cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.3.12.29 - Nicolas Coolman (12/03/2015)
~ Lancé par Sylvie (14/03/2015 15:34:04)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17631
GCIE: Google Chrome v41.0.2272.89 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : G29F3
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.4.1028
ESET Online Scanner v3
Windows Defender W8 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v5.03

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3979 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 143 GB (76%) free of 186 GB

---\\ Mode de connexion au système
~ Computer Name: SYLVIE
~ User Name: Sylvie
~ All Users Names: Sylvie, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Sylvie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Sylvie\AppData\Roaming\
~ %Desktop% : C:\Users\Sylvie\Desktop\
~ %Favorites% : C:\Users\Sylvie\Favorites\
~ %LocalAppData% : C:\Users\Sylvie\AppData\Local\
~ %StartMenu% : C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 143 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 258 Go of 258 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 44 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - (.Microsoft Corporation - Explorateur Windows.) (.23/08/2014 - 08:48:28.) -- C:\Windows\Explorer.exe [2374784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.9DFE41A69DF70AAB75CB5BA8C1109EA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/01/2015 - 02:27:32.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.18/03/2014 - 16:27:31.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.18/03/2014 - 16:27:32.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/10/2014 - 14:43:49.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.29/10/2014 - 14:17:22.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.29/10/2014 - 15:10:33.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 16:27:35.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.29/10/2014 - 14:39:16.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.29/10/2014 - 15:10:33.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.18/03/2014 - 16:10:10.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.29/10/2014 - 15:10:33.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/7
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/3
~ Mon Bureau (My Desktop) : 1/9
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.5B4B4A8ECEE26310FB7B96E3A46222EF] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440] [PID.1524]
[MD5.7FE8B062831F9280A96199964242619A] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888] [PID.1612]
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.2352]
[MD5.CFAC0D3B76F75709B03360FDF910CF21] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328] [PID.4256]
[MD5.E72C2F7797A6B7E0445D789FD6EF87B5] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [209720] [PID.4264]
[MD5.2F03C763EE0DFB4DE56176737DEFB2E2] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [21184] [PID.5256]
[MD5.97A9054B52205BD3928EC655D50F0C4B] - (.Microsoft Corporation - Microsoft Office Document Cache Sync Client.) -- C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.exe [82664] [PID.5700]
[MD5.9201E92771F3D536DA4A53FDCC4B976B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.4320]
[MD5.817898FEBE6CE40A487EAB6843C9C7C5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8185344] [PID.1456]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Sylvie\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 05s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 16 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Evernote extension [64Bits] - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Exp.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
~ BHO: 3 Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar [Sylvie]: Google Agenda.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.google.com =>Hijacker.Browsers
O4 - GS\Desktop [Sylvie]: EBT.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://ebt.elephantbird.net =>Hijacker.Browsers
O4 - GS\Desktop [Sylvie]: PP.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.proprietes-privees.com =>Hijacker.Browsers
~ Global Startup: 3 Scanned in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [ASUS HDD Protection Tray Application] . (.STMicroelectronics - HDD Protection Monitor.) -- C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_46D4F7B8A2343F3169C55CAAF88A3D05] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [WebStorage] . (...) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe
O4 - HKUS\S-1-5-21-1191867183-3811195877-2353490651-1001\..\Run: [GoogleChromeAutoLaunch_46D4F7B8A2343F3169C55CAAF88A3D05] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-1191867183-3811195877-2353490651-1001\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
O4 - HKUS\S-1-5-21-1191867183-3811195877-2353490651-1001\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
O4 - HKUS\S-1-5-21-1191867183-3811195877-2353490651-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Explorer.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3151F811-8BBD-46A7-AC76-FF0EE66541E1}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{3151F811-8BBD-46A7-AC76-FF0EE66541E1}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: oem23.inf (DptfParticipantProcessorService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\Windows\System32\DptfParticipantProcessorService.exe
O23 - Service: oem23.inf (DptfPolicyLpmService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\Windows\System32\DptfPolicyLpmService.exe
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Hash Alphabet Key (judejyju) . (...) - C:\Users\Sylvie\AppData\Roaming\3C56ACB0-1426025077-A44E-8850-B4ED60160DF5\nsz3D46.tmp (.not file.)
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Voltage Mobile (qymygubu) . (...) - C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028891-A44E-8850-B4ED60160DF5\snsu5E62.tmp
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TransformService (TransformService) . (.ASUS - TransformService.) - C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe
O23 - Service: Cable Typewriter (xozunyje) . (...) - C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028875-A44E-8850-B4ED60160DF5\cnsu1FD4.tmp
~ Services: 17 Scanned in 00mn 06s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.C2CBE7C1A0F8415DD9608DD80A0131EC] [APT] [ASUS Patch for Touch Panel] (.ASUSTek Computer INC..) -- C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [158336]
[MD5.24B7AEFCA2403E01819E73F7F127E16C] [APT] [ASUS Smart Gesture Launcher] (.AsusTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232]
[MD5.5B4B4A8ECEE26310FB7B96E3A46222EF] [APT] [ASUS Splendid ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440]
[MD5.7FE8B062831F9280A96199964242619A] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888]
[MD5.95BF2536652AC4116CD54F8D2CB2E055] [APT] [ATK Package 36D18D69AFC3] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppexec.exe [120632]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.00000000000000000000000000000000] [APT] [MFRFRQT] (...) -- C:\ProgramData\41dc4e6132b540b4a873b713f338acde\41dc4e6132b540b4a873b713f338acde.exe (.not file.) [0]
[MD5.CD18EE6AC1A4130D5FA91E4E8AD3BA31] [APT] [RtHDVBg] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1388400]
[MD5.92894CE1B4DBBB9BB55EA0A1E6E7DF99] [APT] [RTKCPL] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152]
[MD5.88CE9F3FD655DEF53E0A7FBD0AA12FA9] [APT] [Update Checker] (...) -- C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [11776]
[MD5.B5C90CBC7AC91FF982C2C8C71ABBE5EA] [APT] [ASUS Product Register Service] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe [1271424]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1078]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1082]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082]
~ Scheduled Task: 16 Scanned in 00mn 04s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (ATKWMIACPIIO) . (.ASUSTek Computer Inc. - ATK WMIACPI Utility.) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
~ Drivers: 34 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ASUS FlipLock - (.ASUS.) [HKLM][64Bits] -- {9BF8EF7C-4AA1-4CA7-93DB-8F543EB35F4E}
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
O42 - Logiciel: ASUS Product Demo Kit - (.ASUS.) [HKLM][64Bits] -- {1714AD6E-D517-40C0-9B19-4CE0078F7694}
O42 - Logiciel: ASUS Smart Gesture - (.ASUS.) [HKLM][64Bits] -- {4D3286A6-F6AB-498A-82A4-E4F040529F3D}
O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64Bits] -- {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 - Logiciel: ASUS USB Charger Plus - (.ASUS.) [HKLM][64Bits] -- {A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 - Logiciel: Alcor Micro USB Card Reader Driver - (.Alcor Micro Corp..) [HKLM][64Bits] -- InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Device Setup - (.ASUSTek Computer Inc..) [HKLM][64Bits] -- {1F07F2C7-596F-4F34-B805-2C61A3E50E5A}
O42 - Logiciel: ESET Online Scanner v3 - (...) [HKLM][64Bits] -- ESET Online Scanner
O42 - Logiciel: Evernote v. 5.8.4 - (.Evernote Corp..) [HKLM][64Bits] -- {C15841A6-C20A-11E4-977D-00163E98E7D6}
O42 - Logiciel: Foxit PhantomPDF - (.Foxit Corporation.) [HKLM][64Bits] -- {FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {6C36881B-0E51-4231-9D02-BF2149664D34}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Intel(R) Dynamic Platform and Thermal Framework - (.Intel Corporation.) [HKLM][64Bits] -- FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {9FD91C5C-44AE-4D9D-85BE-AE52816B0294}
O42 - Logiciel: Intel(R) Serial IO - (.Intel Corporation.) [HKLM][64Bits] -- {D108C569-116E-4D47-B3A2-A7E63E1BAFDA}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {457D6189-416A-44CD-A0A6-D6D75AD25CCF}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mediatek Bluetooth - (.Mediatek.) [HKLM][64Bits] -- {878D7C14-18BD-7A70-9292-C0B3CE374125}
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: ST Microelectronics 3 Axis Digital Accelerometer Solution - (.ST Microelectronics.) [HKLM][64Bits] -- {9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}
O42 - Logiciel: Skype™ 6.18 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent
O42 - Logiciel: WebStorage - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- WebStorage
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus =>.WildTangent
O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D}
O42 - Logiciel: Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) - (.ASUS.) [HKLM][64Bits] -- 7504488B89E0121B0737D63957491C9CD2633065
~ Logic: 41 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASUS]
[HKCU\Software\AppDataLow\LastScanTime]
[HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\ClientConnect]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\ECAREME]
[HKCU\Software\ESET]
[HKCU\Software\Evernote]
[HKCU\Software\Foxit Software]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\ProductSetup]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\STMicroelectronics]
[HKCU\Software\Trolltech]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ASUS]
[HKLM\Software\Agere]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ECAREME]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Ralink Corporation]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\ST Microelectronics]
[HKLM\Software\STMicroelectronics]
[HKLM\Software\SonicFocus]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\ATK0100]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AsLdr]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\Eset]
[HKLM\Software\Wow6432Node\Evernote]
[HKLM\Software\Wow6432Node\Foxit Software]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\IVT Corporation]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\Mediatek]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\ST Microelectronics]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node]
~ Key Software: 166 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/12/2014 - 23:09:14 - [] ----D C:\Program Files (x86)\AmUStor
O43 - CFD: 09/12/2014 - 23:29:33 - [] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 10/03/2015 - 23:19:40 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 14/03/2015 - 09:33:59 - [0] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 13/03/2015 - 20:32:54 - [] ----D C:\Program Files (x86)\ESET
O43 - CFD: 07/03/2015 - 19:19:59 - [] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 29/10/2014 - 07:26:40 - [] ----D C:\Program Files (x86)\Foxit PhantomPDF
O43 - CFD: 06/03/2015 - 00:04:48 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 14/03/2015 - 09:34:04 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 09/12/2014 - 23:24:15 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 11/03/2015 - 12:13:15 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/03/2015 - 11:19:30 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 29/10/2014 - 07:19:44 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 05/03/2015 - 23:28:46 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 29/10/2014 - 12:30:18 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 09/12/2014 - 23:17:45 - [] ----D C:\Program Files (x86)\Ralink Corporation
O43 - CFD: 09/12/2014 - 23:13:57 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 29/10/2014 - 12:30:18 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 29/10/2014 - 07:25:54 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 09/12/2014 - 23:21:09 - [] ----D C:\Program Files (x86)\ST Microelectronics
O43 - CFD: 09/12/2014 - 23:14:34 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 06/03/2015 - 23:22:07 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 11/03/2015 - 12:13:15 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 11/03/2015 - 12:13:15 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 11/03/2015 - 12:13:15 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 05/03/2015 - 22:29:46 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 11/03/2015 - 12:13:15 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 05/03/2015 - 22:29:46 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/08/2013 - 16:36:30 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 14/03/2015 - 15:33:11 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 05/03/2015 - 17:20:47 - [] ----D C:\Program Files (x86)\Common Files\AWS
O43 - CFD: 05/03/2015 - 23:28:48 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 09/12/2014 - 23:13:54 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 09/12/2014 - 23:05:47 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 07/03/2015 - 16:54:32 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 09/12/2014 - 23:08:39 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 29/10/2014 - 07:25:53 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 11/03/2015 - 12:13:15 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 09/12/2014 - 23:09:14 - [] ----D C:\ProgramData\AmUStor
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 09/12/2014 - 23:33:18 - [] ----D C:\ProgramData\AsTouchPanel
O43 - CFD: 29/10/2014 - 07:25:41 - [] ----D C:\ProgramData\ASUS WebStorage
O43 - CFD: 29/10/2014 - 07:25:13 - [] ----D C:\ProgramData\ASUSLogos
O43 - CFD: 06/03/2015 - 23:22:24 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 14/03/2015 - 09:34:00 - [0] ----D C:\ProgramData\CLSK
O43 - CFD: 11/03/2015 - 11:54:59 - [] ----D C:\ProgramData\CWEyeeBL
O43 - CFD: 12/03/2015 - 09:24:29 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 05/03/2015 - 17:32:52 - [] ----D C:\ProgramData\e56ab071e51e483b9e93b28ede13c488
O43 - CFD: 09/12/2014 - 23:11:42 - [] ----D C:\ProgramData\Intel
O43 - CFD: 11/03/2015 - 11:19:24 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 10/03/2015 - 23:19:40 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 08/03/2015 - 02:44:57 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 05/03/2015 - 23:29:40 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 29/10/2014 - 07:26:43 - [0] ----D C:\ProgramData\Package Cache
O43 - CFD: 09/12/2014 - 23:16:45 - [] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 07/03/2015 - 13:44:27 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 29/10/2014 - 07:25:52 - [] ----D C:\ProgramData\Skype
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 12/03/2015 - 00:04:53 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 05/03/2015 - 17:36:23 - [] ----D C:\ProgramData\USBChargerPlus
O43 - CFD: 29/10/2014 - 07:25:41 - [] ----D C:\ProgramData\WebStorage
O43 - CFD: 06/03/2015 - 23:27:07 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 05/03/2015 - 22:30:18 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 05/03/2015 - 22:30:18 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 05/03/2015 - 22:30:18 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/12/2014 - 23:29:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 10/03/2015 - 23:35:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 07/03/2015 - 19:20:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
O43 - CFD: 29/10/2014 - 07:26:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
O43 - CFD: 06/03/2015 - 23:21:50 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 05/03/2015 - 17:40:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 06/03/2015 - 00:04:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 11/03/2015 - 11:19:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 05/03/2015 - 23:26:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 09/12/2014 - 23:14:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
O43 - CFD: 29/10/2014 - 07:25:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 22/08/2013 - 16:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 05/03/2015 - 22:30:18 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 18/03/2014 - 16:10:16 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/03/2015 - 15:33:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 14/03/2015 - 14:52:28 - [] ----D C:\Users\Sylvie\AppData\Roaming\3C56ACB0-1426025077-A44E-8850-B4ED60160DF5
O43 - CFD: 05/03/2015 - 17:10:24 - [] ----D C:\Users\Sylvie\AppData\Roaming\Adobe
O43 - CFD: 05/03/2015 - 17:18:42 - [] ----D C:\Users\Sylvie\AppData\Roaming\ASUS Flip
O43 - CFD: 09/03/2015 - 09:17:36 - [] ----D C:\Users\Sylvie\AppData\Roaming\ASUS WebStorage
O43 - CFD: 05/03/2015 - 17:21:00 - [] ----D C:\Users\Sylvie\AppData\Roaming\awsRun
O43 - CFD: 12/03/2015 - 09:24:27 - [] ----D C:\Users\Sylvie\AppData\Roaming\CyberLink
O43 - CFD: 08/03/2015 - 23:55:12 - [] ----D C:\Users\Sylvie\AppData\Roaming\Foxit Software
O43 - CFD: 05/03/2015 - 17:12:28 - [] ----D C:\Users\Sylvie\AppData\Roaming\Macromedia
O43 - CFD: 08/03/2015 - 22:49:13 - [] -S--D C:\Users\Sylvie\AppData\Roaming\Microsoft
O43 - CFD: 06/03/2015 - 23:49:26 - [] ----D C:\Users\Sylvie\AppData\Roaming\WebStorage
O43 - CFD: 06/03/2015 - 23:21:46 - [] ----D C:\Users\Sylvie\AppData\Roaming\WildTangent
O43 - CFD: 14/03/2015 - 15:34:28 - [] ----D C:\Users\Sylvie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 10/03/2015 - 23:05:41 - [] ----D C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028732-A44E-8850-B4ED60160DF5
O43 - CFD: 10/03/2015 - 23:07:59 - [] ----D C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028875-A44E-8850-B4ED60160DF5
O43 - CFD: 14/03/2015 - 11:43:52 - [] ----D C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028891-A44E-8850-B4ED60160DF5
O43 - CFD: 05/03/2015 - 17:09:38 - [] -SH-D C:\Users\Sylvie\AppData\Local\Application Data
O43 - CFD: 05/03/2015 - 17:39:12 - [] ----D C:\Users\Sylvie\AppData\Local\Apps
O43 - CFD: 05/03/2015 - 17:39:29 - [0] ----D C:\Users\Sylvie\AppData\Local\Deployment
O43 - CFD: 07/03/2015 - 22:06:52 - [] ----D C:\Users\Sylvie\AppData\Local\Diagnostics
O43 - CFD: 07/03/2015 - 18:21:46 - [] ----D C:\Users\Sylvie\AppData\Local\ElevatedDiagnostics
O43 - CFD: 07/03/2015 - 18:02:17 - [] -SH-D C:\Users\Sylvie\AppData\Local\EmieBrowserModeList
O43 - CFD: 05/03/2015 - 17:19:26 - [] -SH-D C:\Users\Sylvie\AppData\Local\EmieSiteList
O43 - CFD: 05/03/2015 - 17:19:26 - [] -SH-D C:\Users\Sylvie\AppData\Local\EmieUserList
O43 - CFD: 07/03/2015 - 19:20:27 - [] ----D C:\Users\Sylvie\AppData\Local\Evernote
O43 - CFD: 06/03/2015 - 00:04:51 - [] ----D C:\Users\Sylvie\AppData\Local\Google
O43 - CFD: 05/03/2015 - 17:09:38 - [] -SH-D C:\Users\Sylvie\AppData\Local\Historique
O43 - CFD: 14/03/2015 - 10:23:50 - [] ----D C:\Users\Sylvie\AppData\Local\Microsoft
O43 - CFD: 14/03/2015 - 15:04:19 - [] ----D C:\Users\Sylvie\AppData\Local\Packages
O43 - CFD: 12/03/2015 - 09:24:23 - [] ----D C:\Users\Sylvie\AppData\Local\Power2Go
O43 - CFD: 10/03/2015 - 23:17:05 - [] ----D C:\Users\Sylvie\AppData\Local\Programs
O43 - CFD: 11/03/2015 - 11:55:01 - [] ----D C:\Users\Sylvie\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 14/03/2015 - 15:33:43 - [] ----D C:\Users\Sylvie\AppData\Local\Temp
O43 - CFD: 05/03/2015 - 17:09:38 - [] -SH-D C:\Users\Sylvie\AppData\Local\Temporary Internet Files
O43 - CFD: 05/03/2015 - 23:24:08 - [] ----D C:\Users\Sylvie\AppData\Local\VirtualStore
O43 - CFD: 29/10/2014 - 15:11:36 - [] R---D C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 16:36:32 - [] R---D C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 07/03/2015 - 17:52:46 - [] R---D C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 05/03/2015 - 17:43:43 - [] ----D C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
O43 - CFD: 22/08/2013 - 16:36:32 - [] ----D C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 11/03/2015 - 11:54:08 - [] R---D C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 29/10/2014 - 14:20:38 - [] R---D C:\Users\Sylvie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 128 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8752CC895B972F48D82F9ADB3D96E351] - 03/03/2015 - 14:17:35 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [295552]
O44 - LFC:[MD5.E47A844AC4B2A85B1E4EAE78C6E40FD9] - 05/03/2015 - 17:10:11 ---A- . (...) -- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [180]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/03/2015 - 17:26:49 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf [0]
O44 - LFC:[MD5.8BB7548307EE6147137993A410D64387] - 05/03/2015 - 18:32:13 ---A- . (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\Windows\System32\msvcr120_clr0400.dll [869544]
O44 - LFC:[MD5.D3AE5DB16EAF913860EC28654CE00E6B] - 05/03/2015 - 18:32:25 ---A- . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1212928]
O44 - LFC:[MD5.25EE65F2FA154EDED0E87354311FB1E2] - 05/03/2015 - 18:33:05 ---A- . (.Microsoft Corporation - Accès distant PPP EAP-TLS.) -- C:\Windows\System32\rastls.dll [590336]
O44 - LFC:[MD5.668417ED63F9FBE7DD8D7A54B04279DA] - 05/03/2015 - 18:34:03 ---A- . (.Microsoft Corporation - File Risk Estimation.) -- C:\Windows\System32\winshfhc.dll [14336]
O44 - LFC:[MD5.F0A117D19873FCDF801F082F33BFBB6C] - 05/03/2015 - 18:34:04 ---A- . (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\user32.dll [1519488]
O44 - LFC:[MD5.4AD874CDC812EC156265E451B6B09DAB] - 05/03/2015 - 18:34:04 ---A- . (.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) -- C:\Windows\System32\Drivers\WdNisDrv.sys [114496]
O44 - LFC:[MD5.0359607177E5E9F6041136CC0A5CB0B6] - 05/03/2015 - 18:34:04 ---A- . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys [35320]
O44 - LFC:[MD5.DE8D12B4C3F55FA2C5E9774314F6C58A] - 05/03/2015 - 18:34:04 ---A- . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys [258368]
O44 - LFC:[MD5.6DE50D5592C6EE18C87B0C2EEEDC1621] - 05/03/2015 - 18:34:35 ---A- . (.Microsoft Corporation - DPAPI Server.) -- C:\Windows\System32\dpapisrv.dll [185856]
O44 - LFC:[MD5.622928F5A8045F8122F10561D6C35ED0] - 05/03/2015 - 18:34:35 ---A- . (.Microsoft Corporation - Microsoft SChannel Provider.) -- C:\Windows\System32\ncryptsslp.dll [104336]
O44 - LFC:[MD5.84549E8C8BF76B293A7E625A98D4BCF9] - 05/03/2015 - 18:35:01 ---A- . (.Microsoft Corporation - Gestionnaire de liaisons d’objets2.) -- C:\Windows\System32\packager.dll [81408]
O44 - LFC:[MD5.D7B23B3154508256C9F434EF9B65B91D] - 05/03/2015 - 18:35:17 ---A- . (.Microsoft Corporation - UMRDP Display Driver.) -- C:\Windows\System32\rdpudd.dll [131584]
O44 - LFC:[MD5.1D25CC0A9C480C5D56A5A6CF2B5DEB99] - 05/03/2015 - 18:35:18 ---A- . (.Microsoft Corporation - DLL RDPCore TS.) -- C:\Windows\System32\rdpcorets.dll [3547648]
O44 - LFC:[MD5.9F08A6608F98B5407E7DDBCF306573EF] - 05/03/2015 - 18:35:18 ---A- . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) -- C:\Windows\System32\Drivers\rdpvideominiport.sys [27456]
O44 - LFC:[MD5.3D2D2EA099D98FE6B94C7D8C7992C08C] - 05/03/2015 - 18:35:18 ---A- . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) -- C:\Windows\System32\rfxvmt.dll [40448]
O44 - LFC:[MD5.93645AEBE163230A2ED5050C14AE6603] - 05/03/2015 - 18:35:37 ---A- . (.Microsoft Corporation - MSXML 3.0.) -- C:\Windows\System32\msxml3.dll [2149376]
O44 - LFC:[MD5.E87F8EC00FEEF700E61F6989D88A8BC2] - 05/03/2015 - 18:35:44 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [991232]
O44 - LFC:[MD5.788C7D910267DDCD675DF4AB01961265] - 05/03/2015 - 18:35:44 ---A- . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll [259584]
O44 - LFC:[MD5.E4A75F7BA48F4281405C782E3DB9F828] - 05/03/2015 - 18:38:39 ---A- . (.Microsoft Corporation - Exécuteur de file d’attente d’opérations pr.) -- C:\Windows\System32\poqexec.exe [146432]
O44 - LFC:[MD5.A770340FC02B999EF0DE6C2A6BC8437C] - 05/03/2015 - 18:38:49 ---A- . (.Microsoft Corporation - Intel Power Engine Plugin.) -- C:\Windows\System32\Drivers\intelpep.sys [39744]
O44 - LFC:[MD5.7B7C482CF48E6EE33664340D1A78E6FE] - 05/03/2015 - 18:38:49 ---A- . (.Microsoft Corporation - Pilote du bus numérique sécurisé (SD).) -- C:\Windows\System32\Drivers\sdbus.sys [238912]
O44 - LFC:[MD5.24A8DFC07E4BAF29AEA26E383D4CC886] - 05/03/2015 - 18:38:49 ---A- . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\Windows\System32\Drivers\pdc.sys [86336]
O44 - LFC:[MD5.B02118A776C368F7EE1A8CC81378D265] - 05/03/2015 - 18:38:49 ---A- . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\Drivers\dumpsd.sys [153920]
O44 - LFC:[MD5.F0CB6DB513CAC393D04A0FCE0A59E1BF] - 05/03/2015 - 18:38:54 ---A- . (.Microsoft Corporation - Application Compatibility Cache.) -- C:\Windows\System32\Drivers\ahcache.sys [75776]
O44 - LFC:[MD5.6F237EE5DDA34EAF3D9C79D4A283E250] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Audio Engine.) -- C:\Windows\System32\AudioEng.dll [482872]
O44 - LFC:[MD5.E24D3259769A0218FE19BB306821C2E5] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Audio Ks Endpoint.) -- C:\Windows\System32\AUDIOKSE.dll [394120]
O44 - LFC:[MD5.A41B72F81B389786805CC4D5767B5FBC] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Code Integrity Module (Test).) -- C:\Windows\System32\ci.dll [531616]
O44 - LFC:[MD5.8EBC741DDE9409038262E2F317ED7CCE] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - DLL du rapport d’erreurs Windows.) -- C:\Windows\System32\wer.dll [535640]
O44 - LFC:[MD5.2C354FA91EF605007FD11BB89EED2266] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - DLL du rapport d’incident dans le mode util.) -- C:\Windows\System32\Faultrep.dll [413248]
O44 - LFC:[MD5.8779FDAE68BC948B0FE152E758CC8DA7] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Générateur de points de terminaison du serv.) -- C:\Windows\System32\AudioEndpointBuilder.dll [229888]
O44 - LFC:[MD5.770BAA636F3B61DA7E414421444F84FD] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Isolation graphique de périphérique audio W.) -- C:\Windows\System32\audiodg.exe [272248]
O44 - LFC:[MD5.41C501FD9D42F3F04A8532C73E09F356] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Media Foundation Crash Dump Encryption DLL.) -- C:\Windows\System32\EncDump.dll [108944]
O44 - LFC:[MD5.9404704666256045F5BA9B290953B4D0] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Rapport d’erreurs Windows.) -- C:\Windows\System32\WerFaultSecure.exe [38264]
O44 - LFC:[MD5.6DCD12586353DC6307AC781045CA13A4] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Rapports de problèmes Windows.) -- C:\Windows\System32\WerFault.exe [465320]
O44 - LFC:[MD5.61EA45A645854FE81D8A924E2D93DFFE] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [911360]
O44 - LFC:[MD5.428F083690D7AAA012338FD5A0663EE3] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Session audio.) -- C:\Windows\System32\AudioSes.dll [500016]
O44 - LFC:[MD5.D1E3B8D9130C70F6A3D4FDB52373FF34] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - WER Diagnostic Controller.) -- C:\Windows\System32\werdiagcontroller.dll [37888]
O44 - LFC:[MD5.0BCDEB035B9346D3C3C6C8BB1AA7F38C] - 05/03/2015 - 18:39:04 ---A- . (.Microsoft Corporation - Windows Problem Reporting.) -- C:\Windows\System32\wermgr.exe [139984]
O44 - LFC:[MD5.29A888F3136B2643E22113B5422B46F9] - 05/03/2015 - 18:39:10 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Proxy.) -- C:\Windows\System32\TSWbPrxy.exe [87040]
O44 - LFC:[MD5.E94EB2A95D7D016E119C4D6868788831] - 05/03/2015 - 18:39:16 ---A- . (.Microsoft Corporation - Connaissance des emplacements réseau 2.) -- C:\Windows\System32\nlasvc.dll [391680]
O44 - LFC:[MD5.FE11972797DED38CA55E88BD3579F6A2] - 05/03/2015 - 18:39:16 ---A- . (.Microsoft Corporation - Indicateur d’état de la connectivité réseau.) -- C:\Windows\System32\ncsi.dll [360448]
O44 - LFC:[MD5.6319232C1CE39AC35316CF51910EEEB5] - 05/03/2015 - 18:39:16 ---A- . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll [86016]
O44 - LFC:[MD5.DB32958F0E704EFBF7F15161A569E39F] - 05/03/2015 - 18:39:22 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys [140800]
O44 - LFC:[MD5.19424364D8C03B990C4281BE53963FD0] - 05/03/2015 - 18:39:27 ---A- . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O44 - LFC:[MD5.63274242700279852B5CFFE4E2E0C6D1] - 05/03/2015 - 18:40:37 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll [13312]
O44 - LFC:[MD5.7162FD845D142C542C0D041F3B3D525F] - 05/03/2015 - 18:40:37 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1733440]
O44 - LFC:[MD5.3A620A263DA883515786E68BE3CE23AA] - 05/03/2015 - 18:40:37 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [7472960]
O44 - LFC:[MD5.57D55B8D3387C51758C785C425922C0E] - 05/03/2015 - 18:40:37 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [285184]
O44 - LFC:[MD5.BC9E947C4B1E166CE2237871CAA4BDC0] - 05/03/2015 - 18:40:37 ---A- . (.Microsoft Corporation - Émulation 16 bits sur NT64.) -- C:\Windows\System32\ntvdm64.dll [16896]
O44 - LFC:[MD5.3D2E3A5CFCE65310134C11A00D6D32D0] - 05/03/2015 - 18:41:46 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll [430080]
O44 - LFC:[MD5.E77092C38028EB0A5C461B3436E0A6D5] - 05/03/2015 - 18:42:31 ---A- . (.Microsoft Corporation - Ressources du service Collecteur ETW d’IE.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.CDC8A85EB301A8CBE55A81A1D55AF5E5] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\System32\IEAdvpack.dll [132096]
O44 - LFC:[MD5.4B9C652BD0FD95A9E6123913C35519D6] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Auto-extracteur de fichier CAB Win32.) -- C:\Windows\System32\wextract.exe [143872]
O44 - LFC:[MD5.3721721151DB49457B0FD35E0C04594C] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [199680]
O44 - LFC:[MD5.D66D11191B48007179B0A77DC0717267] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de licences Microsoft®.) -- C:\Windows\System32\licmgr10.dll [33280]
O44 - LFC:[MD5.A3871DED5ED88F59C0D1396761708F81] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\mshta.exe [13824]
O44 - LFC:[MD5.A7F53772ECAE2F44B455D14F71179940] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640]
O44 - LFC:[MD5.6096209CB47D61499C3608B9C25B073C] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - IE PNG plugin image decoder.) -- C:\Windows\System32\pngfilt.dll [64512]
O44 - LFC:[MD5.161BC2E883A8D8759A4DCF2A85AF9128] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - IE plugin image decoder support DLL.) -- C:\Windows\System32\imgutil.dll [51200]
O44 - LFC:[MD5.E99E2E88BFE584184AE92B1F8995CE93] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66560]
O44 - LFC:[MD5.F54E1190251EB245183BF16D6C315613] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [237568]
O44 - LFC:[MD5.66585D645C4E23A0FD5124BD714AE020] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [12800]
O44 - LFC:[MD5.94C59DD02BC7EA0E421055B9946CA861] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.1C3C54FA2D620DF3093F356A56EC5957] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [144384]
O44 - LFC:[MD5.6A7F8D139610E5F3F158182778EF9275] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [34304]
O44 - LFC:[MD5.CA2F3153EF3BCB0BD3A8984C933DF604] - 05/03/2015 - 18:42:32 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\System32\iexpress.exe [167424]
O44 - LFC:[MD5.F0A53129AE95A895EC8C4DC36E1797A2] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - Composant Microsoft Office 2000.) -- C:\Windows\System32\hlink.dll [108544]
O44 - LFC:[MD5.907B558B742B1E52E9E37E3CAAF6508E] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll [262144]
O44 - LFC:[MD5.284070B045F8B11B4A1FB32F72023038] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [417280]
O44 - LFC:[MD5.8AE1AC97407CD82D8389390C21430579] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [111616]
O44 - LFC:[MD5.A348DEFC16B6FBC88B7D61C3B861BCB1] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - Moteur d'installation.) -- C:\Windows\System32\inseng.dll [107520]
O44 - LFC:[MD5.62CFEE2A516C68540486EBF26F18ED4C] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll [145408]
O44 - LFC:[MD5.85E97591864F3125C5B08FB44E0E8078] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll [60416]
O44 - LFC:[MD5.00FB2FB8C27C834CF575BC415B80F995] - 05/03/2015 - 18:42:33 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx [87552]
O44 - LFC:[MD5.505815B1967A504B077497D304239B4A] - 05/03/2015 - 18:42:34 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [816128]
O44 - LFC:[MD5.BF57C911895454A8874E9DFA5716C624] - 05/03/2015 - 18:42:34 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [584192]
O44 - LFC:[MD5.587DEBB59F5F14C9610966FB14A33607] - 05/03/2015 - 18:42:34 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [633856]
O44 - LFC:[MD5.E40D3696BE4852956669C285038B37A6] - 05/03/2015 - 18:42:35 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [114688]
O44 - LFC:[MD5.F86097CFDE7624DA2DE246F5B4BE3704] - 05/03/2015 - 18:42:35 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [1032704]
O44 - LFC:[MD5.9DFE41A69DF70AAB75CB5BA8C1109EA2] - 05/03/2015 - 18:42:37 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2358272]
O44 - LFC:[MD5.CD726C899BD9A398E8420564A957320B] - 05/03/2015 - 18:42:37 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [25056256]
O44 - LFC:[MD5.47162151E35EA0B7152B7C841FA21FDB] - 05/03/2015 - 18:42:38 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [88064]
O44 - LFC:[MD5.7A388AFC6885D22F4D988EE9B8D1291A] - 05/03/2015 - 18:42:38 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768]
O44 - LFC:[MD5.DE58DE2C6C8439B7174D6D3568AA4A80] - 05/03/2015 - 18:42:39 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [814080]
O44 - LFC:[MD5.A04F0C4A0B80C92F92E854E7157D6466] - 05/03/2015 - 18:42:39 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160]
O44 - LFC:[MD5.F79E5258AF040A8AD83C7C1273A071C3] - 05/03/2015 - 18:42:40 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [54784]
O44 - LFC:[MD5.E0F76B5B904E4F448641B2B506496351] - 05/03/2015 - 18:42:40 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [14401024]
O44 - LFC:[MD5.15842FB41A3BF2A2F5071518B38C957A] - 05/03/2015 - 18:42:41 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2125824]
O44 - LFC:[MD5.A7A3775B0014B165D75A00A1F632E4B5] - 05/03/2015 - 18:42:41 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2885632]
O44 - LFC:[MD5.76DB5845E168173BBA2D3CCC4B363E42] - 05/03/2015 - 18:42:42 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [801280]
O44 - LFC:[MD5.CB2528D522FF1F5A7BF9B27D2FB250FF] - 05/03/2015 - 18:42:43 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1548288]
O44 - LFC:[MD5.DD8FD33C108F14681A410067AB21DDF3] - 05/03/2015 - 18:42:43 ---A- . (.Microsoft Corporation - Object Control Viewer.) -- C:\Windows\System32\occache.dll [152064]
O44 - LFC:[MD5.49FABD0144A3BBD59D5DA1A0180DCE6E] - 05/03/2015 - 18:42:43 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [374272]
O44 - LFC:[MD5.C9AB2198141844D3DF96B4552CE9D5AB] - 05/03/2015 - 18:42:44 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [77824]
O44 - LFC:[MD5.8076BB31004C1D763D5D4AEF9F0BDD4B] - 05/03/2015 - 18:42:45 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [718848]
O44 - LFC:[MD5.CF1488FCA487516DB09E797F3AC49E4A] - 05/03/2015 - 18:42:46 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\System32\actxprxy.dll [2865152]
O44 - LFC:[MD5.E6905909E7334990033CFDAF56920004] - 05/03/2015 - 18:43:00 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4175872]
O44 - LFC:[MD5.F5BC103612FE72C176C751721B874FA6] - 05/03/2015 - 18:43:19 ---A- . (.Microsoft Corporation - Client Microsoft® Active Directory Certific.) -- C:\Windows\System32\certcli.dll [445440]
O44 - LFC:[MD5.A40E52EB03C793735C916FC2C58A015F] - 05/03/2015 - 18:43:19 ---A- . (.Microsoft Corporation - DLL des événements d’audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [154112]
O44 - LFC:[MD5.8E0AA77F379DEA510D8AC00102C8D509] - 05/03/2015 - 18:43:19 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [736768]
O44 - LFC:[MD5.461729186C7F280019E369ECD652D4DB] - 05/03/2015 - 18:43:19 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1441792]
O44 - LFC:[MD5.3930E508DDA46C1FF68FD963F350AA0A] - 05/03/2015 - 18:43:19 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [563504]
O44 - LFC:[MD5.15C8C65CEA018C02EA0F648448C491C5] - 05/03/2015 - 18:43:19 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [177984]
O44 - LFC:[MD5.F8A442ABBAB56529B625DB9D916EA46A] - 05/03/2015 - 18:43:27 ---A- . (.Microsoft Corporation - Moteur de l’Éditeur de configuration de séc.) -- C:\Windows\System32\scesrv.dll [538624]
O44 - LFC:[MD5.9EC0B4E613DB6002DEF0346208E433E7] - 05/03/2015 - 18:43:35 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1762840]
O44 - LFC:[MD5.3B63AA6552F66B518F85BD3A8ED7C2F5] - 05/03/2015 - 19:08:59 ---A- . (.Microsoft Corporation - HôteClassementGlobal.) -- C:\Windows\System32\GlobCollationHost.dll [323072]
O44 - LFC:[MD5.66732C13628BDB1AB0D6FD46027327C2] - 05/03/2015 - 19:09:54 ---A- . (.Microsoft Corporation - Pilote de classe de stockage de masse USB.) -- C:\Windows\System32\Drivers\USBSTOR.SYS [148800]
O44 - LFC:[MD5.E3FCE2A6B3533D99A3B498504DF9CC47] - 05/03/2015 - 19:11:12 ---A- . (.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Drivers\netio.sys [474432]
O44 - LFC:[MD5.3A7D8742A6BE524A2165F93375AE1872] - 05/03/2015 - 19:11:51 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\Windows.Globalization.dll [1200128]
O44 - LFC:[MD5.400B56A4249178A36AD7800E4EC39288] - 05/03/2015 - 19:22:18 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [116773704]
O44 - LFC:[MD5.500E212809A15D2C96E98F789BB0333E] - 05/03/2015 - 22:06:12 ---A- . (.Microsoft Corporation - Microsoft Class Mini-driver.) -- C:\Windows\System32\msclmd.dll [215552]
O44 - LFC:[MD5.08750A50CF027F93070C8BB78E27C3B7] - 05/03/2015 - 22:11:26 -SH-- . (...) -- C:\Windows\System32\desktop.ini [75]
O44 - LFC:[MD5.8CBF1E2761816CFD9D32F8B32531D0FB] - 06/03/2015 - 22:16:48 ---A- . (.Microsoft Corporation - Windows Services Instrumentation Module.) -- C:\Windows\System32\winbici.dll [118272]
O44 - LFC:[MD5.9C55CE9707B3CA29A6505BCDCC546390] - 06/03/2015 - 22:16:49 ---A- . (.Microsoft Corporation - Microsoft Fax API Support DLL.) -- C:\Windows\System32\FXSAPI.dll [275968]
O44 - LFC:[MD5.6C118AEDD15FDBEAECC0E85C64B5B86B] - 06/03/2015 - 22:16:49 ---A- . (.Microsoft Corporation - Microsoft Fax Server Extended COM Client In.) -- C:\Windows\System32\FXSCOMEX.dll [615424]
O44 - LFC:[MD5.7F23E38C5B6448F91439E4066645191E] - 06/03/2015 - 22:16:50 ---A- . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS [428864]
O44 - LFC:[MD5.8758F5DEBD2B950B2D56ED11F9E0B38F] - 06/03/2015 - 22:16:50 ---A- . (.Microsoft Corporation - NTFS Utility DLL.) -- C:\Windows\System32\untfs.dll [545792]
O44 - LFC:[MD5.5416C603B6C85CF0698E8A2A1D28BAA2] - 06/03/2015 - 22:16:52 ---A- . (.Microsoft Corporation - DLL d’objets PrintUI.) -- C:\Windows\System32\puiobj.dll [448512]
O44 - LFC:[MD5.9CE162EB9057CF079736F4DD00FC0D6C] - 06/03/2015 - 22:16:52 ---A- . (.Microsoft Corporation - Service WSMan.) -- C:\Windows\System32\WsmSvc.dll [2480128]
O44 - LFC:[MD5.50E96089F9BE352621997143A56C8E76] - 06/03/2015 - 22:16:53 ---A- . (.Microsoft Corporation - Fournisseur d’impression de rendu côté clie.) -- C:\Windows\System32\win32spl.dll [822272]
O44 - LFC:[MD5.C88B63FE96DB4BCED65DD442BC8E77F5] - 06/03/2015 - 22:16:54 ---A- . (.Microsoft Corporation - DLL de spouleur local.) -- C:\Windows\System32\localspl.dll [1053184]
O44 - LFC:[MD5.CA729FCE295895515A09BD6FF7903DC8] - 06/03/2015 - 22:16:54 ---A- . (.Microsoft Corporation - DLL source et récepteur MPEG4 Media Foundat.) -- C:\Windows\System32\mfmp4srcsnk.dll [836176]
O44 - LFC:[MD5.A208498C5CD750A1743C1AC8162A810F] - 06/03/2015 - 22:16:54 ---A- . (.Microsoft Corporation - Media Foundation Media Engine DLL.) -- C:\Windows\System32\MFMediaEngine.dll [941568]
O44 - LFC:[MD5.CCB3A2BB60FE5073F2DEA63FE83CF8FE] - 06/03/2015 - 22:16:55 ---A- . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys [2497344]
O44 - LFC:[MD5.1907823D5ACFD75D1D8C0D4318299726] - 06/03/2015 - 22:16:55 ---A- . (.Microsoft Corporation - System Settings Handlers Implementation.) -- C:\Windows\System32\SettingsHandlers.dll [2714112]
O44 - LFC:[MD5.1D303CE5BCBD5B80BBA08321F28A3F86] - 06/03/2015 - 22:16:59 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll [21197152]
O44 - LFC:[MD5.C4306ADC38939CAC60EA38AAD9F170C0] - 06/03/2015 - 22:17:00 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\System32\twinui.dll [13424128]
O44 - LFC:[MD5.BB7F878413AD3C2E7E89C96193D405DF] - 06/03/2015 - 22:17:02 ---A- . (.Microsoft Corporation - Driver Installation Module.) -- C:\Windows\System32\drvcfg.exe [57856]
O44 - LFC:[MD5.8E472AA2E916417B55BC1E6727957453] - 06/03/2015 - 22:17:02 ---A- . (.Microsoft Corporation - Module d’installation de pilotes.) -- C:\Windows\System32\drvinst.exe [110592]
O44 - LFC:[MD5.7DDE896B21DA5E893559051F1AD69F2B] - 06/03/2015 - 22:17:56 ---A- . (.Microsoft Corporation - DLL d’exécution de l’infrastructure de test.) -- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll [249344]
O44 - LFC:[MD5.5D4A403DAE434FBA11779496EAFBDDE8] - 06/03/2015 - 22:17:57 ---A- . (.Microsoft Corporation - AD Harvest Sites and Subnets Service.) -- C:\Windows\System32\adhsvc.dll [75776]
O44 - LFC:[MD5.3014CE5846A486C624E3E2CEB8C3290C] - 06/03/2015 - 22:17:57 ---A- . (.Microsoft Corporation - Extension de l’interpréteur de commandes Mi.) -- C:\Windows\System32\SkyDriveShell.dll [286208]
O44 - LFC:[MD5.0DD29E5328436D51517316CD6D3BACCA] - 06/03/2015 - 22:17:57 ---A- . (.Microsoft Corporation - Fournisseur de proxy PCSV pour périphérique.) -- C:\Windows\System32\pcsvDevice.dll [286208]
O44 - LFC:[MD5.36F977EDAE6CEE96CE6409B2B16765B4] - 06/03/2015 - 22:17:57 ---A- . (.Microsoft Corporation - Proximity Service Implementation.) -- C:\Windows\System32\ProximityService.dll [290816]
O44 - LFC:[MD5.73F269436228D5625E83A1EAF3549F58] - 06/03/2015 - 22:17:57 ---A- . (.Microsoft Corporation - Proxy Manager.) -- C:\Windows\System32\httpprxm.dll [118272]
O44 - LFC:[MD5.F58FBEA392B663B936E62939A877CA80] - 06/03/2015 - 22:17:58 ---A- . (.Microsoft Corporation - OneDrive Sync Engine.) -- C:\Windows\System32\SkyDrive.exe [1120768]
O44 - LFC:[MD5.E325BCD68EC0CF2E2EDD0AB7CC17C698] - 06/03/2015 - 22:17:58 ---A- . (.Microsoft Corporation - Service d’infrastructure des tâches en arri.) -- C:\Windows\System32\bisrv.dll [267776]
O44 - LFC:[MD5.66CBCDDEF429E5BA83C3288EEB0771A6] - 06/03/2015 - 22:17:58 ---A- . (.Microsoft Corporation - Telemetry Library for the OneDrive client.) -- C:\Windows\System32\SkyDriveTelemetry.dll [717824]
O44 - LFC:[MD5.ABB028BAB78E7B4AFE374F8246F6CCB6] - 06/03/2015 - 22:17:59 ---A- . (.Microsoft Corporation - DLL API LDAP Win32.) -- C:\Windows\System32\Wldap32.dll [359424]
O44 - LFC:[MD5.30293301B14D0D11D086B09831F5FE0D] - 06/03/2015 - 22:17:59 ---A- . (.Microsoft Corporation - DLL WSShared.) -- C:\Windows\System32\WSShared.dll [920064]
O44 - LFC:[MD5.FD4EA8E9232ADD51DC31C295DDEF2768] - 06/03/2015 - 22:17:59 ---A- . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [287744]
O44 - LFC:[MD5.ACFEE9487693C2BD573DFCA71D98E17C] - 06/03/2015 - 22:17:59 ---A- . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [914432]
O44 - LFC:[MD5.37C1CBCB3F420C754E86E3EC313D436D] - 06/03/2015 - 22:18:00 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [1112512]
O44 - LFC:[MD5.2ECA23663D13100032E09062C743C70D] - 06/03/2015 - 22:18:00 ---A- . (.Microsoft Corporation - Système de propriétés Microsoft.) -- C:\Windows\System32\propsys.dll [1507648]
O44 - LFC:[MD5.10CE7F7704E293F6CC6E0AF51DBFD95A] - 06/03/2015 - 22:18:01 ---A- . (.Microsoft Corporation - SearchFolder.) -- C:\Windows\System32\SearchFolder.dll [1106432]
O44 - LFC:[MD5.8A522BBE4E06586C57E5D9DC50FB88B0] - 06/03/2015 - 22:18:02 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\System32\mstscax.dll [6649344]
O44 - LFC:[MD5.57CA779C19C2F224BE0C5EFC40F54B60] - 06/03/2015 - 22:18:02 ---A- . (.Microsoft Corporation - Microsoft OneDrive Sync Engine.) -- C:\Windows\System32\SyncEngine.dll [4758528]
O44 - LFC:[MD5.1676B06421492B439A9E60C55692A921] - 06/03/2015 - 22:18:05 ---A- . (.Microsoft Corporation - Windows.UI.Search.) -- C:\Windows\System32\Windows.UI.Search.dll [8757760]
O44 - LFC:[MD5.04AE20974DF91DC7B9075FC5A126B77C] - 06/03/2015 - 22:18:11 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\System32\UXInit.dll [68096]
O44 - LFC:[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - 06/03/2015 - 22:18:12 ---A- . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe [2374784]
O44 - LFC:[MD5.00CD1254837739E310505EBCB19F7971] - 06/03/2015 - 22:18:12 ---A- . (.Microsoft Corporation - Gestionnaire de fenêtrage Microsoft.) -- C:\Windows\System32\uDWM.dll [796672]
O44 - LFC:[MD5.E495DAB8336AC21C9ED0EF7C6A1E57FA] - 07/03/2015 - 17:42:06 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [482120]
O44 - LFC:[MD5.DB7815ACB2D8F7CB03807059969F13B6] - 07/03/2015 - 17:56:03 ---A- . (.Microsoft Corporation - Microsoft Windows MRM.) -- C:\Windows\System32\MrmCoreR.dll [1091072]
O44 - LFC:[MD5.F5BA843DE3475B8D7FD5AFC21857A7C1] - 07/03/2015 - 18:02:47 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1970432]
O44 - LFC:[MD5.642A03FB834B4C4BCA8DFEE2EFD4175B] - 07/03/2015 - 18:02:48 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [609280]
O44 - LFC:[MD5.32DE26000788F35DA344702B44728524] - 07/03/2015 - 18:02:48 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\invagent.dll [761856]
O44 - LFC:[MD5.6835D94FDAAB39E008E8490BD3E88CA3] - 07/03/2015 - 18:02:48 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\oleaut32.dll [788680]
O44 - LFC:[MD5.BA0ED854110D45E5D4A46BD250BAF4E0] - 07/03/2015 - 18:02:48 ---A- . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\System32\sppobjs.dll [1487976]
O44 - LFC:[MD5.EE5ED8E6998D7E686F614BA8D876829B] - 07/03/2015 - 18:02:49 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000]
O44 - LFC:[MD5.12D4142E4EBFDB6F057B615A0547C4CF] - 07/03/2015 - 18:02:49 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1098752]
O44 - LFC:[MD5.E357B0D37DB9C4B17923C893CCF75A18] - 07/03/2015 - 18:02:49 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [894464]
O44 - LFC:[MD5.FCEE1C08EA416800FAC891DDEB608627] - 07/03/2015 - 18:02:49 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [414208]
O44 - LFC:[MD5.EF2C89AEE3D56860F6CCB8D97374402B] - 07/03/2015 - 18:02:49 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [227328]
O44 - LFC:[MD5.43647B730E82998201C61CA7FF7B524A] - 07/03/2015 - 18:02:50 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [391526]
O44 - LFC:[MD5.D4A564BABFF82F56E68835FBFDA7AB00] - 07/03/2015 - 18:02:50 ---A- . (...) -- C:\Windows\System32\locale.nls [513488]
O44 - LFC:[MD5.D1A2E993DB1867C79177CCC9DB6337D0] - 07/03/2015 - 18:02:50 ---A- . (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\System32\consent.exe [116032]
O44 - LFC:[MD5.034ED41F13D9C1845C1E081F05B640DB] - 07/03/2015 - 18:02:50 ---A- . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080]
O44 - LFC:[MD5.D0C15BC83B3D0AF4F9B1D70216D91794] - 07/03/2015 - 18:02:50 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [428032]
O44 - LFC:[MD5.D5B41A0C38408814A3E9BAC8C82B2E5B] - 07/03/2015 - 18:02:51 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll [2773504]
O44 - LFC:[MD5.EF745B98D81B8C462DB99FC8B5C4322A] - 07/03/2015 - 18:02:53 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [3320320]
O44 - LFC:[MD5.83AEDC4636606B145851723AE7385781] - 07/03/2015 - 18:03:13 ---A- . (.Microsoft Corporation - Dll du fournisseur d’état de l’installation.) -- C:\Windows\System32\DeviceSetupStatusProvider.dll [34304]
O44 - LFC:[MD5.16ACAA0C01F31B39F39446188F6A3593] - 07/03/2015 - 19:24:49 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [6041600]
O44 - LFC:[MD5.CA43F8904E24BBE49982E4C0B29E6579] - 11/03/2015 - 11:19:24 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O44 - LFC:[MD5.478CC94C937D235CB0A96AB8F2359D81] - 11/03/2015 - 11:19:24 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O44 - LFC:[MD5.9D7BFFDB5FA62B600DF1FCB4919D9D79] - 11/03/2015 - 11:19:24 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]
O44 - LFC:[MD5.681E42700D77DE4382BEF333FADA462F] - 14/03/2015 - 11:38:11 ---A- . (...) -- C:\Windows\PFRO.log [1608]
O44 - LFC:[MD5.45504574962D16468D3A80D403DF97A7] - 14/03/2015 - 11:38:42 ---A- . (...) -- C:\Windows\setupact.log [116]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/03/2015 - 11:38:42 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - 14/03/2015 - 11:39:07 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O44 - LFC:[MD5.8E75F235D854D936FD5E28293568521F] - 14/03/2015 - 11:43:00 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1824010]
O44 - LFC:[MD5.E17CBB0E15E24CC6C5B4E434D2F702EA] - 14/03/2015 - 11:43:00 ---A- . (...) -- C:\Windows\System32\perfc009.dat [137560]
O44 - LFC:[MD5.B35560FAD7AD77A965304D287F072B2B] - 14/03/2015 - 11:43:00 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [161380]
O44 - LFC:[MD5.1A7400F96C2C8480E8CBDDCBBD0B5059] - 14/03/2015 - 11:43:00 ---A- . (...) -- C:\Windows\System32\perfh009.dat [726766]
O44 - LFC:[MD5.C1CEA2AA35D69EE68E9C83ED11000E66] - 14/03/2015 - 11:43:00 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [816640]
O44 - LFC:[MD5.AB618BF41778FAB5CBD141D3D4EB9B1F] - 14/03/2015 - 14:01:15 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.B6F8E742CFC260D399DDCB58ACE5CF09] - 14/03/2015 - 15:23:07 ---A- . (...) -- C:\Windows\WindowsUpdate.log [526933]
~ Files: 191 Scanned in 00mn 15s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.5822A939BF98B7C65A1AE85B124B5D8E] - 11/03/2015 - 19:15:07 ---A- - C:\Windows\Prefetch\MAR9_3069_COR_SWEET-PAGE.EXE-57A21A32.pf =>PUP.SweetPage
O45 - LFCP:[MD5.3EFE4421E161A02D65D489A8445A8816] - 11/03/2015 - 00:17:53 ---A- - C:\Windows\Prefetch\UPGMSD_FR_300.EXE-35D8F872.pf =>PUP.CrossRider
O45 - LFCP:[MD5.29F2F2C85E971C8B55ADB78719CE1837] - 10/03/2015 - 23:03:35 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-E2039E6E.pf =>Adware.Downware
~ Prefetcher: 3 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
~ LSA: 3 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ MWPS: 19 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoFolderOptions"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoControlPanel"=0
~ MWPE Keys: 6 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176]
O58 - SDL:18/06/2013 - 16:05:45 ---A- . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\System32\Drivers\agrsm64.sys [1146880]
O58 - SDL:27/03/2014 - 14:00:12 ---A- . (.ASUSTek Computer Inc. - ASUS Charger driver.) -- C:\Windows\System32\Drivers\AiCharger.sys [17152]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424]
O58 - SDL:22/08/2013 - 13:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016]
O58 - SDL:08/10/2013 - 02:47:18 ---A- . (.ASUS - HID driver for ASUS Wireless Radio Control.) -- C:\Windows\System32\Drivers\AsHIDSwitch64.sys [20280]
O58 - SDL:29/07/2014 - 16:26:34 ---A- . (.ASUS Corporation - Asus TP Filter Driver(X64).) -- C:\Windows\System32\Drivers\AsusTP.sys [73512]
O58 - SDL:18/07/2013 - 16:53:33 ---A- . (.ASIX Electronics Corp. - ASIX AX88772/AX88772A/AX88772B/AX88772C Network Driver.) -- C:\Windows\System32\Drivers\ax88772.sys [113864]
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296]
O58 - SDL:18/10/2013 - 03:24:40 ---A- . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework Processor Parti.) -- C:\Windows\System32\Drivers\DptfDevProc.sys [289744]
O58 - SDL:18/10/2013 - 03:24:40 ---A- . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework Manager Driver.) -- C:\Windows\System32\Drivers\DptfManager.sys [494296]
O58 - SDL:18/06/2013 - 15:45:26 ---A- . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\Drivers\e1i63x64.sys [460288]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352]
O58 - SDL:30/07/2013 - 19:47:35 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:25/07/2013 - 20:05:39 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:08/08/2013 - 16:17:32 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Driver.) -- C:\Windows\System32\Drivers\iaLPSS_GPIO.sys [24568]
O58 - SDL:08/08/2013 - 16:17:32 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Driver.) -- C:\Windows\System32\Drivers\iaLPSS_I2C.sys [99320]
O58 - SDL:06/11/2013 - 09:18:12 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [631656]
O58 - SDL:10/08/2013 - 01:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000]
O58 - SDL:18/03/2014 - 04:10:32 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [3729920]
O58 - SDL:17/03/2014 - 03:43:32 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [450520]
O58 - SDL:01/03/2014 - 21:32:31 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [38296]
O58 - SDL:01/03/2014 - 21:32:31 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27032]
O58 - SDL:06/08/2012 - 04:17:18 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [17280]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784]
O58 - SDL:29/04/2014 - 07:10:20 ---A- . (.Ralink Technology Corp. - MT7650 VUSB Driver.) -- C:\Windows\System32\Drivers\m76usb.sys [539336]
O58 - SDL:21/11/2014 - 06:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:21/11/2014 - 06:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O58 - SDL:14/03/2015 - 11:39:07 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840]
O58 - SDL:22/08/2013 - 13:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840]
O58 - SDL:21/11/2014 - 06:14:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]
O58 - SDL:24/04/2014 - 21:50:30 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\netr28x.sys [4943560]
O58 - SDL:18/06/2013 - 15:45:58 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\Netwsw00.sys [11518976]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288]
O58 - SDL:10/06/2014 - 13:27:34 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3996888]
O58 - SDL:22/08/2013 - 16:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760]
O58 - SDL:13/07/2012 - 17:31:18 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [22168]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:06/06/2014 - 12:20:12 ---A- . (.STMicroelectronics - STM Accelerometer Device Driver.) -- C:\Windows\System32\Drivers\ST_Accel.sys [125104]
O58 - SDL:23/10/2013 - 14:44:48 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [99288]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504]
~ Drivers: 57 Scanned in 00mn 03s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/03/2015 - 15:34:59 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0]
O61 - LFC: 07/03/2015 - 15:34:59 ---A- . (.Google Inc..) -- C:\Users\Sylvie\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll [189768]
O61 - LFC: 08/03/2015 - 15:34:59 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64\FileSyncApi64.dll [297632]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\CollectOneDriveLogs.bat [5843]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\ETWlog.dll [28832]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\FileSync.LocalizedResources.dll [71336]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\FileSync.Resources.dll [2434208]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\FileSyncApi.dll [234656]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\FileSyncClient.dll [1500840]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\FileSyncConfig.exe [112808]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\FileSyncSessions.dll [1241248]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\FileSyncShell.dll [329384]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\LoggingPlatform.dll [109736]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\OneDriveSetup.exe [7212712]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\RemoteAccess.dll [761000]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\SqmWrapper.dll [39080]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\SyncEngine.dll [2796712]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\Telemetry.dll [480416]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\VideoStreamingPlugin.dll [414368]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\WnsClientApi.dll [396456]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64\FileSyncShell64.dll [358048]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64\LoggingPlatform64.dll [134816]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64\msvcp110.dll [661448]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64\msvcr110.dll [828872]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\msvcp110.dll [534480]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\msvcr110.dll [862664]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\sqmapi.dll [196416]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\wlmfds.dll [427168]
O61 - LFC: 08/03/2015 - 15:35:00 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281256]
O61 - LFC: 08/03/2015 - 15:35:01 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Microsoft\SkyDrive\Update\OneDriveSetup.exe [7212712]
O61 - LFC: 09/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Ads.MerchantRating_8_1_RTM-89b2af16.dll [11224]
O61 - LFC: 09/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.NullableImageFallback_8_1_RP-7d92bd72.dll [10712]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028732-A44E-8850-B4ED60160DF5\Uninstall.exe [80931]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028732-A44E-8850-B4ED60160DF5\bnsoEE5D.exe [365568]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028875-A44E-8850-B4ED60160DF5\Uninstall.exe [77129]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028875-A44E-8850-B4ED60160DF5\ansn1A36.exe [1978368]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028875-A44E-8850-B4ED60160DF5\rnsu1FD5.exe [33280]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028891-A44E-8850-B4ED60160DF5\Uninstall.exe [57149]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028891-A44E-8850-B4ED60160DF5\pnsu5EB3.exe [113307]
O61 - LFC: 10/03/2015 - 15:34:56 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028891-A44E-8850-B4ED60160DF5\rnsu5E63.exe [33280]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\!Multimedia.ImageAnswer_Horizontal_8_1_RTM-dce2a546.dll [11736]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\EntityContainer.PoleGeneric_8_1_RTM-2dd37848.dll [13784]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageAnswer_Vertical_8_1_RTM-4d5d3c50.dll [12248]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageHeroAnswerFullBleed_HorizontalLarge_8_1_SpringGDR-7df630eb.dll [11224]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageHeroAnswerFullBleed_Horizontal_8_1_SpringGDR-be05b318.dll [11224]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageHeroAnswer_VerticalLarge_8_1_RTM-a5ce0ff9.dll [11224]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageHeroAnswer_VerticalNarrow_8_1_RTM-b877c735.dll [11224]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageHeroAnswer_Vertical_8_1_RTM-fddb41d5.dll [11224]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.PoleFullBleedLayout_8_1_RP-55bf7d0a.dll [13272]
O61 - LFC: 10/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpAnswerBlock_FocusOnly_8_1_RP-8920ab69.dll [14808]
O61 - LFC: 10/03/2015 - 15:35:19 ---A- . (...) -- C:\Users\Sylvie\AppData\Roaming\3C56ACB0-1426025077-A44E-8850-B4ED60160DF5\Uninstall.exe [79923]
O61 - LFC: 10/03/2015 - 15:35:19 ---A- . (...) -- C:\Users\Sylvie\AppData\Roaming\3C56ACB0-1426025077-A44E-8850-B4ED60160DF5\rnsq688B.exe [33280]
O61 - LFC: 11/03/2015 - 15:35:03 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\59982Megasoft.G-Drive_6jhhvbe1qtrc0\AC\Microsoft\CLR_v4.0_32\NativeImages\Browser Based Apps\753cd0806e61f0713b5ddf4656c74484\Browser Based Apps.ni.exe [126976]
O61 - LFC: 11/03/2015 - 15:35:03 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\59982Megasoft.G-Drive_6jhhvbe1qtrc0\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Aa7f4f37f#\bda6bbe2a851a2cf2e03b4c5106d3a61\Microsoft.Advertising.WinRT.UI.ni.dll [546816]
O61 - LFC: 11/03/2015 - 15:35:03 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\59982Megasoft.G-Drive_6jhhvbe1qtrc0\AC\Microsoft\CLR_v4.0_32\NativeImages\MicrosoftAdvertising\9461bcb7bf4b20d684c73631cc3127d3\MicrosoftAdvertising.ni.dll [635904]
O61 - LFC: 11/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\F5080380.ASUSPhotoDirector_tfv7c950n6xcr\AC\Microsoft\CLR_v4.0_32\NativeImages\CommonNet\97329da67d0a6f5ffd974cf85c0d7497\CommonNet.ni.dll [25088]
O61 - LFC: 11/03/2015 - 15:35:05 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Flipboard.Flipboard_3f5azkryzdbc4\AC\Microsoft\CLR_v4.0_32\NativeImages\Flipboard\737b4dbcafcd8db530d03a8d30de1e5e\Flipboard.ni.exe [1589248]
O61 - LFC: 11/03/2015 - 15:35:05 ---A- . (.Bit Stadium GmbH.) -- C:\Users\Sylvie\AppData\Local\Packages\Flipboard.Flipboard_3f5azkryzdbc4\AC\Microsoft\CLR_v4.0_32\NativeImages\HockeySDK\12a09591ac058bb2d2a3680501f959e1\HockeySDK.ni.dll [77824]
O61 - LFC: 11/03/2015 - 15:35:05 ---A- . (.Newtonsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Flipboard.Flipboard_3f5azkryzdbc4\AC\Microsoft\CLR_v4.0_32\NativeImages\Newtonsoft.Json\a8f6b4dad2c3908b7420dd32197b5d75\Newtonsoft.Json.ni.dll [1835008]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CommonUtils\6a5065764e8b61e9b9c5f3eb1c5de2a1\CommonUtils.ni.dll [210432]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CoreEngine\03b568a474cf0e95c072e62e65d1aff8\CoreEngine.ni.dll [162816]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\FreshPaint\1de14b7e4cae98df7aaa1773481e6b42\FreshPaint.ni.exe [227328]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Aa9ae3ab0#\796d962eb5274866343908a085c4d0c4\Microsoft.ApplicationInsights.ni.dll [50176]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\HelperLibrary.Shared\b56a6b4454393897c851b4e411ca6f72\HelperLibrary.Shared.ni.dll [729600]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\HelperLibrary\3e5cc174e542e652fa54d288c9d3ac9a\HelperLibrary.ni.dll [518656]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\SharedState\9d8f287c5bdc8eb275194b8186f5c949\SharedState.ni.dll [50176]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\ViewModels\6e3cff79161434ab560144ead22190e3\ViewModels.ni.dll [2286592]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Views\8d7847e5beadc6a6e9839a971500877a\Views.ni.dll [2124800]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Aa7f4f37f#\4da437149d3c1d53cc5bed7aa089c063\Microsoft.Advertising.WinRT.UI.ni.dll [537088]
O61 - LFC: 11/03/2015 - 15:35:08 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.FreshPaint_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MicrosoftAdvertising\d49be5cb691be563dd37687802aed0d7\MicrosoftAdvertising.ni.dll [634368]
O61 - LFC: 11/03/2015 - 15:35:14 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_qj0v5chwq8f2g\AC\Microsoft\CLR_v4.0_32\NativeImages\TripAdvisor\4b83028c12627d6206f2dcd8d909196c\TripAdvisor.ni.exe [308224]
O61 - LFC: 11/03/2015 - 15:35:14 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\AC\Microsoft\CLR_v4.0_32\NativeImages\Library\c78863de77aed26929e9acf6abd8f261\Library.ni.dll [188416] =>.WildTangent Games
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix.Winebddf6ee#\b9968470200ad32bd2a01db8a0093f66\Netflix.Windows.BridgeComponent.ni.dll [50688]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\System.Reac207edc4d#\859ec7d086031ac779da80ee02699928\System.Reactive.Interfaces.ni.dll [37888]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\System.Reac78838f04#\43777e83105f48a70ebe421f9dc421d0\System.Reactive.Windows.Threading.ni.dll [50688]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\System.Reacc8ae45ea#\63f589eaf5bc47d832c3be50e4ad6219\System.Reactive.PlatformServices.ni.dll [103424]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\System.Reactive.Core\88e32cf38b6b34eea532db591f2302bb\System.Reactive.Core.ni.dll [678912]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\System.Reactive.Linq\b191d9d9855eec008fc7d49b70e0a99b\System.Reactive.Linq.ni.dll [8350208]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Netflix, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix\cfb5420ff987178567ac41aefbe4a0e4\Netflix.ni.exe [11399168]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Netflix, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix_Portable45\5d46fef5f22d346445fbbe12fd3f2a1f\Netflix_Portable45.ni.dll [1157632]
O61 - LFC: 13/03/2015 - 15:35:03 ---A- . (.Netflix, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix_Portable\54bcbcc68714327dd11f4c8dac6d9813\Netflix_Portable.ni.dll [1817600]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\da17719ac327a528f002ca1420a4abca\Bing.Maps.ni.dll [1492992]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Base\a1e018847a9bbd02df0c31d4d2044695\Facebook-Base.ni.dll [619520]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Models\6345c048bbd973b5b6935da559c99955\Facebook-Models.ni.dll [1112576]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-No02b98c3e#\ad3ee8ea231e42a87d3bfbbf64e06b7e\Facebook-Notifications.ni.dll [21504]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Services\f8229d2b8e40c929a92d58b800fa8d1e\Facebook-Services.ni.dll [5790720]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Win8-Base\8a9f4d141ea60649eb4ac5dc3eae33d2\Facebook-Win8-Base.ni.dll [1134592]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook.Ba70e54e13#\13ac6caecfabd9584897c8bc51c1e1c7\Facebook.BackgroundTasks.ni.dll [127488]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook\eff57947f2d527a4d30599471bd8a2a4\Facebook.ni.exe [10501632]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Notificatioc5a47191#\3b0f4eefb2f4c55dbed371d125599081\NotificationsExtensions.ni.dll [592896]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.Autofac Project - http://autofac.org.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Autofac\65e7a0350da8e37828422139dac47bd2\Autofac.ni.dll [1047040]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.GalaSoft Laurent Bugnion @ http://www.galas.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\GalaSoft.Mv47ee20e1#\6c87ec9d59c533157af121e940b9d564\GalaSoft.MvvmLight.Platform.ni.dll [23552]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.GalaSoft Laurent Bugnion @ http://www.galas.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\GalaSoft.MvvmLight\bab5e065d17cf82faa9843fb5a448855\GalaSoft.MvvmLight.ni.dll [249856]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.X0af62da0#\1045c743ae9716d2c7bed59a950b2219\Microsoft.Xaml.Interactivity.ni.dll [49152]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.Microsoft Corporation.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\System.Net.d7804c7b#\bccf0b1f3d23bc9c1c5f08717069f829\System.Net.Http.Primitives.ni.dll [10240]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.P4d3ce419#\e2a23efc42acda92690cd5023b4224ef\Microsoft.Practices.ServiceLocation.ni.dll [34304]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.Newtonsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Newtonsoft.Json\b074041911ebbee8edae05c489aee949\Newtonsoft.Json.ni.dll [2589696]
O61 - LFC: 13/03/2015 - 15:35:04 ---A- . (.Tim Heuer.) -- C:\Users\Sylvie\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Callisto\b68b8d2c8415fabcb14ce9c5f1b2b94a\Callisto.ni.dll [740352]
O61 - LFC: 13/03/2015 - 15:35:05 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.B2e1870ee#\12c8055809ad1669744cc27e0eaed1bc\Microsoft.Bing.AppEx.Telemetry.ni.dll [2207232]
O61 - LFC: 13/03/2015 - 15:35:05 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160]
O61 - LFC: 13/03/2015 - 15:35:05 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\FoodAndDrinkRoaming\0b3b8bbd7e187e675051410790cf580b\FoodAndDrinkRoaming.ni.dll [575488]
O61 - LFC: 13/03/2015 - 15:35:05 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\MicrosoftAdvertising\767e7337870dd6010095d1fb939a276f\MicrosoftAdvertising.ni.dll [861184]
O61 - LFC: 13/03/2015 - 15:35:05 ---A- . (.Newtonsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Newtonsoft.Json\ad64ae83a3ca9be128c7a33a204d3671\Newtonsoft.Json.ni.dll [2462720]
O61 - LFC: 13/03/2015 - 15:35:06 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248]
O61 - LFC: 13/03/2015 - 15:35:06 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\HNF.Utilities\d70c2c4b5a777cb18c2dba9faeeceda8\HNF.Utilities.ni.dll [1154560]
O61 - LFC: 13/03/2015 - 15:35:06 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160]
O61 - LFC: 13/03/2015 - 15:35:06 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248]
O61 - LFC: 13/03/2015 - 15:35:06 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Authentication\6c7aea49b7d5e5149ad278364208c5c0\Authentication.ni.dll [247808]
O61 - LFC: 13/03/2015 - 15:35:06 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\29196d9ea2e3f077bf4f3fe82e0758dd\Platform.ni.dll [6372864]
O61 - LFC: 13/03/2015 - 15:35:06 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\b33365dbf21d258c61d21bb93be5d656\Platform.ni.dll [6372864]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Autosuggest\66817e929314edfdfa1bf7da589bb581\Autosuggest.ni.dll [193024]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\d475fa39290ac96c1227dbdde835040e\Bing.Maps.ni.dll [1495040]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\ConfigManager\d1990b5fb962cf0b0c3f6e239394c1e4\ConfigManager.ni.dll [212992]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\ConfigModels\2fdabbc4794c67ad9c13881300195b57\ConfigModels.ni.dll [86016]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\DataTypes\91c8408d7a6527c381172049784a96ee\DataTypes.ni.dll [1124352]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\MapClientGraph\8e5def4266f0a6d2eeb0d0204c63adea\MapClientGraph.ni.dll [269312]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\6cd17eb59d72bdcbc0b998aeca37ad7f\Map.ni.exe [7770112]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.B2384b708#\db55843d9e2ec1f1bd517bec4fcfdb54\Microsoft.Bing.Client.Graph.ni.dll [496640]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.Bc95a2f00#\4189e9fc4a0815046ed19942cbbd0c90\Microsoft.Bing.Platform.Logging.ClientWinRT.ni.dll [1091584]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Requests\2abe2a4f4f557d686ba73381b5ff253b\Requests.ni.dll [616960]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Search\77c2e80e58ecbcc91ce13b73e0e4a49f\Search.ni.dll [66048]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Utilities\a151842d6064dd7e06f33dc35ec45963\Utilities.ni.dll [445440]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160] =>.Microsoft Corporation
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248] =>.Microsoft Corporation
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\b2ac7be6485b0e6e8c3e905a399a6a55\Platform.ni.dll [6372864] =>.Microsoft Corporation
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\b33365dbf21d258c61d21bb93be5d656\Platform.ni.dll [6372864]
O61 - LFC: 13/03/2015 - 15:35:07 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\97fd8423927b47da4c946ad8f3c9f9e0\Platform.ni.dll [6372864]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\Camera\30174c370dd317b90c3eb2bc104b5c88\Camera.ni.dll [312832]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\Common\0b1bffb7227c33470a9f70befd0e7a63\Common.ni.dll [546304]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\DatabaseModule\65fc084e5f6bd93edd1ff9cd2b1a3775\DatabaseModule.ni.dll [514560]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\EmojiStickerModule\aa1418dffe6eea3dc7175d0434448036\EmojiStickerModule.ni.dll [392704]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\JulMar.Windf1f304fe#\127f46160372107eab744d20b16836d3\JulMar.Windows.Interactivity.ni.dll [102912]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\LINE\061aa4c873a7c7252b7e155f844a96cf\LINE.ni.exe [3125760]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\Locale\dca59e10b96840ce328d5ba4c0be5e81\Locale.ni.dll [34816]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\SQLite3\f9fa4c1cefc4db5809059c1e3edb91f0\SQLite3.ni.dll [79360]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\TalkBizModule\b8f2d32b43e75f573f350ba110093030\TalkBizModule.ni.dll [1951744]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\Thrift\aa0f6125e00256f799fba1c7200e5efc\Thrift.ni.dll [5539328]
O61 - LFC: 13/03/2015 - 15:35:13 ---A- . (.NHN Japan.) -- C:\Users\Sylvie\AppData\Local\Packages\NAVER.LINEwin8_8ptj331gd3tyt\AC\Microsoft\CLR_v4.0\NativeImages\Network\44d1cb4f4661b4c3e3ba2307aa05fe58\Network.ni.dll [349696]
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\BackgroundDb0725a70#\1ad7ab4bd1f077ffab3d8b03e62cfb31\BackgroundDownloadComponent.ni.dll [122880] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um114fe9fe#\b1249173350568d786a15891064887eb\nVentive.Umbrella.Services.Contract.WinRT.ni.dll [146944] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um9106121c#\f2f96f59a425fb9f91744bc9a8a4bdf5\nVentive.Umbrella.Web.WinRT.ni.dll [1287680] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (.MarkedUp, LLC.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\MarkedUp\9a8af78c1f9f46b8b4eeb4aba4ad98d6\MarkedUp.ni.dll [1430016] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (.Microsoft.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um643eeab2#\e5c24d53b9f4b0281459dfffdadb47ea\nVentive.Umbrella.Views.WinRT.ni.dll [4245504] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (.nVentive.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um40a3db1a#\3289728da831c579c2bd9d46c70be165\nVentive.Umbrella.Presentation.WinRT.ni.dll [2317824] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (.nVentive.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um4791d002#\30e705956f647ebc5e5214e1b45dec03\nVentive.Umbrella.Services.WinRT.ni.dll [1444864] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (.nVentive.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Um5a74ce1f#\2aa2cce67c8a6aecdf65a9aafd22aee4\nVentive.Umbrella.WinRT.Utilities.Core.ni.dll [2514944] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:18 ---A- . (.nVentive.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Umbrella\117c24c281eb7ac474596c6f66a41768\nVentive.Umbrella.ni.dll [2595840] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\ZinioReaderWin8\ddd8a796275feebdde7f66a86fb2fa6e\ZinioReaderWin8.ni.exe [5364736] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\pdftron\d5c7bf598572ec8d02cd12f594f17409\pdftron.ni.dll [2053120] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (.Microsoft Open Technologies, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\System.Reac207edc4d#\55383e2b7db9bac661b6597b9403600f\System.Reactive.Interfaces.ni.dll [37888] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (.Microsoft Open Technologies, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\System.Reac78838f04#\bbe3df27e49daafc5c11216fb30ff812\System.Reactive.Windows.Threading.ni.dll [50688] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (.Microsoft Open Technologies, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\System.Reacc8ae45ea#\73f22ad5334d6a42f30d818271223055\System.Reactive.PlatformServices.ni.dll [103424] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (.Microsoft Open Technologies, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\System.Reactive.Core\77145c1e4eac2f3d179a8936c9f35ffc\System.Reactive.Core.ni.dll [677376] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (.Microsoft Open Technologies, Inc..) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\System.Reactive.Linq\fff93c91d6365cf69e8edb2eb58efc9d\System.Reactive.Linq.ni.dll [8382464] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (.Schulte Software Development.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\WriteableBi1788e114#\b4b30c47c3d3d83018b9c07f44662ae8\WriteableBitmapEx.WinRT.ni.dll [273408] =>.Zinio LLC
O61 - LFC: 13/03/2015 - 15:35:19 ---A- . (.nVentive.) -- C:\Users\Sylvie\AppData\Local\Packages\ZinioLLC.Zinio_0q6dqzpp40p2e\AC\Microsoft\CLR_v4.0\NativeImages\nVentive.Umf7be7617#\1e49e5c2eaf490857087ec173e7afdb2\nVentive.Umbrella.Patterns.WinRT.ni.dll [410112] =>.Zinio LLC
O61 - LFC: 14/03/2015 - 15:34:59 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 14/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\INetCache\IE\3I8L4O7D\check[1].exe [256490]
O61 - LFC: 14/03/2015 - 15:35:01 ---A- . (...) -- C:\Users\Sylvie\AppData\Local\Microsoft\Windows\INetCache\IE\3XK5BUXU\urlblockindex[1].bin [16]
O61 - LFC: 14/03/2015 - 15:35:20 ---A- . (...) -- C:\Users\Sylvie\AppData\Roaming\sp_data.sys [94]
O61 - LFC: 14/03/2015 - 15:35:20 ---A- . (.ESET.) -- C:\Users\Sylvie\Downloads\esetsmartinstaller_enu (1).exe [2347384]
O61 - LFC: 14/03/2015 - 15:35:20 ---A- . (.ESET.) -- C:\Users\Sylvie\Downloads\esetsmartinstaller_enu (3).exe [2347384]
O61 - LFC: 14/03/2015 - 15:35:20 ---A- . (.ESET.) -- C:\Users\Sylvie\Downloads\esetsmartinstaller_enu.exe [2347384]
O61 - LFC: 14/03/2015 - 15:35:20 ---A- . (.Nicolas Coolman.) -- C:\Users\Sylvie\Downloads\ZHPDiag2.exe [6876430] =>.Nicolas Coolman
~ 16 Fichiers temporaires (Temporary files)
~ Files: 168 Scanned in 00mn 27s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {03AB81EE-4F10-404C-B1F6-F2A92B5D1C0F} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [208896]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [324096]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1261056]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1063424]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [914432]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1212928]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [324096]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [339456]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1576960]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [534528]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [433664]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3465216]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [629760]
~ Services: 34 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (...) -- C:\ProgramData\SetStretch.exe [24576]
[MD5.2D6C1F6FE0A89ECEC8CDB9E8808B7EFA] [SPRF][14/03/2015] (...) -- C:\Users\Sylvie\AppData\Roaming\sp_data.sys [94]
~ Files: 2 Scanned in 00mn 00s



---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 05/03/2015 - 17:32:52 - [] ----D C:\ProgramData\e56ab071e51e483b9e93b28ede13c488
~ Files: Scanned in 00mn 00s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 06/03/2015 265808 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 05/03/2015 107848 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2015 107848 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/09/2013 827392 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Auto 03/04/2014 315008 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/03/2014 115512 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
SR - | Auto 20/08/2014 71168 | (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation.) - C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 18/10/2013 117704 | (DptfParticipantProcessorService) . (.Intel Corporation.) - C:\Windows\System32\DptfParticipantProcessorService.exe
SR - | Auto 18/10/2013 116680 | (DptfPolicyConfigTDPService) . (.Intel Corporation.) - C:\Windows\System32\DptfPolicyConfigTDPService.exe
SR - | Auto 18/10/2013 126952 | (DptfPolicyLpmService) . (.Intel Corporation.) - C:\Windows\System32\DptfPolicyLpmService.exe
SR - | Auto 06/03/2015 347200 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 18/03/2014 282072 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 23/10/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 23/10/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 22/07/1658 0 | (judejyju) . (...) - C:\Users\Sylvie\AppData\Roaming\3C56ACB0-1426025077-A44E-8850-B4ED60160DF5\nsz3D46.tmp
SR - | Auto 23/10/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 10/03/2015 88576 | (qymygubu) . (...) - C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028891-A44E-8850-B4ED60160DF5\snsu5E62.tmp
SR - | Auto 08/07/2014 73528 | (TransformService) . (.ASUS.) - C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/03/2015 94720 | (xozunyje) . (...) - C:\Users\Sylvie\AppData\Local\3C56ACB0-1426028875-A44E-8850-B4ED60160DF5\cnsu1FD4.tmp
~ Services: Scanned in 00mn 11s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Sylvie at 14/03/2015 15:36:14
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Sylvie at 14/03/2015 15:36:16
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (12/03/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

C:\Users\Sylvie\AppData\Local\SmartWeb =>PUP.SmartWeb^
[HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb^
~ Additionnel Scan: 190471 Items scanned in 00mn 15s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-downware =>Adware.Downware
~ MSI: 5 link(s) detected in 00mn 00s



End of the scan (1323 lines in 02mn 32s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité