cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2015.4.17.39 - Nicolas Coolman (17/04/2015)
~ Launched by asus (17/04/2015 12:26:56)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : http://forum.nicolascoolman.fr
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Deactivate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17691
MFIE: Mozilla Firefox 35.0.1
GCIE: Google Chrome v40.0.2214.115 (Defaut)
OPIE: Opera Stable v28.0.1750.40

---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
~ Windows Partial Key : YCJVG
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)

---\\ System protection software
Trend Micro Titanium v3.00
Windows Defender W7 (Deactivate)

---\\ System optimization software
CCleaner v5.04

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 16 NPAPI
Adobe Reader 9.1 MUI

---\\ Information on the system
~ Processor: x86 Family 6 Model 54 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1011 MB (12% free)
System Restore: Activé (Enable)
System drive C: has 61 GB (60%) free of 100 GB

---\\ Connection to the system mode
~ Computer Name: ASUS-PC
~ User Name: asus
~ All Users Names: HelpAssistant, asus, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\asus\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\asus\AppData\Roaming\
~ %Desktop% : C:\Users\asus\Desktop\
~ %Favorites% : C:\Users\asus\Favorites\
~ %LocalAppData% : C:\Users\asus\AppData\Local\
~ %StartMenu% : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 61 Go of 100 Go)
D: Hard drive, Flash drive, Thumb drive (Free 181 Go of 183 Go)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 50 Scanned in 00mn 00s



---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.EA6EA6912F27F05C61D8D747517EB47E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/02/2015 - 02:01:25.) -- C:\Windows\System32\wininet.dll [1888256]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:34.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:46.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:18.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 06:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes: Scanned in 00mn 05s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/2
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/17
~ Mon Bureau (My Desktop) : 4/330
~ Menu demarrer (Programs) : 1/41
~ Hidden Files: Scanned in 00mn 04s



---\\ Process running
[MD5.6F44F5C0BC6B210FE5F5A1C8D899AD0A] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les ser.) -- C:\windows\system32\WLANExt.exe [77312] [PID.1324]
[MD5.8165C8825C726A7D5EFDF863A2D1C28F] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800] [PID.1644]
[MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176] [PID.1668]
[MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520] [PID.1704]
[MD5.8D82A1DB500C559B0128256444B588E3] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files\ASUS\InstantOn for EPC\InsOnWMI.exe [100992] [PID.1928]
[MD5.E5EFD1068D24F9F052A027CAFED3AA5A] - (.Trend Micro Inc. - Titanium mini-service.) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [161104] [PID.2044]
[MD5.098FD7B980E7709B03EB9CE3C3651FD9] - (.Trend Micro Inc. - No Comment.) -- C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe [197968] [PID.532]
[MD5.CEF42DB1DEF87F21B89A5AABB86051EF] - (.TuneUp Software - TuneUp Utilities Service.) -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1773368] [PID.2224]
[MD5.292E7763BE5097CFA942A0A174231383] - (.ASUSTek Computer Inc. - Eee Docking Application.) -- C:\Program Files\Asus\Eee Docking\Eee Docking.exe [417456] [PID.2412]
[MD5.6F4785A8BEFCA2BA6DE09859E5296EAB] - (...) -- C:\ExpressGateUtil\VAWinAgent.exe [45448] [PID.2500]
[MD5.521E1B7A750660A0C7FEF668AA6F60BD] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [135168] [PID.2512]
[MD5.3F6126D5EDF79E4223580FF6ED9A4E66] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [168960] [PID.2544]
[MD5.57BC4D3A4FE98D9114F7C8E5EE7F5E82] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [161280] [PID.2568]
[MD5.373744D6ECDA3A1ADD07C0293336A0BC] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [261632] [PID.2632]
[MD5.3977E6AB25446D645487F313E5E14E06] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11004520] [PID.2740]
[MD5.186183EC3308BDF07B7DFE8963B4DBDE] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [1813800] [PID.2780]
[MD5.71D8F6D5DC35517275BC38EBCC815F9F] - (.AutoIt Team - AutoIt v3 Script.) -- C:\Google\AutoIt3.exe [750320] [PID.3384]
[MD5.E5CFEBA7AACE574A932E22D39F05B4D8] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [1602344] [PID.3448]
[MD5.5C3A66317C094059A3A146E2EE25CE72] - (.Glarysoft Ltd - Glary Utilities 4.) -- C:\Program Files\Glary Utilities 4\Integrator.exe [786720] [PID.3840]
[MD5.C0D2348A923B2FAA3EC2BC65CBAE1A4F] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe [1952568] [PID.3964]
[MD5.C37CE43FB54066FFB540729C6E6E194E] - (...) -- C:\ExpressGateUtil\VAWinService.exe [91464] [PID.2508]
[MD5.E56F39F6B7FDA0AC77A79B0FD3DE1A2F] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856] [PID.2264]
[MD5.979D74799EA6C8B8167869A68DF5204A] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\system32\SystemProtection.exe [141824] [PID.4956]
[MD5.979D74799EA6C8B8167869A68DF5204A] - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\windows\System32\WScript.exe [141824] [PID.5784]
[MD5.9BF47CA4D1E92A92196F5FAB3AE7D2D7] - (...) -- C:\Program Files\Opera\28.0.1750.40\opera_autoupdate.exe [1862776] [PID.1432]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [PID.5648]
[MD5.75BDD11C3EA1CF584C8B9A5BF7C7190C] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3898960] [PID.4724]
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3948]
[MD5.072678E0D68E9C3A7960328671134C7B] - (.Microsoft Corporation - Windows Update.) -- C:\windows\system32\wuauclt.exe [54240] [PID.5284]
[MD5.B9D6D7E6E5C4FCD8DD7F88EC9D563085] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [843592] [PID.3600]
[MD5.CD547868E443EE530163F590FB0BBCCB] - (.Opera Software ASA - 7z Setup SFX.) -- C:\windows\TEMP\Opera Autoupdate\CProgram FilesOpera\1432_1186\Opera_28.0.1750.51_Autoupdate.exe [31836808] [PID.5452]
[MD5.FB51E8E39E3FDB6757874653B743BE72] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576] [PID.6340]
[MD5.107AFCBC31E25314E56B69EEC25885BD] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456] [PID.4684]
[MD5.62A3B7A12578B3B595253342B982BDA7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198144] [PID.3316]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\windows\system32\sppsvc.exe [3179520] [PID.7992]
[MD5.3F41E4BC551B4C913BAD2F4340D79B60] - (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Update\Install\{05C9912B-9635-4FE8-BC13-6C5093663644}\42.0.2311.90_chrome_installer.exe [41815632] [PID.7248]
[MD5.C8F1A3B07FCE3E04ADD07894F29FF960] - (.Google Inc. - Google Chrome Installer.) -- C:\windows\TEMP\CR_31365.tmp\setup.exe [988488] [PID.7452]
~ Processes Running: Scanned in 00mn 23s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\prefs.js
C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\user.js
M3 - MFPP: Plugins - [asus] -- C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\searchplugins\bingp.xml
M3 - MFPP: Plugins - [asus] -- C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\searchplugins\default-search.xml =>Hijacker.Browsers
M3 - MFPP: Plugins - [asus] -- C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\searchplugins\dsrlte.xml
M3 - MFPP: Plugins - [asus] -- C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\searchplugins\keepmysearch.xml =>Adware.MyWebSearch
M3 - MFPP: Plugins - [asus] -- C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\searchplugins\search-simple.xml
M0 - MFSP: prefs.js [asus - bn7qw9y1.default] http://search.yahoo.com
M2 - MFEP: prefs.js [asus - bn7qw9y1.default\mozilla_cc@internetdownloadmanager.com] [] IDM CC v7.3.97 (..)
M2 - MFEP: prefs.js [asus - bn7qw9y1.default\sitematcher_srcs@sitematcher_srcs.com] [] Site Matcher v7.3.97 (..) =>Adware.SiteMatcher
M2 - MFEP: Extension [asus - bn7qw9y1.default] {db7054b4-aad4-4cac-b80b-8c50c3e28387}.xpi
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50401.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\asus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 17 Scanned in 00mn 01s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 14 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} . (.Trend Micro Inc. - Trend Micro NSC IE Plug-In.) -- C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
O2 - BHO: AdvanceElite 1.0.0.6 - {3b2cb4c8-72ab-4b25-8fa1-219b36a60bed} . (.AdvanceElite - AdvanceElite.) -- C:\Program Files\AdvanceElite\AdvanceEliteBHO.dll =>PUP.AdvanceElite
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} . (.Trend Micro Inc. - Trend Micro Browser Plug-In (IE).) -- C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
~ BHO: 14 Scanned in 00mn 01s



---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: FlvPlayer.lnk . (...) -- C:\Users\asus\AppData\Roaming\FlvPlayer\FlvPlayerApp.exe =>PUP.FLVPlayer
~ Global Startup: 2 Scanned in 00mn 14s



---\\ Auto loading programs from Registry and folders (O4)
O4 - GS\Startup [asus]: MyPC Backup.lnk . (...) -- C:\Program Files\MyPC Backup\MyPC Backup.exe (.not file.) =>PUP.MyPCBackup
O4 - HKLM\..\Run: [GfxServiceInstall] . (...) -- C:\windows\system32\GfxCUIServiceInstall.vbs
O4 - HKLM\..\Run: [HotkeyMon] . (.ASUSTeK Computer Inc. - AsEPCMon.) -- C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] . (.ASUSTeK Computer Inc. - Asus Hotkey Service.) -- C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] . (.ASUSTeK Computer Inc. - Eee Super Hybrid Engine.) -- C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] . (.AsusTek Computer Inc. - Asus EeePC LiveUpdate for Bios, Driver, Sof.) -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [CapsHook] . (.ASUS - CapsAndNumKeyNotify.) -- C:\Program Files\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] . (.ASUSTek Computer Inc. - Eee Docking Application.) -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
O4 - HKLM\..\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] . (.Trend Micro Inc. - Trend Titanium.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - VizorShortCut Dynamic Link Library.) -- C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe
O4 - HKLM\..\Run: [VAWinAgent] . (...) -- C:\ExpressGateUtil\VAWinAgent.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files\ASUS\APRP\APRP.exe
O4 - HKLM\..\Run: [iSeriesCharge] . (.AsusTek Computer Inc. - USB charge for Apple product.) -- C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe
O4 - HKLM\..\Run: [KeyScrambler] . (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files\KeyScrambler\keyscrambler.exe
O4 - HKLM\..\Run: [Settings] \B C:\Users\asus\AppData\Roaming\Settings.vbs (.not file.)
O4 - HKLM\..\Run: [Windows Update] . (...) -- C:\Google\Windowsupdate.lnk
O4 - HKLM\..\Run: [JavaUpdate] C:\Google\GoogleUpdate.lnk (.not file.)
O4 - HKLM\..\Run: [NewJavaInstall] . (.AutoIt Team - AutoIt v3 Script.) -- C:\Google\AutoIt3.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Windows Update] . (...) -- C:\Google\Windowsupdate.lnk
O4 - HKCU\..\Run: [AdopeUpdate] C:\Google\GoogleUpdate.lnk (.not file.)
O4 - HKCU\..\Run: [AdopeFlash] . (.AutoIt Team - AutoIt v3 Script.) -- C:\Google\AutoIt3.exe
O4 - HKCU\..\Run: [Settings] \B C:\Users\asus\AppData\Roaming\Settings.vbs (.not file.)
O4 - HKCU\..\Run: [mot de passe] \B C:\Users\asus\AppData\Local\Temp\mot de passe.vbs (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKLM\..\policies\Explorer\Run: [Updates] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\system32\SystemProtection.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [Windows Update] . (...) -- C:\Google\Windowsupdate.lnk
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [AdopeUpdate] C:\Google\GoogleUpdate.lnk (.not file.)
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [AdopeFlash] . (.AutoIt Team - AutoIt v3 Script.) -- C:\Google\AutoIt3.exe
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [Settings] \B C:\Users\asus\AppData\Roaming\Settings.vbs (.not file.)
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [mot de passe] \B C:\Users\asus\AppData\Local\Temp\mot de passe.vbs (.not file.)
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3816781705-903915234-1273598394-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 06s



---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 9 Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE81CA8D-4BE3-4E5A-82FC-F5E696B16374}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CE81CA8D-4BE3-4E5A-82FC-F5E696B16374}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{63018960-CEEF-4323-A9E9-10DFE851977E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CE81CA8D-4BE3-4E5A-82FC-F5E696B16374}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{63018960-CEEF-4323-A9E9-10DFE851977E}: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) . (.ASUS - ASUS InstantOn Program.) - C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: MaintainerSvc1.20.7247763 (MaintainerSvc1.20.7247763) . (...) - C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b\maintainer.exe (.not file.) =>PUP.MaintainerSvc
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TiMiniService (TiMiniService) . (.Trend Micro Inc. - Titanium mini-service.) - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
O23 - Service: Update AdvanceElite (Update AdvanceElite) . (...) - C:\Program Files\AdvanceElite\updateAdvanceElite.exe (.not file.) =>PUP.AdvanceElite
O23 - Service: Util AdvanceElite (Util AdvanceElite) . (...) - C:\Program Files\AdvanceElite\bin\utilAdvanceElite.exe =>PUP.AdvanceElite
O23 - Service: VideAceWindowsService (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe
~ Services: 9 Scanned in 00mn 30s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Session Manager Key (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x64) . (...) -- c:\program files\settings manager\smdmf\x64\sysapcrt.dll (Not file) =>PUP.SystemK
~ Keys: Scanned in 00mn 01s



---\\ Task Planned Automatically (039)
[MD5.080255CDCB878813B481B8C348D47D8E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.A75228DE9117A017BC7A3B44953B2648] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5529880]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000Core] (.Facebook Inc..) -- C:\Users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000UA] (.Facebook Inc..) -- C:\Users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.EB8073A36C0AF3FEAFFD549F96C30450] [APT] [GlaryInitialize 4] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities 4\Initialize.exe [101664]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.5C3A66317C094059A3A146E2EE25CE72] [APT] [GU4SkipUAC] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities 4\Integrator.exe [786720]
[MD5.CB9080C5A5F06335B7F4E08DF9AECD8F] [APT] [LaunchSignup] (.MyPC Backup.) -- C:\Program Files\MyPC Backup\Signup Wizard.exe [856176] =>PUP.MyPCBackup
[MD5.16F026EC9F269CDCDA7B568994F38347] [APT] [Opera scheduled Autoupdate 1410575498] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [889976]
[MD5.D49FABE701F403CE95BA64A5026EE3EB] [APT] [TuneUpUtilities_Task_BkGndMaintenance2013] (.TuneUp Software.) -- C:\Program Files\TuneUp Utilities 2014\OneClick.exe [459576]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000Core.job [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000Core [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000UA.job [924]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3816781705-903915234-1273598394-1000UA [924]
O39 - APT: GlaryInitialize 4 - (.Glarysoft Ltd.) -- C:\Windows\Tasks\GlaryInitialize 4.job [318]
O39 - APT: GlaryInitialize 4 - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GlaryInitialize 4 [318]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1054]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1058]
~ Scheduled Task: 19 Scanned in 00mn 22s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
~ Active Setup: 11 Scanned in 00mn 01s



---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsIO) . (...) - C:\Windows\System32\drivers\AsIO.sys
O41 - Driver: (AsUpIO) . (...) - C:\Windows\System32\drivers\AsUpIO.sys
O41 - Driver: (BAPIDRV) . (. - .) - C:\Windows\System32\DRIVERS\BAPIDRV.sys (.not file.)
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (eamonm) . (.ESET - Amon monitor.) - C:\Windows\System32\DRIVERS\eamonm.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys
O41 - Driver: (EpfwLWF) . (.ESET - Epfw NDIS LightWeight Filter.) - C:\Windows\System32\DRIVERS\EpfwLWF.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (tmactmon) . (.Trend Micro Inc. - TrendMicro Activity Monitor Module.) - C:\Windows\System32\DRIVERS\tmactmon.sys
O41 - Driver: (tmcomm) . (.Trend Micro Inc. - TrendMicro Common Module.) - C:\Windows\System32\DRIVERS\tmcomm.sys
O41 - Driver: (tmevtmgr) . (.Trend Micro Inc. - TrendMicro Event Management Module.) - C:\Windows\System32\DRIVERS\tmevtmgr.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: ({02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({21abe523-36e2-4dad-9e0e-8fe9f0be1916}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{21abe523-36e2-4dad-9e0e-8fe9f0be1916}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({255a824a-3cde-4dee-9785-284605606456}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{255a824a-3cde-4dee-9785-284605606456}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({2dded9e7-3203-4471-8b68-853135cdbf31}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{2dded9e7-3203-4471-8b68-853135cdbf31}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({324e1577-96d7-407f-b1ce-1c9f8b33dad4}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{324e1577-96d7-407f-b1ce-1c9f8b33dad4}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({34a9de73-8119-4710-8938-8d3ebf75d78f}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{34a9de73-8119-4710-8938-8d3ebf75d78f}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({3b808196-ff63-49ee-b33b-efdf51723eca}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{3b808196-ff63-49ee-b33b-efdf51723eca}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({3cac76e7-8310-45ea-8277-96d048a78c60}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{3cac76e7-8310-45ea-8277-96d048a78c60}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({4530e639-76ab-4435-889d-a5e81ae090a4}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{4530e639-76ab-4435-889d-a5e81ae090a4}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({46a147d8-5171-42d8-b8a8-6a187525781d}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{46a147d8-5171-42d8-b8a8-6a187525781d}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({51b9c91c-8e38-40ae-80de-58a590512b6b}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({6b89253f-7097-40c7-9ead-2d5b1ceb02e2}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({84e24724-32a5-4ef8-b981-cc669543b4a4}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{84e24724-32a5-4ef8-b981-cc669543b4a4}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({94d62e35-4b43-494c-bf52-ba5935df36ef}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({d1c4c3bc-6b77-4033-9c86-e72fcf769bbe}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{d1c4c3bc-6b77-4033-9c86-e72fcf769bbe}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({d428f5a9-a362-4938-a8b7-f0abd920078b}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{d428f5a9-a362-4938-a8b7-f0abd920078b}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({d997fcb4-42b4-4f84-a147-2e498567c954}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{d997fcb4-42b4-4f84-a147-2e498567c954}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({db1293a0-85fd-418d-b0d6-c79faa7c8ace}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{db1293a0-85fd-418d-b0d6-c79faa7c8ace}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({dbec4a38-79aa-4d48-ac2b-d4467b1ded12}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{dbec4a38-79aa-4d48-ac2b-d4467b1ded12}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({f9595960-dc6f-49f8-83db-4f3a4c9b714d}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{f9595960-dc6f-49f8-83db-4f3a4c9b714d}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw.sys =>PUP.LinkiDoo
~ Drivers: 186 Scanned in 00mn 10s



---\\ Software installed (O42)
O42 - Logiciel: ASUS Media Sharing - (.ASUS.) [HKLM] -- {9042F9FE-43CB-4ACF-9978-F62235127F90}
O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage
O42 - Logiciel: ASUSUpdate for Eee PC - (.ASUSTeK Computer Inc..) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader 9.1 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: AdvanceElite - (.AdvanceElite.) [HKLM] -- AdvanceElite =>PUP.AdvanceElite
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: AsusScreensaver - (.AsusTek Computer Inc..) [HKLM] -- {99E77016-BCF2-48C8-9119-43ECF5815F65}
O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM] -- Asus Vibe2.0
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CapsHook - (.AsusTek Computer.) [HKLM] -- {4B5092B6-F231-4D18-83BC-2618B729CA45}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: E-Cam - (.AzureWave.) [HKLM] -- {185AFA7A-F63E-450B-94AA-011CAC18090E}
O42 - Logiciel: ESET Smart Security - (.ESET, spol s r. o..) [HKLM] -- {E90B92D0-A441-4D90-87DF-D7DD5ABFA739}
O42 - Logiciel: Eee Docking 3.10.5 - (.ASUSTek Computer Inc..) [HKLM] -- Eee Docking_is1
O42 - Logiciel: ExpressGateCloud - (.VideACE Co..) [HKLM] -- InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}
O42 - Logiciel: ExpressGateCloud - (.VideACE Co..) [HKLM] -- {36B0DC39-3282-40EB-8587-B875CE46C3A7}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: FlvPlayer - (...) [HKCU] -- FlvPlayer =>PUP.FLVPlayer
O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}
O42 - Logiciel: FontResizer - (.ASUSTek.) [HKLM] -- {17780F99-A9DF-450B-81B3-6781B20A17A8}
O42 - Logiciel: Glary Utilities 4.9 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities 4
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotkey Service - (.AsusTek Computer Inc..) [HKLM] -- {71C0E38E-09F2-4386-9977-404D4F6640CD}
O42 - Logiciel: InstantOn for EPC - (.ASUS.) [HKLM] -- {749F674B-2674-47E8-879C-5626A06B2A91}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM] -- KeyScrambler
O42 - Logiciel: LiveUpdate - (.AsusTek Computer Inc..) [HKLM] -- {38E5A3B1-ADF1-47E0-8024-76310A30EB36}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: Opera Stable 28.0.1750.40 - (.Opera Software ASA.) [HKLM] -- Opera 28.0.1750.40
O42 - Logiciel: Qualcomm Atheros WiFi Driver Installation - (.Qualcomm Atheros.) [HKLM] -- {7D916FA5-DAE9-4A25-B089-655C70EAF607}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Skype™ 7.0 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Super Hybrid Engine - (.AsusTek Computer.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E}
O42 - Logiciel: Trend Micro Titanium - (.Trend Micro Inc..) [HKLM] -- {ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: Trend Micro Titanium - (.Trend Micro Inc..) [HKLM] -- {ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: TuneUp Utilities 2014 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities
O42 - Logiciel: USBCharge+ - (.AsusTek Computer.) [HKLM] -- {8165EFD2-0EB8-4C4F-A0E4-0E641B117ED2}
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WiSharing - (.AzureWave.) [HKLM] -- {21DD6041-7251-40FA-9D06-C5EB30268E0F}
~ Logic: 34 Scanned in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASUS]
[HKCU\Software\Adobe]
[HKCU\Software\AdvanceElite] =>PUP.AdvanceElite
[HKCU\Software\AppDataLow]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\ECAREME]
[HKCU\Software\ESET]
[HKCU\Software\Elantech]
[HKCU\Software\Eraser]
[HKCU\Software\Facebook]
[HKCU\Software\Glarysoft]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Intel]
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QFX Software]
[HKCU\Software\Realtek]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\TeleCharger]
[HKCU\Software\TrendMicro]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Usbfix]
[HKCU\Software\VideACE]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CoreSecurity]
[HKLM\Software\ECAREME]
[HKLM\Software\ESET]
[HKLM\Software\FlvPlayer] =>PUP.FLVPlayer
[HKLM\Software\GlarySoft]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Opera Software]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\QFX Software]
[HKLM\Software\Qualcomm Atheros Direct Connect]
[HKLM\Software\Qualcomm Atheros WiFi Driver Installation]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RightSurf] =>PUP.RightSurf
[HKLM\Software\Settings]
[HKLM\Software\SiteSee]
[HKLM\Software\Skype]
[HKLM\Software\SmdmF] =>PUP.SystemK
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\VideACE]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
~ Key Software: 173 Scanned in 00mn 01s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 05/10/2014 - 18:41:00 - [0] ----D C:\Program Files\360
O43 - CFD: 17/03/2012 - 00:09:45 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/04/2015 - 12:12:09 - [] ----D C:\Program Files\AdvanceElite =>PUP.AdvanceElite
O43 - CFD: 24/01/2014 - 00:03:23 - [] ----D C:\Program Files\Alwil Software
O43 - CFD: 24/01/2014 - 14:17:58 - [] ----D C:\Program Files\Asus
O43 - CFD: 17/04/2015 - 11:33:46 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 08/10/2014 - 01:03:04 - [] ----D C:\Program Files\Common Files
O43 - CFD: 16/02/2011 - 16:44:39 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 16/03/2012 - 23:50:30 - [] ----D C:\Program Files\E-Cam
O43 - CFD: 04/01/2014 - 20:49:42 - [] ----D C:\Program Files\EASEUS
O43 - CFD: 19/03/2013 - 17:08:18 - [] ----D C:\Program Files\Elantech
O43 - CFD: 17/04/2015 - 12:01:26 - [] ----D C:\Program Files\ESET
O43 - CFD: 17/04/2015 - 10:59:45 - [] ----D C:\Program Files\Glary Utilities 4
O43 - CFD: 31/07/2014 - 22:38:53 - [] ----D C:\Program Files\Google
O43 - CFD: 24/01/2014 - 14:17:54 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 16/03/2012 - 23:39:50 - [] ----D C:\Program Files\Intel
O43 - CFD: 17/04/2015 - 11:11:50 - [] ----D C:\Program Files\Internet Download Manager
O43 - CFD: 16/04/2015 - 21:11:30 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 02/08/2014 - 19:19:49 - [] ----D C:\Program Files\KeyScrambler
O43 - CFD: 24/01/2014 - 00:05:07 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 06/07/2014 - 23:34:06 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 16/03/2012 - 23:53:37 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 16/03/2012 - 23:57:12 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 06/07/2014 - 23:33:59 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 06/07/2014 - 23:27:52 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 06/07/2014 - 23:35:21 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 06/07/2014 - 23:32:24 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 13/02/2015 - 18:29:30 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 13/02/2015 - 20:47:05 - [] ----D C:\Program Files\Mozilla Firefox.bak
O43 - CFD: 14/02/2015 - 03:49:26 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 06/07/2014 - 23:34:34 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 17/04/2015 - 12:12:15 - [] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 15/03/2015 - 23:32:48 - [] ----D C:\Program Files\Opera
O43 - CFD: 19/03/2013 - 17:10:05 - [] ----D C:\Program Files\Qualcomm Atheros WiFi Driver Installation
O43 - CFD: 17/03/2012 - 02:27:54 - [] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 02/08/2014 - 20:24:40 - [] ----D C:\Program Files\RightSurf =>PUP.RightSurf
O43 - CFD: 04/08/2014 - 15:32:02 - [] ----D C:\Program Files\Settings Manager =>PUP.SystemK
O43 - CFD: 04/08/2014 - 15:35:51 - [0] ----D C:\Program Files\SiteLookup =>PUP.SiteLookup
O43 - CFD: 19/12/2014 - 03:11:56 - [] R---D C:\Program Files\Skype
O43 - CFD: 17/03/2012 - 02:27:59 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 17/03/2012 - 00:06:45 - [] ----D C:\Program Files\Trend Micro
O43 - CFD: 16/04/2015 - 21:26:24 - [] ----D C:\Program Files\TuneUp Utilities 2014
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 19/06/2014 - 17:09:17 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 25/01/2014 - 11:13:31 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 16/03/2012 - 23:59:12 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 16/02/2011 - 16:44:39 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 16/03/2015 - 06:56:24 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 16/02/2011 - 16:44:39 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 11/02/2011 - 12:14:27 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 16/02/2011 - 16:44:39 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 23/01/2014 - 22:53:38 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 17/03/2012 - 01:03:22 - [] ----D C:\Program Files\WiSharing
O43 - CFD: 17/04/2015 - 12:26:28 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 16/03/2012 - 23:51:20 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 17/03/2012 - 00:09:44 - [] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 06/07/2014 - 23:33:58 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 16/03/2012 - 23:49:26 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 06/07/2014 - 23:35:03 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 08/10/2014 - 01:03:04 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 06/07/2014 - 23:26:57 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 16/03/2012 - 23:53:24 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 16/03/2012 - 23:51:56 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 17/03/2012 - 00:05:35 - [] ----D C:\ProgramData\ASUS WebStorage
O43 - CFD: 14/02/2015 - 01:07:48 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 23/01/2014 - 22:44:33 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 17/04/2015 - 11:00:18 - [] ----D C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 17/04/2015 - 12:01:26 - [] ----D C:\ProgramData\ESET
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 09/09/2014 - 02:47:56 - [0] ----D C:\ProgramData\IDM
O43 - CFD: 23/10/2014 - 04:28:12 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 06/07/2014 - 23:40:33 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 23/01/2014 - 22:18:39 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 02/08/2014 - 19:20:09 - [] ----D C:\ProgramData\QFX Software
O43 - CFD: 19/03/2013 - 17:08:27 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 19/12/2014 - 03:11:33 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 19/03/2013 - 17:11:04 - [] ----D C:\ProgramData\Trend Micro
O43 - CFD: 24/12/2014 - 20:14:48 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 17/03/2014 - 22:50:23 - [] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 17/03/2012 - 01:03:18 - [] ----D C:\ProgramData\WiSharing
O43 - CFD: 19/11/2014 - 18:17:18 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 19/03/2013 - 17:10:38 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 05:46:36 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 24/01/2014 - 14:17:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 02/08/2014 - 19:51:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 16/03/2012 - 23:50:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Cam
O43 - CFD: 17/04/2015 - 12:01:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 05/10/2014 - 17:43:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer =>PUP.FLVPlayer
O43 - CFD: 14/07/2009 - 05:42:31 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 19/06/2014 - 11:52:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4
O43 - CFD: 31/07/2014 - 22:39:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 16/03/2012 - 23:39:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 19/09/2014 - 02:17:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 02/08/2014 - 19:19:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
O43 - CFD: 14/07/2009 - 05:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 06/07/2014 - 23:40:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 16/03/2012 - 23:54:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 08/10/2014 - 01:03:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 17/04/2015 - 12:27:48 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 13/09/2014 - 03:25:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
O43 - CFD: 19/06/2014 - 17:09:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 16/03/2012 - 23:59:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 23/01/2014 - 22:53:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 17/03/2012 - 01:03:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiSharing
O43 - CFD: 17/04/2015 - 12:26:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 19/03/2013 - 17:11:18 - [] ----D C:\Users\asus\AppData\Roaming\Adobe
O43 - CFD: 17/03/2012 - 00:05:40 - [] ----D C:\Users\asus\AppData\Roaming\ASUS WebStorage
O43 - CFD: 16/04/2015 - 20:54:55 - [] ----D C:\Users\asus\AppData\Roaming\DiskDefrag
O43 - CFD: 17/04/2015 - 12:25:05 - [] ----D C:\Users\asus\AppData\Roaming\DMCache
O43 - CFD: 09/08/2014 - 20:59:20 - [] ----D C:\Users\asus\AppData\Roaming\dvdcss
O43 - CFD: 16/03/2012 - 23:50:28 - [] ----D C:\Users\asus\AppData\Roaming\E-Cam
O43 - CFD: 17/04/2015 - 12:09:56 - [] ----D C:\Users\asus\AppData\Roaming\ESET
O43 - CFD: 04/08/2014 - 15:32:15 - [] ----D C:\Users\asus\AppData\Roaming\FirefoxToolbar
O43 - CFD: 05/10/2014 - 17:43:20 - [] ----D C:\Users\asus\AppData\Roaming\FlvPlayer =>PUP.FLVPlayer
O43 - CFD: 19/06/2014 - 11:52:31 - [] ----D C:\Users\asus\AppData\Roaming\GlarySoft
O43 - CFD: 14/07/2009 - 05:54:12 - [] ----D C:\Users\asus\AppData\Roaming\Identities
O43 - CFD: 17/04/2015 - 11:15:52 - [] ----D C:\Users\asus\AppData\Roaming\IDM
O43 - CFD: 16/03/2012 - 23:38:26 - [] ----D C:\Users\asus\AppData\Roaming\InstallShield
O43 - CFD: 16/03/2012 - 23:51:53 - [] ----D C:\Users\asus\AppData\Roaming\Macromedia
O43 - CFD: 31/12/2014 - 12:49:05 - [] -S--D C:\Users\asus\AppData\Roaming\Microsoft
O43 - CFD: 23/01/2014 - 22:30:36 - [] ----D C:\Users\asus\AppData\Roaming\Mozilla
O43 - CFD: 13/09/2014 - 03:32:12 - [] ----D C:\Users\asus\AppData\Roaming\Opera Software
O43 - CFD: 02/08/2014 - 19:20:09 - [] ----D C:\Users\asus\AppData\Roaming\QFX Software
O43 - CFD: 13/09/2014 - 03:16:36 - [] ----D C:\Users\asus\AppData\Roaming\RHEng =>PUP.Conduit
O43 - CFD: 13/09/2014 - 03:16:17 - [] ----D C:\Users\asus\AppData\Roaming\rmi
O43 - CFD: 04/08/2014 - 15:35:42 - [0] ----D C:\Users\asus\AppData\Roaming\SimilarAddon =>PUP.SimilarAddon
O43 - CFD: 14/02/2015 - 00:33:30 - [0] ----D C:\Users\asus\AppData\Roaming\Skype
O43 - CFD: 06/07/2014 - 16:27:34 - [] ----D C:\Users\asus\AppData\Roaming\SoftGrid Client
O43 - CFD: 25/07/2013 - 00:19:42 - [0] ----D C:\Users\asus\AppData\Roaming\TP
O43 - CFD: 13/09/2014 - 03:24:36 - [] ----D C:\Users\asus\AppData\Roaming\TuneUp Software
O43 - CFD: 15/03/2015 - 23:43:13 - [] ----D C:\Users\asus\AppData\Roaming\vlc
O43 - CFD: 08/08/2014 - 14:04:19 - [0] ----D C:\Users\asus\AppData\Roaming\Windows Live Writer
O43 - CFD: 12/03/2014 - 16:57:50 - [0] ----D C:\Users\asus\AppData\Roaming\WinRAR
O43 - CFD: 17/04/2015 - 12:29:30 - [] ----D C:\Users\asus\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 23/01/2014 - 23:36:19 - [] ----D C:\Users\asus\AppData\Local\Adobe
O43 - CFD: 19/03/2013 - 17:07:01 - [] -SH-D C:\Users\asus\AppData\Local\Application Data
O43 - CFD: 13/09/2014 - 04:00:42 - [] ----D C:\Users\asus\AppData\Local\Apps
O43 - CFD: 17/03/2012 - 00:09:52 - [] ----D C:\Users\asus\AppData\Local\ASUS
O43 - CFD: 23/01/2014 - 23:05:34 - [] ----D C:\Users\asus\AppData\Local\cache
O43 - CFD: 23/12/2014 - 12:56:43 - [] ----D C:\Users\asus\AppData\Local\Diagnostics
O43 - CFD: 25/11/2014 - 22:31:05 - [] -SH-D C:\Users\asus\AppData\Local\EmieBrowserModeList
O43 - CFD: 06/08/2014 - 10:31:24 - [] -SH-D C:\Users\asus\AppData\Local\EmieSiteList
O43 - CFD: 06/08/2014 - 10:31:24 - [] -SH-D C:\Users\asus\AppData\Local\EmieUserList
O43 - CFD: 18/06/2014 - 14:00:35 - [] ----D C:\Users\asus\AppData\Local\Eraser 6
O43 - CFD: 17/04/2015 - 12:06:35 - [] ----D C:\Users\asus\AppData\Local\ESET
O43 - CFD: 26/12/2014 - 04:05:26 - [] ----D C:\Users\asus\AppData\Local\Facebook
O43 - CFD: 31/07/2014 - 22:40:26 - [] ----D C:\Users\asus\AppData\Local\Google
O43 - CFD: 19/03/2013 - 17:07:01 - [] -SH-D C:\Users\asus\AppData\Local\Historique
O43 - CFD: 23/01/2014 - 23:53:01 - [] ----D C:\Users\asus\AppData\Local\Macromedia
O43 - CFD: 23/10/2014 - 04:28:11 - [] ----D C:\Users\asus\AppData\Local\Microsoft
O43 - CFD: 25/01/2015 - 18:27:32 - [] ----D C:\Users\asus\AppData\Local\Microsoft Games
O43 - CFD: 19/01/2015 - 03:41:17 - [0] ----D C:\Users\asus\AppData\Local\Microsoft Help
O43 - CFD: 23/01/2014 - 22:30:38 - [] ----D C:\Users\asus\AppData\Local\Mozilla
O43 - CFD: 13/09/2014 - 03:32:18 - [] ----D C:\Users\asus\AppData\Local\Opera Software
O43 - CFD: 16/11/2014 - 05:12:52 - [] ----D C:\Users\asus\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
O43 - CFD: 04/08/2014 - 15:29:45 - [] ----D C:\Users\asus\AppData\Local\Skype
O43 - CFD: 25/07/2013 - 00:19:30 - [] ----D C:\Users\asus\AppData\Local\SoftGrid Client
O43 - CFD: 17/04/2015 - 12:27:23 - [] ----D C:\Users\asus\AppData\Local\Temp
O43 - CFD: 19/03/2013 - 17:07:01 - [] -SH-D C:\Users\asus\AppData\Local\Temporary Internet Files
O43 - CFD: 13/09/2014 - 03:24:38 - [] ----D C:\Users\asus\AppData\Local\TuneUp Software
O43 - CFD: 17/09/2014 - 21:08:45 - [] ----D C:\Users\asus\AppData\Local\VirtualStore
O43 - CFD: 25/12/2014 - 10:52:53 - [] ----D C:\Users\asus\AppData\Local\Windows Live
O43 - CFD: 08/08/2014 - 14:04:41 - [] ----D C:\Users\asus\AppData\Local\Windows Live Writer
O43 - CFD: 08/08/2014 - 14:05:25 - [] ----D C:\Users\asus\AppData\Local\{967CE4DF-4DB7-442B-85E8-BB20058A5701}
O43 - CFD: 14/07/2009 - 05:42:04 - [] R---D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 29/07/2014 - 23:18:12 - [] R---D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 19/09/2014 - 02:17:14 - [] ----D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 14/07/2009 - 05:37:42 - [] R---D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 05/10/2014 - 17:51:32 - [] ----D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 17/04/2015 - 12:09:47 - [] R---D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 19/03/2013 - 17:11:07 - [] ----D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium
O43 - CFD: 03/01/2015 - 16:39:53 - [] ----D C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ 39 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 221 Scanned in 00mn 04s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.C590574AE2F167CC188250E81102C882] - 02/04/2015 - 14:54:34 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [122432]
O44 - LFC:[MD5.E7582D2F3D430B82A1EEC62A51DD1244] - 16/04/2015 - 21:12:50 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [408704]
O44 - LFC:[MD5.EE590149D0A7683CAAA0F8E4F1A3E276] - 16/04/2015 - 21:21:27 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [119837696]
O44 - LFC:[MD5.782BC8064C5383DBBEE8C51647461BA9] - 17/04/2015 - 10:59:04 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.B0EC8C6756A84C17ADB89B58786DD8E4] - 17/04/2015 - 10:59:06 ---A- . (...) -- C:\Windows\setupact.log [280]
O44 - LFC:[MD5.E3B9D437F0A51784293B8D3DA4C30B44] - 17/04/2015 - 11:01:57 ---A- . (...) -- C:\Windows\win.ini [580]
O44 - LFC:[MD5.3E6D75BDBF53A19EB775AA83D04BB97A] - 17/04/2015 - 11:04:20 ---A- . (...) -- C:\Windows\System32\RegFile3.txt [1950107]
O44 - LFC:[MD5.561457B6226EB20B31E5FA966D4B8958] - 17/04/2015 - 12:15:33 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1345031]
~ Files: 8 Scanned in 03mn 29s



---\\ Latest files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.B5EE0EE7FEE833685A6E518BE41B5458] - 17/04/2015 - 11:04:26 ---A- - C:\Windows\Prefetch\ADVANCEELITE.BOAS.EXE-D8E1280B.pf =>PUP.AdvanceElite
O45 - LFCP:[MD5.C8CFBE3B8A72DFBB1A577478CB02D2D0] - 17/04/2015 - 11:02:38 ---A- - C:\Windows\Prefetch\ADVANCEELITE.BOASHELPER.EXE-28862FD3.pf =>PUP.AdvanceElite
O45 - LFCP:[MD5.2F8E84088210A6A2B8CBD8DCF668A591] - 17/04/2015 - 11:04:18 ---A- - C:\Windows\Prefetch\ADVANCEELITE.BOASPRT.EXE-A01DF8E1.pf =>PUP.AdvanceElite
O45 - LFCP:[MD5.F08E5F43527069DF04E82BB3FBB5F92B] - 17/04/2015 - 11:00:33 ---A- - C:\Windows\Prefetch\ADVANCEELITE.BROWSERADAPTER.E-CD08C64B.pf =>PUP.AdvanceElite
O45 - LFCP:[MD5.349C9FBF64C56338B84AC4C424B14F2C] - 17/04/2015 - 11:00:34 ---A- - C:\Windows\Prefetch\ADVANCEELITE.EXPEXT.EXE-9E79C758.pf =>PUP.AdvanceElite
O45 - LFCP:[MD5.4805D5E7A763F7ACDF30A128B6FD3458] - 17/04/2015 - 11:00:21 ---A- - C:\Windows\Prefetch\ADVANCEELITE.PURBROWSE.EXE-6562CE9F.pf =>PUP.AdvanceElite
O45 - LFCP:[MD5.C6917933EE91FA2BBAE529314060D037] - 17/04/2015 - 11:02:43 ---A- - C:\Windows\Prefetch\BACKUPSTACK.EXE-D76D7F90.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.B58C8E1948F258460AB9C0397B3E5FA9] - 17/04/2015 - 11:01:18 ---A- - C:\Windows\Prefetch\UPDATEADVANCEELITE.EXE-F2FC76F2.pf =>PUP.AdvanceElite
O45 - LFCP:[MD5.BD135742FAF4BFF010D8F8A7DB30DA0C] - 16/04/2015 - 21:24:57 ---A- - C:\Windows\Prefetch\UTILADVANCEELITE.EXE-E004C3CA.pf =>PUP.AdvanceElite
~ Prefetcher: 9 Scanned in 00mn 03s



---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 01s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe =>PUP.BitGuard
O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Staser
O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>PUP.SearchProtect
O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe =>Adware.IMBooster
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - volaro - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe =>PUP.TubeDimmer
O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe =>PUP.TubeDimmer
~ IFEO: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 02s



---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\Kcdkdu [Key] . (...) -- C:\Users\asus\AppData\Roaming\Kcdkdu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O53 - SMSR:HKLM\...\startupreg\NextLive [Key] . (...) -- C:\Users\asus\AppData\Roaming\newnext.me\nengine.dll (.not file.) =>PUP.NextLive
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ SMSR Keys: 5 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "disabletaskmgr"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
~ MWPE Keys: 4 Scanned in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:07/05/2012 - 15:10:18 ---A- . (.ASUSTek Computer Inc. - ASUS Charger driver.) -- C:\Windows\System32\Drivers\AiDriver.sys [14720]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:28/06/2010 - 06:24:00 ---A- . (...) -- C:\Windows\System32\Drivers\AsIO.sys [11456]
O58 - SDL:03/08/2010 - 06:20:56 ---A- . (...) -- C:\Windows\System32\Drivers\AsUpIO.sys [11832]
O58 - SDL:03/10/2011 - 23:46:14 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athr.sys [2205696]
O58 - SDL:13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:31/03/2014 - 08:33:06 ---A- . (.Glarysoft Ltd - Boot Defrag Driver.) -- C:\Windows\System32\Drivers\BootDefragDriver.sys [16064]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:10/03/2015 - 17:24:42 ---A- . (.ESET - Amon monitor.) -- C:\Windows\System32\Drivers\eamonm.sys [193464]
O58 - SDL:10/03/2015 - 17:24:42 ---A- . (.ESET - Devmon monitor.) -- C:\Windows\System32\Drivers\edevmon.sys [190880]
O58 - SDL:10/03/2015 - 17:24:42 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\System32\Drivers\ehdrv.sys [135808]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:10/03/2015 - 17:24:42 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\Drivers\epfw.sys [176448]
O58 - SDL:10/03/2015 - 17:24:42 ---A- . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\Drivers\EpfwLWF.sys [37928]
O58 - SDL:10/03/2015 - 17:24:42 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\Drivers\epfwwfp.sys [51824]
O58 - SDL:10/03/2011 - 15:17:28 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [118568]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:06/11/2010 - 07:39:18 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStor.sys [354840]
O58 - SDL:11/03/2011 - 06:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160]
O58 - SDL:27/03/2015 - 01:10:52 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [122432]
O58 - SDL:27/02/2012 - 13:04:44 ---A- . (.Intel Corporation - Intel (R) WDDM Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igddim32.sys [1344512]
O58 - SDL:27/02/2012 - 12:58:02 ---A- . (.Intel Corporation - Intel (R) WDDM Kernel mode driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys [419328]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:09/06/2011 - 16:37:54 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [278528]
O58 - SDL:20/07/2009 - 10:29:40 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [13880]
O58 - SDL:31/05/2013 - 15:53:18 ---A- . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\Windows\System32\Drivers\keyscrambler.sys [209016]
O58 - SDL:01/11/2011 - 07:36:00 ---A- . (.Atheros Communications, Inc. - Atheros Ar81xx series PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x86.sys [91760]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:04/10/2011 - 12:18:08 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [3681000]
O58 - SDL:13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:17/09/2010 - 09:32:48 ---A- . (.Trend Micro Inc. - TrendMicro Activity Monitor Module.) -- C:\Windows\System32\Drivers\tmactmon.sys [80464]
O58 - SDL:17/09/2010 - 09:32:48 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\System32\Drivers\tmcomm.sys [189520]
O58 - SDL:17/09/2010 - 09:32:48 ---A- . (.Trend Micro Inc. - TrendMicro Event Management Module.) -- C:\Windows\System32\Drivers\tmevtmgr.sys [64080]
O58 - SDL:17/09/2010 - 09:32:48 ---A- . (.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) -- C:\Windows\System32\Drivers\tmtdi.sys [92112]
O58 - SDL:14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:17/10/2014 - 17:04:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:06/11/2014 - 21:24:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw.sys [43200] =>PUP.LinkiDoo
O58 - SDL:13/10/2014 - 12:52:06 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:11/10/2014 - 15:31:24 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{21abe523-36e2-4dad-9e0e-8fe9f0be1916}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:28/10/2014 - 12:37:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{255a824a-3cde-4dee-9785-284605606456}Gw.sys [43200] =>PUP.LinkiDoo
O58 - SDL:14/10/2014 - 15:38:18 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2dded9e7-3203-4471-8b68-853135cdbf31}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:16/10/2014 - 13:27:14 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{324e1577-96d7-407f-b1ce-1c9f8b33dad4}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:11/10/2014 - 21:46:04 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:11/10/2014 - 09:14:54 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:18/10/2014 - 14:04:38 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{34a9de73-8119-4710-8938-8d3ebf75d78f}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:13/10/2014 - 03:05:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3b808196-ff63-49ee-b33b-efdf51723eca}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:27/11/2014 - 00:05:08 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3cac76e7-8310-45ea-8277-96d048a78c60}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:20/10/2014 - 22:09:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{4530e639-76ab-4435-889d-a5e81ae090a4}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:15/10/2014 - 15:29:52 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{46a147d8-5171-42d8-b8a8-6a187525781d}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:10/11/2014 - 03:31:26 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}Gw.sys [43200] =>PUP.LinkiDoo
O58 - SDL:16/10/2014 - 20:47:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:20/10/2014 - 01:04:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:11/02/2015 - 08:26:38 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}Gw.sys [43144] =>PUP.LinkiDoo
O58 - SDL:19/10/2014 - 18:03:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:11/10/2014 - 03:16:52 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{84e24724-32a5-4ef8-b981-cc669543b4a4}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:01/12/2014 - 14:52:56 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:26/10/2014 - 17:38:42 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:26/11/2014 - 17:24:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:05/10/2014 - 08:33:10 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:10/10/2014 - 11:20:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:14/10/2014 - 13:06:56 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{d1c4c3bc-6b77-4033-9c86-e72fcf769bbe}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:01/12/2014 - 01:49:46 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{d428f5a9-a362-4938-a8b7-f0abd920078b}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:28/11/2014 - 08:49:58 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{d997fcb4-42b4-4f84-a147-2e498567c954}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:20/10/2014 - 15:04:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{db1293a0-85fd-418d-b0d6-c79faa7c8ace}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:29/11/2014 - 23:50:28 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{dbec4a38-79aa-4d48-ac2b-d4467b1ded12}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:22/10/2014 - 15:33:02 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:03/11/2014 - 15:11:04 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw.sys [43200] =>PUP.LinkiDoo
O58 - SDL:30/11/2014 - 12:50:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{f9595960-dc6f-49f8-83db-4f3a4c9b714d}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:31/10/2014 - 14:41:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw.sys [43200] =>PUP.LinkiDoo
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:03/10/2011 - 23:46:14 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athr.sys [2205696]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 117 Scanned in 00mn 34s



---\\ Last modified or created user files (O61)
O61 - LFC: 17/04/2015 - 12:36:29 ---A- . (.ESET.) -- C:\Users\asus\AppData\Local\Temp\InstHelper.exe [307400]
O61 - LFC: 17/04/2015 - 12:36:58 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc.dll [26648]
O61 - LFC: 17/04/2015 - 12:36:58 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc64.dll [31768]
O61 - LFC: 17/04/2015 - 12:36:58 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2.dll [332824]
O61 - LFC: 17/04/2015 - 12:36:58 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmmzcc5\components\idmmzcc.dll [34216]
O61 - LFC: 17/04/2015 - 12:36:59 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2_64.dll [460824]
O61 - LFC: 17/04/2015 - 12:36:59 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc.dll [34216]
O61 - LFC: 17/04/2015 - 12:36:59 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc64.dll [28512]
O61 - LFC: 17/04/2015 - 12:37:00 ---A- . (.Tonec Inc..) -- C:\Users\asus\AppData\Roaming\IDM\idmupdt.exe [6223824]
O61 - LFC: 17/04/2015 - 12:37:19 ---A- . (.Nicolas Coolman.) -- C:\Users\asus\Desktop\ZHPDiag2.exe [6881977] =>.Nicolas Coolman
O61 - LFC: 17/04/2015 - 12:37:22 ---A- . (.ESET.) -- C:\Users\asus\Downloads\Programs\eset_smart_security_live_installer_.exe [1660616]
O61 - LFC: 17/04/2015 - 12:37:22 ---A- . (.Piriform Ltd.) -- C:\Users\asus\Downloads\Programs\ccsetup504.exe [5344528]
~ 18 Fichiers temporaires (Temporary files)
~ 54 Fichiers cookies (Cookies files)
~ Files: 12 Scanned in 02mn 47s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 03s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 28/06/2010 - C:\Windows\System32\drivers\AsIO.sys (AsIO) .(...) - LEGACY_ASIO
O64 - Services: CurCS - 03/08/2010 - C:\Windows\System32\drivers\AsUpIO.sys (AsUpIO) .(...) - LEGACY_ASUPIO
O64 - Services: CurCS - 31/03/2014 - C:\Windows\System32\drivers\BootDefragDriver.sys (BootDefragDriver) .(.Glarysoft Ltd - Boot Defrag Driver.) - LEGACY_BOOTDEFRAGDRIVER
O64 - Services: CurCS - 10/03/2015 - C:\Windows\System32\DRIVERS\eamonm.sys (eamonm) .(.ESET - Amon monitor.) - LEGACY_EAMONM
O64 - Services: CurCS - 10/03/2015 - C:\Windows\System32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV
O64 - Services: CurCS - 10/03/2015 - C:\Windows\System32\DRIVERS\epfw.sys (epfw) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFW
O64 - Services: CurCS - 10/03/2015 - C:\Windows\System32\DRIVERS\EpfwLWF.sys (EpfwLWF) .(.ESET - Epfw NDIS LightWeight Filter.) - LEGACY_EPFWLWF
O64 - Services: CurCS - 10/03/2015 - C:\Windows\System32\DRIVERS\epfwwfp.sys (epfwwfp) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFP
O64 - Services: CurCS - 27/03/2015 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP
O64 - Services: CurCS - 27/02/2012 - C:\Windows\System32\DRIVERS\igddim32.sys (igddim32) .(.Intel Corporation - Intel (R) WDDM Kernel Mode Driver.) - LEGACY_IGDDIM32
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmactmon.sys (tmactmon) .(.Trend Micro Inc. - TrendMicro Activity Monitor Module.) - LEGACY_TMACTMON
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmcomm.sys (tmcomm) .(.Trend Micro Inc. - TrendMicro Common Module.) - LEGACY_TMCOMM
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmevtmgr.sys (tmevtmgr) .(.Trend Micro Inc. - TrendMicro Event Management Module.) - LEGACY_TMEVTMGR
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmtdi.sys (tmtdi) .(.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) - LEGACY_TMTDI
O64 - Services: CurCS - 10/02/2014 - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys (TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV
O64 - Services: CurCS - 17/10/2014 - C:\Windows\System32\drivers\{02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw.sys ({02bbe9df-d3b0-43f4-8dcb-e24500d3308f}Gw) .(.StdLib - StdLib.) - LEGACY_{02BBE9DF-D3B0-43F4-8DCB-E24500D3308F}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 06/11/2014 - C:\Windows\System32\drivers\{10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw.sys ({10e3e2da-8f7b-42cc-9f00-90007ce494b8}Gw) .(.StdLib - StdLib.) - LEGACY_{10E3E2DA-8F7B-42CC-9F00-90007CE494B8}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 13/10/2014 - C:\Windows\System32\drivers\{1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw.sys ({1de2a23f-1c23-4ea1-8ef4-79bc5c5cea78}Gw) .(.StdLib - StdLib.) - LEGACY_{1DE2A23F-1C23-4EA1-8EF4-79BC5C5CEA78}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 11/10/2014 - C:\Windows\System32\drivers\{21abe523-36e2-4dad-9e0e-8fe9f0be1916}Gw.sys ({21abe523-36e2-4dad-9e0e-8fe9f0be1916}Gw) .(.StdLib - StdLib.) - LEGACY_{21ABE523-36E2-4DAD-9E0E-8FE9F0BE1916}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 28/10/2014 - C:\Windows\System32\drivers\{255a824a-3cde-4dee-9785-284605606456}Gw.sys ({255a824a-3cde-4dee-9785-284605606456}Gw) .(.StdLib - StdLib.) - LEGACY_{255A824A-3CDE-4DEE-9785-284605606456}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 14/10/2014 - C:\Windows\System32\drivers\{2dded9e7-3203-4471-8b68-853135cdbf31}Gw.sys ({2dded9e7-3203-4471-8b68-853135cdbf31}Gw) .(.StdLib - StdLib.) - LEGACY_{2DDED9E7-3203-4471-8B68-853135CDBF31}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 16/10/2014 - C:\Windows\System32\drivers\{324e1577-96d7-407f-b1ce-1c9f8b33dad4}Gw.sys ({324e1577-96d7-407f-b1ce-1c9f8b33dad4}Gw) .(.StdLib - StdLib.) - LEGACY_{324E1577-96D7-407F-B1CE-1C9F8B33DAD4}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 11/10/2014 - C:\Windows\System32\drivers\{32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw.sys ({32c6b9d7-6b2c-4b03-9178-01abbf9c7194}Gw) .(.StdLib - StdLib.) - LEGACY_{32C6B9D7-6B2C-4B03-9178-01ABBF9C7194}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 11/10/2014 - C:\Windows\System32\drivers\{336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw.sys ({336e37ae-3235-4f16-98ec-8cdf679be7d2}Gw) .(.StdLib - StdLib.) - LEGACY_{336E37AE-3235-4F16-98EC-8CDF679BE7D2}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 18/10/2014 - C:\Windows\System32\drivers\{34a9de73-8119-4710-8938-8d3ebf75d78f}Gw.sys ({34a9de73-8119-4710-8938-8d3ebf75d78f}Gw) .(.StdLib - StdLib.) - LEGACY_{34A9DE73-8119-4710-8938-8D3EBF75D78F}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 13/10/2014 - C:\Windows\System32\drivers\{3b808196-ff63-49ee-b33b-efdf51723eca}Gw.sys ({3b808196-ff63-49ee-b33b-efdf51723eca}Gw) .(.StdLib - StdLib.) - LEGACY_{3B808196-FF63-49EE-B33B-EFDF51723ECA}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 27/11/2014 - C:\Windows\System32\drivers\{3cac76e7-8310-45ea-8277-96d048a78c60}Gw.sys ({3cac76e7-8310-45ea-8277-96d048a78c60}Gw) .(.StdLib - StdLib.) - LEGACY_{3CAC76E7-8310-45EA-8277-96D048A78C60}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 20/10/2014 - C:\Windows\System32\drivers\{4530e639-76ab-4435-889d-a5e81ae090a4}Gw.sys ({4530e639-76ab-4435-889d-a5e81ae090a4}Gw) .(.StdLib - StdLib.) - LEGACY_{4530E639-76AB-4435-889D-A5E81AE090A4}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 15/10/2014 - C:\Windows\System32\drivers\{46a147d8-5171-42d8-b8a8-6a187525781d}Gw.sys ({46a147d8-5171-42d8-b8a8-6a187525781d}Gw) .(.StdLib - StdLib.) - LEGACY_{46A147D8-5171-42D8-B8A8-6A187525781D}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 10/11/2014 - C:\Windows\System32\drivers\{51b9c91c-8e38-40ae-80de-58a590512b6b}Gw.sys ({51b9c91c-8e38-40ae-80de-58a590512b6b}Gw) .(.StdLib - StdLib.) - LEGACY_{51B9C91C-8E38-40AE-80DE-58A590512B6B}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 16/10/2014 - C:\Windows\System32\drivers\{5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw.sys ({5d78e0ee-ca60-46a4-9492-4f24429cc925}Gw) .(.StdLib - StdLib.) - LEGACY_{5D78E0EE-CA60-46A4-9492-4F24429CC925}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 20/10/2014 - C:\Windows\System32\drivers\{67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw.sys ({67f29abb-07b3-41f5-94cd-f819d7c1fc76}Gw) .(.StdLib - StdLib.) - LEGACY_{67F29ABB-07B3-41F5-94CD-F819D7C1FC76}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 11/02/2015 - C:\Windows\System32\drivers\{6b89253f-7097-40c7-9ead-2d5b1ceb02e2}Gw.sys ({6b89253f-7097-40c7-9ead-2d5b1ceb02e2}Gw) .(.StdLib - StdLib.) - LEGACY_{6B89253F-7097-40C7-9EAD-2D5B1CEB02E2}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 19/10/2014 - C:\Windows\System32\drivers\{6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw.sys ({6c84eb28-66c4-4e3d-8a5a-46ab94f0575a}Gw) .(.StdLib - StdLib.) - LEGACY_{6C84EB28-66C4-4E3D-8A5A-46AB94F0575A}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 11/10/2014 - C:\Windows\System32\drivers\{84e24724-32a5-4ef8-b981-cc669543b4a4}Gw.sys ({84e24724-32a5-4ef8-b981-cc669543b4a4}Gw) .(.StdLib - StdLib.) - LEGACY_{84E24724-32A5-4EF8-B981-CC669543B4A4}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 01/12/2014 - C:\Windows\System32\drivers\{94d62e35-4b43-494c-bf52-ba5935df36ef}Gw.sys ({94d62e35-4b43-494c-bf52-ba5935df36ef}Gw) .(.StdLib - StdLib.) - LEGACY_{94D62E35-4B43-494C-BF52-BA5935DF36EF}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 26/10/2014 - C:\Windows\System32\drivers\{b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw.sys ({b0c7827f-c845-429a-833b-c2a798fc4fc3}Gw) .(.StdLib - StdLib.) - LEGACY_{B0C7827F-C845-429A-833B-C2A798FC4FC3}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 26/11/2014 - C:\Windows\System32\drivers\{b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw.sys ({b59efc84-8479-4faa-b02a-e5c7e85c7926}Gw) .(.StdLib - StdLib.) - LEGACY_{B59EFC84-8479-4FAA-B02A-E5C7E85C7926}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 05/10/2014 - C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw.sys ({bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw) .(.StdLib - StdLib.) - LEGACY_{BB7B7A60-F574-47C2-8A0B-4C56F2DA9802}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 10/10/2014 - C:\Windows\System32\drivers\{c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw.sys ({c61f6471-95aa-405a-be3a-f3b2dc07fdfa}Gw) .(.StdLib - StdLib.) - LEGACY_{C61F6471-95AA-405A-BE3A-F3B2DC07FDFA}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 14/10/2014 - C:\Windows\System32\drivers\{d1c4c3bc-6b77-4033-9c86-e72fcf769bbe}Gw.sys ({d1c4c3bc-6b77-4033-9c86-e72fcf769bbe}Gw) .(.StdLib - StdLib.) - LEGACY_{D1C4C3BC-6B77-4033-9C86-E72FCF769BBE}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 01/12/2014 - C:\Windows\System32\drivers\{d428f5a9-a362-4938-a8b7-f0abd920078b}Gw.sys ({d428f5a9-a362-4938-a8b7-f0abd920078b}Gw) .(.StdLib - StdLib.) - LEGACY_{D428F5A9-A362-4938-A8B7-F0ABD920078B}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 28/11/2014 - C:\Windows\System32\drivers\{d997fcb4-42b4-4f84-a147-2e498567c954}Gw.sys ({d997fcb4-42b4-4f84-a147-2e498567c954}Gw) .(.StdLib - StdLib.) - LEGACY_{D997FCB4-42B4-4F84-A147-2E498567C954}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 20/10/2014 - C:\Windows\System32\drivers\{db1293a0-85fd-418d-b0d6-c79faa7c8ace}Gw.sys ({db1293a0-85fd-418d-b0d6-c79faa7c8ace}Gw) .(.StdLib - StdLib.) - LEGACY_{DB1293A0-85FD-418D-B0D6-C79FAA7C8ACE}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 29/11/2014 - C:\Windows\System32\drivers\{dbec4a38-79aa-4d48-ac2b-d4467b1ded12}Gw.sys ({dbec4a38-79aa-4d48-ac2b-d4467b1ded12}Gw) .(.StdLib - StdLib.) - LEGACY_{DBEC4A38-79AA-4D48-AC2B-D4467B1DED12}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 22/10/2014 - C:\Windows\System32\drivers\{f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw.sys ({f5d136d7-adc2-4c84-85b2-e564334ab0bc}Gw) .(.StdLib - StdLib.) - LEGACY_{F5D136D7-ADC2-4C84-85B2-E564334AB0BC}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 03/11/2014 - C:\Windows\System32\drivers\{f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw.sys ({f63e4e62-e47d-4415-9bb4-c9b1dfe161b9}Gw) .(.StdLib - StdLib.) - LEGACY_{F63E4E62-E47D-4415-9BB4-C9B1DFE161B9}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 30/11/2014 - C:\Windows\System32\drivers\{f9595960-dc6f-49f8-83db-4f3a4c9b714d}Gw.sys ({f9595960-dc6f-49f8-83db-4f3a4c9b714d}Gw) .(.StdLib - StdLib.) - LEGACY_{F9595960-DC6F-49F8-83DB-4F3A4C9B714D}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 31/10/2014 - C:\Windows\System32\drivers\{fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw.sys ({fc7329ef-e953-454c-8e78-ed2cf0acb2ef}Gw) .(.StdLib - StdLib.) - LEGACY_{FC7329EF-E953-454C-8E78-ED2CF0ACB2EF}GW =>PUP.LinkiDoo
~ Legacy: 134 Scanned in 00mn 23s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 03s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
~ Keys: Scanned in 00mn 01s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] OldSearch - (default-search.net) - http://www.default-search.net =>Hijacker.Browsers
O69 - SBI: SearchScopes [HKCU] {52F1CB19-9ADE-4969-B6B4-B6C98BDCC1E4} - (Yahoo! Search) - http://rts.dsrlte.com =>PUP.PaybyAds
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} [DefaultScope] - (Yahoo! Search) - http://q.search-simple.com
~ Keys: Scanned in 00mn 02s



---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1973728]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
~ Services: 32 Scanned in 00mn 05s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.D945BFDD33D971831AFFB6065815FA03] [SPRF][17/04/2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\asus\Desktop\ZHPDiag2.exe [6881977]
~ Files: 1 Scanned in 00mn 02s



---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf}
~ MNS: 1 Scanned in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\AdvanceElite_RASAPI32 =>PUP.AdvanceElite
HKLM\SOFTWARE\Microsoft\Tracing\AdvanceElite_RASMANCS =>PUP.AdvanceElite
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Microsoft\Tracing\RightSurfSetup_RASAPI32 =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\RightSurfSetup_RASMANCS =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\RightSurf_RASAPI32 =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\RightSurf_RASMANCS =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\RightSurf_Setup_RASAPI32 =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\RightSurf_Setup_RASMANCS =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\updateAdvanceElite_RASAPI32 =>PUP.AdvanceElite
HKLM\SOFTWARE\Microsoft\Tracing\updateAdvanceElite_RASMANCS =>PUP.AdvanceElite
HKLM\SOFTWARE\Microsoft\Tracing\updateRightSurf_RASAPI32 =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\updateRightSurf_RASMANCS =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\utilAdvanceElite_RASAPI32 =>PUP.AdvanceElite
HKLM\SOFTWARE\Microsoft\Tracing\utilAdvanceElite_RASMANCS =>PUP.AdvanceElite
HKLM\SOFTWARE\Microsoft\Tracing\utilRightSurf_RASAPI32 =>PUP.RightSurf
HKLM\SOFTWARE\Microsoft\Tracing\utilRightSurf_RASMANCS =>PUP.RightSurf
~ BTK: 137 Scanned in 00mn 01s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}] (AdvanceElite 1.0.0.6) =>PUP.AdvanceElite
~ BCK: 4994 Scanned in 01mn 17s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 16/02/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 17/09/2010 196320 | (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SS - | Auto 13/11/2014 53320 | (BackupStack) . (.Just Develop It.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SS - | Demand 16/09/2011 108544 | (DCDhcpService) . (.Atheros Communication Inc..) - C:\Program Files\WiSharing\DCDhcpService.exe
SS - | Demand 31/07/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 22/07/1658 0 | (MaintainerSvc1.20.7247763) . (...) - C:\ProgramData\d2446020-ddff-402b-b064-199d2ce66b2b\maintainer.exe =>PUP.MaintainerSvc
SS - | Demand 13/02/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 11/12/2014 315496 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 22/07/1658 0 | (Update AdvanceElite) . (...) - C:\Program Files\AdvanceElite\updateAdvanceElite.exe =>PUP.AdvanceElite
SS - | Auto 17/04/2015 408296 | (Util AdvanceElite) . (...) - C:\Program Files\AdvanceElite\bin\utilAdvanceElite.exe =>PUP.AdvanceElite
SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 01/12/2011 92800 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
SR - | Auto 28/01/2015 1349576 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
SR - | Auto 31/07/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 17/09/2010 161104 | (TiMiniService) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
SR - | Auto 20/03/2014 1773368 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
SR - | Auto 26/03/2011 91464 | (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 01mn 32s



---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by asus at 17/04/2015 12:53:06
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/04/2015)
Clés trouvées (Keys found) : 16
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 12
Fichiers trouvés (Files found) : 7

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B2CB4C8-72AB-4B25-8FA1-219B36A60BED}] =>PUP.AdvanceElite^
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\MaintainerSvc1.20.7247763] =>PUP.MaintainerSvc^
[HKLM\SYSTEM\CurrentControlSet\Services\Update AdvanceElite] =>PUP.AdvanceElite^
[HKLM\SYSTEM\CurrentControlSet\Services\Util AdvanceElite] =>PUP.AdvanceElite^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AdvanceElite] =>PUP.AdvanceElite^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer] =>PUP.FLVPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] =>PUP.Mobogenie^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\NextLive] =>PUP.NextLive^
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}] =>Adware.Bandoo^
C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\bn7qw9y1.default\extensions\sitematcher_srcs@sitematcher_srcs.com =>Adware.SiteMatcher^
C:\Program Files\AdvanceElite =>PUP.AdvanceElite^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\RightSurf =>PUP.RightSurf^
C:\Program Files\Settings Manager =>PUP.SystemK^
C:\Program Files\SiteLookup =>PUP.SiteLookup^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer =>PUP.FLVPlayer^
C:\Users\asus\AppData\Roaming\FlvPlayer =>PUP.FLVPlayer^
C:\Users\asus\AppData\Roaming\RHEng =>PUP.Conduit^
C:\Users\asus\AppData\Roaming\SimilarAddon =>PUP.SimilarAddon^
C:\Users\asus\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^
C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\MyPC Backup\Signup Wizard.exe =>PUP.MyPCBackup^
[HKCU\Software\AdvanceElite] =>PUP.AdvanceElite^
[HKCU\Software\Linkey] =>PUP.LinkeySearch^
[HKLM\Software\FlvPlayer] =>PUP.FLVPlayer^
[HKLM\Software\RightSurf] =>PUP.RightSurf^
[HKLM\Software\SmdmF] =>PUP.SystemK^
[HKCR\CLSID\{3b2cb4c8-72ab-4b25-8fa1-219b36a60bed}] (AdvanceElite 1.0.0.6) =>PUP.AdvanceElite^
~ Additionnel Scan: 209875 Items scanned in 02mn 54s



---\\ Additional information about modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4)
~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50)
~ AMI: 4 Scanned in 00mn 00s



---\\ Summary of the detections found on your workstation
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://www.nicolascoolman.fr/blog/ =>Adware.SiteMatcher
http://nicolascoolman.fr/pup-advanceelite =>PUP.AdvanceElite
http://www.nicolascoolman.fr/blog/ =>PUP.FLVPlayer
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>PUP.MaintainerSvc
http://nicolascoolman.fr/pup-systemk =>PUP.SystemK
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/pup-linkeysearch =>PUP.LinkeySearch
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/pup-rightsurf =>PUP.RightSurf
http://www.nicolascoolman.fr/blog/ =>PUP.SiteLookup
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.SimilarAddon
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/pup-browsersafeguard =>PUP.BrowserSafeguard
http://nicolascoolman.fr/trojan-staser =>Trojan.Staser
http://nicolascoolman.fr/pup-jumpflip =>PUP.JumpFlip
http://nicolascoolman.fr/spyware-protectedsearch =>Spyware.ProtectedSearch
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/adware-searchsettings =>Adware.SearchSettings
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/trojan-vonteera =>Trojan.Vonteera
http://nicolascoolman.fr/pup-tubedimmer =>PUP.TubeDimmer
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-nextlive =>PUP.NextLive
http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
~ MSI: 33 link(s) detected in 00mn 00s



End of the scan (1435 lines in 29mn 25s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité