Virus Zombie 2014-12-27T18:52:43+00:00
8 sujets de 1 à 8 (sur un total de 8)
  • Auteur
    Messages
  • Padey
    Participant
    Nombre d'articles : 6

    Bonjour;

    Mon cousin, suite à une erreur en voulant installer Google Chrome, s’est retrouvé avec des virus, en particulier un écrivant Zombie ctrl alt supp sur les pages internet.

    Pourriez vous m’aider à le supprimer?

    Voici le rapport ADW cleaner

    Merci

    Spoiler for 3o0kqyzg

    # AdwCleaner v4.106 – Rapport créé le 27/12/2014 à 19:48:25
    # Mis à jour le 21/12/2014 par Xplode
    # Database : 2014-12-21.4 [Live]
    # Système d'exploitation : Windows 8.1 (64 bits)
    # Nom d'utilisateur : Arnaudmickaël – MICK
    # Exécuté depuis : C:UsersArnaudmickaëlDownloadsadwcleaner_4.106.exe
    # Option : Scanner

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Présent : C:ProgramDataBrowser
    Dossier Présent : C:ZombieInvasion

    ***** [ Tâches planifiées ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Présente : HKCUSoftwareMicrosoftInternet ExplorerLowRegistryDOMStoragesuperfish.com
    Clé Présente : HKCUSoftwareMicrosoftInternet ExplorerLowRegistryDOMStoragewww.superfish.com

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17037

    *************************

    AdwCleaner[R0].txt – [11465 octets] – [26/12/2014 21:30:46]
    AdwCleaner[R1].txt – [2477 octets] – [26/12/2014 21:54:05]
    AdwCleaner[R2].txt – [2870 octets] – [27/12/2014 13:47:05]
    AdwCleaner[R3].txt – [1336 octets] – [27/12/2014 14:07:05]
    AdwCleaner[R4].txt – [1650 octets] – [27/12/2014 19:18:24]
    AdwCleaner[R5].txt – [1175 octets] – [27/12/2014 19:48:25]
    AdwCleaner[S0].txt – [10483 octets] – [26/12/2014 21:34:41]
    AdwCleaner[S1].txt – [2547 octets] – [26/12/2014 21:55:25]
    AdwCleaner[S2].txt – [2944 octets] – [27/12/2014 13:52:07]
    AdwCleaner[S3].txt – [1401 octets] – [27/12/2014 14:08:50]

    ########## EOF – C:AdwCleanerAdwCleaner[R5].txt – [1476 octets] ##########[/spoiler:3o0kqyzg]

    Evasion60Evasion60
    Participant
    Nombre d'articles : 1559

    :hello: Bonjour,

    /! Je vais t’assister au cours de cette désinfection. Si tu es d’accord, on va fixer quelques règles pour que la désinfection soit efficace
    •Si tu as ouvert un sujet similaire sur un autre forum, merci de me prévenir afin que je ne fasse pas de recherches inutiles et par souci d’efficacité (on ne prend pas rendez-vous dans 2 garages pour le même problème mécanique)
    •Si tu as des cracks ou des keygens, tu les supprimes
    •Si tu as un windows illégal, je ne désinfecte pas
    •Tu poursuis la désinfection jusqu’au bout, même si tu constates une amélioration rapide, et de préférence sur un temps restreint (pas une réponse tous les 3 jours), sinon, cela ne sert à rien
    •La désinfection comprend un diagnostic, un nettoyage, la suppression des outils utilisés et des conseils pour éviter des ré-infections futures, mettre le système à jour, créer des sauvegardes etc…
    •Quelques-uns des outils utilisés peuvent faire réagir certains antivirus, car ils sont puissants et destructeurs s’ils sont mal utilisés
    •Pour me permettre d’établir un diagnostic, peux-tu suivre les consignes ci dessous, et éditer les trois rapports demandés ? (Adwcleaner, malwarebyte’s et ZHPDiag)
    •Si tu as des questions, n’hésite pas

    Consignes => post3055.html#p3055

    Evasion60

    /! En attente des trois rapports demandés (dans l’ordre proposé)

    :)

    Padey
    Participant
    Nombre d'articles : 6

    Bonjour,

    Merci pour votre proposition d’aide.

    Désolé pour la réponse tardive, il a d’abord fallu que je récupère l’ordinateur.
    Cet ordinateur est tout neuf. Mon petit cousin l’a recu a noel mais en voulant installer Google chrome, il a installer un virus….

    Il est d’origine avec une version non piraté de Windows 8 et presque aucun programme installé.

    JE vous fais suivre dans un 1er temps le diag adw cleaner puis les autres arrivent des que les scans sont terminés.

    MErci encore pour votre aide.

    Voici le rapport ADW

    Spoiler for 2n4hmjcf

    # AdwCleaner v4.106 – Rapport créé le 30/12/2014 à 20:14:45
    # Mis à jour le 21/12/2014 par Xplode
    # Database : 2014-12-30.1 [Live]
    # Système d'exploitation : Windows 8.1 (64 bits)
    # Nom d'utilisateur : Arnaudmickaël – MICK
    # Exécuté depuis : C:UsersArnaudmickaëlDownloadsadwcleaner_4.106.exe
    # Option : Scanner

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Présent : C:ProgramDataBrowser
    Dossier Présent : C:ZombieInvasion

    ***** [ Tâches planifiées ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Présente : HKCUSoftwareMicrosoftInternet ExplorerLowRegistryDOMStoragesuperfish.com
    Clé Présente : HKCUSoftwareMicrosoftInternet ExplorerLowRegistryDOMStoragewww.superfish.com

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17416

    *************************

    AdwCleaner[R0].txt – [11465 octets] – [26/12/2014 21:30:46]
    AdwCleaner[R1].txt – [2477 octets] – [26/12/2014 21:54:05]
    AdwCleaner[R2].txt – [2870 octets] – [27/12/2014 13:47:05]
    AdwCleaner[R3].txt – [1336 octets] – [27/12/2014 14:07:05]
    AdwCleaner[R4].txt – [1650 octets] – [27/12/2014 19:18:24]
    AdwCleaner[R5].txt – [1556 octets] – [27/12/2014 19:48:25]
    AdwCleaner[R6].txt – [1235 octets] – [30/12/2014 20:14:45]
    AdwCleaner[S0].txt – [10483 octets] – [26/12/2014 21:34:41]
    AdwCleaner[S1].txt – [2547 octets] – [26/12/2014 21:55:25]
    AdwCleaner[S2].txt – [2944 octets] – [27/12/2014 13:52:07]
    AdwCleaner[S3].txt – [1401 octets] – [27/12/2014 14:08:50]

    ########## EOF – C:AdwCleanerAdwCleaner[R6].txt – [1536 octets] ##########[/spoiler:2n4hmjcf]

    Padey
    Participant
    Nombre d'articles : 6

    Voici le rapport malware

    Spoiler for 1pl2j32d

    Malwarebytes Anti-Malware
    http://www.malwarebytes.org

    Scan Date: 30/12/2014
    Scan Time: 20:22:55
    Logfile: Malware rapport.txt
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2014.12.30.07
    Rootkit Database: v2014.12.29.02
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Arnaudmickaël

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 317575
    Time Elapsed: 5 min, 52 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 1
    PUP.Optional.Vosteran, HKLMSOFTWAREWOW6432NODEMICROSOFTINTERNET EXPLORERLOW RIGHTSELEVATIONPOLICY|AppPath, C:Program Files (x86)WSE_Vosteran\, , [a9560e5a4f2d3105fe3972723bc99868]

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)

    (end)[/spoiler:1pl2j32d]

    Padey
    Participant
    Nombre d'articles : 6
    Spoiler for 3dfhrmzu

    ~ Rapport de ZHPDiag v2014.12.30.180 – Nicolas Coolman (30/12/2014)
    ~ Lancé par Arnaudmickaël (30/12/2014 20:32:48)
    ~ Facebook : https://www.facebook.com/nicolascoolman1” onclick=”window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Désactivée par l'utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17498 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8.1, 64-bit (Build 9600)
    Windows Server License Manager Script : OK
    ~ Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : F6XF3
    Windows License : OK
    ~ Windows Remaining Initializations Number : 999
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Malwarebytes Anti-Malware version 2.0.4.1028
    McAfee LiveSafe – Internet Security v13.6.1248
    Windows Defender W8 (Deactivate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8075 MB (63% free)
    System Restore: Activé (Enable)
    System drive C: has 324 GB (87%) free of 373 GB

    —\ Mode de connexion au système
    ~ Computer Name: MICK
    ~ User Name: Arnaudmickaël
    ~ All Users Names: Arnaudmickaël, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersArnaudmickaëlAppDataRoamingZHP
    ~ %AppData% : C:UsersArnaudmickaëlAppDataRoaming
    ~ %Desktop% : C:UsersArnaudmickaëlDesktop
    ~ %Favorites% : C:UsersArnaudmickaëlFavorites
    ~ %LocalAppData% : C:UsersArnaudmickaëlAppDataLocal
    ~ %StartMenu% : C:UsersArnaudmickaëlAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 324 Go of 373 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 538 Go of 538 Go)
    E: CD-ROM drive (Free 0 Go of 8 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 41 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.4CE0C733CDCF1D2F78532BBD9CE3441D] – (.Microsoft Corporation – Explorateur Windows.) (.18/03/2014 – 16:27:40.) — C:WindowsExplorer.exe [2373784]
    [MD5.48CFA7BE561A7BE144C29BB912055016] – (.Microsoft Corporation – Application de démarrage de Windows.) (.22/08/2013 – 10:58:29.) — C:WindowsSystem32Wininit.exe [144384]
    [MD5.4AF089160FE082E5EA5C4AA72782DCA2] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/11/2014 – 02:28:21.) — C:WindowsSystem32wininet.dll [2358272]
    [MD5.306EB21E5B480AE9065EA55AC8C35936] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.18/03/2014 – 16:27:31.) — C:WindowsSystem32Winlogon.exe [562176]
    [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] – (.Microsoft Corporation – Bibliothèque de licences.) (.18/03/2014 – 16:27:32.) — C:WindowsSystem32sppcomapi.dll [447488]
    [MD5.239268BAB58EAE9A3FF4E08334C00451] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.22/08/2013 – 14:25:35.) — C:Windowssystem32DriversAFD.sys [567296]
    [MD5.74B14192CF79A72F7536B27CB8814FBD] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.22/08/2013 – 13:43:41.) — C:Windowssystem32Driversatapi.sys [26464]
    [MD5.2FA6510E33F7DEFEC03658B74101A9B9] – (.Microsoft Corporation – CD-ROM File System Driver.) (.22/08/2013 – 12:40:15.) — C:Windowssystem32DriversCdfs.sys [88576]
    [MD5.C6796EA22B513E3457514D92DCDB1A3D] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.22/08/2013 – 09:46:35.) — C:Windowssystem32DriversCdrom.sys [164352]
    [MD5.414686EF104910BA41DF66E83BDCD495] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.18/03/2014 – 16:27:21.) — C:Windowssystem32DriversDfsC.sys [134656]
    [MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.22/08/2013 – 12:38:38.) — C:Windowssystem32DriversHDAudBus.sys [78336]
    [MD5.84CFC5EFA97D0C965EDE1D56F116A541] – (.Microsoft Corporation – Pilote de port i8042.) (.22/08/2013 – 12:39:15.) — C:Windowssystem32Driversi8042prt.sys [107520]
    [MD5.B7342B3C58E91107F6E946A93D9D4EFD] – (.Microsoft Corporation – IP Network Address Translator.) (.18/03/2014 – 16:27:35.) — C:Windowssystem32DriversIpNat.sys [142848]
    [MD5.16FFC07D36FD83ACA189A641385168B3] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.18/03/2014 – 16:27:21.) — C:Windowssystem32DriversMRxSmb.sys [402944]
    [MD5.0217532E19A748F0E5D569307363D5FD] – (.Microsoft Corporation – MBT Transport driver.) (.22/08/2013 – 12:37:02.) — C:Windowssystem32DriversnetBT.sys [282624]
    [MD5.9AEB38B451A7B84ACB7CD3D664F87BF0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.18/03/2014 – 16:27:20.) — C:Windowssystem32Driversntfs.sys [2013016]
    [MD5.764B1121867B2D9B31C491668AC72B2B] – (.Microsoft Corporation – Pilote de port parallèle.) (.22/08/2013 – 12:40:02.) — C:Windowssystem32DriversParport.sys [94208]
    [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.22/08/2013 – 12:35:51.) — C:Windowssystem32DriversRasl2tp.sys [120832]
    [MD5.680C1DAE268B6FB67FA21B389A8B79EF] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.18/03/2014 – 16:10:10.) — C:Windowssystem32Driversrdpdr.sys [195584]
    [MD5.FFF28F9F6823EB1756C60F1649560BBF] – (.Microsoft Corporation – TDI Translation Driver.) (.22/08/2013 – 14:25:35.) — C:Windowssystem32Driverstdx.sys [107520]
    [MD5.3595FBDF25F8BA6256072D103937D7D6] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.18/03/2014 – 16:27:18.) — C:Windowssystem32Driversvolsnap.sys [311640]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/2
    ~ Mes Favoris (My Favorites) : 1/7
    ~ Mes Documents (My Documents) : 1/3
    ~ Mon Bureau (My Desktop) : 1/9
    ~ Menu demarrer (Programs) : 1/22
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.3C13F26A4766752314A5413038BD86B4] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe [7229752] [PID.6464]
    [MD5.E72C2F7797A6B7E0445D789FD6EF87B5] – (.ASUSTek Computer Inc. – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [209720] [PID.7420]
    [MD5.CFAC0D3B76F75709B03360FDF910CF21] – (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [406328] [PID.4880]
    [MD5.C56AEF21A76A6E2BB36A384B2C96389F] – (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [2403104] [PID.6956]
    [MD5.D7C763585907733B9F97E08914AF3F9E] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [58440] [PID.7680]
    [MD5.8469DB1513CEA47300B00C1B2C41ADEB] – (.ASUSTek Computer Inc. – ASUS USB Charger Plus.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [19858000] [PID.6880]
    [MD5.887CAA31048EB8ED09A0CBD0E6F46F09] – (.Oracle Corporation – Java Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [507776] [PID.4528]
    [MD5.5F1B1148C830C0F149A476A58CE0D09D] – (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet ExplorerIEXPLORE.exe [815248] [PID.6400]
    [MD5.62185EFF3174F1829BF91E68A3DEC6D7] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8146432] [PID.5892]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    P2 – FPN: [HKLM] [@mcafee.com/MSC,version=10] – (…) — C:Program FilesmcafeemscnpMcSnFFPl64.dll
    ~ Firefox Browser: 1 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://fr.msn.com” onclick=”window.open(this.href);return false;
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = http://fr.msn.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerAboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) — C:WindowsSysWOW64ieframe.dll
    ~ IE Browser: 18 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (21)
    ~ Hosts File: Scanned in 00mn 00s

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: Java(tm) Plug-In SSV Helper [64Bits] – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre1.8.0_25binssv.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre1.8.0_25binjp2ssv.dll
    ~ BHO: 2 Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [DptfPolicyLpmServiceHelper] . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Frame.) — C:Windowssystem32DptfPolicyLpmServiceHelper.exe
    O4 – HKLM..Run: [NvBackend] . (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
    O4 – HKLM..Run: [ShadowPlay] . (.NVIDIA Corporation – NVIDIA Capture Server Proxy.) — C:Windowssystem32nvspcap64.dll
    O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
    O4 – HKLM..Wow6432NodeRun: [WebStorage] . (…) — C:Program Files (x86)ASUSWebStorage2.1.2.301ASUSWSLoader.exe
    O4 – HKLM..Wow6432NodeRun: [mcpltui_exe] . (.McAfee, Inc. – McAfee.) — C:Program FilesCommon FilesMcAfeeplatformMcUICnt.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..policiesExplorerRun: [BtvStack] . (.Qualcomm®Atheros® – Extension Core.) — C:Program Files (x86)Bluetooth SuiteBtvStack.exe
    ~ Application: Scanned in 00mn 00s

    —\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:Windowssystem32wshbth.dll
    ~ Winsock: 7 Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{B1DE3FB2-AE08-428C-AA53-42194D9D46D4}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{B1DE3FB2-AE08-428C-AA53-42194D9D46D4}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript [64Bits] – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: application/x-msdownload [64Bits] – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. – ASLDR Service.) – C:Program Files (x86)ASUSATK PackageATK HotkeyAsLdrSrv.exe
    O23 – Service: (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation – Asus WebStorage Windows Service.) – C:Program Files (x86)ASUSWebStorage2.1.2.301AsusWSWinService.exe
    O23 – Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider – Windows Setup API.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
    O23 – Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS – GFNEXSrv.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    O23 – Service: oem3.inf (DptfParticipantProcessorService) . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Frame.) – C:WindowsSystem32DptfParticipantProcessorService.exe
    O23 – Service: oem3.inf (DptfPolicyCriticalService) . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Frame.) – C:WindowsSystem32DptfPolicyCriticalService.exe
    O23 – Service: oem3.inf (DptfPolicyLpmService) . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Frame.) – C:WindowsSystem32DptfPolicyLpmService.exe
    O23 – Service: ExpressCache (ExpressCache) . (.Condusiv Technologies – ExpressCache Service.) – C:Program FilesCondusiv TechnologiesExpressCacheExpressCache.exe
    O23 – Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent – WildTangent Games App Integration Service.) – C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe
    O23 – Service: McAfee Home Network (HomeNetSvc) . (.McAfee, Inc. – McAfee Service Host.) – C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe
    O23 – Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation – igfxCUIService Module.) – C:WindowsSystem32igfxCUIService.exe
    O23 – Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation – Intel(R) Capability Licensing Service Inter.) – C:Program FilesInteliCLS ClientHeciServer.exe
    O23 – Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation – Intel(R) ME Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    O23 – Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Intel(R) Local Management Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    O23 – Service: (MBAMScheduler) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    O23 – Service: (MBAMService) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    O23 – Service: McAfee AP Service (McAPExe) . (.McAfee, Inc. – McAfee Access Protection.) – C:Program FilesMcAfeeMSCMcAPexe.exe
    O23 – Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. – McAfee Service Host.) – C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe
    O23 – Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. – McAfee Service Host.) – C:Program FilesCommon FilesMcAfeeplatformMcSvcHostMcSvHost.exe
    O23 – Service: McAfee Platform Services (mcpltsvc) . (.McAfee, Inc. – McAfee Service Host.) – C:Program FilesCommon FilesMcAfeeplatformMcSvcHostMcSvHost.exe
    O23 – Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. – McAfee Service Host.) – C:Program FilesCommon FilesMcAfeeplatformMcSvcHostMcSvHost.exe
    O23 – Service: McAfee Anti-Malware Core (mfecore) . (.McAfee, Inc. – McAfee On-Access Scanner service.) – C:Program FilesCommon FilesMcAfeeAMCoremcshield.exe
    O23 – Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. – McAfee Core Firewall Service.) – C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe
    O23 – Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. – McAfee Process Validation Service.) – C:Windowssystem32mfevtps.exe
    O23 – Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. – McAfee Service Host.) – C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe
    O23 – Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation – NVIDIA Network Service.) – C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
    O23 – Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation – NVIDIA Streamer Service.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    O23 – Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 333.3.) – C:Windowssystem32nvvsvc.exe
    O23 – Service: ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent) . (.Atheros – Atheros Coex Service Application.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
    ~ Services: 30 Scanned in 00mn 09s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.24B7AEFCA2403E01819E73F7F127E16C] [APT] [ASUS Smart Gesture Launcher] (.AsusTek.) — C:Program Files (x86)ASUSASUS Smart GestureAsTPCenterx64AsusTPLauncher.exe [18232]
    [MD5.D7C763585907733B9F97E08914AF3F9E] [APT] [ASUS Splendid ACMON] (.ASUS.) — C:Program Files (x86)ASUSSplendidACMON.exe [58440]
    [MD5.8469DB1513CEA47300B00C1B2C41ADEB] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [19858000]
    [MD5.95BF2536652AC4116CD54F8D2CB2E055] [APT] [ATK Package 36D18D69AFC3] (.ASUSTek Computer Inc..) — C:Program Files (x86)ASUSATK PackageATK HotkeySimAppexec.exe [120632]
    [MD5.F61BA9111156D8EE279AC65B59FA7FE1] [APT] [RtHDVBg] (.Realtek Semiconductor.) — C:Program FilesRealtekAudioHDARAVBg64.exe [1392344]
    [MD5.FD2BA533158566CD5A82318D8189C773] [APT] [RTKCPL] (.Realtek Semiconductor.) — C:Program FilesRealtekAudioHDARAVCpl64.exe [13675736]
    [MD5.F9FC61569BC63C1FCE06F00DF74F7348] [APT] [Update Checker] (…) — C:Program Files (x86)ASUSASUS Live UpdateUpdateChecker.exe [12288] =>Adware.SmileyBar
    O39 – APT: – (..) — C:WindowsTasksCPHSK.job [1378]
    ~ Scheduled Task: 9 Scanned in 00mn 02s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:WindowsSystem32mscories.dll
    ~ Active Setup: 9 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: C:WindowsSystem32driversahcache.sys (ahcache) . (.Microsoft Corporation – Application Compatibility Cache.) – C:WindowsSystem32DRIVERSahcache.sys
    O41 – Driver: (ATKWMIACPIIO) . (.ASUSTek Computer Inc. – ATK WMIACPI Utility.) – C:Program Files (x86)ASUSATK PackageATK WMIACPIatkwmiacpi64.sys
    O41 – Driver: (BasicDisplay) . (.Microsoft Corporation – Microsoft Basic Display Driver.) – C:Windowssystem32driversBasicDisplay.sys
    O41 – Driver: (BasicRender) . (.Microsoft Corporation – Microsoft Basic Render Driver.) – C:Windowssystem32driversBasicRender.sys
    O41 – Driver: cdrom.inf (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:Windowssystem32driverscdrom.sys
    O41 – Driver: C:WindowsSystem32driversdam.sys (dam) . (.Microsoft Corporation – DAM Kernel Driver.) – C:WindowsSystem32driversdam.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (Dfsc) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: (excfs) . (.Condusiv Technologies – ExpressCache Filesystem Filter Driver.) – C:WindowsSystem32DRIVERSexcfs.sys
    O41 – Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:Windowssystem32driversmssmbios.sys
    O41 – Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation – Named pipe service triggers.) – C:Windowssystem32driversnpsvctrig.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:Windowssystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:Windowssystem32DRIVERStdx.sys
    O41 – Driver: C:WindowsSystem32driversvwififlt.sys (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:Windowssystem32DRIVERSvwififlt.sys
    ~ Drivers: 36 Scanned in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: ASUS Live Update – (.ASUS.) [HKLM][64Bits] — {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
    O42 – Logiciel: ASUS Screen Saver – (.ASUS.) [HKLM][64Bits] — {0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
    O42 – Logiciel: ASUS Smart Gesture – (.ASUS.) [HKLM][64Bits] — {4D3286A6-F6AB-498A-82A4-E4F040529F3D}
    O42 – Logiciel: ASUS Splendid Video Enhancement Technology – (.ASUS.) [HKLM][64Bits] — {0969AF05-4FF6-4C00-9406-43599238DE0D}
    O42 – Logiciel: ASUS USB Charger Plus – (.ASUS.) [HKLM][64Bits] — {A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
    O42 – Logiciel: ATK Package – (.ASUS.) [HKLM][64Bits] — {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe AIR
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {47FA2C44-D148-4DBC-AF60-B91934AA4842}
    O42 – Logiciel: CyberLink MediaStory – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}
    O42 – Logiciel: CyberLink MediaStory – (.CyberLink Corp..) [HKLM][64Bits] — {55762F9A-FCE3-45d5-817B-051218658423}
    O42 – Logiciel: EA Download Manager – (.Electronic Arts, Inc..) [HKLM][64Bits] — EA Download Manager
    O42 – Logiciel: ExpressCache – (.Condusiv Technologies.) [HKLM][64Bits] — {44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA}
    O42 – Logiciel: Game Explorer Categories – casual – (.WildTangent, Inc..) [HKLM][64Bits] — WildTangentGameProvider-asus-casual
    O42 – Logiciel: Game Explorer Categories – enthusiast – (.WildTangent, Inc..) [HKLM][64Bits] — WildTangentGameProvider-asus-enthusiast
    O42 – Logiciel: Game Explorer Categories – family – (.WildTangent, Inc..) [HKLM][64Bits] — WildTangentGameProvider-asus-family
    O42 – Logiciel: Game Explorer Categories – kids – (.WildTangent, Inc..) [HKLM][64Bits] — WildTangentGameProvider-asus-kids
    O42 – Logiciel: Game Explorer Categories – touch – (.WildTangent, Inc..) [HKLM][64Bits] — WildTangentGameProvider-asus-touch
    O42 – Logiciel: Intel(R) Dynamic Platform and Thermal Framework – (.Intel Corporation.) [HKLM][64Bits] — FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C
    O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 – Logiciel: Intel(R) Processor Graphics – (.Intel Corporation.) [HKLM][64Bits] — {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
    O42 – Logiciel: Intel® Trusted Connect Service Client – (.Intel Corporation.) [HKLM][64Bits] — {B5E06417-A4AC-4225-B36E-7E34C91616E7}
    O42 – Logiciel: Java 8 Update 25 – (.Oracle Corporation.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F83218025F0}
    O42 – Logiciel: LEGO® Batman™ 2: DC Super Heroes – (.Warner Bros. Interactive Entertainment.) [HKLM][64Bits] — {4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}
    O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
    O42 – Logiciel: McAfee LiveSafe – Internet Security – (.McAfee, Inc..) [HKLM][64Bits] — MSC
    O42 – Logiciel: NVIDIA GeForce Experience 2.1.1 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
    O42 – Logiciel: NVIDIA Graphics Driver 333.37 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
    O42 – Logiciel: NVIDIA PhysX – (.NVIDIA Corporation.) [HKLM][64Bits] — {B455E95A-B804-439F-B533-336B1635AE97}
    O42 – Logiciel: NVIDIA PhysX System Software 9.14.0702 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
    O42 – Logiciel: Need for Speed(TM) Hot Pursuit – (.Electronic Arts.) [HKLM][64Bits] — {83A606F5-BF6F-42ED-9F33-B9F74297CDED}
    O42 – Logiciel: Qualcomm Atheros Bluetooth Suite (64) – (.Qualcomm Atheros Communications.) [HKLM][64Bits] — {A84A4FB1-D703-48DB-89E0-68B6499D2801}
    O42 – Logiciel: Qualcomm Atheros Client Installation Program – (.Qualcomm Atheros.) [HKLM][64Bits] — {28006915-2739-4EBE-B5E8-49B25D32EB33}
    O42 – Logiciel: Realtek Card Reader – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
    O42 – Logiciel: Realtek Ethernet Controller Driver – (.Realtek.) [HKLM][64Bits] — {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
    O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 – Logiciel: Update Installer for WildTangent Games App – (.WildTangent.) [HKLM][64Bits] — {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent
    O42 – Logiciel: WebStorage – (.ASUS Cloud Corporation.) [HKLM][64Bits] — WebStorage
    O42 – Logiciel: WildTangent Games App – (.WildTangent.) [HKLM][64Bits] — {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus =>.WildTangent
    O42 – Logiciel: WinFlash – (.ASUS.) [HKLM][64Bits] — {8F21291E-0444-4B1D-B9F9-4370A73E346D}
    O42 – Logiciel: Windows Driver Package – ASUS (ATP) Mouse (07/02/2014 6.0.0.39) – (.ASUS.) [HKLM][64Bits] — 51B9B97722559D76D6429B83B71A86106A35BFCE
    O42 – Logiciel: Zombie Invasion – (.Time Lapse Solutions.) [HKLM][64Bits] — ZombieInvasion =>PUP.ZombieInvasion
    ~ Logic: 43 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareASUS]
    [HKCUSoftwareAd-Remover]
    [HKCUSoftwareAppDataLowSoftwareJavaSoft]
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareAtheros]
    [HKCUSoftwareChromium]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareDSS]
    [HKCUSoftwareECAREME]
    [HKCUSoftwareElectronic Arts]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareIntel]
    [HKCUSoftwareJavaSoft]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMcAfee]
    [HKCUSoftwareMine]
    [HKCUSoftwareMozillaPlugins]
    [HKCUSoftwareMozilla]
    [HKCUSoftwareNVIDIA Corporation]
    [HKCUSoftwarePolicies]
    [HKCUSoftwareRealtek]
    [HKCUSoftwareRegisteredApplications]
    [HKCUSoftwareSecurSoft]
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareWarner Bros. Interactive Entertainment]
    [HKCUSoftwareWow6432Node]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKCUSoftwareteras games]
    [HKLMSoftwareAGEIA Technologies]
    [HKLMSoftwareASUS]
    [HKLMSoftwareAgere]
    [HKLMSoftwareAtheros]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareDTS]
    [HKLMSoftwareDiskeeper Corporation]
    [HKLMSoftwareDolby]
    [HKLMSoftwareECAREME]
    [HKLMSoftwareGoogle]
    [HKLMSoftwareIntel]
    [HKLMSoftwareKhronos]
    [HKLMSoftwareKnowles]
    [HKLMSoftwareLSI]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMcAfee.com]
    [HKLMSoftwareMcAfee]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareNVIDIA Corporation]
    [HKLMSoftwareNuance]
    [HKLMSoftwareODBC]
    [HKLMSoftwarePolicies]
    [HKLMSoftwareRTLSetup]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareSRS Labs]
    [HKLMSoftwareSonicFocus]
    [HKLMSoftwareSynaptics]
    [HKLMSoftwareWaves Audio]
    [HKLMSoftwareWow6432NodeAGEIA Technologies]
    [HKLMSoftwareWow6432NodeASIO]
    [HKLMSoftwareWow6432NodeASUS]
    [HKLMSoftwareWow6432NodeAdobe]
    [HKLMSoftwareWow6432NodeAdwCleaner]
    [HKLMSoftwareWow6432NodeAppDataLow]
    [HKLMSoftwareWow6432NodeAsLdr]
    [HKLMSoftwareWow6432NodeAtheros]
    [HKLMSoftwareWow6432NodeClasses]
    [HKLMSoftwareWow6432NodeClients]
    [HKLMSoftwareWow6432NodeCyberLink]
    [HKLMSoftwareWow6432NodeECAREME]
    [HKLMSoftwareWow6432NodeElectronic Arts]
    [HKLMSoftwareWow6432NodeGoogle]
    [HKLMSoftwareWow6432NodeInstallShield]
    [HKLMSoftwareWow6432NodeIntel]
    [HKLMSoftwareWow6432NodeJavaSoft]
    [HKLMSoftwareWow6432NodeJreMetrics]
    [HKLMSoftwareWow6432NodeKhronos]
    [HKLMSoftwareWow6432NodeMacromedia]
    [HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware]
    [HKLMSoftwareWow6432NodeMaxPower]
    [HKLMSoftwareWow6432NodeMcAfee.com]
    [HKLMSoftwareWow6432NodeMcAfee]
    [HKLMSoftwareWow6432NodeMozillaPlugins]
    [HKLMSoftwareWow6432NodeMozilla]
    [HKLMSoftwareWow6432NodeNVIDIA Corporation]
    [HKLMSoftwareWow6432NodeNuance]
    [HKLMSoftwareWow6432NodeODBC]
    [HKLMSoftwareWow6432NodePolicies]
    [HKLMSoftwareWow6432NodeQualcomm Atheros]
    [HKLMSoftwareWow6432NodeRealtek Semiconductor Corp.]
    [HKLMSoftwareWow6432NodeRealtek]
    [HKLMSoftwareWow6432NodeRegisteredApplications]
    [HKLMSoftwareWow6432NodeSuppHelpDir]
    [HKLMSoftwareWow6432NodeVolatile]
    [HKLMSoftwareWow6432NodeWarner Bros. Interactive Entertainment]
    [HKLMSoftwareWow6432NodeWildTangent]
    [HKLMSoftwareWow6432Noded57b1885-4d24-2579-4f54-35f0903d2b2a] =>PUP.CrossRider
    [HKLMSoftwareWow6432Node]
    ~ Key Software: 185 Scanned in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 27/12/2014 – 14:04:04 – [] —-D C:Program Files (x86)Ad-Remover
    O43 – CFD: 26/12/2014 – 03:07:32 – [] —-D C:Program Files (x86)Adobe
    O43 – CFD: 14/10/2014 – 03:25:52 – [0] —-D C:Program Files (x86)AGEIA Technologies
    O43 – CFD: 26/12/2014 – 02:46:08 – [] —-D C:Program Files (x86)ASUS
    O43 – CFD: 14/10/2014 – 03:34:02 – [] —-D C:Program Files (x86)Bluetooth Suite
    O43 – CFD: 26/12/2014 – 03:07:32 – [] —-D C:Program Files (x86)Common Files
    O43 – CFD: 14/10/2014 – 03:44:00 – [] —-D C:Program Files (x86)Cyberlink
    O43 – CFD: 26/12/2014 – 03:06:35 – [] —-D C:Program Files (x86)Electronic Arts
    O43 – CFD: 27/12/2014 – 19:32:41 – [0] —-D C:Program Files (x86)f9519396-460a-4ac9-9a7a-3498628efa02
    O43 – CFD: 27/12/2014 – 13:57:36 – [] —-D C:Program Files (x86)Google
    O43 – CFD: 14/10/2014 – 03:43:20 – [] –H-D C:Program Files (x86)InstallShield Installation Information
    O43 – CFD: 14/10/2014 – 03:22:35 – [] —-D C:Program Files (x86)Intel
    O43 – CFD: 29/12/2014 – 09:42:18 – [] —-D C:Program Files (x86)Internet Explorer
    O43 – CFD: 26/12/2014 – 02:09:17 – [] —-D C:Program Files (x86)Java
    O43 – CFD: 27/12/2014 – 19:12:08 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
    O43 – CFD: 26/12/2014 – 21:37:24 – [] —-D C:Program Files (x86)McAfee
    O43 – CFD: 14/10/2014 – 03:44:13 – [] —-D C:Program Files (x86)mcafee.com
    O43 – CFD: 15/05/2014 – 16:53:50 – [] —-D C:Program Files (x86)Microsoft Office
    O43 – CFD: 22/08/2013 – 16:36:30 – [] —-D C:Program Files (x86)Microsoft.NET
    O43 – CFD: 16/05/2014 – 00:26:43 – [] —-D C:Program Files (x86)MSBuild
    O43 – CFD: 14/10/2014 – 03:25:57 – [] —-D C:Program Files (x86)NVIDIA Corporation
    O43 – CFD: 14/10/2014 – 03:17:11 – [] —-D C:Program Files (x86)Qualcomm Atheros
    O43 – CFD: 14/10/2014 – 03:33:24 – [] —-D C:Program Files (x86)Realtek
    O43 – CFD: 16/05/2014 – 00:26:43 – [] —-D C:Program Files (x86)Reference Assemblies
    O43 – CFD: 14/10/2014 – 03:28:32 – [0] –H-D C:Program Files (x86)Temp
    O43 – CFD: 26/12/2014 – 01:47:46 – [] —-D C:Program Files (x86)Warner Bros. Interactive Entertainment
    O43 – CFD: 15/05/2014 – 17:01:31 – [] —-D C:Program Files (x86)WildTangent Games
    O43 – CFD: 16/05/2014 – 01:42:46 – [] —-D C:Program Files (x86)Windows Defender
    O43 – CFD: 16/05/2014 – 01:14:49 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
    O43 – CFD: 16/05/2014 – 01:14:49 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
    O43 – CFD: 18/03/2014 – 16:38:36 – [] —-D C:Program Files (x86)Windows Multimedia Platform
    O43 – CFD: 22/08/2013 – 16:36:30 – [] —-D C:Program Files (x86)Windows NT
    O43 – CFD: 16/05/2014 – 01:14:49 – [] —-D C:Program Files (x86)Windows Photo Viewer
    O43 – CFD: 18/03/2014 – 16:38:36 – [] —-D C:Program Files (x86)Windows Portable Devices
    O43 – CFD: 22/08/2013 – 16:36:30 – [] -SH-D C:Program Files (x86)Windows Sidebar
    O43 – CFD: 22/08/2013 – 16:36:30 – [] —-D C:Program Files (x86)WindowsPowerShell
    O43 – CFD: 30/12/2014 – 20:32:32 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
    O43 – CFD: 26/12/2014 – 03:08:39 – [] —-D C:Program Files (x86)Common FilesAdobe AIR
    O43 – CFD: 14/10/2014 – 03:34:00 – [] —-D C:Program Files (x86)Common FilesAtheros
    O43 – CFD: 15/05/2014 – 16:58:41 – [] —-D C:Program Files (x86)Common FilesAWS
    O43 – CFD: 14/10/2014 – 03:28:05 – [] —-D C:Program Files (x86)Common FilesInstallShield
    O43 – CFD: 14/10/2014 – 03:22:31 – [] —-D C:Program Files (x86)Common FilesIntel
    O43 – CFD: 26/12/2014 – 02:09:26 – [] —-D C:Program Files (x86)Common FilesJava
    O43 – CFD: 14/10/2014 – 03:44:23 – [] —-D C:Program Files (x86)Common FilesMcAfee
    O43 – CFD: 14/10/2014 – 03:33:43 – [] —-D C:Program Files (x86)Common FilesMicrosoft Shared
    O43 – CFD: 14/10/2014 – 03:21:29 – [] —-D C:Program Files (x86)Common FilespostureAgent
    O43 – CFD: 22/08/2013 – 16:36:33 – [] —-D C:Program Files (x86)Common FilesServices
    O43 – CFD: 16/05/2014 – 01:14:49 – [] —-D C:Program Files (x86)Common FilesSystem
    O43 – CFD: 26/12/2014 – 03:07:37 – [] —-D C:ProgramDataAdobe
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 15/05/2014 – 16:58:44 – [] —-D C:ProgramDataASUS WebStorage
    O43 – CFD: 15/05/2014 – 16:58:15 – [] —-D C:ProgramDataASUSLogos
    O43 – CFD: 25/12/2014 – 15:32:34 – [] —-D C:ProgramDataAtheros
    O43 – CFD: 27/12/2014 – 14:16:46 – [] —-D C:ProgramDataBrowser
    O43 – CFD: 14/10/2014 – 03:41:11 – [] —-D C:ProgramDataCondusiv Technologies
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataDesktop
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataDocuments
    O43 – CFD: 26/12/2014 – 09:36:07 – [] —-D C:ProgramDataEA Core
    O43 – CFD: 26/12/2014 – 03:07:43 – [] —-D C:ProgramDataElectronic Arts
    O43 – CFD: 14/10/2014 – 03:44:03 – [] —-D C:ProgramDatainstall_clap
    O43 – CFD: 14/10/2014 – 03:21:48 – [] —-D C:ProgramDataIntel
    O43 – CFD: 27/12/2014 – 19:39:09 – [] —-D C:ProgramDataIotAHQVsle
    O43 – CFD: 27/12/2014 – 19:12:04 – [] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 26/12/2014 – 02:36:25 – [] —-D C:ProgramDataMcAfee
    O43 – CFD: 25/12/2014 – 15:58:53 – [] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 14/10/2014 – 03:25:44 – [] —-D C:ProgramDataNVIDIA
    O43 – CFD: 14/10/2014 – 03:28:04 – [] —-D C:ProgramDataNVIDIA Corporation
    O43 – CFD: 26/12/2014 – 02:09:33 – [] —-D C:ProgramDataOracle
    O43 – CFD: 14/10/2014 – 03:43:37 – [] —-D C:ProgramDataPackage Cache
    O43 – CFD: 14/10/2014 – 03:17:05 – [] —-D C:ProgramDataQualcomm Atheros
    O43 – CFD: 15/05/2014 – 16:53:58 – [] —-D C:ProgramDataregid.1991-06.com.microsoft
    O43 – CFD: 27/12/2014 – 15:04:30 – [] —-D C:ProgramDataRogueKiller
    O43 – CFD: 26/12/2014 – 02:41:37 – [] —-D C:ProgramDataSolidshield
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 26/12/2014 – 02:09:26 – [] —-D C:ProgramDataSun
    O43 – CFD: 14/10/2014 – 03:43:32 – [] —-D C:ProgramDataTemp
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataTemplates
    O43 – CFD: 25/12/2014 – 15:31:55 – [] —-D C:ProgramDataUSBChargerPlus
    O43 – CFD: 15/05/2014 – 16:58:44 – [] —-D C:ProgramDataWebStorage
    O43 – CFD: 15/05/2014 – 17:02:01 – [] —-D C:ProgramDataWildTangent
    O43 – CFD: 14/10/2014 – 03:33:37 – [] —-D C:ProgramData{BFABFDD4-B7B5-42C6-A4B1-3A3BD77AF439}
    O43 – CFD: 22/08/2013 – 16:36:33 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessibility
    O43 – CFD: 18/03/2014 – 16:10:16 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 18/03/2014 – 16:38:38 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 14/10/2014 – 03:41:05 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsASUS
    O43 – CFD: 14/10/2014 – 03:44:02 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsCyberLink MediaStory
    O43 – CFD: 26/12/2014 – 03:07:43 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsElectronic Arts
    O43 – CFD: 15/05/2014 – 17:02:01 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsGames
    O43 – CFD: 26/12/2014 – 02:09:23 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
    O43 – CFD: 22/08/2013 – 16:36:33 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 27/12/2014 – 19:12:10 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware
    O43 – CFD: 30/12/2014 – 20:19:50 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMcAfee
    O43 – CFD: 14/10/2014 – 03:25:56 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation
    O43 – CFD: 14/10/2014 – 03:28:31 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsRealtek
    O43 – CFD: 22/08/2013 – 16:36:33 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsStartUp
    O43 – CFD: 18/03/2014 – 16:38:38 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsSystem Tools
    O43 – CFD: 18/03/2014 – 16:10:16 – [0] R-H-D C:ProgramDataMicrosoftWindowsStart MenuProgramsTablet PC
    O43 – CFD: 30/12/2014 – 20:32:32 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP =>.Nicolas Coolman
    O43 – CFD: 26/12/2014 – 03:07:37 – [] —-D C:UsersArnaudmickaëlAppDataRoamingAdobe
    O43 – CFD: 25/12/2014 – 15:32:28 – [] —-D C:UsersArnaudmickaëlAppDataRoamingAtheros
    O43 – CFD: 25/12/2014 – 15:33:34 – [] —-D C:UsersArnaudmickaëlAppDataRoamingMacromedia
    O43 – CFD: 26/12/2014 – 02:10:53 – [] -S–D C:UsersArnaudmickaëlAppDataRoamingMicrosoft
    O43 – CFD: 26/12/2014 – 12:53:41 – [] —-D C:UsersArnaudmickaëlAppDataRoamingWarner Bros. Interactive Entertainment
    O43 – CFD: 25/12/2014 – 15:37:41 – [] —-D C:UsersArnaudmickaëlAppDataRoamingWebStorage
    O43 – CFD: 30/12/2014 – 20:33:03 – [] —-D C:UsersArnaudmickaëlAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 26/12/2014 – 03:06:39 – [] —-D C:UsersArnaudmickaëlAppDataLocalAdobe
    O43 – CFD: 25/12/2014 – 15:31:24 – [] -SH-D C:UsersArnaudmickaëlAppDataLocalApplication Data
    O43 – CFD: 26/12/2014 – 02:19:41 – [] —-D C:UsersArnaudmickaëlAppDataLocalApps
    O43 – CFD: 25/12/2014 – 15:32:34 – [] —-D C:UsersArnaudmickaëlAppDataLocalBMExplorer
    O43 – CFD: 27/12/2014 – 08:54:05 – [] —-D C:UsersArnaudmickaëlAppDataLocalCrashDumps
    O43 – CFD: 26/12/2014 – 02:19:57 – [0] —-D C:UsersArnaudmickaëlAppDataLocalDeployment
    O43 – CFD: 30/12/2014 – 20:13:15 – [] -SH-D C:UsersArnaudmickaëlAppDataLocalEmieBrowserModeList
    O43 – CFD: 25/12/2014 – 16:04:50 – [] -SH-D C:UsersArnaudmickaëlAppDataLocalEmieSiteList
    O43 – CFD: 25/12/2014 – 16:04:50 – [] -SH-D C:UsersArnaudmickaëlAppDataLocalEmieUserList
    O43 – CFD: 27/12/2014 – 13:57:32 – [] —-D C:UsersArnaudmickaëlAppDataLocalGoogle
    O43 – CFD: 25/12/2014 – 15:31:24 – [] -SH-D C:UsersArnaudmickaëlAppDataLocalHistorique
    O43 – CFD: 30/12/2014 – 20:15:54 – [] —-D C:UsersArnaudmickaëlAppDataLocalMicrosoft
    O43 – CFD: 25/12/2014 – 15:31:40 – [] —-D C:UsersArnaudmickaëlAppDataLocalNVIDIA
    O43 – CFD: 25/12/2014 – 15:32:48 – [] —-D C:UsersArnaudmickaëlAppDataLocalNVIDIA Corporation
    O43 – CFD: 26/12/2014 – 01:29:14 – [] —-D C:UsersArnaudmickaëlAppDataLocalPackages
    O43 – CFD: 25/12/2014 – 15:32:52 – [0] —-D C:UsersArnaudmickaëlAppDataLocalPackageStaging
    O43 – CFD: 25/12/2014 – 16:05:05 – [] —-D C:UsersArnaudmickaëlAppDataLocalPrograms
    O43 – CFD: 30/12/2014 – 20:32:36 – [] —-D C:UsersArnaudmickaëlAppDataLocalTemp
    O43 – CFD: 25/12/2014 – 15:31:24 – [] -SH-D C:UsersArnaudmickaëlAppDataLocalTemporary Internet Files
    O43 – CFD: 25/12/2014 – 15:31:48 – [0] —-D C:UsersArnaudmickaëlAppDataLocalVirtualStore
    O43 – CFD: 18/03/2014 – 16:38:38 – [] R—D C:UsersArnaudmickaëlAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessibility
    O43 – CFD: 22/08/2013 – 16:36:32 – [] R—D C:UsersArnaudmickaëlAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 29/12/2014 – 09:47:07 – [] R—D C:UsersArnaudmickaëlAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 22/08/2013 – 16:36:32 – [] —-D C:UsersArnaudmickaëlAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 29/12/2014 – 09:47:07 – [] R—D C:UsersArnaudmickaëlAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 16/05/2014 – 01:42:46 – [] R—D C:UsersArnaudmickaëlAppDataRoamingMicrosoftWindowsStart MenuProgramsSystem Tools
    ~ Program Folder: 131 Scanned in 00mn 00s[/spoiler:3dfhrmzu]

    Padey
    Participant
    Nombre d'articles : 6

    La suite du rapport ZHP diag car le forum m’a dit que j’avais depassé la taille max

    Spoiler for 3mene4ft

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.CB136B267569A62EF63D798BC90ABD5A] – 25/12/2014 – 15:31:43 —A- . (…) — C:WindowsSystem32{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [144]
    O44 – LFC:[MD5.ECA1AB33E1E2644E880F17BE7075F5BE] – 25/12/2014 – 15:31:46 —A- . (…) — C:WindowsFixPatch.log [200]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 25/12/2014 – 15:58:53 –HA- . (…) — C:WindowsSystem32DriversMsft_User_LocationProvider_01_11_00.Wdf [0]
    O44 – LFC:[MD5.B84FAC321089A773F7A2D9C0770A7AD5] – 25/12/2014 – 16:18:07 —A- . (…) — C:Windowspatsearch.bin [1824]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 26/12/2014 – 01:41:53 –HA- . (…) — C:WindowsSystem32DriversMsft_User_WpdFs_01_11_00.Wdf [0]
    O44 – LFC:[MD5.29F981739E50305128022CBE10B3659C] – 26/12/2014 – 02:37:21 —A- . (.McAfee, Inc. – McAfee HIP IPS Driver.) — C:WindowsSystem32DriversHipShieldK.sys [197704]
    O44 – LFC:[MD5.B165DF72E13E6AF74D47013504319921] – 26/12/2014 – 02:42:50 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_24.dll [3544272]
    O44 – LFC:[MD5.4C56E7C5B2A61353E534C7D15D05856D] – 26/12/2014 – 02:42:51 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_25.dll [3823312]
    O44 – LFC:[MD5.44F5C5E27D6825E4E62420BC29B8B533] – 26/12/2014 – 02:42:51 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_26.dll [3767504]
    O44 – LFC:[MD5.914C3237E4D145A18DCD1D0D4C8659E1] – 26/12/2014 – 02:42:52 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_27.dll [3807440]
    O44 – LFC:[MD5.88BAC8306D4EC79A82B1FFA17DC8CF4A] – 26/12/2014 – 02:42:52 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_28.dll [3815120]
    O44 – LFC:[MD5.68B35CBDB4A8CC424718BBCC894FEEEA] – 26/12/2014 – 02:42:52 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_29.dll [3830992]
    O44 – LFC:[MD5.E09A9CF383ACF4A28038561E62277377] – 26/12/2014 – 02:42:53 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_30.dll [3927248]
    O44 – LFC:[MD5.F77D5AB654881E683CFF6650916C424E] – 26/12/2014 – 02:42:53 —A- . (.Microsoft Corporation – X3DAudio.) — C:WindowsSystem32x3daudio1_0.dll [16592]
    O44 – LFC:[MD5.CE5753F9A27837259EB52F3F47F39593] – 26/12/2014 – 02:42:53 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_0.dll [355536]
    O44 – LFC:[MD5.0CC809422AB40974DFF8078392E4D507] – 26/12/2014 – 02:42:55 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_1.dll [352464]
    O44 – LFC:[MD5.6F9D3289D8B166E478AFFF9EFA92C42C] – 26/12/2014 – 02:42:56 —A- . (.Microsoft Corporation – Microsoft Common Controller API.) — C:WindowsSystem32xinput1_1.dll [83664]
    O44 – LFC:[MD5.06F15D3CB1AE0EAFA50F595B3FF8D9F5] – 26/12/2014 – 02:42:56 —A- . (.Microsoft Corporation – Microsoft Common Controller API.) — C:WindowsSystem32xinput1_2.dll [83736]
    O44 – LFC:[MD5.DC5A914C34EB12056531777D4DD0F44E] – 26/12/2014 – 02:42:56 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_2.dll [354072]
    O44 – LFC:[MD5.0396D2A98B0CCD4419B572EBF618E81E] – 26/12/2014 – 02:42:56 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_3.dll [363288]
    O44 – LFC:[MD5.FAAA0BB9CD2905B25334132E5BA093EB] – 26/12/2014 – 02:42:57 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_31.dll [3977496]
    O44 – LFC:[MD5.A4DDFE5DC4E73D1FED9B1B3A3D885612] – 26/12/2014 – 02:42:57 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_32.dll [4398360]
    O44 – LFC:[MD5.489E5B8BB1BD1028FF1C798EAAEC65E4] – 26/12/2014 – 02:42:57 —A- . (.Microsoft Corporation – X3DAudio.) — C:WindowsSystem32x3daudio1_1.dll [17688]
    O44 – LFC:[MD5.58BB51253427A834A8807B9245CC5965] – 26/12/2014 – 02:42:57 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_4.dll [364824]
    O44 – LFC:[MD5.8251826F04BA0822D08AD9B92C65A3D5] – 26/12/2014 – 02:42:58 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10.dll [469264]
    O44 – LFC:[MD5.398FF46FF7354FED2F0F1AECDB546866] – 26/12/2014 – 02:42:58 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_5.dll [390424]
    O44 – LFC:[MD5.4837A54574A6105D404A8560984B93DD] – 26/12/2014 – 02:42:58 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_6.dll [393576]
    O44 – LFC:[MD5.3EBF620536A13CA343E52ECA4F0DE7F8] – 26/12/2014 – 02:42:59 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32D3DCompiler_33.dll [1400176]
    O44 – LFC:[MD5.839C3921005BB41D441E3752C74F2292] – 26/12/2014 – 02:42:59 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10_33.dll [506728]
    O44 – LFC:[MD5.3172C3CAC8EA7CA1B5D5AF6699C037D6] – 26/12/2014 – 02:42:59 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_33.dll [4494184]
    O44 – LFC:[MD5.8C970509E0AE10061E3ED6D51E34FEB9] – 26/12/2014 – 02:42:59 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_7.dll [403304]
    O44 – LFC:[MD5.BFB3091B167550EC6E6454813D3DB244] – 26/12/2014 – 02:43:00 —A- . (.Microsoft Corporation – Microsoft Common Controller API.) — C:WindowsSystem32xinput1_3.dll [107368]
    O44 – LFC:[MD5.9D9407F52B8E24E99358D9944B0D5FA3] – 26/12/2014 – 02:43:00 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32D3DCompiler_34.dll [1401200]
    O44 – LFC:[MD5.1ED4E7A82BD5C7DEED082F00E63BB7A0] – 26/12/2014 – 02:43:00 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10_34.dll [506728]
    O44 – LFC:[MD5.AE5D5439525B4A4CBF206058D493685D] – 26/12/2014 – 02:43:00 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_34.dll [4496232]
    O44 – LFC:[MD5.B21427EDF0449E92000FF497DAAF89C9] – 26/12/2014 – 02:43:01 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32D3DCompiler_35.dll [1985904]
    O44 – LFC:[MD5.84116AA94672D623B95217648AE5B5B9] – 26/12/2014 – 02:43:01 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10_35.dll [508264]
    O44 – LFC:[MD5.1B3AF16A27D390096925576202A64037] – 26/12/2014 – 02:43:01 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_35.dll [5073256]
    O44 – LFC:[MD5.BBB6C6833C30E323B41860D6DF61972D] – 26/12/2014 – 02:43:01 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32d3dx9_36.dll [5081608]
    O44 – LFC:[MD5.BC78D5328541410510DDE06B9FA92024] – 26/12/2014 – 02:43:01 —A- . (.Microsoft Corporation – X3DAudio.) — C:WindowsSystem32X3DAudio1_2.dll [21000]
    O44 – LFC:[MD5.FA485E76F94B7457767E372F47757733] – 26/12/2014 – 02:43:01 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_8.dll [409960]
    O44 – LFC:[MD5.A69C32C2BD01522A088D254342826866] – 26/12/2014 – 02:43:01 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_9.dll [411496]
    O44 – LFC:[MD5.7299DF5CF81135934740211D9A946737] – 26/12/2014 – 02:43:02 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32D3DCompiler_36.dll [2006552]
    O44 – LFC:[MD5.570FDAE7041775DE0C67747BB7081939] – 26/12/2014 – 02:43:02 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10_36.dll [508264]
    O44 – LFC:[MD5.8A10974DC6E1E42BDC635C2C2AFBD2CC] – 26/12/2014 – 02:43:02 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32D3DX9_37.dll [4910088]
    O44 – LFC:[MD5.E8932AF24786765859558CB79E385AC2] – 26/12/2014 – 02:43:02 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine2_10.dll [411656]
    O44 – LFC:[MD5.F80D098D6F26ADE105AEF0ED563CA283] – 26/12/2014 – 02:43:03 —A- . (…) — C:WindowsDirectX.log [10123]
    O44 – LFC:[MD5.31026CEA5AFA2798292179102C06FE40] – 26/12/2014 – 02:43:03 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32D3DCompiler_37.dll [1860120]
    O44 – LFC:[MD5.A8C5688BBA00C1630550F26260AB5CAE] – 26/12/2014 – 02:43:03 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10_37.dll [529424]
    O44 – LFC:[MD5.C4C2ED69B18EE1C60026877FCC470FA7] – 26/12/2014 – 02:43:03 —A- . (.Microsoft Corporation – X3DAudio.) — C:WindowsSystem32X3DAudio1_3.dll [28168]
    O44 – LFC:[MD5.A8B5370B7B61D3777D840DA1C64A1C2D] – 26/12/2014 – 02:43:03 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine3_0.dll [177672]
    O44 – LFC:[MD5.29AF48F6C894328A58DEFDC560A70CF3] – 26/12/2014 – 02:43:03 —A- . (.Microsoft Corporation – XAudio2 Game Audio API.) — C:WindowsSystem32XAudio2_0.dll [489480]
    O44 – LFC:[MD5.A7E59BB6FAC119FABB83F18BD72AA1D7] – 26/12/2014 – 02:43:04 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32D3DCompiler_38.dll [1941528]
    O44 – LFC:[MD5.72CB653CECF4EA670E7F5A8D74358423] – 26/12/2014 – 02:43:04 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10_38.dll [540688]
    O44 – LFC:[MD5.E5EC2AB7156A752F9614CDA4BE66EFE8] – 26/12/2014 – 02:43:04 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32D3DX9_38.dll [4991496]
    O44 – LFC:[MD5.DE6004D16DBACD781ED4596C4FEA7D14] – 26/12/2014 – 02:43:04 —A- . (.Microsoft Corporation – X3DAudio.) — C:WindowsSystem32X3DAudio1_4.dll [28168]
    O44 – LFC:[MD5.A2A098BF5A8C255A0090818AD8E87B0F] – 26/12/2014 – 02:43:04 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine3_1.dll [177672]
    O44 – LFC:[MD5.7741A0A6CED6C441B97D625B730D6075] – 26/12/2014 – 02:43:05 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32D3DCompiler_39.dll [1942552]
    O44 – LFC:[MD5.EAA692FDC990ED0407DF957316DA33C2] – 26/12/2014 – 02:43:05 —A- . (.Microsoft Corporation – Microsoft Direct3D.) — C:WindowsSystem32d3dx10_39.dll [540688]
    O44 – LFC:[MD5.7505C133FC704B40CFDDFD38777BAAC3] – 26/12/2014 – 02:43:05 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32D3DX9_39.dll [4992520]
    O44 – LFC:[MD5.CC8399A9E51B2AF1C2C20A26D85EB60E] – 26/12/2014 – 02:43:05 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine3_2.dll [177672]
    O44 – LFC:[MD5.0E92D8C0ECA74B6D0A55ABAD53226113] – 26/12/2014 – 02:43:05 —A- . (.Microsoft Corporation – XAPOFX.) — C:WindowsSystem32XAPOFX1_0.dll [68104]
    O44 – LFC:[MD5.E9C0F926D7C9082A805F4FEF81DEEB30] – 26/12/2014 – 02:43:05 —A- . (.Microsoft Corporation – XAudio2 Game Audio API.) — C:WindowsSystem32XAudio2_1.dll [511496]
    O44 – LFC:[MD5.CFF1C1F7B9F855DDEE431D7B5DCACDF8] – 26/12/2014 – 02:43:06 —A- . (.Microsoft Corporation – X3DAudio.) — C:WindowsSystem32X3DAudio1_5.dll [25936]
    O44 – LFC:[MD5.0F2DB378FBE2D124E4D3631B329688AE] – 26/12/2014 – 02:43:06 —A- . (.Microsoft Corporation – XAPOFX.) — C:WindowsSystem32XAPOFX1_1.dll [72200]
    O44 – LFC:[MD5.E335DF094836EE7030F1B9CE7429E884] – 26/12/2014 – 02:43:06 —A- . (.Microsoft Corporation – XAudio2 Game Audio API.) — C:WindowsSystem32XAudio2_2.dll [513544]
    O44 – LFC:[MD5.84B41FD03CAFC5048346B3B2AB92D199] – 26/12/2014 – 02:43:07 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine3_3.dll [175440]
    O44 – LFC:[MD5.2F8F9B707FED2405A787380230CC6FA9] – 26/12/2014 – 02:43:07 —A- . (.Microsoft Corporation – XAPOFX.) — C:WindowsSystem32XAPOFX1_2.dll [74576]
    O44 – LFC:[MD5.758139A39AECC1B512576275A27C1177] – 26/12/2014 – 02:43:07 —A- . (.Microsoft Corporation – XAudio2 Game Audio API.) — C:WindowsSystem32XAudio2_3.dll [518480]
    O44 – LFC:[MD5.EEE871CC4F5563FF8B3C8385B32B0C5F] – 26/12/2014 – 02:43:08 —A- . (.Microsoft Corporation – 3D Audio Library.) — C:WindowsSystem32X3DAudio1_6.dll [24920]
    O44 – LFC:[MD5.862586AD4B1355F7DCDE111EE0AAF350] – 26/12/2014 – 02:43:08 —A- . (.Microsoft Corporation – Direct3D 10.1 Extensions.) — C:WindowsSystem32d3dx10_40.dll [519000]
    O44 – LFC:[MD5.29A79F0B607FAF5722D7BAF2485F632A] – 26/12/2014 – 02:43:08 —A- . (.Microsoft Corporation – Direct3D 9 Extensions.) — C:WindowsSystem32D3DX9_40.dll [5631312]
    O44 – LFC:[MD5.37309B833480DC69FDE7DB68F9B8BC20] – 26/12/2014 – 02:43:08 —A- . (.Microsoft Corporation – Direct3D HLSL Compiler.) — C:WindowsSystem32D3DCompiler_40.dll [2605920]
    O44 – LFC:[MD5.37B348A79C4C9B8AB925B18FFD241E96] – 26/12/2014 – 02:43:09 —A- . (.Microsoft Corporation – Audio Effect Library.) — C:WindowsSystem32XAPOFX1_3.dll [73544]
    O44 – LFC:[MD5.E730967811E3702499446FFC8A432607] – 26/12/2014 – 02:43:09 —A- . (.Microsoft Corporation – Direct3D 10.1 Extensions.) — C:WindowsSystem32d3dx10_41.dll [520544]
    O44 – LFC:[MD5.ECDDB13BC805B9F3EF3A855E6FD85C69] – 26/12/2014 – 02:43:09 —A- . (.Microsoft Corporation – Direct3D 9 Extensions.) — C:WindowsSystem32D3DX9_41.dll [5425496]
    O44 – LFC:[MD5.A59A5BADE4AF200C720D99EAE6E04E0E] – 26/12/2014 – 02:43:09 —A- . (.Microsoft Corporation – Direct3D HLSL Compiler.) — C:WindowsSystem32D3DCompiler_41.dll [2430312]
    O44 – LFC:[MD5.1BA01062450BD1F052C54C01C12248F6] – 26/12/2014 – 02:43:09 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine3_4.dll [174936]
    O44 – LFC:[MD5.B94F08069EFE2F8151DEF350E526E063] – 26/12/2014 – 02:43:09 —A- . (.Microsoft Corporation – XAudio2 Game Audio API.) — C:WindowsSystem32XAudio2_4.dll [521560]
    O44 – LFC:[MD5.F13B90F5090EBA9041558BC6AAED79B8] – 26/12/2014 – 02:43:10 —A- . (.Microsoft Corporation – Direct3D 10.1 Extensions.) — C:WindowsSystem32d3dcsx_42.dll [5554512]
    O44 – LFC:[MD5.B739C423276AE62D7AC91773226EC13B] – 26/12/2014 – 02:43:10 —A- . (.Microsoft Corporation – Direct3D 10.1 Extensions.) — C:WindowsSystem32d3dx10_42.dll [523088]
    O44 – LFC:[MD5.522749761B6CC69F8630F4B472DCA623] – 26/12/2014 – 02:43:10 —A- . (.Microsoft Corporation – Direct3D 10.1 Extensions.) — C:WindowsSystem32d3dx11_42.dll [285024]
    O44 – LFC:[MD5.1AF7AE1FDE027A30B9097280819A0A86] – 26/12/2014 – 02:43:10 —A- . (.Microsoft Corporation – Direct3D 9 Extensions.) — C:WindowsSystem32D3DX9_42.dll [2475352]
    O44 – LFC:[MD5.E92D2E4AFA43CD39A8C1C2C2DB59667E] – 26/12/2014 – 02:43:10 —A- . (.Microsoft Corporation – Direct3D HLSL Compiler.) — C:WindowsSystem32D3DCompiler_42.dll [2582888]
    O44 – LFC:[MD5.51D65BE2F794B944CADAF287B34EF603] – 26/12/2014 – 02:43:10 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine3_5.dll [176968]
    O44 – LFC:[MD5.B4FF2A39685C1A6D43F0E56EB350AF3A] – 26/12/2014 – 02:43:11 —A- . (.Microsoft Corporation – 3D Audio Library.) — C:WindowsSystem32X3DAudio1_7.dll [24920]
    O44 – LFC:[MD5.A9724EB3D6CC032D0C4ECAFF4AD8C17F] – 26/12/2014 – 02:43:11 —A- . (.Microsoft Corporation – Audio Effect Library.) — C:WindowsSystem32XAPOFX1_4.dll [78680]
    O44 – LFC:[MD5.936DCC640B2991905D909395E03B64F9] – 26/12/2014 – 02:43:11 —A- . (.Microsoft Corporation – XACT Engine API.) — C:WindowsSystem32xactengine3_6.dll [176984]
    O44 – LFC:[MD5.C291AEFD47A587FF5F509E2F96613F7D] – 26/12/2014 – 02:43:11 —A- . (.Microsoft Corporation – XAudio2 Game Audio API.) — C:WindowsSystem32XAudio2_5.dll [517960]
    O44 – LFC:[MD5.05E88C8D8E652DFF03B469331F474CCE] – 26/12/2014 – 02:43:11 —A- . (.Microsoft Corporation – XAudio2 Game Audio API.) — C:WindowsSystem32XAudio2_6.dll [530776]
    O44 – LFC:[MD5.142E2B95943C145ED6A446003C392AD1] – 26/12/2014 – 10:20:58 —A- . (…) — C:Windowssetupact.log [22589]
    O44 – LFC:[MD5.717E347A0FE4AA717CD83393A232198F] – 27/12/2014 – 14:05:11 —A- . (…) — C:Ad-Report-SCAN[1].txt [5804]
    O44 – LFC:[MD5.C433139C5D5FE20A54F7FD891768D842] – 27/12/2014 – 14:11:06 —A- . (…) — C:Ad-Report-CLEAN[1].txt [6346]
    O44 – LFC:[MD5.FD44FA80DA03EA144153A76DEBBB61B4] – 27/12/2014 – 15:04:30 —A- . (…) — C:WindowsSystem32DriversTrueSight.sys [35064]
    O44 – LFC:[MD5.CA43F8904E24BBE49982E4C0B29E6579] – 27/12/2014 – 19:12:04 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O44 – LFC:[MD5.9D7BFFDB5FA62B600DF1FCB4919D9D79] – 27/12/2014 – 19:12:04 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O44 – LFC:[MD5.478CC94C937D235CB0A96AB8F2359D81] – 27/12/2014 – 19:12:05 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O44 – LFC:[MD5.A276A2E10F207D27ACDA92DC6040B74D] – 27/12/2014 – 19:22:55 —A- . (.Microsoft Corporation – DLL d’exécution de l’infrastructure de test.) — C:WindowsSystem32Windows.ApplicationModel.Store.TestingFramework.dll [249344]
    O44 – LFC:[MD5.FD3638782572A8281BCF12520F6579F4] – 27/12/2014 – 19:22:55 —A- . (.Microsoft Corporation – This tool resets the Windows Store without.) — C:WindowsSystem32WSReset.exe [79872]
    O44 – LFC:[MD5.2C28079658CCA1E8C3810E185CCC2234] – 27/12/2014 – 19:22:55 —A- . (.Microsoft Corporation – Windows Update WUDriver Stub.) — C:WindowsSystem32wudriver.dll [93696]
    O44 – LFC:[MD5.1EC3AACDB335533A7470245C683ACF94] – 27/12/2014 – 19:22:55 —A- . (.Microsoft Corporation – Windows Update client proxy stub.) — C:WindowsSystem32wups.dll [56320]
    O44 – LFC:[MD5.4A12C727502A07C4B89B663B942DF289] – 27/12/2014 – 19:22:55 —A- . (.Microsoft Corporation – Windows Update.) — C:WindowsSystem32wuauclt.exe [54776]
    O44 – LFC:[MD5.9FA466A42109F408AC6C2848E851C38A] – 27/12/2014 – 19:22:55 —A- . (.Microsoft Corporation – twinapi.appcore.) — C:WindowsSystem32twinapi.appcore.dll [555736]
    O44 – LFC:[MD5.53BEF9A65EA686018B9EDF9665F5EBDE] – 27/12/2014 – 19:22:56 —A- . (.Microsoft Corporation – API du client Windows Update.) — C:WindowsSystem32wuapi.dll [827392]
    O44 – LFC:[MD5.E66AC3CA92FC471BFE69F61549193A64] – 27/12/2014 – 19:22:56 —A- . (.Microsoft Corporation – Agent de mise à jour automatique Windows Up.) — C:WindowsSystem32wuaueng.dll [3463680]
    O44 – LFC:[MD5.C2F515FC027867E5EAF12AC9815B3ABD] – 27/12/2014 – 19:22:56 —A- . (.Microsoft Corporation – DLL WSShared.) — C:WindowsSystem32WSShared.dll [923136]
    O44 – LFC:[MD5.CCC6D7250D01DA7E5499B0722CF6CAE3] – 27/12/2014 – 19:22:56 —A- . (.Microsoft Corporation – TWINUI.APPCORE.) — C:WindowsSystem32twinui.appcore.dll [1054208]
    O44 – LFC:[MD5.8BB7548307EE6147137993A410D64387] – 27/12/2014 – 19:24:01 —A- . (.Microsoft Corporation – Microsoft® C Runtime Library.) — C:WindowsSystem32msvcr120_clr0400.dll [869544]
    O44 – LFC:[MD5.78FC2B2BA0E5E1C9249E3157D4EE9BC7] – 27/12/2014 – 19:27:36 —A- . (.Microsoft Corporation – Édition DirectShow..) — C:WindowsSystem32qedit.dll [586240]
    O44 – LFC:[MD5.10D8859CF01C1284603582ABD9B0482C] – 27/12/2014 – 19:27:39 —A- . (.Microsoft Corporation – Interface utilisateur de consentement pour.) — C:WindowsSystem32consent.exe [114520]
    O44 – LFC:[MD5.68F887EF33C09CDA957A51ECE871D642] – 27/12/2014 – 19:27:39 —A- . (.Microsoft Corporation – Interface utilisateur d’authentification Wi.) — C:WindowsSystem32authui.dll [2642944]
    O44 – LFC:[MD5.28E0C3AAA68579ABD9A27B92DFD5F119] – 27/12/2014 – 19:27:39 —A- . (.Microsoft Corporation – Windows Installer.) — C:WindowsSystem32msi.dll [2790912]
    O44 – LFC:[MD5.08914C8989AB93F5EC3A452D014E2C8D] – 27/12/2014 – 19:27:39 —A- . (.Microsoft Corporation – Windows® installer.) — C:WindowsSystem32msihnd.dll [356352]
    O44 – LFC:[MD5.418B5117F187DFFD96C52325CA0DF153] – 27/12/2014 – 19:28:25 —A- . (.Microsoft Corporation – Microsoft Windows Codecs Library.) — C:WindowsSystem32WindowsCodecs.dll [1762840]
    O44 – LFC:[MD5.A3871DED5ED88F59C0D1396761708F81] – 27/12/2014 – 19:28:29 —A- . (.Microsoft Corporation – Hôte des applications HTML de Microsoft(R).) — C:WindowsSystem32mshta.exe [13824]
    O44 – LFC:[MD5.66585D645C4E23A0FD5124BD714AE020] – 27/12/2014 – 19:28:29 —A- . (.Microsoft Corporation – Microsoft Feeds Synchronization.) — C:WindowsSystem32msfeedssync.exe [12800]
    O44 – LFC:[MD5.CDC8A85EB301A8CBE55A81A1D55AF5E5] – 27/12/2014 – 19:28:30 —A- . (.Microsoft Corporation – ADVPACK.) — C:WindowsSystem32IEAdvpack.dll [132096]
    O44 – LFC:[MD5.4B9C652BD0FD95A9E6123913C35519D6] – 27/12/2014 – 19:28:30 —A- . (.Microsoft Corporation – Auto-extracteur de fichier CAB Win32.) — C:WindowsSystem32wextract.exe [143872]
    O44 – LFC:[MD5.A7F53772ECAE2F44B455D14F71179940] – 27/12/2014 – 19:28:30 —A- . (.Microsoft Corporation – IE ETW Collector Proxy Stub Resources.) — C:WindowsSystem32ieetwproxystub.dll [48640]
    O44 – LFC:[MD5.E99E2E88BFE584184AE92B1F8995CE93] – 27/12/2014 – 19:28:30 —A- . (.Microsoft Corporation – IOD Version Map.) — C:WindowsSystem32iesetup.dll [66560]
    O44 – LFC:[MD5.F54E1190251EB245183BF16D6C315613] – 27/12/2014 – 19:28:30 —A- . (.Microsoft Corporation – Internet Shortcut Shell Extension DLL.) — C:WindowsSystem32url.dll [237568]
    O44 – LFC:[MD5.6A7F8D139610E5F3F158182778EF9275] – 27/12/2014 – 19:28:30 —A- . (.Microsoft Corporation – Traitement de RunOnce complet avec interfac.) — C:WindowsSystem32iernonce.dll [34304]
    O44 – LFC:[MD5.CA2F3153EF3BCB0BD3A8984C933DF604] – 27/12/2014 – 19:28:30 —A- . (.Microsoft Corporation – Wizard.) — C:WindowsSystem32iexpress.exe [167424]
    O44 – LFC:[MD5.17A157A4225CF562202AC71DB8103177] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – DAC for Trident DOM.) — C:WindowsSystem32MshtmlDac.dll [88064]
    O44 – LFC:[MD5.3721721151DB49457B0FD35E0C04594C] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – DLL de gestion d'utilisateur local et de co.) — C:WindowsSystem32msrating.dll [199680]
    O44 – LFC:[MD5.D66D11191B48007179B0A77DC0717267] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – DLL du Gestionnaire de licences Microsoft®.) — C:WindowsSystem32licmgr10.dll [33280]
    O44 – LFC:[MD5.6096209CB47D61499C3608B9C25B073C] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – IE PNG plugin image decoder.) — C:WindowsSystem32pngfilt.dll [64512]
    O44 – LFC:[MD5.8AE1AC97407CD82D8389390C21430579] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – IE Sysprep Provider.) — C:WindowsSystem32iesysprep.dll [111616]
    O44 – LFC:[MD5.161BC2E883A8D8759A4DCF2A85AF9128] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – IE plugin image decoder support DLL.) — C:WindowsSystem32imgutil.dll [51200]
    O44 – LFC:[MD5.DD8FD33C108F14681A410067AB21DDF3] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – Object Control Viewer.) — C:WindowsSystem32occache.dll [152064]
    O44 – LFC:[MD5.1C3C54FA2D620DF3093F356A56EC5957] – 27/12/2014 – 19:28:31 —A- . (.Microsoft Corporation – Outil d’installation sans assistance d’IE 7.) — C:WindowsSystem32ieUnatt.exe [144384]
    O44 – LFC:[MD5.F0A53129AE95A895EC8C4DC36E1797A2] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – Composant Microsoft Office 2000.) — C:WindowsSystem32hlink.dll [108544]
    O44 – LFC:[MD5.D248949FCF2B72C1FD4EC15DA92065C0] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – Contrôleur de site Web.) — C:WindowsSystem32webcheck.dll [262144]
    O44 – LFC:[MD5.284070B045F8B11B4A1FB32F72023038] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – Convertisseur Microsoft HTML.) — C:WindowsSystem32html.iec [417280]
    O44 – LFC:[MD5.E40D3696BE4852956669C285038B37A6] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – IE ETW Collector Service.) — C:WindowsSystem32ieetwcollector.exe [114688]
    O44 – LFC:[MD5.A348DEFC16B6FBC88B7D61C3B861BCB1] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – Moteur d'installation.) — C:WindowsSystem32inseng.dll [107520]
    O44 – LFC:[MD5.62CFEE2A516C68540486EBF26F18ED4C] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – Objets homologues Internet Explorer.) — C:WindowsSystem32iepeers.dll [145408]
    O44 – LFC:[MD5.85E97591864F3125C5B08FB44E0E8078] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – Synchronisation en arrière-plan des flux Mi.) — C:WindowsSystem32msfeedsbs.dll [60416]
    O44 – LFC:[MD5.00FB2FB8C27C834CF575BC415B80F995] – 27/12/2014 – 19:28:32 —A- . (.Microsoft Corporation – TDC ActiveX Control.) — C:WindowsSystem32tdc.ocx [87552]
    O44 – LFC:[MD5.587DEBB59F5F14C9610966FB14A33607] – 27/12/2014 – 19:28:34 —A- . (.Microsoft Corporation – Moteur de l’interface utilisateur d’Interne.) — C:WindowsSystem32ieui.dll [633856]
    O44 – LFC:[MD5.A41AC7E8D142FD0ECF6EF7F1BB63D478] – 27/12/2014 – 19:28:35 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript.dll [812544]
    O44 – LFC:[MD5.507DC5EE1363EEB7D986B1026DF4E39D] – 27/12/2014 – 19:28:35 —A- . (.Microsoft Corporation – Microsoft Internet Messaging API Resources.) — C:WindowsSystem32inetcomm.dll [1032704]
    O44 – LFC:[MD5.1D294810D3A8A8F722E86AA001F54DCC] – 27/12/2014 – 19:28:35 —A- . (.Microsoft Corporation – Microsoft ® VBScript.) — C:WindowsSystem32vbscript.dll [580096]
    O44 – LFC:[MD5.D478A4CF07FB8ADF72FB16B88E8030B8] – 27/12/2014 – 19:28:36 —A- . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll [25059840]
    O44 – LFC:[MD5.4AF089160FE082E5EA5C4AA72782DCA2] – 27/12/2014 – 19:28:37 —A- . (.Microsoft Corporation – Extensions Internet pour Win32.) — C:WindowsSystem32wininet.dll [2358272]
    O44 – LFC:[MD5.8D64466AD12CA5677CD0099C43C58569] – 27/12/2014 – 19:28:37 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript9.dll [6039552]
    O44 – LFC:[MD5.EFBA893429814EA3244C87C2D1256618] – 27/12/2014 – 19:28:37 —A- . (.Microsoft Corporation – Microsoft SmartScreen Filter.) — C:WindowsSystem32ieapfltr.dll [800768]
    O44 – LFC:[MD5.DE58DE2C6C8439B7174D6D3568AA4A80] – 27/12/2014 – 19:28:37 —A- . (.Microsoft Corporation – Microsoft ® JScript Diagnostics.) — C:WindowsSystem32jscript9diag.dll [814080]
    O44 – LFC:[MD5.DB10D681314714E0D4623E4C0CF6654A] – 27/12/2014 – 19:28:37 —A- . (.Microsoft Corporation – Microsoft® HTML Editing Component.) — C:WindowsSystem32mshtmled.dll [92160]
    O44 – LFC:[MD5.F79E5258AF040A8AD83C7C1273A071C3] – 27/12/2014 – 19:28:38 —A- . (.Microsoft Corporation – JScript Proxy Auto-Configuration.) — C:WindowsSystem32jsproxy.dll [54784]
    O44 – LFC:[MD5.556D271F4243B273EDA353512BF3608A] – 27/12/2014 – 19:28:38 —A- . (.Microsoft Corporation – Navigateur Internet.) — C:WindowsSystem32ieframe.dll [14412800]
    O44 – LFC:[MD5.3FE71E2A5BD3EC652E64FC8BCEFEDD2C] – 27/12/2014 – 19:28:39 —A- . (.Microsoft Corporation – Panneau de configuration Internet.) — C:WindowsSystem32inetcpl.cpl [2125312]
    O44 – LFC:[MD5.982B871A25B5078093FAD82D0AB0E3FC] – 27/12/2014 – 19:28:39 —A- . (.Microsoft Corporation – Utilitaire à l’exécution pour Internet Expl.) — C:WindowsSystem32iertutil.dll [2885120]
    O44 – LFC:[MD5.E7A2061ADF0F4D430FECDA1E8D6B7BA6] – 27/12/2014 – 19:28:40 —A- . (.Microsoft Corporation – Extensions OLE32 pour Win32.) — C:WindowsSystem32urlmon.dll [1548288]
    O44 – LFC:[MD5.14BA910E7731FC84EB85328BD0F1EE81] – 27/12/2014 – 19:28:40 —A- . (.Microsoft Corporation – Microsoft Feeds Manager.) — C:WindowsSystem32msfeeds.dll [800768]
    O44 – LFC:[MD5.DDE455CF1B9F43775A53A4E577DFDC54] – 27/12/2014 – 19:28:41 —A- . (.Microsoft Corporation – Personnalisation d’IEAK.) — C:WindowsSystem32iedkcs32.dll [373760]
    O44 – LFC:[MD5.62D54F4673A6208C8CC147758122B3C3] – 27/12/2014 – 19:28:42 —A- . (.Microsoft Corporation – ActiveX Interface Marshaling Library.) — C:WindowsSystem32actxprxy.dll [2865152]
    O44 – LFC:[MD5.C9AB2198141844D3DF96B4552CE9D5AB] – 27/12/2014 – 19:28:42 —A- . (.Microsoft Corporation – JavaScript Performance Collection Agent.) — C:WindowsSystem32JavaScriptCollectionAgent.dll [77824]
    O44 – LFC:[MD5.39B512C643812FC2D4843C0D4206C759] – 27/12/2014 – 19:28:42 —A- . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Expl.) — C:WindowsSystem32ie4uinit.exe [718848]
    O44 – LFC:[MD5.3FA6DC6B29717E32E211C1FD821F2C75] – 27/12/2014 – 19:28:49 —A- . (.Microsoft Corporation – Service de cache de police Windows.) — C:WindowsSystem32FntCache.dll [1345536]
    O44 – LFC:[MD5.CC8E86B9C18BCA38D3C467CFD661A466] – 27/12/2014 – 19:28:49 —A- . (.Microsoft Corporation – Services de typographie Microsoft DirectX.) — C:WindowsSystem32DWrite.dll [1975296]
    O44 – LFC:[MD5.6317C9DB4282CEAA3BAB131BC3839B2A] – 27/12/2014 – 19:28:55 —A- . (.Microsoft Corporation – DLL d’interface utilisateur de feuille des.) — C:WindowsSystem32compstui.dll [308736]
    O44 – LFC:[MD5.9C55CE9707B3CA29A6505BCDCC546390] – 27/12/2014 – 19:28:55 —A- . (.Microsoft Corporation – Microsoft Fax API Support DLL.) — C:WindowsSystem32FXSAPI.dll [275968]
    O44 – LFC:[MD5.04D6FAB6BE09C83DF591D58E1FBADA59] – 27/12/2014 – 19:28:55 —A- . (.Microsoft Corporation – WSMAN WMI Provider.) — C:WindowsSystem32WsmWmiPl.dll [274944]
    O44 – LFC:[MD5.6C118AEDD15FDBEAECC0E85C64B5B86B] – 27/12/2014 – 19:28:56 —A- . (.Microsoft Corporation – Microsoft Fax Server Extended COM Client In.) — C:WindowsSystem32FXSCOMEX.dll [615424]
    O44 – LFC:[MD5.8758F5DEBD2B950B2D56ED11F9E0B38F] – 27/12/2014 – 19:28:57 —A- . (.Microsoft Corporation – NTFS Utility DLL.) — C:WindowsSystem32untfs.dll [545792]
    O44 – LFC:[MD5.CFD6DBED27511D7A5FBE33AFA7E6B669] – 27/12/2014 – 19:28:58 —A- . (.Microsoft Corporation – Bulk File Operations Host Process.) — C:WindowsSystem32BulkOperationHost.exe [76800]
    O44 – LFC:[MD5.A8732AFE4DB47114355ABB285ED776D2] – 27/12/2014 – 19:28:58 —A- . (.Microsoft Corporation – DLL puiapi.) — C:WindowsSystem32puiapi.dll [187392]
    O44 – LFC:[MD5.66732C13628BDB1AB0D6FD46027327C2] – 27/12/2014 – 19:28:58 —A- . (.Microsoft Corporation – Pilote de classe de stockage de masse USB.) — C:WindowsSystem32DriversUSBSTOR.SYS [148800]
    O44 – LFC:[MD5.8CBF1E2761816CFD9D32F8B32531D0FB] – 27/12/2014 – 19:28:58 —A- . (.Microsoft Corporation – Windows Services Instrumentation Module.) — C:WindowsSystem32winbici.dll [118272]
    O44 – LFC:[MD5.118A11C89FAD244A2B85DA7EDC3E9683] – 27/12/2014 – 19:28:58 —A- . (.Microsoft Corporation – prnntfy DLL.) — C:WindowsSystem32prnntfy.dll [215552]
    O44 – LFC:[MD5.12C0733F955E15C3C37DD24C9C7D796A] – 27/12/2014 – 19:28:59 —A- . (.Microsoft Corporation – DLL de fournisseur d’impression DAF.) — C:WindowsSystem32DafPrintProvider.dll [263680]
    O44 – LFC:[MD5.5416C603B6C85CF0698E8A2A1D28BAA2] – 27/12/2014 – 19:28:59 —A- . (.Microsoft Corporation – DLL d’objets PrintUI.) — C:WindowsSystem32puiobj.dll [448512]
    O44 – LFC:[MD5.7F23E38C5B6448F91439E4066645191E] – 27/12/2014 – 19:28:59 —A- . (.Microsoft Corporation – FWP/IPsec Kernel-Mode API.) — C:WindowsSystem32DriversFWPKCLNT.SYS [428864]
    O44 – LFC:[MD5.50E96089F9BE352621997143A56C8E76] – 27/12/2014 – 19:28:59 —A- . (.Microsoft Corporation – Fournisseur d’impression de rendu côté clie.) — C:WindowsSystem32win32spl.dll [822272]
    O44 – LFC:[MD5.9CE162EB9057CF079736F4DD00FC0D6C] – 27/12/2014 – 19:28:59 —A- . (.Microsoft Corporation – Service WSMan.) — C:WindowsSystem32WsmSvc.dll [2480128]
    O44 – LFC:[MD5.E3FCE2A6B3533D99A3B498504DF9CC47] – 27/12/2014 – 19:29:00 —A- . (.Microsoft Corporation – Network I/O Subsystem.) — C:WindowsSystem32Driversnetio.sys [474432]
    O44 – LFC:[MD5.CA729FCE295895515A09BD6FF7903DC8] – 27/12/2014 – 19:29:01 —A- . (.Microsoft Corporation – DLL source et récepteur MPEG4 Media Foundat.) — C:WindowsSystem32mfmp4srcsnk.dll [836176]
    O44 – LFC:[MD5.1D303CE5BCBD5B80BBA08321F28A3F86] – 27/12/2014 – 19:29:03 —A- . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll [21197152]
    O44 – LFC:[MD5.A92EF73B02686B7E6F070B486512DB88] – 27/12/2014 – 19:29:04 —A- . (…) — C:WindowsSystem32ApnDatabase.xml [389176]
    O44 – LFC:[MD5.34B5290B8770A2FC578E3FEAD3FD7462] – 27/12/2014 – 19:29:04 —A- . (.Microsoft Corporation – Microsoft Windows MRM.) — C:WindowsSystem32MrmCoreR.dll [921600]
    O44 – LFC:[MD5.BCE66E78D388875B87286CA091E7075F] – 27/12/2014 – 19:29:04 —A- . (.Microsoft Corporation – NT Kernel & System.) — C:WindowsSystem32ntoskrnl.exe [7484224]
    O44 – LFC:[MD5.CCB3A2BB60FE5073F2DEA63FE83CF8FE] – 27/12/2014 – 19:29:04 —A- . (.Microsoft Corporation – Pilote TCP/IP.) — C:WindowsSystem32Driverstcpip.sys [2497344]
    O44 – LFC:[MD5.C88B63FE96DB4BCED65DD442BC8E77F5] – 27/12/2014 – 19:29:05 —A- . (.Microsoft Corporation – DLL de spouleur local.) — C:WindowsSystem32localspl.dll [1053184]
    O44 – LFC:[MD5.1907823D5ACFD75D1D8C0D4318299726] – 27/12/2014 – 19:29:05 —A- . (.Microsoft Corporation – System Settings Handlers Implementation.) — C:WindowsSystem32SettingsHandlers.dll [2714112]
    O44 – LFC:[MD5.C4306ADC38939CAC60EA38AAD9F170C0] – 27/12/2014 – 19:29:05 —A- . (.Microsoft Corporation – TWINUI.) — C:WindowsSystem32twinui.dll [13424128]
    O44 – LFC:[MD5.A208498C5CD750A1743C1AC8162A810F] – 27/12/2014 – 19:29:06 —A- . (.Microsoft Corporation – Media Foundation Media Engine DLL.) — C:WindowsSystem32MFMediaEngine.dll [941568]
    O44 – LFC:[MD5.84549E8C8BF76B293A7E625A98D4BCF9] – 27/12/2014 – 19:29:11 —A- . (.Microsoft Corporation – Gestionnaire de liaisons d’objets2.) — C:WindowsSystem32packager.dll [81408]
    O44 – LFC:[MD5.B31C4917EC5EADE24A90DDAF37EA00E0] – 27/12/2014 – 19:29:11 —A- . (.Microsoft Corporation – Pilote Win32 multi-utilisateurs.) — C:WindowsSystem32win32k.sys [4182016]
    O44 – LFC:[MD5.9F87516BF76C40B41D831F7D729A6044] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Audio Engine.) — C:WindowsSystem32AudioEng.dll [482872]
    O44 – LFC:[MD5.8085F95BB18A171E7221D2831BC08BC2] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Audio Ks Endpoint.) — C:WindowsSystem32AUDIOKSE.dll [394120]
    O44 – LFC:[MD5.DFDFDE2EA4B5CD0606BA6E56ECEE502D] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Isolation graphique de périphérique audio W.) — C:WindowsSystem32audiodg.exe [272248]
    O44 – LFC:[MD5.BB93DAAAE9006598935192B9CB65E475] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Media Foundation Crash Dump Encryption DLL.) — C:WindowsSystem32EncDump.dll [108432]
    O44 – LFC:[MD5.E87F8EC00FEEF700E61F6989D88A8BC2] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll [991232]
    O44 – LFC:[MD5.788C7D910267DDCD675DF4AB01961265] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll [259584]
    O44 – LFC:[MD5.C0484CA5C7F87E38909746B63C7FC868] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32audiosrv.dll [911360]
    O44 – LFC:[MD5.9C88C9397B44B76E5C9A44B8E2CE53A1] – 27/12/2014 – 19:29:14 —A- . (.Microsoft Corporation – Session audio.) — C:WindowsSystem32AudioSes.dll [500016]
    O44 – LFC:[MD5.7F70B1044272982AAEA7C16E83424770] – 27/12/2014 – 19:29:15 —A- . (.Microsoft Corporation – Générateur de points de terminaison du serv.) — C:WindowsSystem32AudioEndpointBuilder.dll [226304]
    O44 – LFC:[MD5.6DBE73C09215E281F4283641144110A5] – 27/12/2014 – 19:29:57 —A- . (.Microsoft Corporation – Windows Presentation Foundation Terminal Se.) — C:WindowsSystem32TsWpfWrp.exe [35480]
    O44 – LFC:[MD5.93645AEBE163230A2ED5050C14AE6603] – 27/12/2014 – 19:30:03 —A- . (.Microsoft Corporation – MSXML 3.0.) — C:WindowsSystem32msxml3.dll [2149376]
    O44 – LFC:[MD5.25EE65F2FA154EDED0E87354311FB1E2] – 27/12/2014 – 19:30:20 —A- . (.Microsoft Corporation – Accès distant PPP EAP-TLS.) — C:WindowsSystem32rastls.dll [590336]
    O44 – LFC:[MD5.87CEF71F9D5951C9379D2F956C07C37D] – 27/12/2014 – 19:30:20 —A- . (.Microsoft Corporation – GDI Client DLL.) — C:WindowsSystem32gdi32.dll [1336624]
    O44 – LFC:[MD5.D3AE5DB16EAF913860EC28654CE00E6B] – 27/12/2014 – 19:30:24 —A- . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1212928]
    O44 – LFC:[MD5.454978FB3D24DE5C4199162D5F81FBEE] – 27/12/2014 – 19:30:38 —A- . (.Microsoft Corporation – Bibliothèque principale du Gestionnaire de.) — C:WindowsSystem32dwmcore.dll [2133504]
    O44 – LFC:[MD5.14BEA911F78B44E47CBD18210E541A43] – 27/12/2014 – 19:30:38 —A- . (.Microsoft Corporation – Canonical Display Driver.) — C:WindowsSystem32cdd.dll [212992]
    O44 – LFC:[MD5.8E5C2B32EE4166A3084B133183A00F2A] – 27/12/2014 – 19:30:38 —A- . (.Microsoft Corporation – Direct3D 11 Runtime.) — C:WindowsSystem32d3d11.dll [2141912]
    O44 – LFC:[MD5.59EAFAE3A34B4925990A2E679CA91C5B] – 27/12/2014 – 19:30:38 —A- . (.Microsoft Corporation – DirectX Graphics Infrastructure.) — C:WindowsSystem32dxgi.dll [517528]
    O44 – LFC:[MD5.313DCE665B57000B18CB26C6B6A10DFE] – 27/12/2014 – 19:30:38 —A- . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys [1557848]
    O44 – LFC:[MD5.4030CB06B8D963A45CED9E60C9F2A11E] – 27/12/2014 – 19:30:38 —A- . (.Microsoft Corporation – DirectX Graphics MMS.) — C:WindowsSystem32Driversdxgmms1.sys [379224]
    O44 – LFC:[MD5.9A108C0A3092110F4651B3AFB9CC7B3D] – 27/12/2014 – 19:30:39 —A- . (.Microsoft Corporation – Pas de description.) — C:WindowsSystem32oleaut32.dll [789184]
    O44 – LFC:[MD5.A8484FB640E044858BA19FB4F13DD4CE] – 27/12/2014 – 19:30:40 —A- . (.Microsoft Corporation – DLL des événements d’audit de la sécurité.) — C:WindowsSystem32msaudite.dll [154112]
    O44 – LFC:[MD5.D7B23B3154508256C9F434EF9B65B91D] – 27/12/2014 – 19:30:40 —A- . (.Microsoft Corporation – UMRDP Display Driver.) — C:WindowsSystem32rdpudd.dll [131584]
    O44 – LFC:[MD5.488CEA4F1B4D2446FFB7A94E3CB385FE] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – Client Microsoft® Active Directory Certific.) — C:WindowsSystem32certcli.dll [445440]
    O44 – LFC:[MD5.1D25CC0A9C480C5D56A5A6CF2B5DEB99] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – DLL RDPCore TS.) — C:WindowsSystem32rdpcorets.dll [3547648]
    O44 – LFC:[MD5.91E59FCB3B32DD84E5DCDA2EA1583807] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – DLL du schéma d’audit de sécurité.) — C:WindowsSystem32adtschema.dll [736768]
    O44 – LFC:[MD5.949E590B76018E4523FC71CE510ED9ED] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – DLL serveur LSA.) — C:WindowsSystem32lsasrv.dll [1441792]
    O44 – LFC:[MD5.4E1207CE16E615B0B7A70DC889F4500E] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – Kernel Cryptography, Next Generation.) — C:WindowsSystem32Driverscng.sys [563976]
    O44 – LFC:[MD5.6D2EE96150E35B9EA49F2B481DE0369A] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – Kernel Security Support Provider Interface.) — C:WindowsSystem32Driversksecpkg.sys [177472]
    O44 – LFC:[MD5.9F08A6608F98B5407E7DDBCF306573EF] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – Microsoft RDP Video Miniport driver.) — C:WindowsSystem32Driversrdpvideominiport.sys [27456]
    O44 – LFC:[MD5.3D2D2EA099D98FE6B94C7D8C7992C08C] – 27/12/2014 – 19:30:41 —A- . (.Microsoft Corporation – Microsoft RemoteFX VM Transport.) — C:WindowsSystem32rfxvmt.dll [40448]
    O44 – LFC:[MD5.1BB9CC78C91536CBA7B04B61ED0F85C4] – 27/12/2014 – 19:32:11 —A- . (.Microsoft Corporation – Runtime d’appel de procédure distante.) — C:WindowsSystem32rpcrt4.dll [1273184]
    O44 – LFC:[MD5.15750011454B89F4950D7E7E4A947EC1] – 27/12/2014 – 19:32:44 —A- . (.Microsoft Corporation – Accessibilité au Clavier visuel.) — C:WindowsSystem32osk.exe [834048]
    O44 – LFC:[MD5.6DE50D5592C6EE18C87B0C2EEEDC1621] – 27/12/2014 – 19:32:51 —A- . (.Microsoft Corporation – DPAPI Server.) — C:WindowsSystem32dpapisrv.dll [185856]
    O44 – LFC:[MD5.F0CE4A653EEBA09509EAF93AE2226FA9] – 27/12/2014 – 19:32:51 —A- . (.Microsoft Corporation – Fournisseur de sécurité TLS/SSL.) — C:WindowsSystem32schannel.dll [426496]
    O44 – LFC:[MD5.622928F5A8045F8122F10561D6C35ED0] – 27/12/2014 – 19:32:51 —A- . (.Microsoft Corporation – Microsoft SChannel Provider.) — C:WindowsSystem32ncryptsslp.dll [104336]
    O44 – LFC:[MD5.A6D61CD951FB0057933FD2D2D8CDBC0B] – 29/12/2014 – 09:44:08 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32MRT.exe [112710672]
    O44 – LFC:[MD5.D1C8F0E3AE4287416305FBF40CBDDDD7] – 29/12/2014 – 09:45:32 —A- . (…) — C:WindowsPFRO.log [17798]
    O44 – LFC:[MD5.6036260410C82CE82B90B4EE01569B00] – 29/12/2014 – 09:45:53 —A- . (…) — C:WindowsSystem32FNTCACHE.DAT [337928]
    O44 – LFC:[MD5.CED9531AF100E0BB66AA744984F28A81] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [4646402]
    O44 – LFC:[MD5.C8E9D16AF8246E166A73212E9C9B513B] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfc007.dat [161844]
    O44 – LFC:[MD5.1C7990EA8EA84D37B3C531815001036A] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfc009.dat [138536]
    O44 – LFC:[MD5.1E48B3672DA4D1EEB544C1D24FBFBC4C] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfc00C.dat [162356]
    O44 – LFC:[MD5.49F49274003B4911092DB4D18D6672F4] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfc010.dat [159026]
    O44 – LFC:[MD5.F7127FD954E4958E3F219D4EA17DA92A] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfc013.dat [164936]
    O44 – LFC:[MD5.3789B29672FC274449F875BD9D5CE169] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfh007.dat [761674]
    O44 – LFC:[MD5.7AF6C5FD0770495FC1BDE0628945FEB2] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfh009.dat [729902]
    O44 – LFC:[MD5.691FBCFC3964C3FF7CEB8B7CCFCF2883] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfh00C.dat [819776]
    O44 – LFC:[MD5.75F0FA9580F9515CD9EB873752462EEA] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfh010.dat [800586]
    O44 – LFC:[MD5.072AC30547F4C4781AE4AEF73A6D6002] – 29/12/2014 – 15:59:46 —A- . (…) — C:WindowsSystem32perfh013.dat [804838]
    O44 – LFC:[MD5.8227BFBC37122A2393051E159FFB332A] – 30/12/2014 – 20:11:40 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 30/12/2014 – 20:13:02 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O44 – LFC:[MD5.BA62CBBC4AC4CC7A4C89CE4A3EEEB4A1] – 30/12/2014 – 20:32:34 —A- . (…) — C:WindowsWindowsUpdate.log [1377180]
    ~ Files: 244 Scanned in 00mn 08s[/spoiler:3mene4ft]

    Padey
    Participant
    Nombre d'articles : 6

    La fin du rapport ZHP diag

    Spoiler for s84if0eo

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.F7010F81098800B0E8695185E5626CCA] – 25/12/2014 – 16:19:49 —A- – C:WindowsPrefetchANYPROTECT.EXE-53752276.pf =>PUP.AnyProtect
    O45 – LFCP:[MD5.CFB1FDA750D29526833DF6775D64D568] – 25/12/2014 – 16:23:43 —A- – C:WindowsPrefetchJ6BLOCKANDSURFR79.EXE-23C9AECD.pf =>PUP.BlockAndSurf
    O45 – LFCP:[MD5.F4FE597384F6DE4A458B359AED2CF613] – 25/12/2014 – 16:36:08 —A- – C:WindowsPrefetchMYBESTOFFERSTODAY.TMP-A10D4FDC.pf =>PUP.MyBestOffersToday
    O45 – LFCP:[MD5.42B64BE13C91E1EC84937D2DCCB007D9] – 25/12/2014 – 16:40:27 —A- – C:WindowsPrefetchMYBESTOFFERSTODAY.TMP-E15CB1E2.pf =>PUP.MyBestOffersToday
    O45 – LFCP:[MD5.DCE421507E3F51A8BE22244D31AAFE95] – 25/12/2014 – 16:36:13 —A- – C:WindowsPrefetchPACKAGE_MYBESTOFFERSTODAY_INS-8573D213.pf =>PUP.MyBestOffersToday
    O45 – LFCP:[MD5.0C7654538E5A2F765F0F423B5B2CC4CD] – 25/12/2014 – 16:39:52 —A- – C:WindowsPrefetchPACKAGE_MYBESTOFFERSTODAY_INS-F5F67945.pf =>PUP.MyBestOffersToday
    O45 – LFCP:[MD5.CC1DF09F0FA0BB174EFF7BABDFDA405F] – 25/12/2014 – 16:05:25 —A- – C:WindowsPrefetchPEPPERZIP.EXE-E23C0E69.pf =>PUP.PepperZip
    O45 – LFCP:[MD5.72BB187537598842FBD206CC23EDF369] – 25/12/2014 – 16:35:50 —A- – C:WindowsPrefetchPREDM.TMP-507B0675.pf =>Adware.Downware
    O45 – LFCP:[MD5.4AF9040A9EB716EE6E298249C2CE32B3] – 25/12/2014 – 16:37:10 —A- – C:WindowsPrefetchPREDM.TMP-E60394AD.pf =>Adware.Downware
    O45 – LFCP:[MD5.196B7F9B777AC7A0584BFE461BD08565] – 26/12/2014 – 03:37:42 —A- – C:WindowsPrefetchSPYHUNTER-INSTALLER.EXE-DA9960BB.pf =>Crapware.SpyHunter
    O45 – LFCP:[MD5.CDCA318C85871034BD63C34C2C196472] – 25/12/2014 – 16:33:55 —A- – C:WindowsPrefetchVOSTERAN.EXE-1A3D7B94.pf =>PUP.Vosteran
    ~ Prefetcher: 11 Scanned in 00mn 00s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    ~ LSA: 3 Scanned in 00mn 00s

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimaldxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkdxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkmfefirek.sys . (.McAfee, Inc. – McAfee Core Firewall Engine Driver.) — C:WindowsSystem32Driversmfefirek.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkmfehidk.sys . (.McAfee, Inc. – McAfee Link Driver.) — C:WindowsSystem32Driversmfehidk.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (…) — C:WindowsSystem32Driversrdpencdd.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 19 Scanned in 00mn 00s

    —\ Clé de registre Shell MountPoints2 (MPSK) (O51)
    O51 – MPSK:{45190148-5347-11e4-8252-806e6f6e6963}AutoRuncommand. (.Electronic Arts – Autorun program.) — E:Autorun.exe
    ~ Keys: Scanned in 00mn 03s

    —\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=5
    O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableCursorSuppression”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=3
    O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “DisableCAD”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “DisableTaskMgr”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “DisableRegistryTools”=0
    ~ MWPS: 20 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “ForceActiveDesktopOn”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktop”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “NoRun”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “NoFolderOptions”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “NoControlPanel”=0
    ~ MWPE Keys: 6 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.LSI – LSI 3ware SCSI Storport Driver.) — C:WindowsSystem32Drivers3ware.sys [108896]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.PMC-Sierra – PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) — C:WindowsSystem32Driversadp80xx.sys [782176]
    O58 – SDL:18/06/2013 – 16:05:45 —A- . (.LSI Corp – SoftModem Device Driver.) — C:WindowsSystem32Driversagrsm64.sys [1146880]
    O58 – SDL:09/07/2014 – 18:10:10 —A- . (.ASUSTek Computer Inc. – ASUS Charger driver.) — C:WindowsSystem32DriversAiCharger.sys [17152]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.Advanced Micro Devices – AHCI 1.3 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [79200]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [259424]
    O58 – SDL:22/08/2013 – 13:43:40 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [25952]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.PMC-Sierra, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [114016]
    O58 – SDL:08/10/2013 – 02:47:18 —A- . (.ASUS – HID driver for ASUS Wireless Radio Control.) — C:WindowsSystem32DriversAsHIDSwitch64.sys [20280]
    O58 – SDL:29/07/2014 – 15:26:10 —A- . (.ASUS Corporation – Asus TP Filter Driver(X64).) — C:WindowsSystem32DriversAsusTP.sys [69904]
    O58 – SDL:02/04/2014 – 19:02:18 —A- . (.Qualcomm Atheros Communications, Inc. – Qualcomm Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32Driversathwbx.sys [3893248]
    O58 – SDL:13/08/2013 – 00:25:46 —A- . (.Windows (R) Win 7 DDK provider – BCM Function 2 Device Driver.) — C:WindowsSystem32Driversbcmfn2.sys [17624]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros A2DP driver.) — C:WindowsSystem32Driversbtath_a2dp.sys [338120]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros Bluetooth AVDT driver.) — C:WindowsSystem32Driversbtath_avdt.sys [118984]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros BUS driver.) — C:WindowsSystem32Driversbtath_bus.sys [35016]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_flt.sys [89800]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros HCRP driver.) — C:WindowsSystem32Driversbtath_hcrp.sys [179432]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros FILTER driver.) — C:WindowsSystem32Driversbtath_lwflt.sys [77464]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros AVRCP driver.) — C:WindowsSystem32Driversbtath_rcp.sys [137928]
    O58 – SDL:31/07/2014 – 03:21:12 —A- . (.Qualcomm Atheros – Qualcomm Atheros BtFilter Driver.) — C:WindowsSystem32Driversbtfilter.sys [598728]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [531296]
    O58 – SDL:18/07/2014 – 09:10:54 —A- . (.McAfee, Inc. – McAfee Personal Firewall IDS Plugin.) — C:WindowsSystem32Driverscfwids.sys [72128]
    O58 – SDL:18/10/2013 – 03:24:38 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Memory Particip.) — C:WindowsSystem32DriversDptfDevDram.sys [145640]
    O58 – SDL:18/10/2013 – 03:24:40 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework PCH Participant.) — C:WindowsSystem32DriversDptfDevPch.sys [116752]
    O58 – SDL:18/10/2013 – 03:24:40 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Processor Parti.) — C:WindowsSystem32DriversDptfDevProc.sys [289744]
    O58 – SDL:18/10/2013 – 03:24:40 —A- . (.Intel Corporation – Intel(R) Dynamic Platform and Thermal Framework Manager Driver.) — C:WindowsSystem32DriversDptfManager.sys [494296]
    O58 – SDL:18/06/2013 – 15:45:26 —A- . (.Intel Corporation – Intel(R) Gigabit Adapter NDIS 6.x driver.) — C:WindowsSystem32Driverse1i63x64.sys [460288]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3357024]
    O58 – SDL:18/11/2013 – 14:02:00 —A- . (.Condusiv Technologies – ExpressCache Filesystem Filter Driver.) — C:WindowsSystem32Driversexcfs.sys [25840]
    O58 – SDL:18/11/2013 – 14:02:00 —A- . (.Condusiv Technologies – ExpressCache Driver.) — C:WindowsSystem32Driversexcsd.sys [117488]
    O58 – SDL:23/09/2013 – 13:49:22 —A- . (.McAfee, Inc. – McAfee HIP IPS Driver.) — C:WindowsSystem32DriversHipShieldK.sys [197704]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [64352]
    O58 – SDL:30/07/2013 – 19:47:35 —A- . (.Intel Corporation – Intel(R) Serial IO GPIO Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_GPIO.sys [24568]
    O58 – SDL:25/07/2013 – 20:05:39 —A- . (.Intel Corporation – Intel(R) Serial IO I2C Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_I2C.sys [99320]
    O58 – SDL:29/05/2014 – 04:25:30 —A- . (.Intel Corporation – Intel(R) Rapid Storage Technology driver – x64.) — C:WindowsSystem32DriversiaStorA.sys [672104]
    O58 – SDL:10/08/2013 – 01:39:30 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver (inbox) – x64.) — C:WindowsSystem32DriversiaStorAV.sys [651248]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [412000]
    O58 – SDL:19/06/2014 – 03:35:16 —A- . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd64.sys [3793408]
    O58 – SDL:16/06/2014 – 04:27:10 —A- . (.Intel(R) Corporation – Intel(R) Display Audio Driver.) — C:WindowsSystem32DriversIntcDAud.sys [450520]
    O58 – SDL:06/05/2014 – 23:39:17 —A- . (.Intel Corporation – Intel® WiDi Solution.) — C:WindowsSystem32Driversintelaud.sys [38296]
    O58 – SDL:06/05/2014 – 23:39:17 —A- . (.Intel Corporation – Intel® WiDi Solution.) — C:WindowsSystem32Driversiwdbus.sys [27032]
    O58 – SDL:06/08/2012 – 04:17:18 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [17280]
    O58 – SDL:22/08/2013 – 13:43:44 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [109408]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [93536]
    O58 – SDL:22/08/2013 – 13:43:44 —A- . (.LSI Corporation – LSI SAS Gen3 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas3.sys [81760]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – LSI SSS PCIe/Flash Driver (StorPort).) — C:WindowsSystem32Driverslsi_sss.sys [82784]
    O58 – SDL:21/11/2014 – 06:14:08 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O58 – SDL:21/11/2014 – 06:14:12 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O58 – SDL:30/12/2014 – 20:13:02 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows.) — C:WindowsSystem32Driversmegasas.sys [56672]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32Driversmegasr.sys [575840]
    O58 – SDL:18/07/2014 – 08:49:08 —A- . (.McAfee, Inc. – Access Protection Filter Driver.) — C:WindowsSystem32Driversmfeapfk.sys [181704]
    O58 – SDL:18/07/2014 – 08:50:18 —A- . (.McAfee, Inc. – Anti-Virus File System Filter Driver.) — C:WindowsSystem32Driversmfeavfk.sys [313800]
    O58 – SDL:24/07/2014 – 14:33:10 —A- . (.McAfee, Inc. – McAfee Driver Cleaning Driver.) — C:WindowsSystem32Driversmfeclnrk.sys [11336]
    O58 – SDL:18/07/2014 – 08:34:28 —A- . (.McAfee, Inc. – McAfee ELAM Driver.) — C:WindowsSystem32Driversmfeelamk.sys [70600]
    O58 – SDL:18/07/2014 – 08:52:36 —A- . (.McAfee, Inc. – McAfee Core Firewall Engine Driver.) — C:WindowsSystem32Driversmfefirek.sys [526352]
    O58 – SDL:18/07/2014 – 08:55:28 —A- . (.McAfee, Inc. – McAfee Link Driver.) — C:WindowsSystem32Driversmfehidk.sys [786296]
    O58 – SDL:24/07/2014 – 14:31:56 —A- . (.McAfee, Inc. – Event Driver.) — C:WindowsSystem32Driversmfencbdc.sys [444720]
    O58 – SDL:24/07/2014 – 14:32:30 —A- . (.McAfee, Inc. – Detection driver.) — C:WindowsSystem32Driversmfencrk.sys [96592]
    O58 – SDL:18/07/2014 – 09:01:44 —A- . (.McAfee, Inc. – Anti-Virus Mini-Firewall Driver.) — C:WindowsSystem32Driversmfewfpk.sys [348552]
    O58 – SDL:22/08/2013 – 13:43:49 —A- . (.Marvell Semiconductor, Inc. – Marvell Flash Controller Driver.) — C:WindowsSystem32Driversmvumis.sys [63840]
    O58 – SDL:21/11/2014 – 06:14:26 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O58 – SDL:18/06/2013 – 15:45:58 —A- . (.Intel Corporation – Intel® Wireless WiFi Link Driver.) — C:WindowsSystem32DriversNetwsw00.sys [11518976]
    O58 – SDL:08/07/2014 – 01:54:42 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 333.37.) — C:WindowsSystem32Driversnvlddmkm.sys [12732376]
    O58 – SDL:22/08/2013 – 13:43:31 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [150368]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [168288]
    O58 – SDL:31/03/2014 – 17:42:44 —A- . (.NVIDIA Corporation – NVIDIA Virtual Audio Driver.) — C:WindowsSystem32Driversnvvad64v.sys [40392]
    O58 – SDL:29/05/2014 – 08:55:48 —A- . (.Realtek – Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) — C:WindowsSystem32DriversRt630x64.sys [873176]
    O58 – SDL:26/08/2014 – 11:58:18 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [4267480]
    O58 – SDL:08/05/2014 – 11:15:12 —A- . (.Realsil Semiconductor Corporation – RTS PCIE READER Driver.) — C:WindowsSystem32DriversRtsPer.sys [502488]
    O58 – SDL:22/08/2013 – 16:35:09 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [23040]
    O58 – SDL:22/08/2013 – 13:43:31 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [44896]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [81760]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.Promise Technology, Inc. – Promise SuperTrak EX Series Driver for Windows x64.) — C:WindowsSystem32Driversstexstor.sys [31072]
    O58 – SDL:09/12/2013 – 15:26:24 —A- . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversTeeDriverx64.sys [100312]
    O58 – SDL:27/12/2014 – 15:04:30 —A- . (…) — C:WindowsSystem32DriversTrueSight.sys [35064]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [19808]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [168800]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Corporation – VIA StorX RAID Controller Driver.) — C:WindowsSystem32DriversVSTXRAID.SYS [305504]
    O58 – SDL:02/04/2014 – 19:02:18


    . (.Qualcomm Atheros Communications, Inc. – Qualcomm Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32athwbx.sys [3893248]
    ~ Drivers: 80 Scanned in 00mn 03s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 25/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindows1036StructuredQuerySchema.bin [410914]
    O61 – LFC: 25/12/2014 – 20:33:30 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsINetCacheVirtualizedCProgramDataNVIDIA CorporationDrsnvdrssel.bin [1]
    O61 – LFC: 25/12/2014 – 20:33:30 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendPackages00063e0DRS update.18604518.exe [323720]
    O61 – LFC: 25/12/2014 – 20:33:30 —A- . (.NVIDIA Corporation.) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendApplicationOntologyNvOAWrapperCache.exe [674744]
    O61 – LFC: 25/12/2014 – 20:33:30 —A- . (.NVIDIA Corporation.) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendApplicationOntologyOAWrapper.exe [172984]
    O61 – LFC: 25/12/2014 – 20:33:30 —A- . (.NVIDIA Corporation.) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendApplicationOntologyOntology.dll [1401272]
    O61 – LFC: 25/12/2014 – 20:33:31 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendPackages0006aaeCoProc update.19164737.exe [431160]
    O61 – LFC: 25/12/2014 – 20:33:31 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendPackages0006ac5DAO.19165538.exe [4679096]
    O61 – LFC: 25/12/2014 – 20:33:32


    . (…) — C:UsersArnaudmickaëlAppDataLocalTemp5064e1f7-d51c-4621-bdca-d67d84b98ec0vopackage.exe [322630] =>Adware.Downware
    O61 – LFC: 25/12/2014 – 20:33:33


    . (…) — C:UsersArnaudmickaëlAppDataLocalTempf2e97389-b012-45c5-ac3d-3a9566435d91setup.exe [2351104]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (…) — C:UsersArnaudmickaëlAppDataLocalTempis456377294002569_stpGeneric_vo.exe [176192]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (…) — C:UsersArnaudmickaëlAppDataLocalTempis456377294810203_stpGeneric_vo.exe [176192]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (…) — C:UsersArnaudmickaëlAppDataLocalTempnsu1239.tmpIpConfig.dll [117248]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (…) — C:UsersArnaudmickaëlAppDataLocalTempnsu1239.tmpSystem.dll [11264]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (…) — C:UsersArnaudmickaëlAppDataLocalTempnsu1239.tmpWmiInspector.dll [106496]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (…) — C:UsersArnaudmickaëlAppDataLocalTempnsu1239.tmpinetc.dll [20992]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (.Google Inc..) — C:UsersArnaudmickaëlAppDataLocalTemp87de584c-81f8-4baf-886b-76f094065becchrome-39.exe [42194512]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (.Microsoft Corporation.) — C:UsersArnaudmickaëlAppDataLocalTempis-7QLIP.tmp_isetup_shfoldr.dll [23312]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (.Microsoft Corporation.) — C:UsersArnaudmickaëlAppDataLocalTempis-C4M27.tmp_isetup_shfoldr.dll [23312]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (.Microsoft Corporation.) — C:UsersArnaudmickaëlAppDataLocalTempis-JVNE0.tmp_isetup_shfoldr.dll [23312]
    O61 – LFC: 25/12/2014 – 20:33:33


    . (.PC Utilities Software Limited.) — C:UsersArnaudmickaëlAppDataLocalTempa1ad14ac-df83-4b75-bbc7-f37a6d03cdd7optimizerpro.exe [8197048] =>PUP.OptimizerPro
    O61 – LFC: 25/12/2014 – 20:33:33 —A- . (…) — C:UsersArnaudmickaëlDesktopAscentia.exe [833424]
    O61 – LFC: 25/12/2014 – 20:33:34 —A- . (…) — C:UsersArnaudmickaëlDownloadsMicrosoft.SkypeApp_kzf8qxf38zg5c!AppAscentia (1).exe [833424]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalApps2.0DLP26GZA.3MYQDHEGX1G.M1Oprog…app_4fe91ede9f9bdca3_0001.0003_9125133394ccc181clickonce_bootstrap.exe [10120]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplates!QuerySuggestion.Home_Horizontal_8_1_RP-bb56e430.dll [10712]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplates!QuerySuggestion.ListItem_8_1_RP-cfced051.dll [10712]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplates!Shared.List_8_1_RTM-dddcb8a3.dll [17880]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesAds.BackgroundStyles_8_1_RP-9f980e6d.dll [12248]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesAds.Medium_Landscape_8_1_RTM-ddcfb8f2.dll [13272]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesAds.Medium_Portrait_8_1_RTM-42de12af.dll [12248]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesAds.SerpAdsLayout_8_1_RTM-3dc295a4.dll [11736]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesAds.Small_Generic_8_1_RP-07c96673.dll [11224]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesLocalMultimedia.ImageDetails.dll [18392]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesMsnJVData.Video_Styles_8_1_RTM-9da0e9ee.dll [10712]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesMultimedia.EntryAnswer_Landscape_8_1_RP-9d7f86a9.dll [11736]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesMultimedia.EntryAnswer_Portrait_8_1_RP-e2820368.dll [11736]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesMultimedia.EntryAnswer_Snap_8_1_RP-28755c71.dll [11736]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesMultimedia.ImageDetails_RTM-645d8117.dll [18392]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesQuerySuggestion.Home_Vertical_8_1_RP-a4518597.dll [10712]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.AccentColorStyles_8_1_RP-f16782e7.dll [13272]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.Branding_8_1_RTM-1aa170b9.dll [15320]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.ButtonStyles_8_1_SpringGDR-ff8d7ba7.dll [25560]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (.Google Inc..) — C:UsersArnaudmickaëlAppDataLocalApps2.0DLP26GZA.3MYQDHEGX1G.M1Oclic…exe_4fe91ede9f9bdca3_0001.0003_none_b1328e123920ace1GoogleUpdateSetup.exe [880784]
    O61 – LFC: 26/12/2014 – 20:33:23 —A- . (.Google Inc..) — C:UsersArnaudmickaëlAppDataLocalApps2.0DLP26GZA.3MYQDHEGX1G.M1Oprog…app_4fe91ede9f9bdca3_0001.0003_9125133394ccc181GoogleUpdateSetup.exe [880784]
    O61 – LFC: 26/12/2014 – 20:33:24 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.FactsList_8_1_RP-bf695b40.dll [15320]
    O61 – LFC: 26/12/2014 – 20:33:24 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.GridViewStyles_8_1_SpringGDR-deacc251.dll [30680]
    O61 – LFC: 26/12/2014 – 20:33:24 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.HeroStyles_8_1_RTM-45ef23fc.dll [23000]
    O61 – LFC: 26/12/2014 – 20:33:24 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.ImageStyles_8_1_SpringGDR-1e013bca.dll [12248]
    O61 – LFC: 26/12/2014 – 20:33:24 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.NullableImage_8_1_SpringGDR-61977366.dll [11224]
    O61 – LFC: 26/12/2014 – 20:33:24 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.SerpAnswerBlock_Selectable_8_1_RP-50f23571.dll [14808]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.SerpAnswerBlock_Suppressed_8_1_RP-9749e2bf.dll [14296]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.SerpGridViewStyles_8_1_RTM-585bfba1.dll [23512]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesShared.TextStyles_8_1_SpringGDR-bc62340a.dll [35800]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesWeb.Algo_Generic_8_1_RP-473969cf.dll [11224]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesWeb.BasicAlgo_Portrait_8_1_RP-5f802e06.dll [11224]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesWeb.MetadataWithoutSuffix_8_1_RP-9fcd7344.dll [11224]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesWeb.Metadata_8_1_RP-e29ff4ad.dll [11224]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesWeb.RichAlgo_Landscape_8_1_RP-30e0ff7c.dll [11224]
    O61 – LFC: 26/12/2014 – 20:33:25 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsConnectedSearchTemplatesWeb.RichAlgo_Portrait_8_1_RP-9812756d.dll [11736]
    O61 – LFC: 26/12/2014 – 20:33:32 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendPackages0006ad0DAO.19168668.exe [4692984]
    O61 – LFC: 26/12/2014 – 20:33:32 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendPackages0006adcCoProc update.19170798.exe [431320]
    O61 – LFC: 26/12/2014 – 20:33:33 —A- . (…) — C:UsersArnaudmickaëlDownloadsadwcleaner_4.106.exe [2173952]
    O61 – LFC: 26/12/2014 – 20:33:33 —A- . (.Adobe Systems Inc..) — C:UsersArnaudmickaëlAppDataRoamingMacromediaFlash Playerwww.macromedia.combinairappinstallerairappinstaller.exe [53632]
    O61 – LFC: 27/12/2014 – 20:33:26 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsINetCacheIE7X1G8GP6RogueKiller.exe [15298136]
    O61 – LFC: 27/12/2014 – 20:33:27 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsINetCacheIEJ9AAB31Droguekiller.exe [799768]
    O61 – LFC: 27/12/2014 – 20:33:28 —A- . (.Malwarebytes Corporation.) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsINetCacheIEPJ1EKE7Hmbam-setup-2.0.4.1028.exe [20447072]
    O61 – LFC: 27/12/2014 – 20:33:34 —A- . (…) — C:UsersArnaudmickaëlDownloadsroguekiller [1].exe [4686336]
    O61 – LFC: 29/12/2014 – 20:33:32 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendUMDShimnvcoproc.bin [4181962]
    O61 – LFC: 30/12/2014 – 20:33:23 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftInternet ExplorerUrlBlockManagerurlblocklist.bin [0]
    O61 – LFC: 30/12/2014 – 20:33:26 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsINetCacheIE7X1G8GP6urlblockindex[1].bin [16]
    O61 – LFC: 30/12/2014 – 20:33:26 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsINetCacheIE7X1G8GP6urlblocklist[1].bin [0]
    O61 – LFC: 30/12/2014 – 20:33:26 —A- . (.Nicolas Coolman.) — C:UsersArnaudmickaëlAppDataLocalMicrosoftWindowsINetCacheIE7X1G8GP6ZHPDiag2.exe [6868290] =>.Nicolas Coolman
    O61 – LFC: 30/12/2014 – 20:33:32 —A- . (…) — C:UsersArnaudmickaëlAppDataLocalNVIDIANvBackendPackages0006aeaCoProc update.19181379.exe [433072]
    O61 – LFC: 30/12/2014 – 20:33:33 —A- . (…) — C:UsersArnaudmickaëlAppDataRoamingsp_data.sys [93]
    O61 – LFC: 30/12/2014 – 20:33:34 —A- . (.Nicolas Coolman.) — C:UsersArnaudmickaëlDownloadsZHPDiag2-2014.12.27.179.exe [5243904] =>.Nicolas Coolman
    ~ 95 Fichiers temporaires (Temporary files)
    ~ Files: 75 Scanned in 00mn 10s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: Ad-Remover par C_XX – (.C_XX.) [HKLM] — Ad-Remover
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
    ~ FASS Keys: 10 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (…) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] ${searchCLSID} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [208896]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [324608]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [1311744]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [1104384]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [903168]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [109568]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [150528]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [107008]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1212928]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [220672]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [70656]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [134144]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [220160]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [326656]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [81408]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [97792]
    O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [339456]
    O83 – Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation – Service d’infrastructure de localisation Windows.) — C:WindowsSystem32GeofenceMonitorService.dll [491520]
    O83 – Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation – Service de compte Microsoft®.) — C:WindowsSystem32wlidsvc.dll [1576960]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [50688]
    O83 – Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation – Gestionnaire d’installation de périphérique.) — C:WindowsSystem32DeviceSetupManager.dll [201728]
    O83 – Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation – Service Assistant Connectivité réseau Microsoft.) — C:WindowsSystem32ncasvc.dll [164352]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [101376]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire des connexions d’accès à distance.) — C:WindowsSystem32rasmans.dll [534528]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [223744]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [71680]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [433664]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [306688]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [3463680]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [1017856]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [629760]
    ~ Services: 34 Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (…) — C:ProgramDataSetStretch.exe [24576]
    [MD5.FD90056E2EA44F5418FD7F83A54A8B47] [SPRF][30/12/2014] (…) — C:UsersArnaudmickaëlAppDataRoamingsp_data.sys [93]
    [MD5.494FCD1061795018107893DF77385E1A] [SPRF][25/12/2014] (…) — C:UsersArnaudmickaëlDesktopAscentia.exe [833424]
    ~ Files: 3 Scanned in 00mn 00s

    —\ Export de clés de registre aléatoires (O91)
    [HKLMSoftwareWow6432Noded57b1885-4d24-2579-4f54-35f0903d2b2a] => Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
    ~ Export Key Software: Scanned in 00mn 00s

    —\ Enumère les données de la clé NameSpace (MNS) (O92)
    O92 – MNS: – {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
    O92 – MNS: – {374DE290-123F-4565-9164-39C4925E467B}
    O92 – MNS: – {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
    O92 – MNS: – {A0953C92-50DC-43bf-BE83-3742FED03C9C}
    O92 – MNS: – {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
    O92 – MNS: – {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
    ~ MNS: 6 Scanned in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 19/06/2014 278344 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
    SS – | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) – C:Program Files (x86)WildTangent GamesAppGamesAppService.exe
    SS – | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientSocketHeciServer.exe
    SS – | Demand 12/03/2014 332528 | (McAWFwk) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeeActWizMcAWFwk.exe
    SS – | Demand 01/08/2014 601864 | (McODS) . (.McAfee, Inc..) – C:Program FilesmcafeeVirusScanmcods.exe
    SS – | Disabled 30/07/2014 335064 | (McOobeSv2) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeeplatformMcSvcHostMcSvHost.exe
    SS – | Demand 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SS – | Demand 22/08/2013 37768 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 26/03/2014 115512 | (ASLDRService) . (.ASUSTek Computer Inc..) – C:Program Files (x86)ASUSATK PackageATK HotkeyAsLdrSrv.exe
    SR – | Auto 25/02/2014 71680 | (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation.) – C:Program Files (x86)ASUSWebStorage2.1.2.301AsusWSWinService.exe
    SR – | Auto 31/07/2014 322176 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) – C:Program Files (x86)Bluetooth Suiteadminservice.exe
    SR – | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
    SR – | Auto 18/10/2013 117704 | (DptfParticipantProcessorService) . (.Intel Corporation.) – C:WindowsSystem32DptfParticipantProcessorService.exe
    SR – | Auto 18/10/2013 116680 | (DptfPolicyConfigTDPService) . (.Intel Corporation.) – C:WindowsSystem32DptfPolicyConfigTDPService.exe
    SR – | Auto 18/10/2013 148160 | (DptfPolicyCriticalService) . (.Intel Corporation.) – C:WindowsSystem32DptfPolicyCriticalService.exe
    SR – | Auto 18/10/2013 126952 | (DptfPolicyLpmService) . (.Intel Corporation.) – C:WindowsSystem32DptfPolicyLpmService.exe
    SR – | Auto 18/11/2013 828656 | (ExpressCache) . (.Condusiv Technologies.) – C:Program FilesCondusiv TechnologiesExpressCacheExpressCache.exe
    SR – | Auto 28/01/2014 227904 | (GamesAppIntegrationService) . (.WildTangent.) – C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe
    SR – | Auto 30/07/2014 335064 | (HomeNetSvc) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe
    SR – | Auto 19/06/2014 314696 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) – C:WindowsSystem32igfxCUIService.exe
    SR – | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Auto 09/12/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    SR – | Auto 09/12/2013 169432 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 09/12/2013 390616 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 04/09/2014 562200 | (McAPExe) . (.McAfee, Inc..) – C:Program FilesMcAfeeMSCMcAPexe.exe
    SR – | Auto 30/07/2014 335064 | (McMPFSvc) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe
    SR – | Auto 30/07/2014 335064 | (McNaiAnn) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeeplatformMcSvcHostMcSvHost.exe
    SR – | Auto 30/07/2014 335064 | (mcpltsvc) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeeplatformMcSvcHostMcSvHost.exe
    SR – | Auto 30/07/2014 335064 | (McProxy) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeeplatformMcSvcHostMcSvHost.exe
    SR – | Auto 24/07/2014 1041192 | (mfecore) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeeAMCoremcshield.exe
    SR – | Auto 18/07/2014 219752 | (mfefire) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe
    SR – | Auto 18/07/2014 189912 | (mfevtp) . (.McAfee, Inc..) – C:Windowssystem32mfevtps.exe
    SR – | Auto 30/07/2014 335064 | (MSK80Service) . (.McAfee, Inc..) – C:Program FilesCommon FilesMcAfeePlatformMcSvcHostMcSvHost.exe
    SR – | Auto 25/07/2014 1720608 | (NvNetworkService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
    SR – | Auto 25/07/2014 18956064 | (NvStreamSvc) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    SR – | Auto 07/07/2014 930136 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
    SR – | Demand 10/07/1658 0 | (WdNisSvc) . (…) – C:Program Files (x86)Windows DefenderNisSrv.exe
    SR – | Demand 10/07/1658 0 | (WinDefend) . (…) – C:Program Files (x86)Windows DefenderMsMpEng.exe
    SR – | Auto 31/07/2014 323584 | (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) – C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
    ~ Services: Scanned in 00mn 07s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Arnaudmickaël at 30/12/2014 20:33:55
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Scanned in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Arnaudmickaël at 30/12/2014 20:33:57
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (30/12/2014)
    Clés trouvées (Keys found) : 1
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 2

    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallZombieInvasion] =>PUP.ZombieInvasion^
    C:Program Files (x86)ASUSASUS Live UpdateUpdateChecker.exe =>Adware.SmileyBar^
    [HKLMSoftwareWow6432Noded57b1885-4d24-2579-4f54-35f0903d2b2a] =>PUP.CrossRider^
    ~ Additionnel Scan: 197668 Items scanned in 00mn 13s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/” onclick=”window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/” onclick=”window.open(this.href);return false; =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
    ~ AMI: 4 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/adware-smileybar” onclick=”window.open(this.href);return false; =>Adware.SmileyBar
    http://www.nicolascoolman.fr/blog/” onclick=”window.open(this.href);return false; =>PUP.ZombieInvasion
    http://nicolascoolman.fr/pup-crossrider” onclick=”window.open(this.href);return false; =>PUP.CrossRider
    http://nicolascoolman.fr/pup-anyprotect” onclick=”window.open(this.href);return false; =>PUP.AnyProtect
    http://nicolascoolman.fr/pup-blockandsurf” onclick=”window.open(this.href);return false; =>PUP.BlockAndSurf
    http://www.nicolascoolman.fr/blog/” onclick=”window.open(this.href);return false; =>PUP.MyBestOffersToday
    http://www.nicolascoolman.fr/blog/” onclick=”window.open(this.href);return false; =>PUP.PepperZip
    http://nicolascoolman.fr/adware-downware” onclick=”window.open(this.href);return false; =>Adware.Downware
    http://nicolascoolman.fr/crapware-spyhunter” onclick=”window.open(this.href);return false; =>Crapware.SpyHunter
    http://www.nicolascoolman.fr/blog/” onclick=”window.open(this.href);return false; =>PUP.Vosteran
    http://nicolascoolman.fr/pup-optimizerpro” onclick=”window.open(this.href);return false; =>PUP.OptimizerPro
    Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
    ~ MSI: 12 link(s) detected in 00mn 00s

    End of the scan (1350 lines in 01mn 25s)(0)[/spoiler:s84if0eo]

    Evasion60Evasion60
    Participant
    Nombre d'articles : 1559

    :hello: Bonjour

    1/
    Relance ADWCleaner
    Clique sur Nettoyage/Suppression
    Poste son rapport

    2/
    Relance MBAM
    Mets en quarantine, les entrées infectieuses trouvées
    Poste son rapport

    3/
    Je ne peux pas travailler avec un rapport ZHPDiag coupé en plusieurs partie
    Merci de l’héberger sur => https://antimalware.top/” onclick=”window.open(this.href);return false; (disponible sur le forum SoSVirus)

    :)

8 sujets de 1 à 8 (sur un total de 8)
  • Vous devez être connecté pour répondre à ce sujet.