SDL:08-01-13 – 14:28:34 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [3286240]
    O58 – SDL:22-08-13 – 16:35:09 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [23040]
    O58 – SDL:22-08-13 – 13:43:31 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [44896]
    O58 – SDL:22-08-13 – 13:43:32 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [81760]
    O58 – SDL:17-09-12 – 04:13:36 —A- . (.Synaptics Incorporated – Synaptics SMBus Driver.) — C:WindowsSystem32DriversSmb_driver_Intel.sys [43832]
    O58 – SDL:22-08-13 – 13:43:32 —A- . (.Promise Technology, Inc. – Promise SuperTrak EX Series Driver for Windows x64.) — C:WindowsSystem32Driversstexstor.sys [31072]
    O58 – SDL:17-09-12 – 04:13:38 —A- . (.Synaptics Incorporated – Synaptics Touchpad Driver.) — C:WindowsSystem32DriversSynTP.sys [450872]
    O58 – SDL:14-11-14 – 12:48:19 —A- . (…) — C:WindowsSystem32DriversTrueSight.sys [37624]
    O58 – SDL:22-08-13 – 13:43:34 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [19808]
    O58 – SDL:22-08-13 – 13:43:34 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [168800]
    O58 – SDL:22-08-13 – 13:43:34 —A- . (.VIA Corporation – VIA StorX RAID Controller Driver.) — C:WindowsSystem32DriversVSTXRAID.SYS [305504]
    O58 – SDL:07-09-12 – 02:22:02 —A- . (.Qualcomm Atheros Communications, Inc. – Qualcomm Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32athw8x.sys [3645440]
    ~ Drivers: 57 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 08-11-14 – 11:10:42 —A- . (…) — C:UsersDariusAppDataLocalNVIDIANvBackendPackages000676cDAO.19039144.exe [4130848]
    O61 – LFC: 08-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite41150.dll [1053184]
    O61 – LFC: 09-11-14 – 11:06:53 —A- . (…) — C:UsersDariusAppDataLocalAdobeAcrobat10.0UserCache.bin [134034]
    O61 – LFC: 09-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite20419.dll [1053184]
    O61 – LFC: 09-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite21587.dll [1053184]
    O61 – LFC: 09-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite26898.dll [1053184]
    O61 – LFC: 09-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite63926.dll [1053184]
    O61 – LFC: 09-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite79399.dll [1053184]
    O61 – LFC: 10-11-14 – 11:10:50 —A- . (…) — C:UsersDariusAppDataLocalNVIDIANvBackendPackages000678aDAO.19045343.exe [4356720]
    O61 – LFC: 10-11-14 – 11:11:20 —A- . (…) — C:UsersDariusAppDataLocalTempe4jDBAC.tmp_dir1415574573i4jdel.exe [28099]
    O61 – LFC: 10-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite47798.dll [1053184]
    O61 – LFC: 10-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite56967.dll [1053184]
    O61 – LFC: 10-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite94146.dll [1053184]
    O61 – LFC: 10-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite99009.dll [1053184]
    O61 – LFC: 10-11-14 – 11:11:22 —A- . (…) — C:UsersDariusAppDataRoamingAzureuspluginsazempvuzeplayer.exe [4177856] =>P2P.Azureus
    O61 – LFC: 10-11-14 – 11:11:24 —A- . (…) — C:UsersDariusAppDataRoamingMicrosoftUProofCMAdj.12.bin [106]
    O61 – LFC: 11-11-14 – 11:06:56 —A- . (…) — C:UsersDariusAppDataLocalNVIDIANvBackenddrsupdate.bin [1208048]
    O61 – LFC: 11-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite22442.dll [1053184]
    O61 – LFC: 11-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite27308.dll [1053184]
    O61 – LFC: 11-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite29857.dll [1053184]
    O61 – LFC: 11-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite49018.dll [1053184]
    O61 – LFC: 11-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite56568.dll [1053184]
    O61 – LFC: 11-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite65595.dll [1053184]
    O61 – LFC: 11-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite66000.dll [1053184]
    O61 – LFC: 11-11-14 – 11:11:25 —A- . (…) — C:UsersDariusAppDataRoamingNVIDIAGLCache8a111555a0d50608a763f6c48f8f713421123035b4fcafe5c0e40c74d50b5cf8.bin [25938]
    O61 – LFC: 11-11-14 – 11:11:25 —A- . (…) — C:UsersDariusAppDataRoamingNVIDIAGLCache8a111555a0d50608a763f6c48f8f713421123035b4fcafe5c0e40c74d50b5cf9.bin [36519]
    O61 – LFC: 12-11-14 – 11:10:58 —A- . (…) — C:UsersDariusAppDataLocalNVIDIANvBackendPackages00067a4DAO.19048376.exe [4375304]
    O61 – LFC: 12-11-14 – 11:11:18 —A- . (…) — C:UsersDariusAppDataLocalPackagesWinStore_cw5n1h2txyewyACTempNVIDIA CorporationNV_Cache63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a84b_73cd6da3e16daf00_0_0.bin [16384] =>.Microsoft Corporation
    O61 – LFC: 12-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite18236.dll [1053184]
    O61 – LFC: 12-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite20922.dll [1053184]
    O61 – LFC: 12-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite72913.dll [1053184]
    O61 – LFC: 12-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite88141.dll [1053184]
    O61 – LFC: 13-11-14 – 11:06:53 —A- . (…) — C:UsersDariusAppDataLocalGoogleChromeUser DataEVWhitelist2_platform_specificallev_hashes_whitelist.bin [938368]
    O61 – LFC: 13-11-14 – 11:06:53 —A- . (…) — C:UsersDariusAppDataLocalGoogleChromeUser Datanacl_validation_cache.bin [308]
    O61 – LFC: 13-11-14 – 11:06:56 —A- . (.NVIDIA Corporation.) — C:UsersDariusAppDataLocalNVIDIANvBackendApplicationOntologyOAWrapper.exe [172984]
    O61 – LFC: 13-11-14 – 11:06:56 —A- . (.NVIDIA Corporation.) — C:UsersDariusAppDataLocalNVIDIANvBackendApplicationOntologyOntology.dll [1374648]
    O61 – LFC: 13-11-14 – 11:06:56 —A- . (.Nicolas Coolman.) — C:UsersDariusAppDataLocalMicrosoftWindowsINetCacheIE8I6JDMJ8ZHPDiag2.exe [6860008] =>.Nicolas Coolman
    O61 – LFC: 13-11-14 – 11:11:08 —A- . (…) — C:UsersDariusAppDataLocalNVIDIANvBackendPackages00067b0DAO.19048896.exe [4375312]
    O61 – LFC: 13-11-14 – 11:11:17 —A- . (…) — C:UsersDariusAppDataLocalPackagesMicrosoft.BingWeather_8wekyb3d8bbweACTempNVIDIA CorporationNV_Cache63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a84b_245cd86f07a5262b_0_0.bin [16384]
    O61 – LFC: 13-11-14 – 11:11:17 —A- . (…) — C:UsersDariusAppDataLocalPackagesmicrosoft.windowscommunicationsapps_8wekyb3d8bbweACTempNVIDIA CorporationNV_Cache63547c51a55c7182c5c77fb521826c6c_fce8395f8fd8a84b_d775862d3d4dee98_0_0.bin [16384] =>.Microsoft Corporation
    O61 – LFC: 13-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite11301.dll [1053184]
    O61 – LFC: 13-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite19944.dll [1053184]
    O61 – LFC: 13-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite24667.dll [1053184]
    O61 – LFC: 13-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite26051.dll [1053184]
    O61 – LFC: 13-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite44752.dll [1053184]
    O61 – LFC: 13-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite67876.dll [1053184]
    O61 – LFC: 13-11-14 – 11:11:21 —A- . (.Robert Simpson, et al..) — C:UsersDariusAppDataLocalTempSystem.Data.SQLite75545.dll [1053184]
    O61 – LFC: 14-11-14 – 11:06:56 —A- . (…) — C:UsersDariusAppDataLocalMicrosoftWindowsINetCacheIEGBNJSN6Xurlblockindex[2].bin [16]
    O61 – LFC: 14-11-14 – 11:06:56 —A- . (.Malwarebytes Corporation.) — C:UsersDariusAppDataLocalMicrosoftWindowsINetCacheIEAEJ4V6K2mbam-setup-2.0.3.1025.exe [19828376]
    O61 – LFC: 14-11-14 – 11:10:59 —A- . (…) — C:UsersDariusAppDataLocalNVIDIANvBackendPackages00067a9DRS update.19048648.exe [334784]
    O61 – LFC: 14-11-14 – 11:11:17 —A- . (…) — C:UsersDariusAppDataLocalNVIDIANvBackendPackages00067c0DAO.19053070.exe [4375312]
    O61 – LFC: 14-11-14 – 11:11:21 —A- . (…) — C:UsersDariusAppDataLocalTempNVIDIA CorporationNV_Cache93d70479de668e65357b7037cef7bdec_fce8395f8fd8a84b_a70a96f64ec5d8d2_0_0.bin [16384]
    O61 – LFC: 14-11-14 – 11:11:21 —A- . (…) — C:UsersDariusAppDataLocalTempNVIDIA CorporationNV_Cache93d70479de668e65357b7037cef7bdec_fce8395f8fd8a84b_a70a96f64ec5d8d2_0_1.bin [1048576]
    O61 – LFC: 14-11-14 – 11:11:25 —A- . (…) — C:UsersDariusDesktopCloud_Backup_Setup.exe [73880]
    O61 – LFC: 14-11-14 – 11:11:25 —A- . (…) — C:UsersDariusDesktopRogueKillerX64.exe [17535064]
    O61 – LFC: 14-11-14 – 11:11:25 —A- . (.Bleeping Computer, LLC.) — C:UsersDariusDesktoprkill.com [1944824]
    O61 – LFC: 15-11-14 – 11:11:20 —A- . (…) — C:UsersDariusAppDataLocalTechSmithSnagitTray.bin [3206]
    O61 – LFC: 15-11-14 – 11:11:21 —A- . (…) — C:UsersDariusAppDataLocalTempNVIDIA CorporationNV_Cache93d70479de668e65357b7037cef7bdec_fce8395f8fd8a84b_15f74c7777689be5_0_0.bin [16384]
    O61 – LFC: 15-11-14 – 11:11:21 —A- . (…) — C:UsersDariusAppDataLocalTempNVIDIA CorporationNV_Cache93d70479de668e65357b7037cef7bdec_fce8395f8fd8a84b_15f74c7777689be5_0_1.bin [1048576]
    O61 – LFC: 15-11-14 – 11:11:21 —A- . (…) — C:UsersDariusAppDataLocalTempNVIDIA CorporationNV_Cache93d70479de668e65357b7037cef7bdec_fce8395f8fd8a84b_15f74c7777689be5_1_0.bin [16384]
    O61 – LFC: 15-11-14 – 11:11:21 —A- . (…) — C:UsersDariusAppDataLocalTempNVIDIA CorporationNV_Cache93d70479de668e65357b7037cef7bdec_fce8395f8fd8a84b_8e912777872ba4e3_0_0.bin [16384]
    O61 – LFC: 15-11-14 – 11:11:21 —A- . (…) — C:UsersDariusAppDataLocalTempNVIDIA CorporationNV_Cachee718140819ca2ce53c51e9f81adbd351_fce8395f8fd8a84b_e330f25ac01818f1_2_0.bin [16384]
    O61 – LFC: 15-11-14 – 11:11:25 —A- . (…) — C:UsersDariusAppDataRoamingsp_data.sys [401]
    O61 – LFC: 15-11-14 – 11:11:25 —A- . (…) — C:UsersDariusDesktopZHPCleaner.exe [1398272] =>.Nicolas Coolman
    O61 – LFC: 15-11-14 – 11:11:25 —A- . (.Nicolas Coolman.) — C:UsersDariusDesktopZHPDiag2.exe [6864822] =>.Nicolas Coolman
    ~ 3460 Fichiers temporaires (Temporary files)
    ~ Files: 65 Scanned in 04mn 55s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet ExplorerIEXPLORE.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
    O67 – Shell Spawning: [HKCU..openCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O67 – Shell Spawning: [HKCU..openCommand] (.Microsoft Corporation – Bloc-notes.) — C:WINDOWSsystem32notepad.exe =>.Microsoft Corporation
    ~ FASS Keys: 12 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (…) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [208896]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [324096]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [1261056]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [1063424]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [914432]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [110080]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [150528]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [107008]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1212928]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [220672]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [70656]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [134144]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [220160]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [324096]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [81408]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [97792]
    O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [339456]
    O83 – Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation – Service d’infrastructure de localisation Windows.) — C:WindowsSystem32GeofenceMonitorService.dll [491520]
    O83 – Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation – Service de compte Microsoft®.) — C:WindowsSystem32wlidsvc.dll [1576960]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [50688]
    O83 – Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation – Gestionnaire d’installation de périphérique.) — C:WindowsSystem32DeviceSetupManager.dll [201728]
    O83 – Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation – Service Assistant Connectivité réseau Microsoft.) — C:WindowsSystem32ncasvc.dll [164352]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [101376]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire des connexions d’accès à distance.) — C:WindowsSystem32rasmans.dll [534528]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [223744]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [71680]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [433664]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [306688]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [3557376]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [1017856]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [629760]
    ~ Services: 34 Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22-07-09] (…) — C:ProgramDataSetStretch.exe [24576]
    [MD5.727FF5D1EA37DF99F3BD0D1076D6718C] [SPRF][15-11-14] (…) — C:UsersDariusAppDataRoamingsp_data.sys [401]
    [MD5.58A1A6EEF214A332679A4FA6BAEC5880] [SPRF][14-11-14] (…) — C:UsersDariusDesktopCloud_Backup_Setup.exe [73880]
    [MD5.328BB2EA27063956A4E21F05BC6F2304] [SPRF][07-09-14] (…) — C:UsersDariusDesktopcorrectif_2011.exe [72125693]
    [MD5.2DDB5730E182D1B2C68E412F90A8E642] [SPRF][07-09-14] (…) — C:UsersDariusDesktopcorrectif_2013.exe [1258039]
    [MD5.FCCD0F6A733248E8F624B9FE813F0324] [SPRF][14-11-14] (.Bleeping Computer, LLC – Terminates malware processes so that you can run your normal security programs..) — C:UsersDariusDesktoprkill.com [1944824]
    [MD5.47C6E378E9D4819109AEAD73A72E4B80] [SPRF][14-11-14] (…) — C:UsersDariusDesktopRogueKillerX64.exe [17535064]
    [MD5.BAADD1BC48F66849E859A21AA2C1F7E7] [SPRF][06-09-14] (.TechSmith Corporation – Snagit 12.) — C:UsersDariusDesktopsnagit.exe [73924960]
    [MD5.9BA3D89A8E77B08B4342ABFCECC4AC8F] [SPRF][15-11-14] (.Pas de propriétaire – ZHPCleaner.) — C:UsersDariusDesktopZHPCleaner.exe [1398272]
    [MD5.C8EF1043337009E8FD658F7A2287841B] [SPRF][15-11-14] (.Nicolas Coolman – ZHPDiag Setup.) — C:UsersDariusDesktopZHPDiag2.exe [6864822]
    [MD5.D2188B49C403E2EF252A0F4F905717D1] [SPRF][07-02-14] (.Autodesk, Inc. – Autodesk i-drop control.) — C:WindowsDownloaded Program FilesIDropENU.dll [117064]
    ~ Files: 11 Scanned in 00mn 01s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “{53ED1097-50C7-4626-994A-31199FA644BB}” | In – Private – P17 – TRUE | .(.Azureus Software, Inc – Vuze Launcher.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O87 – FAEL: “{F0B5CE54-837E-4754-B3F1-96BAE75D4524}” | In – Private – P6 – TRUE | .(.Azureus Software, Inc – Vuze Launcher.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O87 – FAEL: “{85368C95-CA17-41DE-8305-9F644818B9A0}” | In – Public – P6 – TRUE | .(.Azureus Software, Inc – Vuze Launcher.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O87 – FAEL: “{4898FED3-7EB8-4688-9641-16490098AC71}” | In – Public – P17 – TRUE | .(.Azureus Software, Inc – Vuze Launcher.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    ~ Firewall: 4 Scanned in 00mn 02s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “3345743565D20073677A7A857BC0A000” . (.Vuze Toolbar.) — C:WINDOWSInstaller{53475433-2D56-3700-76A7-A758B70C0A00}ToolbarIcon.exe =>P2P.Azureus
    ~ Update Products: 1 Scanned in 00mn 00s

    —\ Enumère les données de la clé NameSpace (MNS) (O92)
    O92 – MNS: – {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
    O92 – MNS: – {374DE290-123F-4565-9164-39C4925E467B}
    O92 – MNS: – {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
    O92 – MNS: RealPlayer Cloud – {5E8FC967-829A-475C-93EA-51FCE6D9FFCE}
    O92 – MNS: – {A0953C92-50DC-43bf-BE83-3742FED03C9C}
    O92 – MNS: Autodesk 360 – {A7B36FF9-3BB0-426B-A737-A997B80466D5}
    O92 – MNS: – {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
    O92 – MNS: – {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
    ~ MNS: 8 Scanned in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.02B1AE0709E535E4E309B26B5B517E88] [WIS][04-01-14] (.APN, LLC – Vuze Toolbar.) — C:WindowsInstaller274995.msi [448512] =>Toolbar.Avira
    ~ WIS: 1 Scanned in 00mn 01s

    —\ Recherche de clés de registre Tracing (O100)
    HKLMSOFTWAREWow6432NodeMicrosoftTracingPennyBeeW_RASAPI32 =>PUP.PaybyAds
    HKLMSOFTWAREWow6432NodeMicrosoftTracingPennyBeeW_RASMANCS =>PUP.PaybyAds
    ~ BTK: 65 Scanned in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Disabled 21-06-14 596360 | (AdAppMgrSvc) . (.Autodesk Inc..) – C:Program Files (x86)Common FilesAutodesk SharedAppManagerR1AdAppMgrSvc.exe
    SS – | Disabled 08-05-14 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SS – | Demand 11-11-14 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Disabled 07-02-14 31192 | (Autodesk Content Service) . (.Autodesk, Inc..) – C:Program Files (x86)AutodeskContent ServiceConnect.Service.ContentService.exe
    SS – | Auto 23-05-12 243728 | (CLKMSVC10_38F51D56) . (.CyberLink.) – C:Program Files (x86)CyberLinkPowerDVD10NavFilterkmsvc.exe
    SS – | Disabled 15-11-13 3105144 | (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) – C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe
    SS – | Demand 03-08-14 1357104 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe
    SS – | Disabled 08-10-14 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Disabled 08-10-14 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Disabled 15-09-11 86016 | (mi-raysat_3dsmax2015_64) . (…) – C:Program FilesAutodesk3ds Max 2015NVIDIASatelliteraysat_3dsmax2015_64server.exe
    SS – | Disabled 14-11-14 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Disabled 24-07-14 39568 | (RealNetworks Downloader Resolver Service) . (…) – C:Program Files (x86)RealNetworksRealDownloaderrndlresolversvc.exe
    SS – | Disabled 01-10-14 1141848 | (RealPlayer Cloud Service) . (.RealNetworks, Inc..) – C:Program Files (x86)RealRealPlayerRPDSBinrpdsvc.exe
    SS – | Disabled 24-07-14 23552 | (RealPlayerUpdateSvc) . (…) – C:Program Files (x86)RealUpdateServiceRealPlayerUpdateSvc.exe
    SS – | Disabled 03-04-14 315008 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SS – | Demand 10-07-58 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SS – | Demand 22-08-13 37768 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 14-11-12 106880 | (ASLDRService) . (.ASUSTek Computer Inc..) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
    SR – | Auto 13-04-12 277120 | (ASUS InstantOn) . (.ASUS.) – C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe
    SR – | Auto 29-09-12 220288 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
    SR – | Auto 21-11-11 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    SR – | Auto 20-01-12 45696 | (FanChkService) . (.ASUSTek Computer Inc..) – C:Program Files (x86)ASUSASUS Fan Filter CheckerFanChkSrv.exe
    SR – | Auto 20-04-12 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Auto 27-06-12 129856 | (Intel(R) ME Service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    SR – | Auto 25-06-12 166720 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 17-07-12 277824 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 02-02-02 68192 | (McNeelUpdate) . (.Robert McNeel & Associates.) – C:Program Files (x86)McNeelUpdate5.0McNeelUpdateService.exe
    SR – | Auto 25-07-14 1720608 | (NvNetworkService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
    SR – | Auto 25-07-14 18956064 | (NvStreamSvc) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    SR – | Auto 03-11-14 935232 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSsystem32nvvsvc.exe
    SR – | Auto 03-11-14 410952 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SR – | Auto 17-07-12 365376 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Demand 10-07-58 0 | (WdNisSvc) . (…) – C:Program Files (x86)Windows DefenderNisSrv.exe
    SR – | Auto 10-07-58 0 | (WinDefend) . (…) – C:Program Files (x86)Windows DefenderMsMpEng.exe
    SR – | Auto 29-09-12 323584 | (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
    ~ Services: Scanned in 00mn 18s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Run by Darius at 15-11-14 11:13:08
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Scanned in 00mn 00s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Darius at 15-11-14 11:13:10
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Liste des émulateurs de CD/DVD (MBR Hook)
    O42 – Logiciel: DAEMON Tools Lite – (.Disc Soft Ltd.) [HKLM][64Bits] — DAEMON Tools Lite =>.DT Soft Ltd
    ~ Emulateurs: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (13-11-14)
    Clés trouvées (Keys found) : 4
    Valeurs trouvées (Values found) : 3
    Dossiers trouvés (Folders found) : 2
    Fichiers trouvés (Files found) : 3

    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall8461-7759-5462-8226] =>P2P.Azureus^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{53475433-2D56-3700-76A7-A758B70C0A00}] =>Toolbar.Avira^
    [HKCUSoftwareAppDataLow{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
    [HKLMSoftwareWow6432Node{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
    C:Program Files (x86)Vuze =>P2P.Azureus^
    C:UsersDariusAppDataRoamingAzureus =>P2P.Azureus^
    [HKCUSoftwareAzureus] =>P2P.Azureus^
    [HKLMSoftwareWow6432NodeAzureus] =>P2P.Azureus^
    C:WindowsInstaller274995.msi =>Toolbar.Avira^
    ~ Additionnel Scan: 866465 Items scanned in 00mn 56s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/” onclick=”window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 3 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/pup-paybyads” onclick=”window.open(this.href);return false; =>PUP.PaybyAds
    http://nicolascoolman.fr/pup-optimizerpro” onclick=”window.open(this.href);return false; =>PUP.OptimizerPro
    ~ MSI: 2 link(s) detected in 00mn 00s

    End of the scan (1589 lines in 08mn 10s)(0)

    buckhulk
    Participant
    Nombre d'articles : 2398

    des virus mail il faut que tu héberges ton rapport :
    [center:3hqj657t]Hébergement[/center:3hqj657t]

    Les rapports de diagnostique sont trop long, ils dépassent la taille autorisée par les éditeurs des forums , il faut donc héberger le rapport :

    A/ – Héberge le rapport ZHPDiag.txt sur : SoSVirus Upload et “les captures d’écran aussi”

    ou sur cjoint

    B/ – Cliques sur >> Parcourir (ou choisissez un fichier)

    C/ – Cherche le rapport de ZHPDiag que tu viens de faire qui est sur ton bureau

    D/ – Cliques sur >> envoyer le fichier (ou créer le lien)

    E/ – Un lien sera généré, Un lien de cette forme: http://cjoint.com/index.php?file=cjge368/cijSKAP5fU.txt” onclick=”window.open(this.href);return false;

    F/ – Il te suffit de le poster ici

    dariuss
    Participant
    Nombre d'articles : 49

    sorry, voici le lien: https://antimalware.top/www/?a=d&i=OMXhOXK1dr” onclick=”window.open(this.href);return false; :)

15 sujets de 1 à 15 (sur un total de 23)
  • Vous devez être connecté pour répondre à ce sujet.