15 sujets de 1 à 15 (sur un total de 23)
  • Auteur
    Messages
  • MAURY
    Participant
    Nombre d'articles : 15

    Bonjour,

    Je pense que mon PC est infecté depuis quelques temps. En effet, j’observe de façon de plus en plus formelle et efficiente, un ralentissement du PC, et surtout le pointeur de la souris qui parfois se fige, et un déplacement de la souris qui de fait n’est plus très efficace. Les fonction Copier/Coller sont de plus en plus périlleuses et parfois le déplacement est plus qu’erratique.

    J’ai donc suivi la procédure que vous préconisez, à savoir :

    Lancer ADWCLEANER en voici le rapport :

    [spoiler:26opoxby]# AdwCleaner v4.101 – Rapport créé le 16/11/2014 à 17:00:10
    # Mis à jour le 09/11/2014 par Xplode
    # Database : 2014-11-16.1 [Live]
    # Système d'exploitation : Windows 8.1 (64 bits)
    # Nom d'utilisateur : Pierre-Yves – ASUS-PY
    # Exécuté depuis : C:UsersPierre-YvesAppDataLocalMicrosoftWindowsINetCacheIE1D9JVBO0AdwCleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:UsersPierre-YvesAppDataRoamingSolvusoft

    ***** [ Tâches planifiées ] *****

    Tâche Supprimée : WinThruster
    Tâche Supprimée : WinThruster_DEFAULT
    Tâche Supprimée : WinThruster_UPDATES

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKCUSoftwareSolvusoft
    Clé Supprimée : HKLMSOFTWARESolvusoft

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17416

    -\ Mozilla Firefox v29.0.1 (fr)

    *************************

    AdwCleaner[R0].txt – [4334 octets] – [14/11/2014 01:21:48]
    AdwCleaner[R1].txt – [4398 octets] – [15/11/2014 17:15:42]
    AdwCleaner[R2].txt – [1294 octets] – [16/11/2014 16:58:43]
    AdwCleaner[S0].txt – [4539 octets] – [15/11/2014 17:17:12]
    AdwCleaner[S1].txt – [1175 octets] – [16/11/2014 17:00:10]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [1235 octets] ##########[/spoiler:26opoxby]

    Lancer ensuite Malwarebytes, dont voici le rapport :

    [spoiler:26opoxby]Malwarebytes Anti-Malware
    http://www.malwarebytes.org » onclick= »window.open(this.href);return false;
    Date de l'examen: 16/11/2014
    Heure de l'examen: 17:06:37
    Fichier journal:
    Administrateur: Oui
    Version: 2.00.3.1025
    Base de données Malveillants: v2014.11.16.02
    Base de données Rootkits: v2014.11.12.01
    Licence: Gratuit
    Protection contre les malveillants: Désactivé(e)
    Protection contre les sites Web malveillants: Désactivé(e)
    Auto-protection: Désactivé(e)
    Système d'exploitation: Windows 8.1
    Processeur: x64
    Système de fichiers: NTFS
    Utilisateur: Pierre-Yves
    Type d'examen: Examen « Menaces »
    Résultat: Terminé
    Objets analysés: 377398
    Temps écoulé: 5 min, 54 sec
    Mémoire: Activé(e)
    Démarrage: Activé(e)
    Système de fichiers: Activé(e)
    Archives: Activé(e)
    Rootkits: Désactivé(e)
    Heuristique: Activé(e)
    PUP: Activé(e)
    PUM: Activé(e)
    Processus: 0
    (Aucun élément malicieux detecté)
    Modules: 0
    (Aucun élément malicieux detecté)
    Clés du Registre: 0
    (Aucun élément malicieux detecté)
    Valeurs du Registre: 0
    (Aucun élément malicieux detecté)
    Données du Registre: 0
    (Aucun élément malicieux detecté)
    Dossiers: 0
    (Aucun élément malicieux detecté)
    Fichiers: 0
    (Aucun élément malicieux detecté)
    Secteurs physiques: 0
    (Aucun élément malicieux detecté)
    (end)[/spoiler:26opoxby]

    Lancer enfin ZHPDiag, dont voici le rapport est trop long et que malgré BBCodes je n’arrive pas à vous envoyer en totalité, donc je n’ai mis que le début et la fin ! (merci de me dire comment pratiquer pour vous l’envoyer en totalité) :

    [spoiler:26opoxby]~ Rapport de ZHPDiag v2014.11.15.164 – Nicolas Coolman (15/11/2014)
    ~ Lancé par Pierre-Yves (16/11/2014 17:18:37)
    ~ Facebook : https://www.facebook.com/nicolascoolman1 » onclick= »window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr » onclick= »window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Désactivée par l'utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17416 (Defaut)
    MFIE: Mozilla Firefox 29.0.1

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8.1, 64-bit (Build 9600)
    Windows Server License Manager Script : OK
    ~ Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : Y4DHT
    Windows License : OK
    ~ Windows Remaining Initializations Number : 999
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Bitdefender Internet Security v17.13.0.551
    Malwarebytes Anti-Malware version 2.0.3.1025
    Windows Defender W8 (Deactivate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 15 Plugin
    Adobe Reader X

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8105 MB (71% free)
    System Restore: Activé (Enable)
    System drive C: has 19 GB (19%) free of 98 GB

    —\ Mode de connexion au système
    ~ Computer Name: ASUS-PY
    ~ User Name: Pierre-Yves
    ~ All Users Names: UpdatusUser, Pierre-Yves, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersPierre-YvesAppDataRoamingZHP
    ~ %AppData% : C:UsersPierre-YvesAppDataRoaming
    ~ %Desktop% : C:UsersPierre-YvesDesktop
    ~ %Favorites% : C:UsersPierre-YvesFavorites
    ~ %LocalAppData% : C:UsersPierre-YvesAppDataLocal
    ~ %StartMenu% : C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 19 Go of 98 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 352 Go of 932 Go)
    E: CD-ROM drive (Not Inserted)
    F: Hard drive, Flash drive, Thumb drive (Free 380 Go of 931 Go)
    I: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: Modified =>Hijacker.Application
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 41 Scanned in 00mn 00s

    PARTIE MANQUANTE …

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Pierre-Yves at 16/11/2014 17:20:56
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Scanned in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
    Run by Pierre-Yves at 16/11/2014 17:20:58
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (15/11/2014)
    Clés trouvées (Keys found) : 3
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 2
    Fichiers trouvés (Files found) : 3

    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{16793295-2366-40F7-A045-A3E42A81365E}] =>Toolbar.Bing^
    [HKCUSoftwareMicrosoftWindowsCurrentVersionUninstalluTorrent] =>P2P.BitTorrent^
    C:UsersPierre-YvesAppDataRoaminguTorrent =>P2P.µTorrent^
    C:UsersPierre-YvesAppDataLocalInstaller =>Adware.InstallPedia
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: Modified =>Hijacker.Application^
    [HKCUSoftwareBitTorrent] =>P2P.BitTorrent^
    C:WindowsInstaller8496.msi =>Toolbar.Bing^
    ~ Additionnel Scan: 369155 Items scanned in 00mn 17s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ » onclick= »window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ » onclick= »window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ » onclick= »window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 3 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://www.nicolascoolman.fr/blog/ » onclick= »window.open(this.href);return false; =>Hijacker.Application
    http://nicolascoolman.fr/adware-installpedia » onclick= »window.open(this.href);return false; =>Adware.InstallPedia
    ~ MSI: 2 link(s) detected in 00mn 00s

    End of the scan (1485 lines in 02mn 42s)(4)[/spoiler:26opoxby]

    Voilà où j’en suis pour l’instant.

    J’ai tenté depuis trois jours un certain nombre de nettoyage au travers des logiciels :

    Adwcleaner
    Malwarebytes
    UsbFix
    WinThruster

    Sans parvenir à rétablir une situation convenable.

    Apparemment la situation semble s’aggraver de jour en jour.

    Comme vous le conseillez, je m’en remets donc entre vos mains expertes, en espérant trouver une solution durable et efficace.

    Par avance je vous remercie énormément de trouver un peu de temps à consacrer à mon problème.

    Bien à vous tous.

    Pierre-Yves.

    MAURY
    Participant
    Nombre d'articles : 15

    Voici le rapport manquant PREMIERE PARTIE :

    Rapport ZHPDiag 1ère PARTIE

    [spoiler:26z819fn]~ Rapport de ZHPDiag v2014.11.15.164 – Nicolas Coolman (15/11/2014)
    ~ Lancé par Pierre-Yves (16/11/2014 17:18:37)
    ~ Facebook : https://www.facebook.com/nicolascoolman1 » onclick= »window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr » onclick= »window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Désactivée par l'utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17416 (Defaut)
    MFIE: Mozilla Firefox 29.0.1

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8.1, 64-bit (Build 9600)
    Windows Server License Manager Script : OK
    ~ Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : Y4DHT
    Windows License : OK
    ~ Windows Remaining Initializations Number : 999
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Bitdefender Internet Security v17.13.0.551
    Malwarebytes Anti-Malware version 2.0.3.1025
    Windows Defender W8 (Deactivate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 15 Plugin
    Adobe Reader X

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8105 MB (71% free)
    System Restore: Activé (Enable)
    System drive C: has 19 GB (19%) free of 98 GB

    —\ Mode de connexion au système
    ~ Computer Name: ASUS-PY
    ~ User Name: Pierre-Yves
    ~ All Users Names: UpdatusUser, Pierre-Yves, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersPierre-YvesAppDataRoamingZHP
    ~ %AppData% : C:UsersPierre-YvesAppDataRoaming
    ~ %Desktop% : C:UsersPierre-YvesDesktop
    ~ %Favorites% : C:UsersPierre-YvesFavorites
    ~ %LocalAppData% : C:UsersPierre-YvesAppDataLocal
    ~ %StartMenu% : C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 19 Go of 98 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 352 Go of 932 Go)
    E: CD-ROM drive (Not Inserted)
    F: Hard drive, Flash drive, Thumb drive (Free 380 Go of 931 Go)
    I: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: Modified =>Hijacker.Application
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 41 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] – (.Microsoft Corporation – Explorateur Windows.) (.23/08/2014 – 08:48:28.) — C:WindowsExplorer.exe [2374784]
    [MD5.48CFA7BE561A7BE144C29BB912055016] – (.Microsoft Corporation – Application de démarrage de Windows.) (.22/08/2013 – 10:58:29.) — C:WindowsSystem32Wininit.exe [144384]
    [MD5.BF1FC65A307B31939ADF7F976FDE033C] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.31/10/2014 – 04:45:17.) — C:WindowsSystem32wininet.dll [2365440]
    [MD5.306EB21E5B480AE9065EA55AC8C35936] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.22/02/2014 – 10:45:48.) — C:WindowsSystem32Winlogon.exe [562176]
    [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/12/2013 – 09:54:07.) — C:WindowsSystem32sppcomapi.dll [447488]
    [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.30/05/2014 – 04:03:03.) — C:Windowssystem32DriversAFD.sys [563200]
    [MD5.74B14192CF79A72F7536B27CB8814FBD] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.22/08/2013 – 13:43:41.) — C:Windowssystem32Driversatapi.sys [26464]
    [MD5.2FA6510E33F7DEFEC03658B74101A9B9] – (.Microsoft Corporation – CD-ROM File System Driver.) (.22/08/2013 – 12:40:15.) — C:Windowssystem32DriversCdfs.sys [88576]
    [MD5.C6796EA22B513E3457514D92DCDB1A3D] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.22/08/2013 – 09:46:35.) — C:Windowssystem32DriversCdrom.sys [164352]
    [MD5.A03F362C5557E238CBFA914689C77248] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.06/03/2014 – 10:22:50.) — C:Windowssystem32DriversDfsC.sys [134144]
    [MD5.D4B7ED39C7900384D9E5C1283F1E7926] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.24/07/2014 – 12:45:39.) — C:Windowssystem32DriversHDAudBus.sys [76800]
    [MD5.84CFC5EFA97D0C965EDE1D56F116A541] – (.Microsoft Corporation – Pilote de port i8042.) (.22/08/2013 – 12:39:15.) — C:Windowssystem32Driversi8042prt.sys [107520]
    [MD5.B7342B3C58E91107F6E946A93D9D4EFD] – (.Microsoft Corporation – IP Network Address Translator.) (.02/03/2014 – 14:23:13.) — C:Windowssystem32DriversIpNat.sys [142848]
    [MD5.7A1A3F213CDB3363D179D5014272025D] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.30/04/2014 – 07:41:46.) — C:Windowssystem32DriversMRxSmb.sys [402432]
    [MD5.0217532E19A748F0E5D569307363D5FD] – (.Microsoft Corporation – MBT Transport driver.) (.22/08/2013 – 12:37:02.) — C:Windowssystem32DriversnetBT.sys [282624]
    [MD5.038C77D577900EE39410662478BB0D50] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/07/2014 – 16:07:52.) — C:Windowssystem32Driversntfs.sys [2009920]
    [MD5.764B1121867B2D9B31C491668AC72B2B] – (.Microsoft Corporation – Pilote de port parallèle.) (.22/08/2013 – 12:40:02.) — C:Windowssystem32DriversParport.sys [94208]
    [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.22/08/2013 – 12:35:51.) — C:Windowssystem32DriversRasl2tp.sys [120832]
    [MD5.680C1DAE268B6FB67FA21B389A8B79EF] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.14/11/2013 – 08:16:40.) — C:Windowssystem32Driversrdpdr.sys [195584]
    [MD5.FFF28F9F6823EB1756C60F1649560BBF] – (.Microsoft Corporation – TDI Translation Driver.) (.22/08/2013 – 14:25:35.) — C:Windowssystem32Driverstdx.sys [107520]
    [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.19/06/2014 – 03:13:36.) — C:Windowssystem32Driversvolsnap.sys [310080]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/4483
    ~ Mes musiques (My Musics) : 1/6112
    ~ Mes Videos (My Videos) : 1/28
    ~ Mes Favoris (My Favorites) : 1/187
    ~ Mes Documents (My Documents) : 1/54224
    ~ Mon Bureau (My Desktop) : 2/82
    ~ Menu demarrer (Programs) : 1/83
    ~ Hidden Files: Scanned in 00mn 38s

    —\ Processus lancés
    [MD5.A4D678515206282A22C2C3A7C348A255] – (.ASUSTeK Computer Inc. – ALU MFC Application.) — C:Program Files (x86)ASUSASUS Easy UpdateALU.exe [561976] [PID.4148]
    [MD5.A9AF5B294226ED004DF5103E051A1E11] – (.ASUSTeK Computer Inc. – Message Controller.) — C:Program Files (x86)ASUSMessage ControllerAsMessageController.exe [330368] [PID.4156]
    [MD5.A7FCCBAFEFBBDFB1C5C6C50E138820CB] – (.ASUSTek Computer Inc. – AiChargerDT MFC Application.) — C:Program Files (x86)InstallShield Installation Information{11F6707B-88F9-4D2D-A138-27B657BAE4D2}AiChargerDT.exe [548512] [PID.4164]
    [MD5.8C9231025FAF86B78906B6C847531FFB] – (.ASUSTeK Computer Inc. – ASUS Routine Controller.) — C:Program Files (x86)ASUSAI Suite IIAsRoutineController.exe [2935424] [PID.4184]
    [MD5.73FB8E30C94FB3E3FF22F6993CB4E329] – (.ASUSTeK – AI Charger II.) — C:Program Files (x86)ASUSAI Suite IIAi Charger IIAsChargerIITray.exe [207128] [PID.4200]
    [MD5.3F188126510FA73A469F42DE42252937] – (.ASUSTeK Computer Inc. – AI Suite II.) — C:Program Files (x86)ASUSAI Suite IIAI Suite II.exe [1504640] [PID.4528]
    [MD5.2F03C763EE0DFB4DE56176737DEFB2E2] – (.Microsoft Corporation – Touch Keyboard and Handwriting Panel Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe [21184] [PID.5064]
    [MD5.6081E673783DD0CB7FA50590631DEBFD] – (.ASUSTeK Computer Inc. – Handle ASUS All-In-One any event.) — C:Program Files (x86)ASUSASUS Key SuiteAsKeySuite.exe [692224] [PID.5228]
    [MD5.CA595FA53E6C797EC1AB43AFB4B4F183] – (.Apple Inc. – iCloud.) — C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe [43816] [PID.5752]
    [MD5.096407F0CB75519F4DBFBA5BB413187B] – (.Apple Inc. – iCloud Photos.) — C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe [43816] [PID.5784]
    [MD5.09E60B4FE341A94A300830C008907099] – (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe [60712] [PID.5856]
    [MD5.7E0B4C8EFEDDEBE87D2A1F5A33B965B5] – (.Apple Inc. – Apple IE DAV.) — C:Program Files (x86)Common FilesAppleInternet ServicesAppleIEDAV.exe [1080104] [PID.5996]
    [MD5.55D1B8B470F1D9A95A99268F2B9294AD] – (.Apple Inc. – iCloud Drive.) — C:Program Files (x86)Common FilesAppleInternet ServicesiCloudDrive.exe [43816] [PID.6044]
    [MD5.B7995C675014EEBE77A0BEB7AFCCFC08] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe [91432] [PID.5292]
    [MD5.408A52C9DD19FADB4EC43A0FB30862A8] – (.cyberlink – brs.) — C:Program Files (x86)CyberLinkShared filesbrs.exe [78352] [PID.5108]
    [MD5.0EF0822810009D58118CCDFD098FA9F4] – (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe [157480] [PID.6204]
    [MD5.C32E458C8DDB46220C2D9C7807EC1A3F] – (.Schneider Electric – PowerChute System Tray Power Icon.) — C:Program Files (x86)APCPowerChute Personal Editionapcsystray.exe [673144] [PID.6464]
    [MD5.BE1DAE43DFBCA94FB6B4157C1B16923E] – (…) — ysWOW64RunDll32.exe [0] [PID.6904]
    [MD5.5F1B1148C830C0F149A476A58CE0D09D] – (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet ExplorerIEXPLORE.exe [815248] [PID.3048]
    [MD5.2B02551F83340E9F77A66ED3A6964AAD] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8128000] [PID.7144]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersPierre-YvesAppDataRoamingMozillaFirefoxProfilesopet7saj.defaultprefs.js
    M2 – MFEP: prefs.js [Pierre-Yves – opet7saj.default{6AC85730-7D0F-4de0-B3FA-21142DD85326}] [] ColorZilla v2.8 (..)
    M2 – MFEP: Extension [Pierre-Yves – opet7saj.default] {25A1388B-6B18-46c3-BEBA-A81915D0DE8F}
    M2 – MFEP: Extension [Pierre-Yves – opet7saj.default] {a7c6cf7f-112c-4500-a7ea-39801a327e5f}
    P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:WINDOWSsystem32MacromedFlashNPSWF64_15_0_0_223.dll
    ~ Firefox Browser: 4 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = about:blank
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerAboutURLs,Tabs = http://google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17351 (winblue_r3.140925-1500)) — C:WindowsSysWOW64ieframe.dll
    ~ IE Browser: 12 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (21)
    ~ Hosts File: Scanned in 00mn 00s

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: Bitdefender Wallet [64Bits] – {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender – Bitdefender Password Manager Internet Explo.) — C:Program FilesBitdefenderBitdefenderAntispam32pmbxie.dll
    O2 – BHO: Bing Bar Helper [64Bits] – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. – Extensions du client Bing.) — C:Program Files (x86)MicrosoftBingBar7.1.362.0BingExt.dll =>Toolbar.Bing
    O2 – BHO: Bitdefender Wallet [64Bits] – {09F58E74-42B4-4D70-BA26-35FC954E7A17} Clé orpheline
    ~ BHO: 3 Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSQuickLaunch [Pierre-Yves]: µTorrent.lnk . (.BitTorrent Inc. – µTorrent.) — C:UsersPierre-YvesAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Global Startup: 1 Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:WINDOWSsystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:WINDOWSsystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:WINDOWSsystem32igfxpers.exe
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARtkNGUI64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [RtHDVBg] . (.Realtek Semiconductor – HD Audio Background Process.) — C:Program FilesRealtekAudioHDARAVBg64.exe
    O4 – HKLM..Run: [PrnStatusMX] . (.Marvell Semiconductor, Inc. – Status Monitor..) — C:Program FilesHewlett-PackardPrnStatusMXPrnStatusMX.exe
    O4 – HKLM..Run: [DptfPolicyLpmServiceHelper] . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Frame.) — C:WindowsSystem32DptfPolicyLpmServiceHelper.exe
    O4 – HKLM..Run: [Logitech Download Assistant] . (.Logitech, Inc. – Logitech Download Assistant.) — C:WindowsSystem32LogiLDA.dll
    O4 – HKLM..Run: [Bdagent] . (.Bitdefender – Bitdefender Agent.) — C:Program FilesBitdefenderBitdefenderbdagent.exe
    O4 – HKCU..Run: [BrowserChoice] . (.Microsoft Corporation – Choix de navigateur .) — C:WindowsBrowserChoicebrowserchoice.exe
    O4 – HKCU..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKCU..Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKCU..Run: [iCloudServices] . (.Apple Inc. – iCloud.) — C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
    O4 – HKCU..Run: [ApplePhotoStreams] . (.Apple Inc. – iCloud Photos.) — C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
    O4 – HKCU..Run: [AppleIEDAV] . (.Apple Inc. – Apple IE DAV.) — C:Program Files (x86)Common FilesAppleInternet ServicesAppleIEDAV.exe
    O4 – HKCU..Run: [GoogleDriveSync] . (.Google – Google Drive.) — C:Program Files (x86)GoogleDrivegoogledrivesync.exe
    O4 – HKCU..Run: [iCloudDrive] . (.Apple Inc. – iCloud Drive.) — C:Program Files (x86)Common FilesAppleInternet ServicesiCloudDrive.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
    O4 – HKLM..Wow6432NodeRun: [ASUSWebStorage] . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.18.159AsusWSPanel.exe
    O4 – HKLM..Wow6432NodeRun: [RemoteControl10] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
    O4 – HKLM..Wow6432NodeRun: [BDRegion] . (.cyberlink – brs.) — C:Program Files (x86)CyberlinkShared filesbrs.exe
    O4 – HKLM..Wow6432NodeRun: [WD Quick View] . (.Western Digital Technologies, Inc. – WD Quick View.) — C:Program Files (x86)Western DigitalWD Quick ViewWDDMStatus.exe =>.Western Digital Technologies
    O4 – HKLM..Wow6432NodeRun: [Display] . (.Schneider Electric – Startup Notification Module.) — C:Program Files (x86)APCPowerChute Personal EditionDataCollectionLauncher.exe
    O4 – HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe
    O4 – HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program Files (x86)QuickTimeQTTask.exe
    O4 – HKUS.DEFAULT..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKUS.DEFAULT..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKUS.DEFAULT..Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKUSS-1-5-21-56244234-3435256318-1957789070-1001..RunOnce: [WAB Migrate] . (.Microsoft Corporation – Windows Contacts.) — C:Program Files (x86)Windows Mailwab.exe =>.Microsoft Corporation
    ~ Application: Scanned in 00mn 00s

    —\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:WINDOWSsystem32napinsp.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:WINDOWSsystem32pnrpnsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:WINDOWSsystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:WINDOWSsystem32NLAapi.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:WINDOWSsystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:WINDOWSsystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:WINDOWSsystem32wshbth.dll
    O10 – WLSP:00000000008Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program Files (x86)BonjourmdnsNSP.dll
    ~ Winsock: 8 Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{C04ED415-418A-416C-ACF5-707292CA8255}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{C04ED415-418A-416C-ACF5-707292CA8255}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon Filesmicrosoft sharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 327.) – C:Windowssystem32nvinitx.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    O23 – Service: APC Data Service (APC Data Service) . (.Schneider Electric – PowerChute Data Service.) – C:Program Files (x86)APCPowerChute Personal Editiondataserv.exe
    O23 – Service: APC UPS Service (APC UPS Service) . (.Schneider Electric – Battery Backup Management Service.) – C:Program Files (x86)APCPowerChute Personal Editionmainserv.exe
    O23 – Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. – MobileDeviceService.) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    O23 – Service: ASUS System Control Service (AsSysCtrlService) . (.ASUSTeK Computer Inc. – AsSysCtr Application.) – C:Program Files (x86)ASUSAsSysCtrlService1.00.13AsSysCtrlService.exe
    O23 – Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.Pas de propriétaire – Asus WebStorage Windows Service.) – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.18.159AsusWSWinService.exe
    O23 – Service: oem37.inf (BcmBtRSupport) . (.Broadcom Corporation. – Bluetooth Radio Management Support.) – C:WindowsSystem32BtwRSupportService.exe
    O23 – Service: Service Bonjour (Bonjour Service) . (.Apple Inc. – Bonjour Service.) – C:Program FilesBonjourmDNSResponder.exe
    O23 – Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. – Bluetooth Support Server.) – C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
    O23 – Service: CyberLink Product – 2013/11/13 22:54:16 (CLKMSVC10_38F51D56) . (.CyberLink – CyberLink KM Service.) – C:Program Files (x86)CyberLinkPowerDVD10NavFilterkmsvc.exe
    O23 – Service: oem28.inf (DptfParticipantProcessorService) . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Frame.) – C:WindowsSystem32DptfParticipantProcessorService.exe
    O23 – Service: oem28.inf (DptfPolicyCriticalService) . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Frame.) – C:WindowsSystem32DptfPolicyCriticalService.exe
    O23 – Service: FABS – Helping agent for MAGIX media database (Fabs) . (.MAGIX AG – Verzeichnisüberwachung und Hilfsaufgaben fü.) – C:Program Files (x86)Common FilesMAGIX ServicesDatabasebinFABS.exe
    O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d'installation de Google.) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe =>.Google Inc
    O23 – Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation – Intel(R) Capability Licensing Service Inter.) – C:Program FilesInteliCLS ClientHeciServer.exe
    O23 – Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Intel(R) Local Management Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    O23 – Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 327.0.) – C:WINDOWSsystem32nvvsvc.exe
    O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation – NVIDIA Settings Update Manager.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    O23 – Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    O23 – Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender – Bitdefender Update Service.) – C:Program FilesBitdefenderBitdefenderupdatesrv.exe
    O23 – Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender – Bitdefender Security Service.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    O23 – Service: WD Backup (WDBackup) . (.Western Digital Technologies, Inc. – WD Backup Engine.) – C:Program Files (x86)Western DigitalWD SmartWareWDBackupEngine.exe
    O23 – Service: WD Drive Manager (WDDriveService) . (.Western Digital Technologies, Inc. – WD Drive Service.) – C:Program Files (x86)Western DigitalWD Drive ManagerWDDriveService.exe
    ~ Services: 24 Scanned in 00mn 06s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *bddel.exe) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.D51145F6B0CE987850F13A61DAD5E531] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [267440]
    [MD5.4A297525D3CF9535FD760CE40C409EEF] [APT] [Apple Diagnostics] (.Apple Inc..) — C:Program Files (x86)Common FilesAppleInternet ServicesEReporter.exe [43816]
    [MD5.7529BF17445E16315A95B450CE985C11] [APT] [AsusVibeSchedule] (…) — C:Program Files (x86)AsusAsusVibeAsusVibeLauncher.exe [1957040]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) — C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [561984]
    [MD5.A9AF5B294226ED004DF5103E051A1E11] [APT] [AsMessageController] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSMessage ControllerAsMessageController.exe [330368]
    [MD5.8C9231025FAF86B78906B6C847531FFB] [APT] [ASUS AI Suite II Execute] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSAI Suite IIAsRoutineController.exe [2935424]
    [MD5.A7FCCBAFEFBBDFB1C5C6C50E138820CB] [APT] [ASUS AiCharger_Desktop Execute] (.ASUSTek Computer Inc..) — C:Program Files (x86)InstallShield Installation Information{11F6707B-88F9-4D2D-A138-27B657BAE4D2}AiChargerDT.exe [548512]
    [MD5.73FB8E30C94FB3E3FF22F6993CB4E329] [APT] [ASUS AiCharger_II TrayIcon] (.ASUSTeK.) — C:Program Files (x86)ASUSAI Suite IIAi Charger IIAsChargerIITray.exe [207128]
    [MD5.A4D678515206282A22C2C3A7C348A255] [APT] [ASUS Easy Update 2] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Easy UpdateALU.exe [561976]
    [MD5.DE603EA0803B7EFE0A045A6C40BCB06D] [APT] [ASUS Key Suite Helper] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Key SuiteAsRunKeySuite.exe [233856]
    [MD5.A4B831E2E99B13D03825C3D7FC3983A5] [APT] [EnergyIntelligentHelper] (.ASUSTeK Computer Inc..) — C:Program Files (x86)ASUSASUS Energy IntelligentAsEIHelper.exe [232064]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1088]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1088]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1092]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1092]
    ~ Scheduled Task: 17 Scanned in 00mn 02s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:WindowsSystem32mscories.dll
    ~ Active Setup: 7 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: C:WindowsSystem32driversahcache.sys (ahcache) . (.Microsoft Corporation – Application Compatibility Cache.) – C:WindowsSystem32DRIVERSahcache.sys
    O41 – Driver: (AsIO) . (…) – C:WindowsSyswow64driversAsIO.sys
    O41 – Driver: (AsUpIO) . (…) – C:WindowsSyswow64driversAsUpIO.sys
    O41 – Driver: (BasicDisplay) . (.Microsoft Corporation – Microsoft Basic Display Driver.) – C:Windowssystem32driversBasicDisplay.sys
    O41 – Driver: (BasicRender) . (.Microsoft Corporation – Microsoft Basic Render Driver.) – C:Windowssystem32driversBasicRender.sys
    O41 – Driver: oem14.inf (BdfNdisf) . (.BitDefender LLC – BitDefender Firewall NDIS6 Filter Driver.) – C:Program FilesCommon FilesBitdefenderBitdefender Firewallbdfndisf6.sys
    O41 – Driver: (bdfwfpf) . (.BitDefender LLC – BitDefender Firewall WFP Filter Driver.) – C:Program FilesCommon FilesBitdefenderBitdefender Firewallbdfwfpf.sys
    O41 – Driver: cdrom.inf (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:Windowssystem32driverscdrom.sys
    O41 – Driver: C:WindowsSystem32driversdam.sys (dam) . (.Microsoft Corporation – DAM Kernel Driver.) – C:WindowsSystem32driversdam.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (Dfsc) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: (HssDRV6) . (. – .) – C:Windowssystem32DRIVERShssdrv6.sys (.not file.)
    O41 – Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:Windowssystem32driversmssmbios.sys
    O41 – Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation – Named pipe service triggers.) – C:Windowssystem32driversnpsvctrig.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:Windowssystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:Windowssystem32DRIVERStdx.sys
    O41 – Driver: C:WindowsSystem32driversvwififlt.sys (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:Windowssystem32DRIVERSvwififlt.sys
    ~ Drivers: 42 Scanned in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: AI Suite II – (.ASUSTeK Computer Inc..) [HKLM][64Bits] — {34D3688E-A737-44C5-9E2A-FF73618728E1}
    O42 – Logiciel: ASUS Easy Update 2 – (.ASUSTeK Computer Inc..) [HKLM][64Bits] — {E7AA854E-6756-424E-84C2-4E47D5729AFF}
    O42 – Logiciel: ASUS Energy Intelligent – (.ASUSTeK Computer Inc..) [HKLM][64Bits] — {892D3284-7E93-4825-805D-4C0F7C88541D}
    O42 – Logiciel: ASUS Key Suite – (.ASUSTeK Computer Inc..) [HKLM][64Bits] — {71E2F4D6-191A-4A36-8A5C-8AFEA92729C9}
    O42 – Logiciel: ASUS LifeFrame3 – (.ASUS.) [HKLM][64Bits] — {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
    O42 – Logiciel: ASUS MX Suite – (.MAGIX AG.) [HKLM][64Bits] — MAGIX_{CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}
    O42 – Logiciel: ASUS MX Suite – (.MAGIX AG.) [HKLM][64Bits] — {CFA9C800-9B0B-42E3-92E7-08B5AF2E192E}
    O42 – Logiciel: ASUS Music Maker – (.MAGIX AG.) [HKLM][64Bits] — MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}
    O42 – Logiciel: ASUS Music Maker – (.MAGIX AG.) [HKLM][64Bits] — {AB515018-7F9D-4047-B0C0-F26BAC30F3E1}
    O42 – Logiciel: ASUS Video easy – (.MAGIX AG.) [HKLM][64Bits] — MAGIX_{E3185090-8796-46FB-A27F-6C844F106DAC}
    O42 – Logiciel: ASUS Video easy – (.MAGIX AG.) [HKLM][64Bits] — {E3185090-8796-46FB-A27F-6C844F106DAC}
    O42 – Logiciel: ASUS Virtual Camera – (.ASUS.) [HKLM][64Bits] — {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
    O42 – Logiciel: ASUS WebStorage Sync Agent – (.ASUS Cloud Corporation.) [HKLM][64Bits] — ASUS WebStorage
    O42 – Logiciel: ASUSDVD – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
    O42 – Logiciel: ASUSDVD – (.CyberLink Corp..) [HKLM][64Bits] — {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
    O42 – Logiciel: Adobe Flash Player 15 Plugin – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player Plugin
    O42 – Logiciel: Adobe Photoshop 6.0 – (.Adobe Systems, Inc..) [HKLM][64Bits] — Adobe Photoshop 6.0
    O42 – Logiciel: Adobe Reader X (10.1.12) MUI – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
    O42 – Logiciel: Alcor Micro USB Card Reader – (.Alcor Micro Corp..) [HKLM][64Bits] — AmUStor
    O42 – Logiciel: Anvil Studio – (.Willow Software.) [HKLM][64Bits] — {A5CB2B69-9C01-4E67-A2FE-902D1262F9ED}
    O42 – Logiciel: Apple Application Support – (.Apple Inc..) [HKLM][64Bits] — {83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}
    O42 – Logiciel: Apple Mobile Device Support – (.Apple Inc..) [HKLM][64Bits] — {BDD99690-3541-4619-9D2A-3CDDB3E15F9E}
    O42 – Logiciel: Apple Software Update – (.Apple Inc..) [HKLM][64Bits] — {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
    O42 – Logiciel: ArcSoft TV 5.0 – (.ArcSoft, Inc..) [HKLM][64Bits] — {94ED52E0-24A0-4AD8-9BFD-0560CA680A80}
    O42 – Logiciel: AsusVibe2.0 – (.ASUSTEK.) [HKLM][64Bits] — Asus Vibe2.0
    O42 – Logiciel: Audacity 2.0.3 – (.Audacity Team.) [HKLM][64Bits] — Audacity_is1
    O42 – Logiciel: Bing Bar – (.Microsoft Corporation.) [HKLM][64Bits] — {16793295-2366-40F7-A045-A3E42A81365E} =>Toolbar.Bing
    O42 – Logiciel: Bitdefender Internet Security – (.Bitdefender.) [HKLM][64Bits] — Bitdefender
    O42 – Logiciel: Bonjour – (.Apple Inc..) [HKLM][64Bits] — {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
    O42 – Logiciel: Cisco EAP-FAST Module – (.Cisco Systems, Inc..) [HKLM][64Bits] — {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
    O42 – Logiciel: Cisco LEAP Module – (.Cisco Systems, Inc..) [HKLM][64Bits] — {51C7AD07-C3F6-4635-8E8A-231306D810FE}
    O42 – Logiciel: Cisco PEAP Module – (.Cisco Systems, Inc..) [HKLM][64Bits] — {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: Data Lifeguard Diagnostic for Windows 1.27 – (.Western Digital Corporation.) [HKLM][64Bits] — {519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1
    O42 – Logiciel: Dropbox – (.Dropbox, Inc..) [HKCU][64Bits] — Dropbox
    O42 – Logiciel: ENE CIR Receiver Driver – (.ENE.) [HKLM][64Bits] — 418374E8BD1F08FCA12E6AEC5F8FD985D836DC4B
    O42 – Logiciel: Fingertapps Instruments – (.Fingertapps.) [HKLM][64Bits] — {6C4110E1-EB0A-4534-B3C7-474530E2D6E9}
    O42 – Logiciel: Firebird SQL Server – MAGIX Edition – (.MAGIX AG.) [HKLM][64Bits] — {39AB2E37-1A55-4292-A5D3-971E9F70D0F8}
    O42 – Logiciel: FormatFactory 3.3.1.0 – (.Format Factory.) [HKLM][64Bits] — FormatFactory
    O42 – Logiciel: Fotogalerie – (.Microsoft Corporation.) [HKLM][64Bits] — {0FD66C6F-4023-4C74-AF8E-9B8B2053868E}
    O42 – Logiciel: Galeria de Fotografias – (.Microsoft Corporation.) [HKLM][64Bits] — {6DFF6F1B-F876-4007-AC82-42D5DDF0E090}
    O42 – Logiciel: Galerie de photos – (.Microsoft Corporation.) [HKLM][64Bits] — {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}
    O42 – Logiciel: Galería de fotos – (.Microsoft Corporation.) [HKLM][64Bits] — {F7314CA2-F900-46D7-9EA1-FBDD9D73F765}
    O42 – Logiciel: Google Drive – (.Google, Inc..) [HKLM][64Bits] — {C60F3836-333A-4AE2-B526-CFDBA143A9BA}
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM][64Bits] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 – Logiciel: HiVision MC816 – (.ASUS.) [HKLM][64Bits] — {9E92E872-2266-4B08-B382-1D9E604EDFAD}
    O42 – Logiciel: Ignite – (.AIR Music Technology.) [HKLM][64Bits] — {9A731246-E02E-44DC-940D-0F8110C1789D}
    O42 – Logiciel: Intel(R) Dynamic Platform and Thermal Framework – (.Intel Corporation.) [HKLM][64Bits] — FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C
    O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 – Logiciel: Intel(R) Processor Graphics – (.Intel Corporation.) [HKLM][64Bits] — {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
    O42 – Logiciel: Intel(R) SDK for OpenCL – CPU Only Runtime Package – (.Intel Corporation.) [HKLM][64Bits] — {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
    O42 – Logiciel: Intel® Trusted Connect Service Client – (.Intel Corporation.) [HKLM][64Bits] — {44B72151-611E-429D-9765-9BA093D7E48A}
    O42 – Logiciel: LAME v3.99.3 (for Windows) – (…) [HKLM][64Bits] — LAME_is1
    O42 – Logiciel: Logiciel Logitech Unifying 2.10 – (.Logitech.) [HKLM][64Bits] — Logitech Unifying
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: MSVCRT110 – (.Microsoft.) [HKLM][64Bits] — {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
    O42 – Logiciel: MSVCRT110_amd64 – (.Microsoft.) [HKLM][64Bits] — {E9FA781F-3E80-4399-825A-AD3E11C28C77}
    O42 – Logiciel: MSXML 4.0 SP3 Parser (KB2758694) – (.Microsoft Corporation.) [HKLM][64Bits] — {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
    O42 – Logiciel: MSXML 4.0 SP3 Parser – (.Microsoft Corporation.) [HKLM][64Bits] — {196467F1-C11F-4F76-858B-5812ADC83B94}
    O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.3.1025 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
    O42 – Logiciel: Melodyne Runtime 4.1 (x64) – (.Celemony Software GmbH.) [HKLM][64Bits] — {53EE2829-E9DB-4913-B3EA-96F10F84E98B}
    O42 – Logiciel: Melodyne singletrack – (.Celemony Software GmbH.) [HKLM][64Bits] — {16DF894D-FC3F-4B87-908D-671E201CD7A8}
    O42 – Logiciel: Microsoft OneDrive – (.Microsoft Corporation.) [HKCU][64Bits] — OneDriveSetup.exe
    O42 – Logiciel: Mozilla Firefox 29.0.1 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Firefox 29.0.1 (x86 fr)
    O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM][64Bits] — MozillaMaintenanceService
    O42 – Logiciel: MuseScore 1.3 – (.Werner Schweer and Others.) [HKLM][64Bits] — MuseScore
    O42 – Logiciel: NVIDIA 3D Vision Controller Driver 320.49 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
    O42 – Logiciel: NVIDIA 3D Vision Driver 320.49 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
    O42 – Logiciel: NVIDIA Graphics Driver 320.49 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
    O42 – Logiciel: NVIDIA PhysX – (.NVIDIA Corporation.) [HKLM][64Bits] — {3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}
    O42 – Logiciel: NVIDIA PhysX System Software 9.13.0604 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
    O42 – Logiciel: NVIDIA Stereoscopic 3D Driver – (.NVIDIA Corporation.) [HKLM][64Bits] — NVIDIAStereo
    O42 – Logiciel: Notepad++ – (.Notepad++ Team.) [HKLM][64Bits] — Notepad++
    O42 – Logiciel: Pizzicato 3.6.2 – (…) [HKLM][64Bits] — Pizzicato 3.6.2
    O42 – Logiciel: PowerChute Personal Edition 3.0.2 – (.Schneider Electric.) [HKLM][64Bits] — {8ED262EE-FC73-47A9-BB86-D92223246881}
    O42 – Logiciel: QuickTime 7 – (.Apple Inc..) [HKLM][64Bits] — {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
    O42 – Logiciel: Raccolta foto – (.Microsoft Corporation.) [HKLM][64Bits] — {FA6BC7A5-85B3-4DC2-825C-D508E386151A}
    O42 – Logiciel: Realtek Ethernet Controller Driver – (.Realtek.) [HKLM][64Bits] — {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
    O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 – Logiciel: Revo Uninstaller Pro 3.1.1 – (.VS Revo Group, Ltd..) [HKLM][64Bits] — {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1
    O42 – Logiciel: Services d’impression Bonjour – (.Apple Inc..) [HKLM][64Bits] — {0DA20600-6130-443B-9D4B-F30520315FA6}
    O42 – Logiciel: Shared C Run-time for x64 – (.McAfee.) [HKLM][64Bits] — {EF79C448-6946-4D71-8134-03407888C054}
    O42 – Logiciel: Sibelius Scorch (ActiveX Only) – (.Sibelius Software.) [HKLM][64Bits] — {868291A4-229E-4795-B0B0-E60E87AF53CD}
    O42 – Logiciel: Steinberg Cubase LE AI Elements 7 64bit – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {67E7C608-D0EA-4273-B374-50ABE42FBE08}
    O42 – Logiciel: Steinberg Drum Loop Expansion 01 – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {490BF87E-1F75-4453-BF55-9F540543A3CA}
    O42 – Logiciel: Steinberg Groove Agent ONE Content – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {BD86F1AC-B594-46E4-85DC-1258AC9E2232}
    O42 – Logiciel: Steinberg Groove Agent ONE Vintage Beatboxes – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {DBF4BC99-53F1-4C97-84C3-7557D103E182}
    O42 – Logiciel: Steinberg HALion Sonic SE 64bit – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {B99C316B-C135-43B5-8E77-2BC5E241F964}
    O42 – Logiciel: Steinberg HALion Sonic SE Content for Cubase LE AI Elements – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {CF45002F-2205-4116-BB51-2D015F436CAC}
    O42 – Logiciel: Steinberg Midi Loop Library – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {89DE2651-6DD9-4C15-AC94-8348362D456C}
    O42 – Logiciel: Steinberg REVerence Content 01 – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {532B917B-8235-4FA5-BE36-643A8BB053A5}
    O42 – Logiciel: Steinberg Upload Manager – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {88BBBD8F-4C19-4809-B84B-7A8F8238B48D}
    O42 – Logiciel: Steinberg VST Amp Rack Content 01 – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — {8CBA7E47-48DA-47DC-8E98-6984BA830295}
    O42 – Logiciel: VLC media player – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
    O42 – Logiciel: WD My Cloud – (.Western Digital Technologies, Inc..) [HKLM][64Bits] — {9F78524D-D5CD-4BC6-9A26-5F24265C5C30}
    O42 – Logiciel: WD Quick View – (.Western Digital Technologies, Inc..) [HKLM][64Bits] — {2B51FAB1-DAA9-4EED-BB23-14DCCDABC2B0} =>.Western Digital Technologies
    O42 – Logiciel: WD SmartWare – (.Western Digital Technologies, Inc..) [HKLM][64Bits] — {C6A9F314-CC7F-48E9-9F2B-7DC6E0D3FA10}
    O42 – Logiciel: WD SmartWare Installer – (.Western Digital Technologies, Inc..) [HKLM][64Bits] — {2d588de7-f4f6-4d6d-8719-32cbb9637e9e}
    O42 – Logiciel: WIDCOMM Bluetooth Software – (.Broadcom Corporation.) [HKLM][64Bits] — {C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}
    O42 – Logiciel: WinRAR 5.01 beta 1 (64-bit) – (.win.rar GmbH.) [HKLM][64Bits] — WinRAR archiver
    O42 – Logiciel: WinSweeper 2.1 – (.Solvusoft Corporation.) [HKLM][64Bits] — {96E8A815-3053-4616-AAC2-865E6B1792F5}_is1
    O42 – Logiciel: calibre – (.Kovid Goyal.) [HKLM][64Bits] — {50AC4BCB-F2C7-4BD6-B216-02FE16E7D03C}
    O42 – Logiciel: eLicenser Control – (.Steinberg Media Technologies GmbH.) [HKLM][64Bits] — eLicenser Control
    O42 – Logiciel: eManual – (.ASUSTeK Computer Inc..) [HKLM][64Bits] — {0C84E634-EB68-4A54-B21E-A05EC87A4CC5}
    O42 – Logiciel: iTunes – (.Apple Inc..) [HKLM][64Bits] — {2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}
    O42 – Logiciel: vanBasco's Karaoke Player – (…) [HKLM][64Bits] — VMidi
    O42 – Logiciel: µTorrent – (.BitTorrent Inc..) [HKCU][64Bits] — uTorrent =>P2P.BitTorrent
    O42 – Logiciel: Συλλογή φωτογραφιών – (.Microsoft Corporation.) [HKLM][64Bits] — {032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}
    O42 – Logiciel: 影像中心 – (.Microsoft Corporation.) [HKLM][64Bits] — {7DB15F28-5E38-476A-A773-EA07EAEAB1B3}
    O42 – Logiciel: 照片库 – (.Microsoft Corporation.) [HKLM][64Bits] — {25716F85-7DB7-4CB4-8BD3-1992DBA3F59C}
    ~ Logic: 57 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareAIR Music Technology]
    [HKCUSoftwareAPC]
    [HKCUSoftwareARPEGE]
    [HKCUSoftwareASIO]
    [HKCUSoftwareASUS]
    [HKCUSoftwareAbleton]
    [HKCUSoftwareAdobe]
    [HKCUSoftwareAppDataLowSoftwareAdobe]
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareApple Computer, Inc.]
    [HKCUSoftwareApple Inc.]
    [HKCUSoftwareAudacity]
    [HKCUSoftwareBitTorrent] =>P2P.BitTorrent
    [HKCUSoftwareBitdefender]
    [HKCUSoftwareCaphyon]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareCyberLink]
    [HKCUSoftwareECAREME]
    [HKCUSoftwareFingertapps]
    [HKCUSoftwareFreeTime]
    [HKCUSoftwareGNU]
    [HKCUSoftwareGabest]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareHaali]
    [HKCUSoftwareIntel]
    [HKCUSoftwareLake]
    [HKCUSoftwareLicenses]
    [HKCUSoftwareLocal AppWizard-Generated Applications]
    [HKCUSoftwareLogiShrd]
    [HKCUSoftwareLogitech]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMalavida]
    [HKCUSoftwareMarvell]
    [HKCUSoftwareMine]
    [HKCUSoftwareMirage]
    [HKCUSoftwareMozilla]
    [HKCUSoftwareNVIDIA Corporation]
    [HKCUSoftwareNetscape]
    [HKCUSoftwareNorthcode Inc]
    [HKCUSoftwareODBC]
    [HKCUSoftwareOpenXML-ODF Translator]
    [HKCUSoftwarePolicies]
    [HKCUSoftwareRealtek]
    [HKCUSoftwareRegisteredApplications]
    [HKCUSoftwareSteinberg Media Technologies GmbH]
    [HKCUSoftwareSteinberg]
    [HKCUSoftwareTeleCharger]
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareUsbFix]
    [HKCUSoftwareVS Revo Group]
    [HKCUSoftwareWIDISOFT]
    [HKCUSoftwareWaves Audio]
    [HKCUSoftwareWebApp]
    [HKCUSoftwareWestern Digital]
    [HKCUSoftwareWidcomm]
    [HKCUSoftwareWillowMusicStudio]
    [HKCUSoftwareWinRAR SFX]
    [HKCUSoftwareWinRAR]
    [HKCUSoftwareWinSweeper2]
    [HKCUSoftwareWinSweeper]
    [HKCUSoftwareWow6432Node]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKCUSoftwaretelecharger-gratuit]
    [HKCUSoftwarevanBasco]
    [HKLMSoftwareAGEIA Technologies]
    [HKLMSoftwareAIR Music Technology]
    [HKLMSoftwareASIO]
    [HKLMSoftwareATI Technologies]
    [HKLMSoftwareAVC3]
    [HKLMSoftwareApple Computer, Inc.]
    [HKLMSoftwareApple Inc.]
    [HKLMSoftwareBitDefender Parental Control]
    [HKLMSoftwareBitDefender]
    [HKLMSoftwareBitdefenderSavedSettings]
    [HKLMSoftwareBroadcom]
    [HKLMSoftwareCelemony Software GmbH]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareDTS]
    [HKLMSoftwareDolby]
    [HKLMSoftwareECAREME]
    [HKLMSoftwareGEAR Software]
    [HKLMSoftwareHewlett-Packard]
    [HKLMSoftwareIntel]
    [HKLMSoftwareKhronos]
    [HKLMSoftwareKnowles]
    [HKLMSoftwareLogishrd]
    [HKLMSoftwareLogitech]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareMozilla]
    [HKLMSoftwareNVIDIA Corporation]
    [HKLMSoftwareNuance]
    [HKLMSoftwareODBC]
    [HKLMSoftwarePolicies]
    [HKLMSoftwarePropellerhead Software]
    [HKLMSoftwareRTLSetup]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareSRS Labs]
    [HKLMSoftwareSonicFocus]
    [HKLMSoftwareWaves Audio]
    [HKLMSoftwareWestern Digital]
    [HKLMSoftwareWidcomm]
    [HKLMSoftwareWinRAR]
    [HKLMSoftwareWow6432NodeAGEIA Technologies]
    [HKLMSoftwareWow6432NodeAIR Music Technology]
    [HKLMSoftwareWow6432NodeAPC]
    [HKLMSoftwareWow6432NodeARPEGE]
    [HKLMSoftwareWow6432NodeASUS]
    [HKLMSoftwareWow6432NodeAdobe]
    [HKLMSoftwareWow6432NodeAdwCleaner]
    [HKLMSoftwareWow6432NodeAnvilStudio]
    [HKLMSoftwareWow6432NodeApple Computer, Inc.]
    [HKLMSoftwareWow6432NodeApple Inc.]
    [HKLMSoftwareWow6432NodeArcSoft]
    [HKLMSoftwareWow6432NodeAviSynth]
    [HKLMSoftwareWow6432NodeBitdefender]
    [HKLMSoftwareWow6432NodeCelemony Software GmbH]
    [HKLMSoftwareWow6432NodeClasses]
    [HKLMSoftwareWow6432NodeClients]
    [HKLMSoftwareWow6432NodeCyberLink]
    [HKLMSoftwareWow6432NodeECAREME]
    [HKLMSoftwareWow6432NodeGNU]
    [HKLMSoftwareWow6432NodeGoogle]
    [HKLMSoftwareWow6432NodeHaaliMkx]
    [HKLMSoftwareWow6432NodeIntel]
    [HKLMSoftwareWow6432NodeJGsoft]
    [HKLMSoftwareWow6432NodeKhronos]
    [HKLMSoftwareWow6432NodeLake]
    [HKLMSoftwareWow6432NodeLame For Audacity]
    [HKLMSoftwareWow6432NodeLicenses]
    [HKLMSoftwareWow6432NodeLindersoft]
    [HKLMSoftwareWow6432NodeMAGIX]
    [HKLMSoftwareWow6432NodeMacromedia]
    [HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware]
    [HKLMSoftwareWow6432NodeMozillaPlugins]
    [HKLMSoftwareWow6432NodeMozilla]
    [HKLMSoftwareWow6432NodeNVIDIA Corporation]
    [HKLMSoftwareWow6432NodeNuance]
    [HKLMSoftwareWow6432NodeODBC]
    [HKLMSoftwareWow6432NodePolicies]
    [HKLMSoftwareWow6432NodePropellerhead Software]
    [HKLMSoftwareWow6432NodeRealtek Semiconductor Corp.]
    [HKLMSoftwareWow6432NodeRealtek]
    [HKLMSoftwareWow6432NodeRegisteredApplications]
    [HKLMSoftwareWow6432NodeSOSVirus]
    [HKLMSoftwareWow6432NodeTrendMicro]
    [HKLMSoftwareWow6432NodeVideoLAN]
    [HKLMSoftwareWow6432NodeWDPA]
    [HKLMSoftwareWow6432NodeWerner Schweer and Others]
    [HKLMSoftwareWow6432NodeWestern Digital]
    [HKLMSoftwareWow6432Nodecalibre]
    [HKLMSoftwareWow6432Nodemozilla.org]
    [HKLMSoftwareWow6432Node]
    ~ Key Software: 327 Scanned in 00mn 00s[/spoiler:26z819fn]

    MAURY
    Participant
    Nombre d'articles : 15

    Fichier ZHPDiag 2ème PARTIE

    [spoiler:37kh3dia]—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 02/03/2014 – 12:43:47 – [] —-D C:Program Files (x86)Adobe
    O43 – CFD: 14/11/2013 – 07:37:21 – [0] —-D C:Program Files (x86)AGEIA Technologies
    O43 – CFD: 14/11/2013 – 07:40:01 – [] —-D C:Program Files (x86)AmIcoSingLun
    O43 – CFD: 08/04/2014 – 19:04:16 – [] —-D C:Program Files (x86)Anvil Studio 2013
    O43 – CFD: 25/10/2014 – 14:15:03 – [] —-D C:Program Files (x86)APC
    O43 – CFD: 08/02/2014 – 17:15:08 – [] —-D C:Program Files (x86)Apple Software Update =>.Apple Inc
    O43 – CFD: 14/11/2013 – 07:53:02 – [] —-D C:Program Files (x86)ArcSoft
    O43 – CFD: 14/11/2013 – 07:50:48 – [] —-D C:Program Files (x86)ASUS
    O43 – CFD: 24/06/2014 – 14:00:13 – [] —-D C:Program Files (x86)Audacity
    O43 – CFD: 08/02/2014 – 17:15:02 – [] —-D C:Program Files (x86)Bonjour
    O43 – CFD: 09/02/2014 – 19:35:24 – [] —-D C:Program Files (x86)Calibre2
    O43 – CFD: 06/06/2014 – 09:58:58 – [] —-D C:Program Files (x86)Celemony
    O43 – CFD: 14/11/2013 – 07:43:51 – [] —-D C:Program Files (x86)Cisco
    O43 – CFD: 06/11/2014 – 01:06:22 – [] —-D C:Program Files (x86)Common Files
    O43 – CFD: 14/11/2013 – 07:54:16 – [] —-D C:Program Files (x86)CyberLink
    O43 – CFD: 06/11/2014 – 01:02:54 – [] —-D C:Program Files (x86)eLicenser
    O43 – CFD: 14/11/2013 – 07:52:43 – [] —-D C:Program Files (x86)Fingertapps
    O43 – CFD: 10/02/2014 – 09:55:13 – [] —-D C:Program Files (x86)FreeTime
    O43 – CFD: 10/07/2014 – 12:33:03 – [] —-D C:Program Files (x86)Google
    O43 – CFD: 11/02/2014 – 19:55:38 – [] —-D C:Program Files (x86)HP
    O43 – CFD: 10/11/2014 – 18:56:14 – [] –H-D C:Program Files (x86)InstallShield Installation Information
    O43 – CFD: 14/11/2013 – 07:38:45 – [] —-D C:Program Files (x86)Intel
    O43 – CFD: 12/11/2014 – 08:17:02 – [] —-D C:Program Files (x86)Internet Explorer
    O43 – CFD: 29/10/2014 – 10:20:08 – [] —-D C:Program Files (x86)iTunes
    O43 – CFD: 24/06/2014 – 14:23:33 – [] —-D C:Program Files (x86)Lame For Audacity
    O43 – CFD: 14/11/2014 – 00:24:23 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
    O43 – CFD: 11/10/2013 – 22:19:02 – [] —-D C:Program Files (x86)Microsoft
    O43 – CFD: 02/11/2014 – 16:44:47 – [] —-D C:Program Files (x86)Microsoft Office
    O43 – CFD: 11/10/2013 – 22:16:00 – [] —-D C:Program Files (x86)Microsoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 11/10/2013 – 22:17:02 – [] —-D C:Program Files (x86)Microsoft SQL Server Compact Edition
    O43 – CFD: 08/02/2014 – 16:42:48 – [] —-D C:Program Files (x86)Microsoft Visual Studio
    O43 – CFD: 08/02/2014 – 16:39:18 – [] —-D C:Program Files (x86)Microsoft Visual Studio 8
    O43 – CFD: 11/02/2014 – 20:19:07 – [] —-D C:Program Files (x86)Microsoft Works
    O43 – CFD: 02/03/2014 – 14:31:02 – [] —-D C:Program Files (x86)Microsoft.NET
    O43 – CFD: 25/07/2014 – 02:49:58 – [] —-D C:Program Files (x86)Mozilla Firefox
    O43 – CFD: 25/07/2014 – 11:28:28 – [] —-D C:Program Files (x86)Mozilla Maintenance Service
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:Program Files (x86)MSBuild
    O43 – CFD: 11/10/2013 – 22:14:28 – [] —-D C:Program Files (x86)MSXML 4.0
    O43 – CFD: 26/03/2014 – 17:21:56 – [] —-D C:Program Files (x86)MuseScore
    O43 – CFD: 09/03/2014 – 19:09:54 – [] —-D C:Program Files (x86)Notepad++
    O43 – CFD: 02/03/2014 – 14:31:02 – [] —-D C:Program Files (x86)NVIDIA Corporation
    O43 – CFD: 09/02/2014 – 16:18:25 – [] —-D C:Program Files (x86)OpenXML-ODF Translator
    O43 – CFD: 06/06/2014 – 11:19:45 – [] —-D C:Program Files (x86)Pizzicato 3.x
    O43 – CFD: 29/10/2014 – 10:22:10 – [] —-D C:Program Files (x86)QuickTime
    O43 – CFD: 11/10/2013 – 21:58:54 – [] —-D C:Program Files (x86)Realtek
    O43 – CFD: 02/03/2014 – 14:20:58 – [] —-D C:Program Files (x86)Reference Assemblies
    O43 – CFD: 13/08/2014 – 10:47:31 – [] —-D C:Program Files (x86)Sibelius Software
    O43 – CFD: 06/11/2014 – 01:02:28 – [] —-D C:Program Files (x86)Syncrosoft
    O43 – CFD: 11/10/2013 – 21:42:05 – [0] –H-D C:Program Files (x86)Temp
    O43 – CFD: 08/04/2014 – 19:09:32 – [] —-D C:Program Files (x86)vanBasco's Karaoke Player
    O43 – CFD: 28/09/2014 – 18:49:19 – [] —-D C:Program Files (x86)VideoLAN
    O43 – CFD: 01/09/2014 – 10:26:09 – [] —-D C:Program Files (x86)Western Digital
    O43 – CFD: 15/07/2014 – 15:02:45 – [] —-D C:Program Files (x86)Western Digital Corporation
    O43 – CFD: 02/05/2014 – 22:13:41 – [] —-D C:Program Files (x86)WIDI 4.3 Pro
    O43 – CFD: 12/11/2014 – 08:17:01 – [] —-D C:Program Files (x86)Windows Defender
    O43 – CFD: 11/10/2013 – 22:17:01 – [] —-D C:Program Files (x86)Windows Live
    O43 – CFD: 02/03/2014 – 14:31:02 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
    O43 – CFD: 21/04/2014 – 15:18:03 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
    O43 – CFD: 21/04/2014 – 15:18:03 – [] —-D C:Program Files (x86)Windows Multimedia Platform
    O43 – CFD: 22/08/2013 – 16:36:30 – [] —-D C:Program Files (x86)Windows NT
    O43 – CFD: 02/03/2014 – 14:31:02 – [] —-D C:Program Files (x86)Windows Photo Viewer
    O43 – CFD: 21/04/2014 – 15:18:03 – [] —-D C:Program Files (x86)Windows Portable Devices
    O43 – CFD: 02/03/2014 – 14:31:02 – [] -SH-D C:Program Files (x86)Windows Sidebar
    O43 – CFD: 22/08/2013 – 16:36:30 – [] —-D C:Program Files (x86)WindowsPowerShell
    O43 – CFD: 18/10/2014 – 17:07:38 – [] —-D C:Program Files (x86)WinRAR
    O43 – CFD: 03/11/2014 – 19:55:38 – [] —-D C:Program Files (x86)WinSweeper
    O43 – CFD: 03/11/2014 – 19:38:59 – [] —-D C:Program Files (x86)WinThruster
    O43 – CFD: 16/11/2014 – 17:18:25 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
    O43 – CFD: 02/03/2014 – 12:43:47 – [] —-D C:Program Files (x86)Common FilesAdobe
    O43 – CFD: 29/10/2014 – 10:20:00 – [] —-D C:Program Files (x86)Common FilesApple
    O43 – CFD: 06/06/2014 – 09:58:57 – [] —-D C:Program Files (x86)Common FilesCelemony
    O43 – CFD: 14/05/2014 – 10:32:53 – [] —-D C:Program Files (x86)Common FilesDESIGNER
    O43 – CFD: 11/10/2013 – 22:00:53 – [] —-D C:Program Files (x86)Common FilesInstallShield
    O43 – CFD: 02/03/2014 – 14:27:12 – [] —-D C:Program Files (x86)Common FilesIntel
    O43 – CFD: 14/11/2013 – 07:50:48 – [] —-D C:Program Files (x86)Common FilesMAGIX Services
    O43 – CFD: 02/03/2014 – 14:31:02 – [] —-D C:Program Files (x86)Common FilesMicrosoft Shared
    O43 – CFD: 14/11/2013 – 07:37:35 – [] —-D C:Program Files (x86)Common FilespostureAgent
    O43 – CFD: 06/06/2014 – 09:59:02 – [] —-D C:Program Files (x86)Common FilesPropellerhead Software
    O43 – CFD: 22/08/2013 – 16:36:33 – [] —-D C:Program Files (x86)Common FilesServices
    O43 – CFD: 06/11/2014 – 01:06:22 – [] —-D C:Program Files (x86)Common FilesSteinberg
    O43 – CFD: 02/03/2014 – 14:31:02 – [] —-D C:Program Files (x86)Common FilesSystem
    O43 – CFD: 06/06/2014 – 09:58:23 – [] —-D C:Program Files (x86)Common FilesTmp
    O43 – CFD: 06/06/2014 – 09:58:59 – [] —-D C:Program Files (x86)Common FilesVST2
    O43 – CFD: 06/06/2014 – 09:59:00 – [] —-D C:Program Files (x86)Common FilesVST3
    O43 – CFD: 01/09/2014 – 10:26:09 – [] —-D C:Program Files (x86)Common FilesWestern Digital
    O43 – CFD: 11/10/2013 – 22:15:50 – [] —-D C:Program Files (x86)Common FilesWindows Live
    O43 – CFD: 29/10/2014 – 10:19:58 – [] —-D C:ProgramData34BE82C4-E596-4e99-A191-52C6199EBF69
    O43 – CFD: 21/02/2014 – 17:26:23 – [] —-D C:ProgramDataAdobe
    O43 – CFD: 10/11/2014 – 18:56:20 – [] —-D C:ProgramDataAIR Music Technology
    O43 – CFD: 14/11/2013 – 07:40:00 – [] —-D C:ProgramDataAmUStor
    O43 – CFD: 08/02/2014 – 17:15:07 – [] —-D C:ProgramDataApple
    O43 – CFD: 08/02/2014 – 17:15:22 – [] —-D C:ProgramDataApple Computer
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 14/11/2013 – 07:53:08 – [] —-D C:ProgramDataArcSoft
    O43 – CFD: 27/07/2014 – 14:29:08 – [] —-D C:ProgramDataASUS
    O43 – CFD: 11/10/2013 – 22:06:09 – [] —-D C:ProgramDataASUS WebStorage
    O43 – CFD: 09/03/2014 – 15:49:53 – [] —-D C:ProgramDataBDLogging
    O43 – CFD: 25/10/2014 – 22:27:27 – [] —-D C:ProgramDataBitdefender
    O43 – CFD: 02/03/2014 – 14:37:28 – [] -SH-D C:ProgramDataBureau
    O43 – CFD: 06/06/2014 – 10:05:49 – [] —-D C:ProgramDataCelemony Software GmbH
    O43 – CFD: 08/02/2014 – 16:19:34 – [] —-D C:ProgramDataCyberLink
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataDesktop
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataDocuments
    O43 – CFD: 29/10/2014 – 10:20:08 – [] —-D C:ProgramDataE1864A66-75E3-486a-BD95-D1B7D99A84A7
    O43 – CFD: 06/11/2014 – 01:02:59 – [] —-D C:ProgramDataeLicenser
    O43 – CFD: 14/11/2013 – 07:52:43 – [] —-D C:ProgramDataFingertapps
    O43 – CFD: 11/02/2014 – 19:55:49 – [] —-D C:ProgramDataHP
    O43 – CFD: 14/11/2013 – 07:38:45 – [] —-D C:ProgramDataIntel
    O43 – CFD: 01/04/2014 – 18:20:04 – [] —-D C:ProgramDataLogiShrd
    O43 – CFD: 14/11/2013 – 07:51:56 – [] —-D C:ProgramDataMAGIX
    O43 – CFD: 14/11/2014 – 00:24:20 – [] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 09/03/2014 – 15:16:23 – [] —-D C:ProgramDataMcAfee
    O43 – CFD: 02/03/2014 – 14:37:28 – [] -SH-D C:ProgramDataMenu Démarrer
    O43 – CFD: 05/03/2014 – 16:47:34 – [] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 12/11/2014 – 04:49:34 – [] —-D C:ProgramDataMicrosoft Help
    O43 – CFD: 19/03/2014 – 23:43:26 – [] —-D C:ProgramDataMicrosoft OneDrive
    O43 – CFD: 11/10/2013 – 22:16:00 – [] —-D C:ProgramDataMicrosoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 02/03/2014 – 14:37:28 – [] -SH-D C:ProgramDataModèles
    O43 – CFD: 08/02/2014 – 18:09:24 – [] —-D C:ProgramDataMozilla
    O43 – CFD: 16/11/2014 – 17:01:33 – [] —-D C:ProgramDataNVIDIA
    O43 – CFD: 02/03/2014 – 14:27:23 – [] —-D C:ProgramDataNVIDIA Corporation
    O43 – CFD: 01/09/2014 – 10:26:26 – [] —-D C:ProgramDataPackage Cache
    O43 – CFD: 02/03/2014 – 14:31:04 – [] —-D C:ProgramDataPRICache
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:ProgramDataregid.1991-06.com.microsoft
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 06/11/2014 – 01:06:22 – [] —-D C:ProgramDataSteinberg
    O43 – CFD: 06/11/2014 – 01:02:58 – [] —-D C:ProgramDataSyncrosoft
    O43 – CFD: 02/05/2014 – 21:54:01 – [] —AD C:ProgramDataTemp
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataTemplates
    O43 – CFD: 14/11/2014 – 00:37:10 – [] —-D C:ProgramDataVS Revo Group
    O43 – CFD: 01/09/2014 – 10:26:09 – [] —-D C:ProgramDataWestern Digital
    O43 – CFD: 22/08/2013 – 16:36:33 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessibility
    O43 – CFD: 14/11/2013 – 08:16:51 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 21/04/2014 – 15:18:13 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 02/03/2014 – 14:31:03 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe
    O43 – CFD: 10/11/2014 – 18:56:20 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsAIR Music Technology
    O43 – CFD: 25/10/2014 – 14:15:10 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsAPC
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsArcSoft TV
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsASUS
    O43 – CFD: 02/03/2014 – 14:31:03 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsASUSDVD
    O43 – CFD: 25/10/2014 – 22:27:23 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsBitdefender
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramscalibre – E-book Management
    O43 – CFD: 06/06/2014 – 09:58:58 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsCelemony
    O43 – CFD: 06/11/2014 – 01:02:43 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramseLicenser
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsFingertapps
    O43 – CFD: 06/11/2014 – 02:41:08 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Drive
    O43 – CFD: 21/09/2014 – 20:00:23 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsiCloud
    O43 – CFD: 29/10/2014 – 10:20:08 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes
    O43 – CFD: 01/04/2014 – 18:19:59 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsLogitech
    O43 – CFD: 22/08/2013 – 16:36:33 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 14/11/2014 – 00:24:23 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office
    O43 – CFD: 26/03/2014 – 17:21:56 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMuseScore
    O43 – CFD: 09/03/2014 – 19:09:52 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++
    O43 – CFD: 06/06/2014 – 11:19:45 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsPizzicato 3.x
    O43 – CFD: 29/10/2014 – 10:22:08 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsQuickTime
    O43 – CFD: 14/11/2014 – 00:37:11 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsRevo Uninstaller Pro
    O43 – CFD: 15/07/2014 – 14:46:52 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsServices d’impression Bonjour
    O43 – CFD: 25/10/2014 – 14:15:10 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsStartUp
    O43 – CFD: 21/04/2014 – 15:18:13 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsSystem Tools
    O43 – CFD: 14/11/2013 – 08:16:50 – [0] R-H-D C:ProgramDataMicrosoftWindowsStart MenuProgramsTablet PC
    O43 – CFD: 28/09/2014 – 18:49:22 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
    O43 – CFD: 25/10/2014 – 16:20:47 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsWestern Digital
    O43 – CFD: 15/07/2014 – 15:02:45 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsWestern Digital Corporation
    O43 – CFD: 18/10/2014 – 17:06:35 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR
    O43 – CFD: 03/11/2014 – 19:55:38 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinSweeper
    O43 – CFD: 03/11/2014 – 19:38:59 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinThruster
    O43 – CFD: 16/11/2014 – 17:18:25 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP =>.Nicolas Coolman
    O43 – CFD: 02/03/2014 – 12:53:08 – [] —-D C:UsersPierre-YvesAppDataRoamingAdobe
    O43 – CFD: 26/10/2014 – 12:49:06 – [] —-D C:UsersPierre-YvesAppDataRoamingApple Computer
    O43 – CFD: 08/02/2014 – 16:19:31 – [] —-D C:UsersPierre-YvesAppDataRoamingArcSoft
    O43 – CFD: 08/02/2014 – 16:19:33 – [] —-D C:UsersPierre-YvesAppDataRoamingASUS WebStorage
    O43 – CFD: 24/06/2014 – 14:51:51 – [] —-D C:UsersPierre-YvesAppDataRoamingAudacity
    O43 – CFD: 25/10/2014 – 22:27:22 – [] —-D C:UsersPierre-YvesAppDataRoamingBitdefender
    O43 – CFD: 09/02/2014 – 19:36:28 – [] —-D C:UsersPierre-YvesAppDataRoamingcalibre
    O43 – CFD: 10/11/2014 – 18:05:12 – [] —-D C:UsersPierre-YvesAppDataRoamingCelemony Software GmbH
    O43 – CFD: 25/10/2014 – 16:20:45 – [] —-D C:UsersPierre-YvesAppDataRoamingcom.wd.WDMyCloud
    O43 – CFD: 15/11/2014 – 18:35:05 – [] —-D C:UsersPierre-YvesAppDataRoamingDropbox
    O43 – CFD: 08/02/2014 – 16:29:48 – [] —-D C:UsersPierre-YvesAppDataRoamingFingertapps
    O43 – CFD: 02/03/2014 – 15:08:53 – [] —-D C:UsersPierre-YvesAppDataRoamingIdentities
    O43 – CFD: 08/02/2014 – 16:17:55 – [] —-D C:UsersPierre-YvesAppDataRoamingMacromedia
    O43 – CFD: 10/07/2014 – 10:54:12 – [] -S–D C:UsersPierre-YvesAppDataRoamingMicrosoft
    O43 – CFD: 08/02/2014 – 18:09:43 – [] —-D C:UsersPierre-YvesAppDataRoamingMozilla
    O43 – CFD: 26/03/2014 – 17:22:02 – [] —-D C:UsersPierre-YvesAppDataRoamingMusE
    O43 – CFD: 21/02/2014 – 16:46:05 – [] —-D C:UsersPierre-YvesAppDataRoamingNo Company Name
    O43 – CFD: 10/03/2014 – 00:30:01 – [] —-D C:UsersPierre-YvesAppDataRoamingNotepad++
    O43 – CFD: 09/03/2014 – 15:21:28 – [0] —-D C:UsersPierre-YvesAppDataRoamingQuickScan
    O43 – CFD: 24/06/2014 – 13:58:17 – [] —-D C:UsersPierre-YvesAppDataRoamingShortcut
    O43 – CFD: 06/11/2014 – 01:19:00 – [] —-D C:UsersPierre-YvesAppDataRoamingSteinberg
    O43 – CFD: 31/10/2014 – 01:44:52 – [] —-D C:UsersPierre-YvesAppDataRoaminguTorrent =>P2P.µTorrent
    O43 – CFD: 17/10/2014 – 10:01:47 – [] —-D C:UsersPierre-YvesAppDataRoamingvlc
    O43 – CFD: 09/02/2014 – 15:54:35 – [] —-D C:UsersPierre-YvesAppDataRoamingWinRAR
    O43 – CFD: 16/11/2014 – 17:19:26 – [] —-D C:UsersPierre-YvesAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 09/02/2014 – 16:28:11 – [] —-D C:UsersPierre-YvesAppDataLocalAdobe
    O43 – CFD: 14/11/2014 – 01:56:36 – [] —-D C:UsersPierre-YvesAppDataLocalAIR Music Technology
    O43 – CFD: 02/05/2014 – 19:06:02 – [] —-D C:UsersPierre-YvesAppDataLocalAnvil Studio
    O43 – CFD: 24/03/2014 – 17:04:58 – [] —-D C:UsersPierre-YvesAppDataLocalApple
    O43 – CFD: 24/06/2014 – 10:52:58 – [] —-D C:UsersPierre-YvesAppDataLocalApple Computer
    O43 – CFD: 26/10/2014 – 12:49:07 – [] —-D C:UsersPierre-YvesAppDataLocalApple Inc
    O43 – CFD: 02/03/2014 – 14:29:08 – [] -SH-D C:UsersPierre-YvesAppDataLocalApplication Data
    O43 – CFD: 09/02/2014 – 15:21:41 – [] —-D C:UsersPierre-YvesAppDataLocalApps
    O43 – CFD: 27/07/2014 – 14:29:08 – [] —-D C:UsersPierre-YvesAppDataLocalASUS
    O43 – CFD: 08/02/2014 – 16:19:31 – [] —-D C:UsersPierre-YvesAppDataLocalBroadcom
    O43 – CFD: 15/11/2014 – 17:29:44 – [] —-D C:UsersPierre-YvesAppDataLocalDiagnostics
    O43 – CFD: 16/11/2014 – 16:27:05 – [] —-D C:UsersPierre-YvesAppDataLocalECD3988D-DC36-4BBE-95C7-8CD768756CAF.aplzod
    O43 – CFD: 23/10/2014 – 23:41:45 – [] —-D C:UsersPierre-YvesAppDataLocalElevatedDiagnostics
    O43 – CFD: 06/11/2014 – 01:16:39 – [] —-D C:UsersPierre-YvesAppDataLocaleLicenser
    O43 – CFD: 12/11/2014 – 11:17:52 – [] -SH-D C:UsersPierre-YvesAppDataLocalEmieBrowserModeList
    O43 – CFD: 24/04/2014 – 21:50:44 – [] -SH-D C:UsersPierre-YvesAppDataLocalEmieSiteList
    O43 – CFD: 24/04/2014 – 21:50:44 – [] -SH-D C:UsersPierre-YvesAppDataLocalEmieUserList
    O43 – CFD: 10/07/2014 – 12:33:04 – [] —-D C:UsersPierre-YvesAppDataLocalGoogle
    O43 – CFD: 02/03/2014 – 14:29:08 – [] -SH-D C:UsersPierre-YvesAppDataLocalHistorique
    O43 – CFD: 02/05/2014 – 19:20:46 – [] —-D C:UsersPierre-YvesAppDataLocalInstaller
    O43 – CFD: 11/02/2014 – 16:43:10 – [] —-D C:UsersPierre-YvesAppDataLocalMacromedia
    O43 – CFD: 29/10/2014 – 12:26:56 – [] —-D C:UsersPierre-YvesAppDataLocalMicrosoft
    O43 – CFD: 14/07/2014 – 23:08:32 – [] —-D C:UsersPierre-YvesAppDataLocalMicrosoft Help
    O43 – CFD: 08/02/2014 – 18:09:43 – [] —-D C:UsersPierre-YvesAppDataLocalMozilla
    O43 – CFD: 26/03/2014 – 17:22:00 – [] —-D C:UsersPierre-YvesAppDataLocalMusE
    O43 – CFD: 29/10/2014 – 10:38:17 – [] —-D C:UsersPierre-YvesAppDataLocalPackages
    O43 – CFD: 24/06/2014 – 14:00:00 – [] —-D C:UsersPierre-YvesAppDataLocalPrograms
    O43 – CFD: 16/11/2014 – 17:18:26 – [] —-D C:UsersPierre-YvesAppDataLocalTemp
    O43 – CFD: 02/03/2014 – 14:29:08 – [] -SH-D C:UsersPierre-YvesAppDataLocalTemporary Internet Files
    O43 – CFD: 27/07/2014 – 14:29:22 – [] —-D C:UsersPierre-YvesAppDataLocalVirtualStore
    O43 – CFD: 14/11/2014 – 00:37:12 – [] —-D C:UsersPierre-YvesAppDataLocalVS Revo Group
    O43 – CFD: 15/07/2014 – 16:19:16 – [] —-D C:UsersPierre-YvesAppDataLocalWestern Digital
    O43 – CFD: 15/07/2014 – 16:16:56 – [] —-D C:UsersPierre-YvesAppDataLocalWestern_Digital_Technolog
    O43 – CFD: 05/11/2014 – 16:24:48 – [] —-D C:UsersPierre-YvesAppDataLocalWindows Live
    O43 – CFD: 03/11/2014 – 19:55:42 – [0] —-D C:UsersPierre-YvesAppDataLocalWinSweeper
    O43 – CFD: 02/03/2014 – 14:29:29 – [] R—D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessibility
    O43 – CFD: 22/08/2013 – 16:36:32 – [] R—D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsAdd-in ODF pour Microsoft Office
    O43 – CFD: 24/03/2014 – 17:02:59 – [] R—D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 15/11/2014 – 18:34:57 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsDropbox
    O43 – CFD: 02/03/2014 – 14:31:36 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsFormatFactory
    O43 – CFD: 22/08/2013 – 16:36:32 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 09/03/2014 – 19:09:52 – [0] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsNotepad++
    O43 – CFD: 15/11/2014 – 18:35:02 – [] R—D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 06/11/2014 – 01:03:11 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsSteinberg Cubase LE AI Elements 7 64bit
    O43 – CFD: 02/03/2014 – 14:29:29 – [] R—D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsSystem Tools
    O43 – CFD: 08/04/2014 – 19:09:32 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsvanBasco's Karaoke Player
    O43 – CFD: 02/05/2014 – 22:13:41 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsWIDI Recognition System Pro 4.3
    O43 – CFD: 18/10/2014 – 17:06:35 – [] —-D C:UsersPierre-YvesAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
    ~ Program Folder: 242 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.9C8107738DFA521D434EA995929AC0E8] – 03/11/2014 – 20:05:21 —A- . (…) — C:WindowsSystem32ASOROSet.bin [2236]
    O44 – LFC:[MD5.5BFF6EA259B0332A3110EF6E291D5BB6] – 03/11/2014 – 20:05:21 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.D18149850795E7203610CEE9491515F1] – 04/11/2014 – 01:10:18 —A- . (.Microsoft Corporation – General Telemetry.) — C:WindowsSystem32generaltel.dll [304128]
    O44 – LFC:[MD5.91BB0DDA472733457072DA61178FA48E] – 05/11/2014 – 00:38:37 —A- . (.Microsoft Corporation – Mise à jour des données de compatibilité de.) — C:WindowsSystem32aepdu.dll [228864]
    O44 – LFC:[MD5.71A999C0F31E5D157B499119C1AB8126] – 06/11/2014 – 01:02:29 —A- . (.Steinberg Media Technologies GmbH – eLicenser POS Access DLL.) — C:WindowsSystem32synsoacc.dll [1714176]
    O44 – LFC:[MD5.F0E4B9A47589808C518580F03EDC8ED0] – 06/11/2014 – 01:02:39 —A- . (…) — C:WindowsDPINST.LOG [34630]
    O44 – LFC:[MD5.1BB9DD3BA32349306AE77701A84C96B5] – 10/11/2014 – 17:50:21 —A- . (…) — C:Windowssetupact.log [413380]
    O44 – LFC:[MD5.A92EF73B02686B7E6F070B486512DB88] – 12/11/2014 – 03:01:50 —A- . (…) — C:WindowsSystem32ApnDatabase.xml [389176]
    O44 – LFC:[MD5.7F23E38C5B6448F91439E4066645191E] – 12/11/2014 – 03:01:50 —A- . (.Microsoft Corporation – FWP/IPsec Kernel-Mode API.) — C:WindowsSystem32DriversFWPKCLNT.SYS [428864]
    O44 – LFC:[MD5.9C55CE9707B3CA29A6505BCDCC546390] – 12/11/2014 – 03:01:50 —A- . (.Microsoft Corporation – Microsoft Fax API Support DLL.) — C:WindowsSystem32FXSAPI.dll [275968]
    O44 – LFC:[MD5.6C118AEDD15FDBEAECC0E85C64B5B86B] – 12/11/2014 – 03:01:50 —A- . (.Microsoft Corporation – Microsoft Fax Server Extended COM Client In.) — C:WindowsSystem32FXSCOMEX.dll [615424]
    O44 – LFC:[MD5.8758F5DEBD2B950B2D56ED11F9E0B38F] – 12/11/2014 – 03:01:50 —A- . (.Microsoft Corporation – NTFS Utility DLL.) — C:WindowsSystem32untfs.dll [545792]
    O44 – LFC:[MD5.66732C13628BDB1AB0D6FD46027327C2] – 12/11/2014 – 03:01:50 —A- . (.Microsoft Corporation – Pilote de classe de stockage de masse USB.) — C:WindowsSystem32DriversUSBSTOR.SYS [148800]
    O44 – LFC:[MD5.5416C603B6C85CF0698E8A2A1D28BAA2] – 12/11/2014 – 03:01:51 —A- . (.Microsoft Corporation – DLL d’objets PrintUI.) — C:WindowsSystem32puiobj.dll [448512]
    O44 – LFC:[MD5.CA729FCE295895515A09BD6FF7903DC8] – 12/11/2014 – 03:01:51 —A- . (.Microsoft Corporation – DLL source et récepteur MPEG4 Media Foundat.) — C:WindowsSystem32mfmp4srcsnk.dll [836176]
    O44 – LFC:[MD5.50E96089F9BE352621997143A56C8E76] – 12/11/2014 – 03:01:51 —A- . (.Microsoft Corporation – Fournisseur d’impression de rendu côté clie.) — C:WindowsSystem32win32spl.dll [822272]
    O44 – LFC:[MD5.E3FCE2A6B3533D99A3B498504DF9CC47] – 12/11/2014 – 03:01:51 —A- . (.Microsoft Corporation – Network I/O Subsystem.) — C:WindowsSystem32Driversnetio.sys [474432]
    O44 – LFC:[MD5.9CE162EB9057CF079736F4DD00FC0D6C] – 12/11/2014 – 03:01:51 —A- . (.Microsoft Corporation – Service WSMan.) — C:WindowsSystem32WsmSvc.dll [2480128]
    O44 – LFC:[MD5.C88B63FE96DB4BCED65DD442BC8E77F5] – 12/11/2014 – 03:01:52 —A- . (.Microsoft Corporation – DLL de spouleur local.) — C:WindowsSystem32localspl.dll [1053184]
    O44 – LFC:[MD5.A208498C5CD750A1743C1AC8162A810F] – 12/11/2014 – 03:01:52 —A- . (.Microsoft Corporation – Media Foundation Media Engine DLL.) — C:WindowsSystem32MFMediaEngine.dll [941568]
    O44 – LFC:[MD5.CCB3A2BB60FE5073F2DEA63FE83CF8FE] – 12/11/2014 – 03:01:52 —A- . (.Microsoft Corporation – Pilote TCP/IP.) — C:WindowsSystem32Driverstcpip.sys [2497344]
    O44 – LFC:[MD5.1907823D5ACFD75D1D8C0D4318299726] – 12/11/2014 – 03:01:52 —A- . (.Microsoft Corporation – System Settings Handlers Implementation.) — C:WindowsSystem32SettingsHandlers.dll [2714112]
    O44 – LFC:[MD5.C4306ADC38939CAC60EA38AAD9F170C0] – 12/11/2014 – 03:01:52 —A- . (.Microsoft Corporation – TWINUI.) — C:WindowsSystem32twinui.dll [13424128]
    O44 – LFC:[MD5.BCE66E78D388875B87286CA091E7075F] – 12/11/2014 – 03:01:53 —A- . (.Microsoft Corporation – NT Kernel & System.) — C:WindowsSystem32ntoskrnl.exe [7484224]
    O44 – LFC:[MD5.1D303CE5BCBD5B80BBA08321F28A3F86] – 12/11/2014 – 03:01:54 —A- . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll [21197152]
    O44 – LFC:[MD5.9F87516BF76C40B41D831F7D729A6044] – 12/11/2014 – 03:01:55 —A- . (.Microsoft Corporation – Audio Engine.) — C:WindowsSystem32AudioEng.dll [482872]
    O44 – LFC:[MD5.8085F95BB18A171E7221D2831BC08BC2] – 12/11/2014 – 03:01:55 —A- . (.Microsoft Corporation – Audio Ks Endpoint.) — C:WindowsSystem32AUDIOKSE.dll [394120]
    O44 – LFC:[MD5.7F70B1044272982AAEA7C16E83424770] – 12/11/2014 – 03:01:55 —A- . (.Microsoft Corporation – Générateur de points de terminaison du serv.) — C:WindowsSystem32AudioEndpointBuilder.dll [226304]
    O44 – LFC:[MD5.DFDFDE2EA4B5CD0606BA6E56ECEE502D] – 12/11/2014 – 03:01:55 —A- . (.Microsoft Corporation – Isolation graphique de périphérique audio W.) — C:WindowsSystem32audiodg.exe [272248]
    O44 – LFC:[MD5.BB93DAAAE9006598935192B9CB65E475] – 12/11/2014 – 03:01:55 —A- . (.Microsoft Corporation – Media Foundation Crash Dump Encryption DLL.) — C:WindowsSystem32EncDump.dll [108432]
    O44 – LFC:[MD5.C0484CA5C7F87E38909746B63C7FC868] – 12/11/2014 – 03:01:55 —A- . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32audiosrv.dll [911360]
    O44 – LFC:[MD5.9C88C9397B44B76E5C9A44B8E2CE53A1] – 12/11/2014 – 03:01:55 —A- . (.Microsoft Corporation – Session audio.) — C:WindowsSystem32AudioSes.dll [500016]
    O44 – LFC:[MD5.84549E8C8BF76B293A7E625A98D4BCF9] – 12/11/2014 – 03:01:59 —A- . (.Microsoft Corporation – Gestionnaire de liaisons d’objets2.) — C:WindowsSystem32packager.dll [81408]
    O44 – LFC:[MD5.B31C4917EC5EADE24A90DDAF37EA00E0] – 12/11/2014 – 03:01:59 —A- . (.Microsoft Corporation – Pilote Win32 multi-utilisateurs.) — C:WindowsSystem32win32k.sys [4182016]
    O44 – LFC:[MD5.93645AEBE163230A2ED5050C14AE6603] – 12/11/2014 – 03:02:00 —A- . (.Microsoft Corporation – MSXML 3.0.) — C:WindowsSystem32msxml3.dll [2149376]
    O44 – LFC:[MD5.F00E643D9244F31ECF5DE8A98C2C5FC6] – 12/11/2014 – 03:02:03 —A- . (.Microsoft Corporation – Application Experience Program Cache.) — C:WindowsSystem32aepic.dll [98816]
    O44 – LFC:[MD5.22ED46DE0E684749DA1BD703526FAA26] – 12/11/2014 – 03:02:03 —A- . (.Microsoft Corporation – Application Experience Program Inventory Co.) — C:WindowsSystem32aeinv.dll [537088]
    O44 – LFC:[MD5.9E20A052D83A81AEC35B2EA29F32637A] – 12/11/2014 – 03:02:03 —A- . (.Microsoft Corporation – Device Inventory Library.) — C:WindowsSystem32devinv.dll [391168]
    O44 – LFC:[MD5.CDC8A85EB301A8CBE55A81A1D55AF5E5] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – ADVPACK.) — C:WindowsSystem32IEAdvpack.dll [132096]
    O44 – LFC:[MD5.4B9C652BD0FD95A9E6123913C35519D6] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Auto-extracteur de fichier CAB Win32.) — C:WindowsSystem32wextract.exe [143872]
    O44 – LFC:[MD5.F0A53129AE95A895EC8C4DC36E1797A2] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Composant Microsoft Office 2000.) — C:WindowsSystem32hlink.dll [108544]
    O44 – LFC:[MD5.2E475D2FCE0125FA0C486DB9D59E739B] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Convertisseur Microsoft HTML.) — C:WindowsSystem32html.iec [417280]
    O44 – LFC:[MD5.70576D76A11DD5AE54E719297A315F90] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – DAC for Trident DOM.) — C:WindowsSystem32MshtmlDac.dll [88064]
    O44 – LFC:[MD5.3721721151DB49457B0FD35E0C04594C] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – DLL de gestion d'utilisateur local et de co.) — C:WindowsSystem32msrating.dll [199680]
    O44 – LFC:[MD5.D66D11191B48007179B0A77DC0717267] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – DLL du Gestionnaire de licences Microsoft®.) — C:WindowsSystem32licmgr10.dll [33280]
    O44 – LFC:[MD5.A3871DED5ED88F59C0D1396761708F81] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Hôte des applications HTML de Microsoft(R).) — C:WindowsSystem32mshta.exe [13824]
    O44 – LFC:[MD5.E40D3696BE4852956669C285038B37A6] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – IE ETW Collector Service.) — C:WindowsSystem32ieetwcollector.exe [114688]
    O44 – LFC:[MD5.6096209CB47D61499C3608B9C25B073C] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – IE PNG plugin image decoder.) — C:WindowsSystem32pngfilt.dll [64512]
    O44 – LFC:[MD5.8AE1AC97407CD82D8389390C21430579] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – IE Sysprep Provider.) — C:WindowsSystem32iesysprep.dll [111616]
    O44 – LFC:[MD5.161BC2E883A8D8759A4DCF2A85AF9128] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – IE plugin image decoder support DLL.) — C:WindowsSystem32imgutil.dll [51200]
    O44 – LFC:[MD5.E99E2E88BFE584184AE92B1F8995CE93] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – IOD Version Map.) — C:WindowsSystem32iesetup.dll [66560]
    O44 – LFC:[MD5.F54E1190251EB245183BF16D6C315613] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Internet Shortcut Shell Extension DLL.) — C:WindowsSystem32url.dll [237568]
    O44 – LFC:[MD5.F79E5258AF040A8AD83C7C1273A071C3] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – JScript Proxy Auto-Configuration.) — C:WindowsSystem32jsproxy.dll [54784]
    O44 – LFC:[MD5.C9AB2198141844D3DF96B4552CE9D5AB] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – JavaScript Performance Collection Agent.) — C:WindowsSystem32JavaScriptCollectionAgent.dll [77824]
    O44 – LFC:[MD5.66585D645C4E23A0FD5124BD714AE020] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Microsoft Feeds Synchronization.) — C:WindowsSystem32msfeedssync.exe [12800]
    O44 – LFC:[MD5.2CEACC509889A095828F27115257408D] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Microsoft® HTML Editing Component.) — C:WindowsSystem32mshtmled.dll [92160]
    O44 – LFC:[MD5.A348DEFC16B6FBC88B7D61C3B861BCB1] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Moteur d'installation.) — C:WindowsSystem32inseng.dll [107520]
    O44 – LFC:[MD5.DD8FD33C108F14681A410067AB21DDF3] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Object Control Viewer.) — C:WindowsSystem32occache.dll [152064]
    O44 – LFC:[MD5.AF28C90094C4C50F083599C10D2DC072] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Objets homologues Internet Explorer.) — C:WindowsSystem32iepeers.dll [145408]
    O44 – LFC:[MD5.1C3C54FA2D620DF3093F356A56EC5957] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Outil d’installation sans assistance d’IE 7.) — C:WindowsSystem32ieUnatt.exe [144384]
    O44 – LFC:[MD5.9CD8D475F462F82E6FD8BFCA7186ACD4] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Personnalisation d’IEAK.) — C:WindowsSystem32iedkcs32.dll [372736]
    O44 – LFC:[MD5.85E97591864F3125C5B08FB44E0E8078] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Synchronisation en arrière-plan des flux Mi.) — C:WindowsSystem32msfeedsbs.dll [60416]
    O44 – LFC:[MD5.00FB2FB8C27C834CF575BC415B80F995] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – TDC ActiveX Control.) — C:WindowsSystem32tdc.ocx [87552]
    O44 – LFC:[MD5.6A7F8D139610E5F3F158182778EF9275] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Traitement de RunOnce complet avec interfac.) — C:WindowsSystem32iernonce.dll [34304]
    O44 – LFC:[MD5.FD7C8FAC461BED1FEEB808E477D884D4] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Expl.) — C:WindowsSystem32ie4uinit.exe [716800]
    O44 – LFC:[MD5.CA2F3153EF3BCB0BD3A8984C933DF604] – 12/11/2014 – 03:03:30 —A- . (.Microsoft Corporation – Wizard.) — C:WindowsSystem32iexpress.exe [167424]
    O44 – LFC:[MD5.853BB696932E4C48EE7034BFF1209A5A] – 12/11/2014 – 03:03:31 —A- . (.Microsoft Corporation – Contrôleur de site Web.) — C:WindowsSystem32webcheck.dll [262144]
    O44 – LFC:[MD5.A7F53772ECAE2F44B455D14F71179940] – 12/11/2014 – 03:03:31 —A- . (.Microsoft Corporation – IE ETW Collector Proxy Stub Resources.) — C:WindowsSystem32ieetwproxystub.dll [48640]
    O44 – LFC:[MD5.BC3B7CCE855F9A8E7BC96F7062229A02] – 12/11/2014 – 03:03:31 —A- . (.Microsoft Corporation – Microsoft SmartScreen Filter.) — C:WindowsSystem32ieapfltr.dll [799232]
    O44 – LFC:[MD5.258C3082AD82C1AAD335DA3FE2D3EB25] – 12/11/2014 – 03:03:31 —A- . (.Microsoft Corporation – Microsoft ® VBScript.) — C:WindowsSystem32vbscript.dll [580096]
    O44 – LFC:[MD5.62E2FCF45F349DE6CAFB3AA7E1D81DA4] – 12/11/2014 – 03:03:31 —A- . (.Microsoft Corporation – Panneau de configuration Internet.) — C:WindowsSystem32inetcpl.cpl [2124288]
    O44 – LFC:[MD5.0D03DAD6BB183156C70F863D0F2FA55A] – 12/11/2014 – 03:03:32 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript.dll [812544]
    O44 – LFC:[MD5.200CEA827BDC503F00C0AED0EA227D49] – 12/11/2014 – 03:03:32 —A- . (.Microsoft Corporation – Microsoft Feeds Manager.) — C:WindowsSystem32msfeeds.dll [800768]
    O44 – LFC:[MD5.DE58DE2C6C8439B7174D6D3568AA4A80] – 12/11/2014 – 03:03:32 —A- . (.Microsoft Corporation – Microsoft ® JScript Diagnostics.) — C:WindowsSystem32jscript9diag.dll [814080]
    O44 – LFC:[MD5.587DEBB59F5F14C9610966FB14A33607] – 12/11/2014 – 03:03:32 —A- . (.Microsoft Corporation – Moteur de l’interface utilisateur d’Interne.) — C:WindowsSystem32ieui.dll [633856]
    O44 – LFC:[MD5.62D54F4673A6208C8CC147758122B3C3] – 12/11/2014 – 03:03:33 —A- . (.Microsoft Corporation – ActiveX Interface Marshaling Library.) — C:WindowsSystem32actxprxy.dll [2865152]
    O44 – LFC:[MD5.559E084EEBE44864493B2903433F19B3] – 12/11/2014 – 03:03:33 —A- . (.Microsoft Corporation – Extensions OLE32 pour Win32.) — C:WindowsSystem32urlmon.dll [1550336]
    O44 – LFC:[MD5.46B5DD7C4B1851F59E48302185E076DF] – 12/11/2014 – 03:03:33 —A- . (.Microsoft Corporation – Microsoft Internet Messaging API Resources.) — C:WindowsSystem32inetcomm.dll [1032704]
    O44 – LFC:[MD5.22CBDB8810CBED0B4F5E4BE69D7E2AE8] – 12/11/2014 – 03:03:33 —A- . (.Microsoft Corporation – Utilitaire à l’exécution pour Internet Expl.) — C:WindowsSystem32iertutil.dll [2884096]
    O44 – LFC:[MD5.BF1FC65A307B31939ADF7F976FDE033C] – 12/11/2014 – 03:03:34 —A- . (.Microsoft Corporation – Extensions Internet pour Win32.) — C:WindowsSystem32wininet.dll [2365440]
    O44 – LFC:[MD5.079FEE6FC11A74E4309B6A10931C1CB2] – 12/11/2014 – 03:03:37 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript9.dll [6040064]
    O44 – LFC:[MD5.BED4D30B7FF094E368333CE2D1CE3195] – 12/11/2014 – 03:03:47 —A- . (.Microsoft Corporation – Navigateur Internet.) — C:WindowsSystem32ieframe.dll [14390272]
    O44 – LFC:[MD5.6432F143CDC9D73BD2BF832CAB2EDC01] – 12/11/2014 – 03:04:18 —A- . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll [25110016]
    O44 – LFC:[MD5.668417ED63F9FBE7DD8D7A54B04279DA] – 12/11/2014 – 03:04:45 —A- . (.Microsoft Corporation – File Risk Estimation.) — C:WindowsSystem32winshfhc.dll [14336]
    O44 – LFC:[MD5.0359607177E5E9F6041136CC0A5CB0B6] – 12/11/2014 – 03:04:46 —A- . (.Microsoft Corporation – Microsoft antimalware boot driver.) — C:WindowsSystem32DriversWdBoot.sys [35320]
    O44 – LFC:[MD5.4AD874CDC812EC156265E451B6B09DAB] – 12/11/2014 – 03:04:47 —A- . (.Microsoft Corporation – Microsoft Network Realtime Inspection Drive.) — C:WindowsSystem32DriversWdNisDrv.sys [114496]
    O44 – LFC:[MD5.DE8D12B4C3F55FA2C5E9774314F6C58A] – 12/11/2014 – 03:04:47 —A- . (.Microsoft Corporation – Microsoft antimalware file system filter dr.) — C:WindowsSystem32DriversWdFilter.sys [258368]
    O44 – LFC:[MD5.F0A117D19873FCDF801F082F33BFBB6C] – 12/11/2014 – 03:04:48 —A- . (.Microsoft Corporation – DLL client de l’API uilisateur de Windows m.) — C:WindowsSystem32user32.dll [1519488]
    O44 – LFC:[MD5.4D94560FD4982BB52C1FE64AE38E1A9F] – 12/11/2014 – 03:05:21 —A- . (.Microsoft Corporation – Windows Update Application Launcher.) — C:WindowsSystem32wuapp.exe [35840]
    O44 – LFC:[MD5.5D67074419BBFDCA587C2E2A93743E8A] – 12/11/2014 – 03:05:21 —A- . (.Microsoft Corporation – Windows Update Vista Web Control.) — C:WindowsSystem32wuwebv.dll [140288]
    O44 – LFC:[MD5.2E66E7D4F1E39F7048A231AA60FD2532] – 12/11/2014 – 03:05:21 —A- . (.Microsoft Corporation – Windows Update WUDriver Stub.) — C:WindowsSystem32wudriver.dll [95744]
    O44 – LFC:[MD5.4A112AD7D9C7289FE9945D05E97019D0] – 12/11/2014 – 03:05:21 —A- . (.Microsoft Corporation – Windows Update Wu exports.) — C:WindowsSystem32wuaext.dll [17408]
    O44 – LFC:[MD5.70AC0FA699C9420CB282CCF72993C2E1] – 12/11/2014 – 03:05:21 —A- . (.Microsoft Corporation – Windows Update client proxy stub 2.) — C:WindowsSystem32wups2.dll [51712]
    O44 – LFC:[MD5.CCE7F88AD038494253B485EC1B144EB3] – 12/11/2014 – 03:05:21 —A- . (.Microsoft Corporation – Windows Update client proxy stub.) — C:WindowsSystem32wups.dll [60416]
    O44 – LFC:[MD5.EA2DF5520D3623F353F43809A2F88086] – 12/11/2014 – 03:05:21 —A- . (.Microsoft Corporation – Windows Update.) — C:WindowsSystem32wuauclt.exe [55776]
    O44 – LFC:[MD5.BCC10D47920E83EAC8F2E7E2D414692E] – 12/11/2014 – 03:05:22 —A- . (.Microsoft Corporation – API du client Windows Update.) — C:WindowsSystem32wuapi.dll [894976]
    O44 – LFC:[MD5.DCD090318EC800CF6275C6835900B0C6] – 12/11/2014 – 03:05:22 —A- . (.Microsoft Corporation – Agent de mise à jour automatique Windows Up.) — C:WindowsSystem32wuaueng.dll [3557376]
    O44 – LFC:[MD5.2585412FC573F298FCBFD6759F8C4C0F] – 12/11/2014 – 03:05:22 —A- . (.Microsoft Corporation – Expérience utilisateur du client Windows Up.) — C:WindowsSystem32wucltux.dll [1714176]
    O44 – LFC:[MD5.E67B019D23320AA0C5F1E6DE5D30546A] – 12/11/2014 – 03:05:22 —A- . (.Microsoft Corporation – Windows Update Modern WuApp.) — C:WindowsSystem32WUSettingsProvider.dll [407552]
    O44 – LFC:[MD5.D1A2E993DB1867C79177CCC9DB6337D0] – 12/11/2014 – 03:05:25 —A- . (.Microsoft Corporation – Interface utilisateur de consentement pour.) — C:WindowsSystem32consent.exe [116032]
    O44 – LFC:[MD5.034ED41F13D9C1845C1E081F05B640DB] – 12/11/2014 – 03:05:25 —A- . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [110080]
    O44 – LFC:[MD5.D0C15BC83B3D0AF4F9B1D70216D91794] – 12/11/2014 – 03:05:25 —A- . (.Microsoft Corporation – Windows® installer.) — C:WindowsSystem32msihnd.dll [428032]
    O44 – LFC:[MD5.D5B41A0C38408814A3E9BAC8C82B2E5B] – 12/11/2014 – 03:05:26 —A- . (.Microsoft Corporation – Interface utilisateur d’authentification Wi.) — C:WindowsSystem32authui.dll [2773504]
    O44 – LFC:[MD5.EF745B98D81B8C462DB99FC8B5C4322A] – 12/11/2014 – 03:05:26 —A- . (.Microsoft Corporation – Windows Installer.) — C:WindowsSystem32msi.dll [3320320]
    O44 – LFC:[MD5.9A108C0A3092110F4651B3AFB9CC7B3D] – 12/11/2014 – 03:05:27 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32oleaut32.dll [789184]
    O44 – LFC:[MD5.A8484FB640E044858BA19FB4F13DD4CE] – 12/11/2014 – 03:06:06 —A- . (.Microsoft Corporation – DLL des événements d’audit de la sécurité.) — C:WindowsSystem32msaudite.dll [154112]
    O44 – LFC:[MD5.D7B23B3154508256C9F434EF9B65B91D] – 12/11/2014 – 03:06:06 —A- . (.Microsoft Corporation – UMRDP Display Driver.) — C:WindowsSystem32rdpudd.dll [131584]
    O44 – LFC:[MD5.488CEA4F1B4D2446FFB7A94E3CB385FE] – 12/11/2014 – 03:06:07 —A- . (.Microsoft Corporation – Client Microsoft® Active Directory Certific.) — C:WindowsSystem32certcli.dll [445440]
    O44 – LFC:[MD5.91E59FCB3B32DD84E5DCDA2EA1583807] – 12/11/2014 – 03:06:07 —A- . (.Microsoft Corporation – DLL du schéma d’audit de sécurité.) — C:WindowsSystem32adtschema.dll [736768]
    O44 – LFC:[MD5.949E590B76018E4523FC71CE510ED9ED] – 12/11/2014 – 03:06:07 —A- . (.Microsoft Corporation – DLL serveur LSA.) — C:WindowsSystem32lsasrv.dll [1441792]
    O44 – LFC:[MD5.4E1207CE16E615B0B7A70DC889F4500E] – 12/11/2014 – 03:06:07 —A- . (.Microsoft Corporation – Kernel Cryptography, Next Generation.) — C:WindowsSystem32Driverscng.sys [563976]
    O44 – LFC:[MD5.6D2EE96150E35B9EA49F2B481DE0369A] – 12/11/2014 – 03:06:07 —A- . (.Microsoft Corporation – Kernel Security Support Provider Interface.) — C:WindowsSystem32Driversksecpkg.sys [177472]
    O44 – LFC:[MD5.9F08A6608F98B5407E7DDBCF306573EF] – 12/11/2014 – 03:06:07 —A- . (.Microsoft Corporation – Microsoft RDP Video Miniport driver.) — C:WindowsSystem32Driversrdpvideominiport.sys [27456]
    O44 – LFC:[MD5.3D2D2EA099D98FE6B94C7D8C7992C08C] – 12/11/2014 – 03:06:07 —A- . (.Microsoft Corporation – Microsoft RemoteFX VM Transport.) — C:WindowsSystem32rfxvmt.dll [40448]
    O44 – LFC:[MD5.1D25CC0A9C480C5D56A5A6CF2B5DEB99] – 12/11/2014 – 03:06:08 —A- . (.Microsoft Corporation – DLL RDPCore TS.) — C:WindowsSystem32rdpcorets.dll [3547648]
    O44 – LFC:[MD5.6DE50D5592C6EE18C87B0C2EEEDC1621] – 12/11/2014 – 03:06:27 —A- . (.Microsoft Corporation – DPAPI Server.) — C:WindowsSystem32dpapisrv.dll [185856]
    O44 – LFC:[MD5.F0CE4A653EEBA09509EAF93AE2226FA9] – 12/11/2014 – 03:06:27 —A- . (.Microsoft Corporation – Fournisseur de sécurité TLS/SSL.) — C:WindowsSystem32schannel.dll [426496]
    O44 – LFC:[MD5.622928F5A8045F8122F10561D6C35ED0] – 12/11/2014 – 03:06:27 —A- . (.Microsoft Corporation – Microsoft SChannel Provider.) — C:WindowsSystem32ncryptsslp.dll [104336]
    O44 – LFC:[MD5.3F8EE3FDBDDFDFE6C99EFC20B00C5C93] – 12/11/2014 – 10:58:45 —A- . (…) — C:WindowsSystem32FNTCACHE.DAT [886296]
    O44 – LFC:[MD5.5C3669B71657F22E67A1D4BD49D2CBE7] – 14/11/2014 – 00:24:20 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O44 – LFC:[MD5.D3311B31C470E7681B14D9B014CBF9ED] – 14/11/2014 – 00:24:20 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O44 – LFC:[MD5.D1F2D4DF0A5D3B700794E26356A55B44] – 14/11/2014 – 00:24:20 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O44 – LFC:[MD5.9C3AC71A9934B884FAC567A8807E9C4D] – 14/11/2014 – 00:37:10 —A- . (.VS Revo Group – Revo Uninstaller Minifilter.) — C:WindowsSystem32Driversrevoflt.sys [31800]
    O44 – LFC:[MD5.CB2E517D4BEC3E5168AFEB6ED6AC27CB] – 14/11/2014 – 00:58:31 —A- . (…) — C:WindowsSystem32bddel.dat [1168]
    O44 – LFC:[MD5.D92FB5770CBDE049A4732B76A77F6864] – 14/11/2014 – 03:51:50 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32MRT.exe [103374192]
    O44 – LFC:[MD5.29F8352ED48741B2D1C088291D1591D4] – 16/11/2014 – 17:00:35 —A- . (…) — C:bdlog.txt [31206]
    O44 – LFC:[MD5.2C118AE2AD9CA43C01DB36ADC0BF84A7] – 16/11/2014 – 17:00:56 —A- . (…) — C:WindowsPFRO.log [154414]
    O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 16/11/2014 – 17:06:37 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O44 – LFC:[MD5.E750D746AF805DDAE49237242F0547FA] – 16/11/2014 – 17:07:04 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1824010]
    O44 – LFC:[MD5.A25EFC5C549E30856A0C2F7425B9122B] – 16/11/2014 – 17:07:04 —A- . (…) — C:WindowsSystem32perfc009.dat [138338]
    O44 – LFC:[MD5.73F835B14B09A00867EC2F1BEFDEF73C] – 16/11/2014 – 17:07:04 —A- . (…) — C:WindowsSystem32perfc00C.dat [162150]
    O44 – LFC:[MD5.83166F674A331A4996EACC2BC4FF8BF7] – 16/11/2014 – 17:07:04 —A- . (…) — C:WindowsSystem32perfh009.dat [729704]
    O44 – LFC:[MD5.0C73A0FF45A17C749E484F94F6331B40] – 16/11/2014 – 17:07:04 —A- . (…) — C:WindowsSystem32perfh00C.dat [818534]
    O44 – LFC:[MD5.39C844C62A3EAC0B60D02EC3344ABAC4] – 16/11/2014 – 17:08:31 —A- . (…) — C:WindowsWindowsUpdate.log [2013933]
    ~ Files: 136 Scanned in 00mn 03s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Fournisseur de sécurité TLS/SSL.) — C:WindowsSystem32schannel.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Live Security Package.) — C:WindowsSystem32livessp.dll
    ~ LSA: 9 Scanned in 00mn 00s

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimaldxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkdxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (…) — C:WindowsSystem32Driversrdpencdd.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 17 Scanned in 00mn 00s

    —\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm »= »C:WindowsSystem32l3codeca.acm » . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: drivers.desc »C:WindowsSystem32l3codeca.acm »= »Fraunhofer IIS MPEG Layer-3 Codec » . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 2 Scanned in 00mn 00s[/spoiler:37kh3dia]

    MAURY
    Participant
    Nombre d'articles : 15

    Fichier ZHPDiag 3ème et dernière partie

    [spoiler:3fv8h8uh]—\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableVirtualization »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableInstallerDetection »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « PromptOnSecureDesktop »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableLUA »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableSecureUIAPaths »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « ConsentPromptBehaviorAdmin »=5
    O55 – MWPS:[HKLM…PoliciesSystem] – « ValidateAdminCodeSignatures »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableUIADesktopToggle »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableCursorSuppression »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « ConsentPromptBehaviorUser »=3
    O55 – MWPS:[HKLM…PoliciesSystem] – « dontdisplaylastusername »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « legalnoticecaption »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « legalnoticetext »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « scforceoption »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « shutdownwithoutlogon »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « undockwithoutlogon »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « FilterAdministratorToken »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « DisableTaskMgr »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « DisableRegistryTools »=0
    ~ MWPS: 19 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – « ForceActiveDesktopOn »=0
    O56 – MWPE:[HKLM…policiesExplorer] – « NoActiveDesktopChanges »=1
    O56 – MWPE:[HKLM…policiesExplorer] – « NoActiveDesktop »=1
    O56 – MWPE:[HKLM…policiesExplorer] – « NoRun »=0
    O56 – MWPE:[HKLM…policiesExplorer] – « NoControlPanel »=0
    ~ MWPE Keys: 5 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.LSI – LSI 3ware SCSI Storport Driver.) — C:WindowsSystem32Drivers3ware.sys [108896]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.PMC-Sierra – PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) — C:WindowsSystem32Driversadp80xx.sys [782176]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.Advanced Micro Devices – AHCI 1.3 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [79200]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [259424]
    O58 – SDL:22/08/2013 – 13:43:40 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [25952]
    O58 – SDL:04/10/2012 – 17:26:58 —A- . (.Alcor Micro, Corp. – Alocr Micro USB Mass Storage Driver.) — C:WindowsSystem32DriversAmUStor.sys [95232]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.PMC-Sierra, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [114016]
    O58 – SDL:23/09/2013 – 14:04:04 —A- . (.Realtek – Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) — C:WindowsSystem32Driversau630x64.sys [792648]
    O58 – SDL:29/09/2014 – 14:10:56 —A- . (.BitDefender – Active Virus Control filter driver.) — C:WindowsSystem32Driversavc3.sys [1260120]
    O58 – SDL:29/09/2014 – 14:11:55 —A- . (.BitDefender – BitDefender AntiVirus Active Virus Control Hypervisor driver.) — C:WindowsSystem32Driversavchv.sys [261496]
    O58 – SDL:29/09/2014 – 14:16:55 —A- . (.BitDefender – Active Virus Control Kernel Filtering driver.) — C:WindowsSystem32Driversavckf.sys [647752]
    O58 – SDL:04/09/2013 – 18:12:38 —A- . (.Broadcom Corporation. – Broadcom Bluetooth Firmware Download Filter.) — C:WindowsSystem32Driversbcbtums.sys [170712]
    O58 – SDL:13/08/2013 – 00:25:46 —A- . (.Windows (R) Win 7 DDK provider – BCM Function 2 Device Driver.) — C:WindowsSystem32Driversbcmfn2.sys [17624]
    O58 – SDL:01/07/2013 – 17:50:06 —A- . (.Broadcom Corporation – Broadcom 802.11 Network Adapter wireless driver.) — C:WindowsSystem32DriversBCMWL63a.SYS [8536752]
    O58 – SDL:11/07/2012 – 06:48:42 —A- . (.Bitdefender – Bitdefender Early Launch Anti-Malware Driver.) — C:WindowsSystem32Driversbdelam.sys [23456]
    O58 – SDL:09/04/2013 – 17:20:55 —A- . (.BitDefender LLC – BitDefender Firewall NDIS6 Filter Driver.) — C:WindowsSystem32Driversbdfndisf6.sys [98768]
    O58 – SDL:25/10/2014 – 22:34:20 —A- . (.BitDefender SRL – BitDefender SandBox Filter Driver.) — C:WindowsSystem32Driversbdsandbox.sys [82824]
    O58 – SDL:09/03/2014 – 16:48:26 —A- . (.BitDefender – FileVault Disk Driver.) — C:WindowsSystem32Driversbdvedisk.sys [79192]
    O58 – SDL:04/09/2013 – 18:12:52 —A- . (.Broadcom Corporation. – Broadcom Bluetooth USB AMP Filter for Windows Vista.) — C:WindowsSystem32Driversbtwampfl.sys [166104]
    O58 – SDL:27/02/2013 – 02:12:52 —A- . (.Broadcom Corporation. – Bluetooth Audio Device.) — C:WindowsSystem32Driversbtwaudio.sys [186584]
    O58 – SDL:27/02/2013 – 02:12:52 —A- . (.Broadcom Corporation. – Broadcom Bluetooth AVDT Service.) — C:WindowsSystem32Driversbtwavdt.sys [227032]
    O58 – SDL:27/07/2012 – 00:48:26 —A- . (.Broadcom Corporation. – Broadcom Bluetooth L2CAP Service.) — C:WindowsSystem32Driversbtwl2cap.sys [40248]
    O58 – SDL:20/01/2013 – 01:18:26 —A- . (.Broadcom Corporation. – Bluetooth PAN Filter Driver.) — C:WindowsSystem32Driversbtwpanfl.sys [44912]
    O58 – SDL:27/02/2013 – 02:12:50 —A- . (.Broadcom Corporation. – Bluetooth Remote Control HID Minidriver.) — C:WindowsSystem32Driversbtwrchid.sys [22744]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [531296]
    O58 – SDL:09/04/2013 – 00:47:28 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Display Partici.) — C:WindowsSystem32DriversDptfDevDisplay.sys [45880]
    O58 – SDL:09/04/2013 – 00:47:28 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Memory Particip.) — C:WindowsSystem32DriversDptfDevDram.sys [68072]
    O58 – SDL:09/04/2013 – 00:47:28 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Fan Participant.) — C:WindowsSystem32DriversDptfDevFan.sys [32968]
    O58 – SDL:09/04/2013 – 00:47:28 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Generic Partici.) — C:WindowsSystem32DriversDptfDevGen.sys [45880]
    O58 – SDL:09/04/2013 – 00:47:28 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework PCH Participant.) — C:WindowsSystem32DriversDptfDevPch.sys [57216]
    O58 – SDL:09/04/2013 – 00:47:28 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Processor Parti.) — C:WindowsSystem32DriversDptfDevProc.sys [120256]
    O58 – SDL:09/04/2013 – 00:47:30 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Manager Driver.) — C:WindowsSystem32DriversDptfManager.sys [200808]
    O58 – SDL:18/06/2012 – 04:39:14 —A- . (.ENE TECHNOLOGY INC. – enecir.) — C:WindowsSystem32Driversenecir.sys [72688]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3357024]
    O58 – SDL:21/08/2012 – 13:01:20 —A- . (.GEAR Software Inc. – CD DVD Filter.) — C:WindowsSystem32DriversGEARAspiWDM.sys [33240]
    O58 – SDL:25/10/2014 – 22:37:22 —A- . (.BitDefender LLC – BitDefender Gonzales FileSystem Driver.) — C:WindowsSystem32Driversgzflt.sys [150256]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [64352]
    O58 – SDL:30/07/2013 – 19:47:35 —A- . (.Intel Corporation – Intel(R) Serial IO GPIO Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_GPIO.sys [24568]
    O58 – SDL:25/07/2013 – 20:05:39 —A- . (.Intel Corporation – Intel(R) Serial IO I2C Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_I2C.sys [99320]
    O58 – SDL:10/08/2013 – 01:39:30 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver (inbox) – x64.) — C:WindowsSystem32DriversiaStorAV.sys [651248]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [412000]
    O58 – SDL:25/01/2014 – 02:22:44 —A- . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd64.sys [4221440]
    O58 – SDL:07/05/2013 – 10:25:22 —A- . (.Intel(R) Corporation – Intel(R) Display Audio Driver.) — C:WindowsSystem32DriversIntcDAud.sys [442368]
    O58 – SDL:27/12/2013 – 00:30:20 —A- . (.Intel Corporation – Intel® WiDi Solution.) — C:WindowsSystem32Driversintelaud.sys [38296]
    O58 – SDL:27/12/2013 – 00:30:20 —A- . (.Intel Corporation – Intel® WiDi Solution.) — C:WindowsSystem32Driversiwdbus.sys [27032]
    O58 – SDL:22/08/2013 – 13:43:44 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [109408]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [93536]
    O58 – SDL:22/08/2013 – 13:43:44 —A- . (.LSI Corporation – LSI SAS Gen3 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas3.sys [81760]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – LSI SSS PCIe/Flash Driver (StorPort).) — C:WindowsSystem32Driverslsi_sss.sys [82784]
    O58 – SDL:01/10/2014 – 11:11:12 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O58 – SDL:01/10/2014 – 11:11:16 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O58 – SDL:16/11/2014 – 17:06:37 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows.) — C:WindowsSystem32Driversmegasas.sys [56672]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32Driversmegasr.sys [575840]
    O58 – SDL:22/08/2013 – 13:43:49 —A- . (.Marvell Semiconductor, Inc. – Marvell Flash Controller Driver.) — C:WindowsSystem32Driversmvumis.sys [63840]
    O58 – SDL:01/10/2014 – 11:11:30 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O58 – SDL:05/09/2013 – 02:46:52 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 327.02.) — C:WindowsSystem32Driversnvlddmkm.sys [11273504]
    O58 – SDL:05/09/2013 – 02:46:58 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 327.02.) — C:WindowsSystem32Driversnvpciflt.sys [30496]
    O58 – SDL:22/08/2013 – 13:43:31 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [150368]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [168288]
    O58 – SDL:30/12/2009 – 11:21:26 —A- . (.VS Revo Group – Revo Uninstaller Minifilter.) — C:WindowsSystem32Driversrevoflt.sys [31800]
    O58 – SDL:09/07/2013 – 14:26:14 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [3485656]
    O58 – SDL:03/08/2012 – 22:28:24 —A- . (.REALTEK SEMICONDUCTOR Corp. – RTL2832UBDA Driver.) — C:WindowsSystem32DriversRTL2832UBDA.sys [237968]
    O58 – SDL:03/08/2012 – 22:28:24 —A- . (.REALTEK SEMICONDUCTOR Corp. – RTL2832UUSB Driver.) — C:WindowsSystem32DriversRTL2832UUSB.sys [39056]
    O58 – SDL:22/08/2013 – 16:35:09 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [23040]
    O58 – SDL:22/08/2013 – 13:43:31 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [44896]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [81760]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.Promise Technology, Inc. – Promise SuperTrak EX Series Driver for Windows x64.) — C:WindowsSystem32Driversstexstor.sys [31072]
    O58 – SDL:21/06/2013 – 02:09:44 —A- . (.Anchorfree Inc. – Anchorfree HSS VPN Adapter.) — C:WindowsSystem32Driverstaphss6.sys [42184]
    O58 – SDL:20/03/2013 – 23:47:02 —A- . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversTeeDriverx64.sys [99288]
    O58 – SDL:25/10/2014 – 22:33:32 —A- . (.BitDefender S.R.L. – Trufos Kernel Module.) — C:WindowsSystem32Driverstrufos.sys [419616]
    O58 – SDL:28/07/2014 – 13:52:00 —A- . (.Apple, Inc. – Apple Mobile Device USB Driver.) — C:WindowsSystem32Driversusbaapl64.sys [54784]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [19808]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [168800]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Corporation – VIA StorX RAID Controller Driver.) — C:WindowsSystem32DriversVSTXRAID.SYS [305504]
    O58 – SDL:16/05/2012 – 23:15:44 —A- . (.Western Digital Technologies – WD SCSI Architecture Model (SAM) driver.) — C:WindowsSystem32Driverswdcsam64.sys [14464]
    O58 – SDL:18/09/2006 – 17:50:18 —A- . (.Arcsoft, Inc. – Arcsoft(R) ASPI Shell.) — C:WindowsSysWOW64driversafc.sys [22784]
    O58 – SDL:18/10/2012 – 20:06:52 —A- . (.ASUSTek Computer Inc. – ASUS Charger driver (DT).) — C:WindowsSysWOW64driversAiChargerDT.sys [14880]
    O58 – SDL:04/01/2008 – 22:34:42 —A- . (…) — C:WindowsSysWOW64driversAsInsHelp32.sys [10216]
    O58 – SDL:04/01/2008 – 22:34:48 —A- . (…) — C:WindowsSysWOW64driversAsInsHelp64.sys [11832]
    O58 – SDL:22/08/2012 – 10:54:10 —A- . (…) — C:WindowsSysWOW64driversAsIO.sys [15232]
    O58 – SDL:12/04/2011 – 03:03:50 —A- . (…) — C:WindowsSysWOW64driversAsUpIO.sys [14464]
    O58 – SDL:02/04/2009 – 13:30:14 —A- . (…) — C:WindowsSysWOW64driversASUSHWIO.SYS [10296]
    O58 – SDL:06/11/2014 – 01:02:58 —A- . (…) — C:WindowsSysWOW64audcon.sys [2892]
    ~ Drivers: 84 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 09/11/2014 – 17:19:39 —A- . (…) — C:UsersPierre-YvesAppDataLocalTempQuarantine.exe [601088]
    O61 – LFC: 13/11/2014 – 17:19:39 —A- . (…) — C:UsersPierre-YvesAppDataRoamingDropboxbinwxmsw28uh_vc.dll [3610624] =>.Dropbox
    O61 – LFC: 13/11/2014 – 17:19:39 —A- . (.Dropbox, Inc..) — C:UsersPierre-YvesAppDataRoamingDropboxbinDropbox.exe [35419192] =>.Dropbox
    O61 – LFC: 13/11/2014 – 17:19:39 —A- . (.Dropbox, Inc..) — C:UsersPierre-YvesAppDataRoamingDropboxbinDropboxUninstaller.exe [262160] =>.Dropbox
    O61 – LFC: 13/11/2014 – 17:19:39 —A- . (.Dropbox, Inc..) — C:UsersPierre-YvesAppDataRoamingDropboxbinDropboxUpdateHelper.exe [225232] =>.Dropbox
    O61 – LFC: 15/11/2014 – 17:19:39 —A- . (…) — C:UsersPierre-YvesAppDataLocalTempnsy184.tmpDropboxNSISTools.dll [68096]
    O61 – LFC: 15/11/2014 – 17:19:39 —A- . (…) — C:UsersPierre-YvesAppDataLocalTempnsy184.tmpUAC.dll [30208]
    O61 – LFC: 16/11/2014 – 17:19:39 —A- . (…) — C:UsersPierre-YvesAppDataLocalMicrosoftWindowsINetCacheIE1D9JVBO0AdwCleaner.exe [2140160]
    O61 – LFC: 16/11/2014 – 17:19:39 —A- . (.Nicolas Coolman.) — C:UsersPierre-YvesAppDataLocalMicrosoftWindowsINetCacheIEP67IYKA4ZHPDiag2.exe [6863988] =>.Nicolas Coolman
    ~ 33 Fichiers temporaires (Temporary files)
    ~ 2 Fichiers cookies (Cookies files)
    ~ Files: 9 Scanned in 00mn 01s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.net » onclick= »window.open(this.href);return false; – http://www.sosvirus.net.) » onclick= »window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet ExplorerIEXPLORE.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » /S
    ~ FASS Keys: 10 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {1385282D-D9A7-4912-871F-BB74D17753D2} – (Le Monde) – http://www.lemonde.fr » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {587D2AD3-10C1-4FFD-B623-E5C2283A7BF5} [DefaultScope] – (Google) – http://www.google.com » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {7A98A6E3-5271-46C8-9786-BD9314520D42} – (Wikipédia (fr)) – http://fr.wikipedia.org » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {D6AB5E4D-297F-4088-A804-250E4B29693F} – (Yahoo!) – http://search.yahoo.com » onclick= »window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    D:PARTITIONSPartitions20090114 MEDIAcakewalk sonar 8 demo keygen.zip =>.Crack,Keygen
    D:PARTITIONSPartitions20090114 MEDIAFinale 2007 [setup + keygen] makemusic.rar =>.Crack,Keygen
    D:PARTITIONSPartitions20091008 TRS PARTITIONS & SOFTRegistry.First.Aid.Platinum.v6.0.1389.Multilangages.Incl-Keygen.[emule-island.com].rar =>.Crack,Keygen
    D:PARTITIONSPartitions20091008 TRS PARTITIONS & SOFTVista.Manager.v2.0.3.Incl-Keygen.[emule-island.com].rar =>.Crack,Keygen
    ~ Files: Scanned in 01mn 03s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [208896]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [324096]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [1261056]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [1063424]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [914432]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [110080]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [150528]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [107008]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1212928]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [220672]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [70656]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [134144]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [220160]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [324096]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [81408]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [97792]
    O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [339456]
    O83 – Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation – Service d’infrastructure de localisation Windows.) — C:WindowsSystem32GeofenceMonitorService.dll [491520]
    O83 – Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation – Service de compte Microsoft®.) — C:WindowsSystem32wlidsvc.dll [1576960]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [50688]
    O83 – Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation – Gestionnaire d’installation de périphérique.) — C:WindowsSystem32DeviceSetupManager.dll [201728]
    O83 – Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation – Service Assistant Connectivité réseau Microsoft.) — C:WindowsSystem32ncasvc.dll [164352]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [101376]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire des connexions d’accès à distance.) — C:WindowsSystem32rasmans.dll [534528]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [223744]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [71680]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [433664]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [306688]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [3557376]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [1017856]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [629760]
    ~ Services: 34 Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.643756A3865F0F37CF495E270299D501] [SPRF][09/03/2014] (…) — C:ProgramData1394374888.bdinstall.bin [986067]
    [MD5.CF7B11C946524AFED5ED018F39AD14A1] [SPRF][09/03/2014] (…) — C:ProgramData1394377687.bdinstall.bin [57426]
    [MD5.070B54E817786810C7E4947A5A2B1426] [SPRF][09/03/2014] (…) — C:ProgramData1394377905.bdinstall.bin [412778]
    [MD5.99C10AA540D5256777A8F37C8CAADB2C] [SPRF][25/10/2014] (…) — C:ProgramData1414272404.bdinstall.bin [418863]
    ~ Files: 4 Scanned in 00mn 00s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: « {03D77EEA-5DF9-4E8B-A93C-55E3C9426130} » | In – None – P17 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersPierre-YvesAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    O87 – FAEL: « {5A365FBC-E83B-4A55-88C0-729F1E3675F1} » | In – None – P6 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersPierre-YvesAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Firewall: 2 Scanned in 00mn 01s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: « 5923976166327F040A543A4EA21863E5 » . (.Bing Bar.) — C:WindowsInstaller{16793295-2366-40F7-A045-A3E42A81365E}icon_installer_ico =>Toolbar.Bing
    ~ Update Products: 1 Scanned in 00mn 00s

    —\ Enumère les données de la clé NameSpace (MNS) (O92)
    O92 – MNS: – {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
    O92 – MNS: – {374DE290-123F-4565-9164-39C4925E467B}
    O92 – MNS: – {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
    O92 – MNS: – {A0953C92-50DC-43bf-BE83-3742FED03C9C}
    O92 – MNS: – {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
    O92 – MNS: – {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
    O92 – MNS: Photos iCloud – {F0D63F85-37EC-4097-B30D-61B4A8917118}
    ~ MNS: 7 Scanned in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.64BC02760640108F4AF7CCFA900503C5] [WIS][14/02/2012] (.Microsoft Corporation – Bing Bar.) — C:WindowsInstaller8496.msi [475136] =>Toolbar.Bing
    ~ WIS: 1 Scanned in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 11/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 04/09/2013 2252504 | (BcmBtRSupport) . (.Broadcom Corporation..) – C:WindowsSystem32BtwRSupportService.exe
    SS – | Disabled 25/10/2014 77632 | (BdDesktopParental) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefenderbdparentalservice.exe
    SS – | Auto 23/05/2012 243728 | (CLKMSVC10_38F51D56) . (.CyberLink.) – C:Program Files (x86)CyberLinkPowerDVD10NavFilterkmsvc.exe
    SS – | Demand 25/01/2014 279000 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
    SS – | Demand 26/04/2011 2702848 | (FirebirdServerMAGIXInstance) . (.MAGIX®.) – C:Program Files (x86)Common FilesMAGIX ServicesDatabasebinfbserver.exe
    SS – | Auto 10/07/2014 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 10/07/2014 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientSocketHeciServer.exe
    SS – | Demand 25/07/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SR – | Auto 04/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 24/01/2012 21880 | (APC Data Service) . (.Schneider Electric.) – C:Program Files (x86)APCPowerChute Personal Editiondataserv.exe
    SR – | Auto 24/01/2012 705912 | (APC UPS Service) . (.Schneider Electric.) – C:Program Files (x86)APCPowerChute Personal Editionmainserv.exe
    SR – | Auto 07/10/2014 60744 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 17/02/2012 149120 | (AsSysCtrlService) . (.ASUSTeK Computer Inc..) – C:Program Files (x86)ASUSAsSysCtrlService1.00.13AsSysCtrlService.exe
    SR – | Auto 19/12/2012 72192 | (Asus WebStorage Windows Service) . (…) – C:Program Files (x86)ASUSWebStorage Sync Agent1.1.18.159AsusWSWinService.exe
    SR – | Auto 14/02/2012 193816 | (BBSvc) . (.Microsoft Corporation..) – C:Program Files (x86)MicrosoftBingBar7.1.362.0BBSvc.exe =>Toolbar.Bing
    SR – | Demand 14/02/2012 240408 | (BBUpdate) . (.Microsoft Corporation..) – C:Program Files (x86)MicrosoftBingBar7.1.362.0SeaPort.exe =>Toolbar.Bing
    SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Auto 10/03/2013 959192 | (btwdins) . (.Broadcom Corporation..) – C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
    SR – | Auto 09/04/2013 83032 | (DptfParticipantProcessorService) . (.Intel Corporation.) – C:WindowsSystem32DptfParticipantProcessorService.exe
    SR – | Auto 09/04/2013 100032 | (DptfPolicyConfigTDPService) . (.Intel Corporation.) – C:WindowsSystem32DptfPolicyConfigTDPService.exe
    SR – | Auto 09/04/2013 84568 | (DptfPolicyCriticalService) . (.Intel Corporation.) – C:WindowsSystem32DptfPolicyCriticalService.exe
    SR – | Auto 24/01/2012 1858048 | (Fabs) . (.MAGIX AG.) – C:Program Files (x86)Common FilesMAGIX ServicesDatabasebinFABS.exe
    SR – | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Demand 15/10/2014 643880 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 20/03/2013 169432 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 20/03/2013 368600 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 29/08/2013 920864 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSsystem32nvvsvc.exe
    SR – | Auto 16/05/2013 1826592 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SR – | Auto 21/06/2013 413472 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SR – | Auto 25/10/2014 67320 | (UPDATESRV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefenderupdatesrv.exe
    SR – | Auto 11/11/2014 1536624 | (VSSERV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    SR – | Auto 22/07/2014 1042808 | (WDBackup) . (.Western Digital Technologies, Inc..) – C:Program Files (x86)Western DigitalWD SmartWareWDBackupEngine.exe
    SR – | Auto 02/06/2014 296312 | (WDDriveService) . (.Western Digital Technologies, Inc..) – C:Program Files (x86)Western DigitalWD Drive ManagerWDDriveService.exe
    SR – | Demand 10/07/1658 0 | (WdNisSvc) . (…) – C:Program Files (x86)Windows DefenderNisSrv.exe
    SR – | Demand 10/07/1658 0 | (WinDefend) . (…) – C:Program Files (x86)Windows DefenderMsMpEng.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Demand 22/08/2013 37768 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 07s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Pierre-Yves at 16/11/2014 17:20:56
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Scanned in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
    Run by Pierre-Yves at 16/11/2014 17:20:58
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (15/11/2014)
    Clés trouvées (Keys found) : 3
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 2
    Fichiers trouvés (Files found) : 3

    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{16793295-2366-40F7-A045-A3E42A81365E}] =>Toolbar.Bing^
    [HKCUSoftwareMicrosoftWindowsCurrentVersionUninstalluTorrent] =>P2P.BitTorrent^
    C:UsersPierre-YvesAppDataRoaminguTorrent =>P2P.µTorrent^
    C:UsersPierre-YvesAppDataLocalInstaller =>Adware.InstallPedia
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: Modified =>Hijacker.Application^
    [HKCUSoftwareBitTorrent] =>P2P.BitTorrent^
    C:WindowsInstaller8496.msi =>Toolbar.Bing^
    ~ Additionnel Scan: 369155 Items scanned in 00mn 17s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ » onclick= »window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ » onclick= »window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ » onclick= »window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 3 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://www.nicolascoolman.fr/blog/ » onclick= »window.open(this.href);return false; =>Hijacker.Application
    http://nicolascoolman.fr/adware-installpedia » onclick= »window.open(this.href);return false; =>Adware.InstallPedia
    ~ MSI: 2 link(s) detected in 00mn 00s

    End of the scan (1485 lines in 02mn 42s)(4[/spoiler:3fv8h8uh]

    Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    • Séléctionne et copie le script suivant :

      Script ZHPFix
      C:UsersPierre-YvesAppDataLocalInstaller =>Adware.InstallPedia
      [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: Modified =>Hijacker.Application^
      emptyclsid
      emptyprefetch
      EmptyCLSID
      Emptytemp
      EmptyFlash
      ShortcutFix
    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur « GO« 

    • Confirmes les nettoyages des données en cliquant sur « Oui« 
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    [hr:37vopptn]

    • Pour supprimer les fichiers temporaires :
    • Télécharge SFTGC (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
    MAURY
    Participant
    Nombre d'articles : 15

    Le lien SosUpload est le suivant :

    http://upload.sosvirus.net/www/?a=d&i=1SwArBOtPL » onclick= »window.open(this.href);return false;

    Anonyme
    Nombre d'articles : 0

    Re,

    Il manque le rapport SFTGC stp , une fois SFTGC effectué, redémarre le PC et dis moi si il y a du mieux stp

    MAURY
    Participant
    Nombre d'articles : 15

    Lorsque je tente de télécharger le programme SFTGC à lancer à partir du bureau le message suivant m’apparait et je ne peux plus rien télécharger, même si je passe outre ce signalement de BITDEFENDER :

    Bitdefender a bloqué cette page

    La page à laquelle vous essayez d’accéder contient Trojan.Generic.12032558.

    Cette page est bloquée par le Filtre Antimalware de Bitdefender.

    Anonyme
    Nombre d'articles : 0

    Ok,

    C’est un FP, je leur en ferait part ;)

    Effectue l’option nettoyeur de CCleaner comme ici stp : ccleaner-t104722.html idem, ensuite redémarre le PC et dis moi :)

    MAURY
    Participant
    Nombre d'articles : 15

    Désolé, mais j’ai du m’absenter quelques heures et j’ai repris place devant mon Pc depuis 1/4 d’heure.
    Je viens de suivre tes dernières instructions en téléchargeant Ccleaner et en suivant toutes les instructions.
    Il semble que la situation se soit améliorée, mais je ne pense pas être totalement débarrassé de mon hôte !…
    Comment en être certain ?
    Merci de ta réponse, si tu es toujours là.

    Bien à toi.

    Pierre-Yves.

    MAURY
    Participant
    Nombre d'articles : 15

    Je viens de relancer ADWCleaner

    Voici le fichier des résultats :

    [spoiler:1rlzruik]# AdwCleaner v4.101 – Rapport créé le 16/11/2014 à 23:56:16
    # Mis à jour le 09/11/2014 par Xplode
    # Database : 2014-11-16.1 [Live]
    # Système d'exploitation : Windows 8.1 (64 bits)
    # Nom d'utilisateur : Pierre-Yves – ASUS-PY
    # Exécuté depuis : D:UsersPierre-YvesTéléchargementsadwcleaner_4.101 (1).exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Tâches planifiées ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17416

    -\ Mozilla Firefox v29.0.1 (fr)

    -\ Google Chrome v

    *************************

    AdwCleaner[R0].txt – [4334 octets] – [14/11/2014 01:21:48]
    AdwCleaner[R1].txt – [4398 octets] – [15/11/2014 17:15:42]
    AdwCleaner[R2].txt – [1294 octets] – [16/11/2014 16:58:43]
    AdwCleaner[R3].txt – [1112 octets] – [16/11/2014 23:54:37]
    AdwCleaner[S0].txt – [4539 octets] – [15/11/2014 17:17:12]
    AdwCleaner[S1].txt – [1315 octets] – [16/11/2014 17:00:10]
    AdwCleaner[S2].txt – [1034 octets] – [16/11/2014 23:56:16]

    ########## EOF – C:AdwCleanerAdwCleaner[S2].txt – [1094 octets] ##########[/spoiler:1rlzruik]

    MAURY
    Participant
    Nombre d'articles : 15

    J’ai également relancé ZHPDiag …

    Le fichier complet de diagnostic se trouve à l’adresse SosUpload suivante :

    http://upload.sosvirus.net/www/?a=d&i=sNmOMXEMBB » onclick= »window.open(this.href);return false;

    Bonne lecture.
    Merci d’avance.

    Pierre-Yves.

    MAURY
    Participant
    Nombre d'articles : 15

    Je confirme que la situation ne s’est pas améliorée …

    Les ralentissements du PC ainsi que l’extrême difficulté à diriger la souris le démontrent malheureusement.

    Je reste donc dans l’attente de tes lumières …

    Bien à toi.
    Pierre-Yves.

    Anonyme
    Nombre d'articles : 0

    :hello: ,

    Y’a rien d’infectieux dans ton PC.

    Tu sais à quoi ils correspondent ces logiciels ? :

    O42 – Logiciel: Συλλογή φωτογραφιών – (.Microsoft Corporation.) [HKLM][64Bits] — {032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}
    O42 – Logiciel: 影像中心 – (.Microsoft Corporation.) [HKLM][64Bits] — {7DB15F28-5E38-476A-A773-EA07EAEAB1B3}
    O42 – Logiciel: 照片库 – (.Microsoft Corporation.) [HKLM][64Bits] — {25716F85-7DB7-4CB4-8BD3-1992DBA3F59C}

    Désinstalle bingbar aussi .

    MAURY
    Participant
    Nombre d'articles : 15

    Bonjour,

    Je reviens vers toi, désolé j’ai du m’absenter quelques temps.

    Comme t faire pour supprimer les programmes que tu affiches (en chinois ou cyrillique !…) je ne les trouve pas …

    Bing bar est déjà supprimé.

    Pour info il n’y a eu aucune amélioration … Le déplacement de la souris est toujours aussi erratique.

    Merci de ta réponse.

    Pierre-Yves.

15 sujets de 1 à 15 (sur un total de 23)

Vous devez être connecté pour répondre à ce sujet.