cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.5.13.48 - Nicolas Coolman (13/05/2015)
~ Lancé par goulven (13/05/2015 22:41:13)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.10011.0
MFIE: Mozilla Firefox 37.0.2 (Defaut)
GCIE: Google Chrome v42.0.2311.90

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : HQRJR
Windows License : OK
~ Windows Remaining Initializations Number : 1001
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 10 Pro Technical Preview, 64-bit (Build 10041)

---\\ Logiciels de protection du système
McAfee Security Scan Plus v3.8.150.1

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI

---\\ Informations sur le système
~ Processor: AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6108 MB (46% free)
System Restore: Activé (Enable)
System drive C: has 29 GB (39%) free of 74 GB

---\\ Mode de connexion au système
~ Computer Name: WIN-1KCFOGDMBJQ
~ User Name: goulven
~ All Users Names: goulven, DefaultAccount, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\goulven\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\goulven\AppData\Roaming\
~ %Desktop% : C:\Users\goulven\Desktop\
~ %Favorites% : C:\Users\goulven\Favorites\
~ %LocalAppData% : C:\Users\goulven\AppData\Local\
~ %StartMenu% : C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 29 Go of 74 Go)
D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 53 Go of 440 Go)
G: Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 40 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4D95ADB1950BCEB7DE2E4192DB407CD4] - (.Microsoft Corporation - Explorateur Windows.) (.14/03/2015 - 09:53:14.) -- C:\WINDOWS\Explorer.exe [3476000]
[MD5.3C209C0CC248AEE7EA6F2963A0660913] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/03/2015 - 09:52:19.) -- C:\WINDOWS\System32\Wininit.exe [226744]
[MD5.99907AAF298CE86CD69BD8525D231B06] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2015 - 23:24:33.) -- C:\WINDOWS\System32\wininet.dll [2675200]
[MD5.C8910938F6ED1F60EDAC08031EFCF9F3] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.14/03/2015 - 09:52:13.) -- C:\WINDOWS\System32\Winlogon.exe [560128]
[MD5.7FECE57599240C7A34140B1C11A1D8E2] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/03/2015 - 09:52:11.) -- C:\WINDOWS\System32\sppcomapi.dll [429056]
[MD5.99BCB8741C0F18F8BC48A2ABEE3C241E] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.14/03/2015 - 09:52:48.) -- C:\WINDOWS\system32\Drivers\AFD.sys [570640]
[MD5.4F5C2A53184762B599E3EA08A4D30F48] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/03/2015 - 09:49:20.) -- C:\WINDOWS\system32\Drivers\atapi.sys [23824]
[MD5.9402E57389078241050BFC8CE38A3996] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/03/2015 - 09:53:05.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [92160]
[MD5.4335285754022FD02E6E86FCB28C5D11] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/03/2015 - 09:49:22.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [173056]
[MD5.933806A76437C04121B72C4F8285D412] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/03/2015 - 09:51:39.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [140288]
[MD5.D3AC574747C46839C9FA55E2CB6AD0C2] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/03/2015 - 09:49:01.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [80384]
[MD5.255B0611FD19E403D8F35E5E9A1718B6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/03/2015 - 09:49:18.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [103936]
[MD5.63E57ACCEC4F6FE5FB108B76DA89845F] - (.Microsoft Corporation - IP Network Address Translator.) (.14/03/2015 - 09:51:03.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [142848]
[MD5.DC3BF70DB0BDD1BE5D6158BAEC2748AE] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.14/03/2015 - 09:51:22.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [423424]
[MD5.144A1210ED28CC092556D071B1803DB2] - (.Microsoft Corporation - MBT Transport driver.) (.14/03/2015 - 09:53:01.) -- C:\WINDOWS\system32\Drivers\netBT.sys [274944]
[MD5.26001C0BABEE70D9EC00DB6A02E29189] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/03/2015 - 09:52:48.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [2084112]
[MD5.5CA0BA72C8BD6F2940910205F4D28898] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/03/2015 - 09:49:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [96256]
[MD5.126F69FCF95AEF4F2312D6D91F612486] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/03/2015 - 09:50:50.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [109568]
[MD5.5DC1B65DD47140F50DCDF30D0547C27C] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.14/03/2015 - 18:17:48.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [172032]
[MD5.2B3FA518109D493FFC586225139910EB] - (.Microsoft Corporation - TDI Translation Driver.) (.14/03/2015 - 09:52:49.) -- C:\WINDOWS\system32\Drivers\tdx.sys [111888]
[MD5.FDD254471A111C9C7D7B47F0BC155CE9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/03/2015 - 09:49:22.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [373520]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/281
~ Mes musiques (My Musics) : 9/92
~ Mes Videos (My Videos) : 1/46
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/416
~ Mon Bureau (My Desktop) : 2/853
~ Menu demarrer (Programs) : 1/53
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.73CD25C93C41D174AFFCB140A10A8B1E] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2889408] [PID.6536]
[MD5.8EAADE6187C83AD70D99EDD9BF0CFAEA] - (.Logitech Inc. - Logitech G-series Media Display.) -- C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe [664344] [PID.6416]
[MD5.05EF48203CC819B57F8665217FB6DDF5] - (.Electronic Arts - Origin.) -- F:\Origin\Origin.exe [3632472] [PID.4864]
[MD5.D1AAF28F39E00E4962EB80CCF32D48DB] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144] [PID.4756]
[MD5.716D4E2A4265064A95E71E68383F113F] - (.Pas de propriétaire - 360 Total Security.) -- C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1208944] [PID.6684]
[MD5.BB4C82A0D561D7A415A59F55D6BEE537] - (.ATI Technologies Inc. - MultiDesk.) -- C:\Program Files (x86)\ATI Technologies\ATI HYDRAVISION\HydraMD.exe [364544] [PID.4292]
[MD5.FB855D8507A2488B8D374FA2D8A798AB] - (.Binary Fortress Software - DisplayFusion Hook App.) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe [306024] [PID.3248]
[MD5.345B45BE09381D2011EB7F9AC11D8AC4] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.6080]
[MD5.4B88BF95F7C40E2EDD2B924E0111C456] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [267888] [PID.7284]
[MD5.27A3A0B8C0A1C145A037FC4FC9576F9F] - (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664] [PID.8916]
[MD5.432F4E8794A2EA8A64E4C75EA80B790E] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\goulven\AppData\Roaming\uTorrent\uTorrent.exe [1694560] [PID.6528] =>P2P.BitTorrent
[MD5.66F6B3894132CC3D347CB85FBAE48D57] - (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe [1892528] [PID.836]
[MD5.46769F961E4AB53D76A9E734867E0E54] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8208896] [PID.3208]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [__MSG_appName__]
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__]
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [__MSG_appName__]
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\goulven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
~ Google Lines Browser: 16 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\goulven\AppData\Roaming\Mozilla\Firefox\Profiles\p5qz8mfh.default\prefs.js
M3 - MFPP: Plugins - [goulven] -- C:\Users\goulven\AppData\Roaming\Mozilla\Firefox\Profiles\p5qz8mfh.default\searchplugins\luckysearches.xml =>Hijacker.LuckySearches
M2 - MFEP: RegExtension {e4f94d1e-2f53-401e-8885-681602c0ddd8} . (...) -- C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
M0 - MFSP: prefs.js [goulven - p5qz8mfh.default] http://www.google.fr
M2 - MFEP: Extension [goulven - p5qz8mfh.default] firefox@mega.co.nz.xpi
M2 - MFEP: Extension [goulven - p5qz8mfh.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
P2 - FPN: [HKLM] [wacom.com/WacomTabletPlugin] - (...) -- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (.not file.)
~ Firefox Browser: 23 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.0.10041.0 (fbl_impressive.150313-1821)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 17 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=C:\WINDOWS\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MSS+ Identifier [64Bits] - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
~ BHO: 4 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [WindowsDefender] C:\Program Files (x86)\Windows Defender\MSASCui.exe (.not file.)
O4 - HKLM\..\Run: [Launch LCore] . (.Logitech Inc. - Logitech Gaming Framework.) -- C:\Program Files\Logitech Gaming Software\LCore.exe =>.Logitech Inc
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- F:\Origin\Origin.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
O4 - HKCU\..\Run: [DisplayFusion] . (.Binary Fortress Software - DisplayFusion.) -- C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\goulven\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.4726.0226_1\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.4726.0226_1] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [QHSafeTray] . (.Qihu Software Co. Limited - 360 Total Security.) -- C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_386] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [HydraVisionDesktopManager] . (.ATI Technologies Inc. - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Wow6432Node\Run: [HydraVisionViewport] . (.ATI Technologies Inc. - MultiDesk.) -- C:\Program Files (x86)\ATI Technologies\ATI HYDRAVISION\HydraMD.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\Run: [EADM] . (.Electronic Arts - Origin.) -- F:\Origin\Origin.exe
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\Run: [DisplayFusion] . (.Binary Fortress Software - DisplayFusion.) -- C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\goulven\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\RunOnce: [Uninstall C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.4726.0226_1\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3125352801-2418071491-904445338-1000\..\RunOnce: [Uninstall C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.4726.0226_1] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{62512BC9-29BC-4348-B03A-06ADA987B16A}: NameServer = 31.168.228.251,82.166.96.251
O17 - HKLM\System\CCS\Services\Tcpip\..\{62512BC9-29BC-4348-B03A-06ADA987B16A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{62512BC9-29BC-4348-B03A-06ADA987B16A}: NameServer = 31.168.228.251,82.166.96.251
O17 - HKLM\System\CS1\Services\Tcpip\..\{62512BC9-29BC-4348-B03A-06ADA987B16A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\System32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: DisplayFusionService (DisplayFusionService) . (.Binary Fortress Software - DisplayFusion Service.) - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) . (.SurfRight B.V. - HitmanPro Scheduler.) - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\WINDOWS\SysWOW64\PnkBstrA.exe
O23 - Service: 360 Total Security (QHActiveDefense) . (.Pas de propriétaire - 360 Total Security.) - C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: oem5.inf (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\WINDOWS\System32\viakaraokesrv.exe
O23 - Service: Wacom Consumer Service (WTabletServiceCon) . (.Wacom Technology, Corp. - Tablet Service.) - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) . (.Wacom Technology, Corp. - Tablet Service.) - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
~ Services: 13 Scanned in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (bootdelete) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [2cc7fe73-1ae2-45bf-9800-c83d7270a4bd-5] (...) -- C:\Program Files (x86)\CinPlus-2.4icV12.04\2cc7fe73-1ae2-45bf-9800-c83d7270a4bd-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [5c733c0b-c613-4f88-b1ae-3b4282df602e-5_user] (...) -- C:\Program Files (x86)\Cinema PlusV07.04\5c733c0b-c613-4f88-b1ae-3b4282df602e-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.A9D8176275B1BA8C584975AE9C71E7C9] [APT] [LaunchPreSignup] (...) -- C:\Program Files (x86)\OLBPre\OLBPre.exe [1283584] =>PUP.MyPCBackup
[MD5.329EF0A6B0F25EB86516DD069879F24C] [APT] [{2ACCED30-74A3-4338-8E02-B14D7C1BC223}] (...) -- C:\Users\goulven\AppData\Local\03AA02FC-1428882957-0553-AB06-160700080009\Uninstall.exe [57562]
[MD5.00000000000000000000000000000000] [APT] [{8D89D877-51AB-44F0-A8CC-2B584CE74E68}] (...) -- C:\Users\goulven\Downloads\lide60vst6411111a_64fr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A08B62A9-F6E6-41A8-8AAC-A73E716F2568}] (...) -- C:\Users\goulven\Downloads\Range_RAT5_SD7_0_20_0_64Bit_Drivers_NonWHQL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E6864390-6903-4B73-B74D-C0FB00644FD3}] (...) -- C:\Users\goulven\Downloads\Range_RAT5_SD7_0_20_0_64Bit_Drivers_NonWHQL(1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F3AA5F2A-5B7C-47F5-91EC-CCAB8FCDA2BB}] (...) -- C:\ProgramData\LolliScan\SoftConfigTest.exe (.not file.) [0] =>Adware.Graftor
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1104]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [1104]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1108]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [1108]
~ Scheduled Task: 16 Scanned in 00mn 02s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (360Box64) . (.360.cn - 360Box64.) - C:\WINDOWS\System32\DRIVERS\360Box64.sys
O41 - Driver: (360FsFlt) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) - C:\WINDOWS\System32\DRIVERS\360FsFlt.sys
O41 - Driver: C:\WINDOWS\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: C:\WINDOWS\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\WINDOWS\System32\DRIVERS\ahcache.sys
O41 - Driver: (BAPIDRV) . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) - C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\WINDOWS\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\WINDOWS\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\drivers\cdrom.sys
O41 - Driver: C:\WINDOWS\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\WINDOWS\System32\drivers\csc.sys
O41 - Driver: C:\WINDOWS\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\WINDOWS\System32\drivers\dam.sys
O41 - Driver: C:\WINDOWS\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: C:\WINDOWS\System32\drivers\filecrypt.sys (FileCrypt) . (.Microsoft Corporation - Windows sandboxing and encryption filter.) - C:\WINDOWS\System32\drivers\filecrypt.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\WINDOWS\system32\drivers\mssmbios.sys
O41 - Driver: C:\WINDOWS\System32\todo.dll (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\drivers\netbios.sys
O41 - Driver: C:\WINDOWS\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\WINDOWS\system32\drivers\npsvctrig.sys
O41 - Driver: C:\WINDOWS\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys
O41 - Driver: C:\WINDOWS\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\WINDOWS\System32\drivers\pacer.sys
O41 - Driver: C:\WINDOWS\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\system32\DRIVERS\tdx.sys
O41 - Driver: C:\WINDOWS\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\WINDOWS\System32\drivers\vwififlt.sys
~ Drivers: 42 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 360 Total Security - (.360 Security Center.) [HKLM][64Bits] -- 360TotalSecurity
O42 - Logiciel: 5D48 - (...) [HKLM][64Bits] -- {d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {1D1CB210-D05E-5BF4-F998-2B1903EE4323}
O42 - Logiciel: AMD Catalyst Control Center - (.AMD.) [HKLM][64Bits] -- WUCCCApp
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F2A7CE36-57BF-5C86-952D-90DBF3746D82}
O42 - Logiciel: ARMA III - (.R.G. Mechanics, markfiter.) [HKLM][64Bits] -- ARMA III_R.G. Mechanics_is1
O42 - Logiciel: ATI HYDRAVISION - (...) [HKLM][64Bits] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
O42 - Logiciel: Adblock Plus pour IE (32-bits et 64-bits) - (.Eyeo GmbH.) [HKLM][64Bits] -- {92E167CC-3D19-47EB-AE7F-A135427C3220}
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: AnySend - (.CMI Limited.) [HKLM][64Bits] -- ASPackage =>PUP.ASPackage
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net
O42 - Logiciel: Battlefield 3™ - (.Electronic Arts.) [HKLM][64Bits] -- {76285C16-411A-488A-BCE3-C83CB933D8CF}
O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM][64Bits] -- Blender
O42 - Logiciel: Brick-Force (EU) - (.Exe Games Inc..) [HKLM][64Bits] -- Steam App 335330
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47}
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {25A3B953-1423-3F15-640E-B620DD0F419A}
O42 - Logiciel: Cities Skylines - (...) [HKLM][64Bits] -- Cities Skylines_is1
O42 - Logiciel: Counter-Strike - (.Valve.) [HKLM][64Bits] -- Steam App 10
O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] -- Steam App 240
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: Dazzle Video Capture DVC100 X64 Driver 1.06 - (.Pinnacle.) [HKLM][64Bits] -- {BFF23267-1D19-444E-93E2-E5059BE805EA}
O42 - Logiciel: DiRT 3: Complete Edition - (...) [HKLM][64Bits] -- DiRT 3: Complete Edition_is1
O42 - Logiciel: DisplayFusion 7.1 - (.Binary Fortress Software.) [HKLM][64Bits] -- B076073A-5527-4f4f-B46B-B10692277DA2_is1
O42 - Logiciel: Far Cry 2 - (.Ubisoft.) [HKLM][64Bits] -- {F2835483-37F2-4123-B4FE-0E77D58447F2}
O42 - Logiciel: Fraps (remove only) - (...) [HKLM][64Bits] -- Fraps
O42 - Logiciel: GIMP 2.8.14 - (.The GIMP Team.) [HKLM][64Bits] -- GIMP-2_is1
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hearthstone - (.Blizzard Entertainment.) [HKLM][64Bits] -- Hearthstone
O42 - Logiciel: Heroes of the Storm - (.Blizzard Entertainment.) [HKLM][64Bits] -- Heroes of the Storm
O42 - Logiciel: HitmanPro 3.7 - (.SurfRight B.V..) [HKLM][64Bits] -- HitmanPro37
O42 - Logiciel: Java 8 Update 40 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218040F0}
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] -- LogMeIn Hamachi
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM][64Bits] -- {80EE9168-BB59-4F87-BF1A-57C137EAF714}
O42 - Logiciel: Logitech - Assistant pour jeux vidéo 8.58 - (.Logitech Inc..) [HKLM][64Bits] -- Logitech Gaming Software =>.Logitech Inc
O42 - Logiciel: Logitech Gaming Software - (.Logitech Inc..) [HKLM][64Bits] -- {690285C2-2481-44FB-8402-162EA970A6DD} =>.Logitech Inc
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {C2B8CBDE-5232-11E3-B494-F04DA23A5C58}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: Magic The Gathering - Duels of the Planeswalkers 2013 - (...) [HKLM][64Bits] -- Magic The Gathering - Duels of the Planeswalkers 2013_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: Metal Gear Solid Ground Zeroes, âåðñèÿ 1.0.0.0 - (.RePack by SEYTER.) [HKLM][64Bits] -- Metal Gear Solid Ground Zeroes_is1
O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C303EE0-A595-3543-A71A-931C7AC40EDE}
O42 - Logiciel: Mirror's Edge - (.DICE.) [HKLM][64Bits] -- Steam App 17410
O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 37.0.2 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MyPC Backup - (.MyPC Backup.) [HKLM][64Bits] -- OLBPre =>PUP.MyPCBackup
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin
O42 - Logiciel: PaperScan 2 Free Edition - (.ORPALIS.) [HKLM][64Bits] -- {41E45D65-814E-45C9-898A-5C6A2BADEC77}
O42 - Logiciel: Pinnacle Studio 17 - (.Corel Corporation.) [HKLM][64Bits] -- {3DA8F808-72E2-4361-82EC-433081D23005}
O42 - Logiciel: Pinnale Systems Software Keys - (.VPP TEAM.) [HKLM][64Bits] -- {616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1
O42 - Logiciel: Portal - (.Valve.) [HKLM][64Bits] -- Steam App 400
O42 - Logiciel: Project CARS - (...) [HKLM][64Bits] -- UHJvamVjdENBUlM=_is1
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Skype™ 7.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: StarCraft II - (.Blizzard Entertainment.) [HKLM][64Bits] -- StarCraft II
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam
O42 - Logiciel: Stranded Deep - (.Beam Team Games.) [HKLM][64Bits] -- Steam App 313120
O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bits] -- {53A3949A-423C-401F-8375-A2B4376B0ED4}
O42 - Logiciel: Tablette Wacom - (.Wacom Technology Corp..) [HKLM][64Bits] -- Wacom Tablet Driver
O42 - Logiciel: The Elder Scrolls V Skyrim version 1.0 - (.Bethesda Softworks.) [HKLM][64Bits] -- {5EFE0504-0BC4-11E1-8EDD-B32C4824019B}_is1
O42 - Logiciel: The Mighty Quest For Epic Loot - (.Ubisoft Montreal.) [HKLM][64Bits] -- Steam App 239220
O42 - Logiciel: Tom Clancy's Ghost Recon Phantoms - EU - (.Ubisoft Singapore.) [HKLM][64Bits] -- Steam App 272350
O42 - Logiciel: Tomb Raider: Underworld - (.Crystal Dynamics.) [HKLM][64Bits] -- Steam App 8140
O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay
O42 - Logiciel: WATCH_DOGS - (.Ubisoft.) [HKLM][64Bits] -- Uplay Install 274
O42 - Logiciel: Wacom - (.Wacom Technology Corp..) [HKLM][64Bits] -- Pen Tablet Driver
O42 - Logiciel: Warface - (.Crytek.) [HKLM][64Bits] -- Steam App 291480
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: XSplit Broadcaster - (.SplitmediaLabs.) [HKLM][64Bits] -- {4202CAFA-F8F9-4311-8A13-19DB48AAF5F7}
O42 - Logiciel: XSplit Gamecaster - (.SplitmediaLabs.) [HKLM][64Bits] -- {3259F38C-6383-4637-BA76-C6B19F872091}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 78 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\360TotalSecurity]
[HKCU\Software\360]
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\AOL]
[HKCU\Software\ATI]
[HKCU\Software\AdblockPlus]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Avid]
[HKCU\Software\BEAM Team Games]
[HKCU\Software\Binary Fortress Software]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Bohemia Interactive]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\Cinema PlusV07.04-ntf] =>PUP.CrossRider
[HKCU\Software\Cinema PlusV07.04-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlusV07.04-ntf]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\Colossal Order]
[HKCU\Software\Common]
[HKCU\Software\Crystal Dynamics]
[HKCU\Software\CyberLink]
[HKCU\Software\DirectShow]
[HKCU\Software\Disc Soft]
[HKCU\Software\Drivers]
[HKCU\Software\EXE Games]
[HKCU\Software\EXIZ]
[HKCU\Software\Fraps3]
[HKCU\Software\GfaceGmbh]
[HKCU\Software\Google]
[HKCU\Software\HKRDJUTQ]
[HKCU\Software\HmelyoffLabs]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kromtech]
[HKCU\Software\Licenses]
[HKCU\Software\Lightworks]
[HKCU\Software\LiveUpdate360]
[HKCU\Software\Logitech]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\Mirillis]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NewBlue]
[HKCU\Software\OB]
[HKCU\Software\Pinnacle Systems]
[HKCU\Software\Pipix]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\Raptr]
[HKCU\Software\Razer]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard
[HKCU\Software\Skype]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\SplitmediaLabs]
[HKCU\Software\Stardock]
[HKCU\Software\Studio 7 Media, LLC]
[HKCU\Software\System32]
[HKCU\Software\TeamViewer]
[HKCU\Software\The Silicon Realms Toolworks]
[HKCU\Software\Trolltech]
[HKCU\Software\Ubisoft]
[HKCU\Software\Unity]
[HKCU\Software\VOB]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Win]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adblock Plus for IE]
[HKLM\Software\Alienware]
[HKLM\Software\Avid]
[HKLM\Software\BlenderFoundation]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Dell]
[HKLM\Software\Disc Soft]
[HKLM\Software\HitmanPro]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\LogMeIn, Inc.]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NewBlue]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Saitek]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Wacom]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\360softmgr]
[HKLM\Software\Wow6432Node\AIM Toolbar]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Avid]
[HKLM\Software\Wow6432Node\Bethesda Softworks]
[HKLM\Software\Wow6432Node\Blizzard Entertainment]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Corel Corporation]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\Even Balance]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] =>PUP.Infonaut
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lightworks]
[HKLM\Software\Wow6432Node\LiveUpdate360]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NewBlue]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Pegasus Imaging]
[HKLM\Software\Wow6432Node\Pinnacle Systems]
[HKLM\Software\Wow6432Node\Pinnacle]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard
[HKLM\Software\Wow6432Node\SiteSee]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Sony Creative Software]
[HKLM\Software\Wow6432Node\SplitmediaLabs]
[HKLM\Software\Wow6432Node\Stardock]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\TeamViewer]
[HKLM\Software\Wow6432Node\Ubisoft]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\Wacom]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\Wizards of the Coast]
[HKLM\Software\Wow6432Node\clean2PC]
[HKLM\Software\Wow6432Node\crystal dynamics]
[HKLM\Software\Wow6432Node\ea games]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
~ Key Software: 326 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/03/2015 - 16:15:04 - [] ----D C:\Program Files (x86)\360
O43 - CFD: 12/04/2015 - 12:42:46 - [] ----D C:\Program Files (x86)\AMD
O43 - CFD: 29/03/2015 - 16:40:56 - [] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 12/04/2015 - 23:40:00 - [0] ----D C:\Program Files (x86)\app_setup
O43 - CFD: 24/04/2015 - 20:23:36 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 13/05/2015 - 21:35:30 - [] ----D C:\Program Files (x86)\Battle.net
O43 - CFD: 07/04/2015 - 20:49:28 - [0] ----D C:\Program Files (x86)\Cinema PlusV07.04-ntf =>PUP.CrossRider
O43 - CFD: 05/05/2015 - 20:39:36 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 13/04/2015 - 00:08:39 - [0] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 02/05/2015 - 17:44:38 - [] ----D C:\Program Files (x86)\DisplayFusion
O43 - CFD: 22/04/2015 - 21:50:23 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 04/05/2015 - 21:14:38 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 14/03/2015 - 19:14:04 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 29/03/2015 - 19:45:01 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 22/04/2015 - 21:45:21 - [] ----D C:\Program Files (x86)\LogMeIn Hamachi
O43 - CFD: 06/04/2015 - 01:33:44 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 24/04/2015 - 20:23:38 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 12/04/2015 - 23:53:02 - [0] ----D C:\Program Files (x86)\Mirillis
O43 - CFD: 13/05/2015 - 20:17:11 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 23/04/2015 - 08:44:10 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 24/04/2015 - 21:06:15 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 13/04/2015 - 00:04:44 - [0] ----D C:\Program Files (x86)\NewBlue
O43 - CFD: 12/04/2015 - 17:05:21 - [] ----D C:\Program Files (x86)\NSIS Uninstall Information
O43 - CFD: 12/04/2015 - 23:57:16 - [] ----D C:\Program Files (x86)\OBS
O43 - CFD: 16/04/2015 - 02:41:10 - [] ----D C:\Program Files (x86)\OLBPre =>PUP.MyPCBackup
O43 - CFD: 01/05/2015 - 19:50:40 - [] ----D C:\Program Files (x86)\Pinnacle
O43 - CFD: 13/04/2015 - 00:04:09 - [] ----D C:\Program Files (x86)\Raptr
O43 - CFD: 24/04/2015 - 21:06:15 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 01/05/2015 - 18:46:14 - [0] ----D C:\Program Files (x86)\Rockstar Games
O43 - CFD: 21/04/2015 - 17:31:38 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 13/05/2015 - 19:55:07 - [] ----D C:\Program Files (x86)\Steam
O43 - CFD: 09/05/2015 - 18:37:12 - [] ----D C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 15/04/2015 - 12:17:40 - [] ----D C:\Program Files (x86)\TabletPlugins
O43 - CFD: 04/05/2015 - 21:13:06 - [] ----D C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/03/2015 - 19:14:04 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 06/04/2015 - 01:33:43 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 24/04/2015 - 20:23:40 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 24/04/2015 - 20:23:40 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/03/2015 - 10:58:51 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 14/03/2015 - 10:58:49 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 14/03/2015 - 19:14:04 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/03/2015 - 10:58:51 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 24/04/2015 - 20:23:40 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 14/03/2015 - 10:58:49 - [] -S--D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 29/03/2015 - 18:13:51 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 17/04/2015 - 09:59:59 - [] ----D C:\Program Files (x86)\Wizards of the Coast LLC
O43 - CFD: 13/05/2015 - 22:31:51 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 29/03/2015 - 16:40:56 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 30/03/2015 - 20:18:35 - [0] ----D C:\Program Files (x86)\Common Files\Blizzard Entertainment
O43 - CFD: 05/05/2015 - 20:39:36 - [] --H-D C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 17/04/2015 - 18:23:31 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 29/03/2015 - 19:45:23 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 24/04/2015 - 20:23:37 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 12/04/2015 - 17:05:27 - [] ----D C:\Program Files (x86)\Common Files\NewBlue
O43 - CFD: 01/05/2015 - 19:59:25 - [] ----D C:\Program Files (x86)\Common Files\Pegasus Imaging
O43 - CFD: 06/04/2015 - 01:18:10 - [] ----D C:\Program Files (x86)\Common Files\Pinnacle
O43 - CFD: 14/03/2015 - 10:58:51 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 21/04/2015 - 17:30:44 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/04/2015 - 13:13:50 - [] ----D C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 12/04/2015 - 17:41:34 - [] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 14/03/2015 - 19:14:04 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 06/04/2015 - 01:32:32 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 08/04/2015 - 14:26:07 - [] ----D C:\ProgramData\.mono
O43 - CFD: 15/04/2015 - 23:39:42 - [] ----D C:\ProgramData\360Quarant
O43 - CFD: 29/03/2015 - 17:58:23 - [] ----D C:\ProgramData\360safe
O43 - CFD: 05/04/2015 - 10:19:30 - [] ----D C:\ProgramData\360TotalSecurity
O43 - CFD: 12/04/2015 - 23:40:50 - [] ----D C:\ProgramData\8879065850099333985
O43 - CFD: 12/04/2015 - 12:25:31 - [] ----D C:\ProgramData\AMD
O43 - CFD: 29/03/2015 - 17:11:29 - [] ----D C:\ProgramData\Apple
O43 - CFD: 14/03/2015 - 11:17:22 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 12/04/2015 - 13:00:15 - [] ----D C:\ProgramData\ATI
O43 - CFD: 06/04/2015 - 01:13:48 - [0] ----D C:\ProgramData\Avid
O43 - CFD: 29/03/2015 - 22:15:07 - [] ----D C:\ProgramData\Battle.net
O43 - CFD: 02/05/2015 - 18:51:23 - [] ----D C:\ProgramData\Binary Fortress Software
O43 - CFD: 22/04/2015 - 23:52:56 - [] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 29/03/2015 - 21:40:47 - [] ----D C:\ProgramData\Bohemia Interactive
O43 - CFD: 29/03/2015 - 16:01:10 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 07/04/2015 - 20:51:07 - [] ----D C:\ProgramData\cHakhUUopk
O43 - CFD: 20/01/2015 - 14:09:41 - [0] ----D C:\ProgramData\Comms
O43 - CFD: 12/04/2015 - 17:09:59 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 29/03/2015 - 18:09:36 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 12/04/2015 - 23:39:19 - [] ----D C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
O43 - CFD: 14/03/2015 - 11:17:22 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/03/2015 - 11:17:22 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 12/04/2015 - 13:28:56 - [] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 12/04/2015 - 17:52:20 - [] ----D C:\ProgramData\Geevs
O43 - CFD: 09/05/2015 - 13:29:16 - [] ----D C:\ProgramData\GFACE
O43 - CFD: 09/05/2015 - 17:26:21 - [] ----D C:\ProgramData\HitmanPro
O43 - CFD: 12/04/2015 - 16:59:33 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 29/03/2015 - 17:11:42 - [] ----D C:\ProgramData\LogiShrd
O43 - CFD: 22/04/2015 - 21:50:34 - [] ----D C:\ProgramData\LogMeIn
O43 - CFD: 04/04/2015 - 17:06:37 - [] ----D C:\ProgramData\Logs
O43 - CFD: 29/03/2015 - 20:25:44 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 30/03/2015 - 19:46:48 - [] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 29/03/2015 - 16:01:10 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 24/04/2015 - 20:23:46 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 29/03/2015 - 16:05:28 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 11/04/2015 - 21:04:30 - [] ----D C:\ProgramData\Mirillis
O43 - CFD: 29/03/2015 - 16:01:10 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 29/03/2015 - 18:03:43 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 12/04/2015 - 23:56:51 - [] ----D C:\ProgramData\Norton
O43 - CFD: 12/04/2015 - 17:01:10 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 29/03/2015 - 19:45:27 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 17/04/2015 - 13:28:18 - [] ----D C:\ProgramData\Orbit
O43 - CFD: 13/05/2015 - 19:55:19 - [] ----D C:\ProgramData\Origin
O43 - CFD: 02/05/2015 - 21:38:30 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 01/05/2015 - 19:48:42 - [] ----D C:\ProgramData\Pinnacle
O43 - CFD: 14/03/2015 - 19:18:10 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 16/04/2015 - 20:45:09 - [] ----D C:\ProgramData\RogueKiller
O43 - CFD: 21/04/2015 - 17:30:54 - [] ----D C:\ProgramData\Skype
O43 - CFD: 12/04/2015 - 23:58:54 - [0] ----D C:\ProgramData\Sony
O43 - CFD: 29/03/2015 - 20:06:48 - [] ----D C:\ProgramData\SplitMediaLabs
O43 - CFD: 04/04/2015 - 19:32:32 - [] ----D C:\ProgramData\Stardock
O43 - CFD: 14/03/2015 - 11:17:22 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 12/04/2015 - 22:10:22 - [] ----D C:\ProgramData\Steam
O43 - CFD: 29/03/2015 - 19:45:24 - [] ----D C:\ProgramData\Sun
O43 - CFD: 13/04/2015 - 00:09:10 - [0] ----D C:\ProgramData\SUPPORTDIR
O43 - CFD: 07/04/2015 - 20:33:43 - [] ----D C:\ProgramData\T122078ED
O43 - CFD: 07/04/2015 - 20:45:01 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14/03/2015 - 11:17:22 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 29/03/2015 - 16:07:19 - [] ----D C:\ProgramData\USOPrivate
O43 - CFD: 12/05/2015 - 21:28:21 - [] ----D C:\ProgramData\USOShared
O43 - CFD: 13/04/2015 - 11:15:55 - [] ----D C:\ProgramData\{0bbc9d6a-5245-1601-0bbc-c9d6a52475a9}
O43 - CFD: 16/04/2015 - 09:28:22 - [] ----D C:\ProgramData\{3bef08e0-4997-b04c-3bef-f08e04992381}
O43 - CFD: 24/04/2015 - 20:23:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
O43 - CFD: 14/03/2015 - 10:58:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 14/03/2015 - 19:18:12 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/03/2015 - 19:18:12 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 24/04/2015 - 20:23:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI HYDRAVISION
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
O43 - CFD: 24/04/2015 - 20:23:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
O43 - CFD: 07/04/2015 - 20:49:28 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 02/05/2015 - 17:44:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
O43 - CFD: 09/05/2015 - 17:17:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 15/04/2015 - 23:39:34 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
O43 - CFD: 14/03/2015 - 10:58:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Gear Solid Ground Zeroes
O43 - CFD: 12/04/2015 - 23:53:01 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaperScan 2 Free Edition
O43 - CFD: 01/05/2015 - 20:06:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 17
O43 - CFD: 24/04/2015 - 20:23:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
O43 - CFD: 24/04/2015 - 20:25:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 14/03/2015 - 10:58:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 14/03/2015 - 19:18:10 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 24/04/2015 - 20:25:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablette Wacom
O43 - CFD: 02/05/2015 - 23:45:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls V Skyrim
O43 - CFD: 24/04/2015 - 20:25:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 24/04/2015 - 20:23:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wizards of the Coast LLC
O43 - CFD: 10/05/2015 - 19:08:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
O43 - CFD: 13/05/2015 - 22:31:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 11/05/2015 - 21:34:05 - [] ----D C:\Users\goulven\AppData\Roaming\.minecraft
O43 - CFD: 08/04/2015 - 14:26:07 - [] ----D C:\Users\goulven\AppData\Roaming\.mono
O43 - CFD: 09/05/2015 - 17:25:55 - [] ----D C:\Users\goulven\AppData\Roaming\03AA02FC-1428430177-0553-AB06-160700080009
O43 - CFD: 09/05/2015 - 17:25:55 - [] ----D C:\Users\goulven\AppData\Roaming\03AA02FC-1428875465-0553-AB06-160700080009
O43 - CFD: 12/04/2015 - 23:55:27 - [] ----D C:\Users\goulven\AppData\Roaming\03AA02FC-1428875726-0553-AB06-160700080009
O43 - CFD: 16/04/2015 - 11:40:56 - [] ----D C:\Users\goulven\AppData\Roaming\03AA02FC-1429177255-0553-AB06-160700080009
O43 - CFD: 12/04/2015 - 11:49:42 - [] ----D C:\Users\goulven\AppData\Roaming\360safe
O43 - CFD: 29/03/2015 - 16:04:44 - [] ----D C:\Users\goulven\AppData\Roaming\Adobe
O43 - CFD: 12/04/2015 - 13:31:43 - [] ----D C:\Users\goulven\AppData\Roaming\AMD
O43 - CFD: 12/04/2015 - 22:10:06 - [] ----D C:\Users\goulven\AppData\Roaming\ARMA III
O43 - CFD: 16/04/2015 - 11:40:55 - [] ----D C:\Users\goulven\AppData\Roaming\ASPackage =>PUP.ASPackage
O43 - CFD: 29/03/2015 - 16:46:06 - [] ----D C:\Users\goulven\AppData\Roaming\ATI
O43 - CFD: 29/03/2015 - 22:19:46 - [] ----D C:\Users\goulven\AppData\Roaming\Battle.net
O43 - CFD: 14/04/2015 - 17:04:23 - [] ----D C:\Users\goulven\AppData\Roaming\Canon
O43 - CFD: 30/03/2015 - 22:47:33 - [] ----D C:\Users\goulven\AppData\Roaming\Citra team
O43 - CFD: 12/04/2015 - 20:54:26 - [] -SH-D C:\Users\goulven\AppData\Roaming\Common
O43 - CFD: 12/04/2015 - 17:08:42 - [] ----D C:\Users\goulven\AppData\Roaming\CyberLink
O43 - CFD: 29/03/2015 - 21:18:09 - [] ----D C:\Users\goulven\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 02/05/2015 - 17:44:44 - [0] ----D C:\Users\goulven\AppData\Roaming\DisplayFusion
O43 - CFD: 04/04/2015 - 21:03:53 - [] ----D C:\Users\goulven\AppData\Roaming\FastStone
O43 - CFD: 29/03/2015 - 19:46:57 - [] ----D C:\Users\goulven\AppData\Roaming\java
O43 - CFD: 29/03/2015 - 16:42:16 - [] ----D C:\Users\goulven\AppData\Roaming\library_dir
O43 - CFD: 29/03/2015 - 17:09:24 - [] ----D C:\Users\goulven\AppData\Roaming\Logishrd
O43 - CFD: 29/03/2015 - 17:09:24 - [] ----D C:\Users\goulven\AppData\Roaming\Logitech
O43 - CFD: 29/03/2015 - 16:16:48 - [] ----D C:\Users\goulven\AppData\Roaming\Macromedia
O43 - CFD: 01/05/2015 - 18:45:50 - [] -S--D C:\Users\goulven\AppData\Roaming\Microsoft
O43 - CFD: 11/04/2015 - 21:04:30 - [] ----D C:\Users\goulven\AppData\Roaming\Mirillis
O43 - CFD: 29/03/2015 - 18:03:57 - [] ----D C:\Users\goulven\AppData\Roaming\Mozilla
O43 - CFD: 10/04/2015 - 21:07:43 - [] ----D C:\Users\goulven\AppData\Roaming\OBS
O43 - CFD: 17/04/2015 - 18:56:34 - [] ----D C:\Users\goulven\AppData\Roaming\Origin
O43 - CFD: 05/04/2015 - 15:12:01 - [] ----D C:\Users\goulven\AppData\Roaming\Processing
O43 - CFD: 05/04/2015 - 23:57:56 - [0] ----D C:\Users\goulven\AppData\Roaming\Publish Providers
O43 - CFD: 13/05/2015 - 22:24:27 - [] ----D C:\Users\goulven\AppData\Roaming\Skype
O43 - CFD: 07/04/2015 - 20:44:40 - [] ----D C:\Users\goulven\AppData\Roaming\Sony
O43 - CFD: 10/05/2015 - 19:05:35 - [] ----D C:\Users\goulven\AppData\Roaming\SplitmediaLabs
O43 - CFD: 08/04/2015 - 14:26:03 - [] ----D C:\Users\goulven\AppData\Roaming\Steam
O43 - CFD: 07/04/2015 - 20:44:54 - [0] ----D C:\Users\goulven\AppData\Roaming\TeamViewer
O43 - CFD: 13/05/2015 - 22:41:01 - [] ----D C:\Users\goulven\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 29/03/2015 - 18:14:54 - [] ----D C:\Users\goulven\AppData\Roaming\WinRAR
O43 - CFD: 14/04/2015 - 16:48:33 - [] ----D C:\Users\goulven\AppData\Roaming\WTablet
O43 - CFD: 13/05/2015 - 22:41:25 - [] ----D C:\Users\goulven\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 09/05/2015 - 17:25:55 - [] ----D C:\Users\goulven\AppData\Local\03AA02FC-1428437580-0553-AB06-160700080009
O43 - CFD: 09/05/2015 - 17:25:55 - [] ----D C:\Users\goulven\AppData\Local\03AA02FC-1428882957-0553-AB06-160700080009
O43 - CFD: 29/03/2015 - 20:25:49 - [0] ----D C:\Users\goulven\AppData\Local\Adobe
O43 - CFD: 12/04/2015 - 13:00:46 - [] ----D C:\Users\goulven\AppData\Local\AMD
O43 - CFD: 24/04/2015 - 20:20:31 - [] -SH-D C:\Users\goulven\AppData\Local\Application Data
O43 - CFD: 09/05/2015 - 22:20:33 - [] ----D C:\Users\goulven\AppData\Local\Arma 3
O43 - CFD: 29/03/2015 - 16:46:06 - [] ----D C:\Users\goulven\AppData\Local\ATI
O43 - CFD: 06/04/2015 - 01:18:32 - [] ----D C:\Users\goulven\AppData\Local\Avid
O43 - CFD: 13/05/2015 - 21:44:55 - [] ----D C:\Users\goulven\AppData\Local\Battle.net
O43 - CFD: 29/03/2015 - 22:57:27 - [] ----D C:\Users\goulven\AppData\Local\Blizzard
O43 - CFD: 29/03/2015 - 22:19:09 - [] ----D C:\Users\goulven\AppData\Local\Blizzard Entertainment
O43 - CFD: 08/04/2015 - 14:26:06 - [] ----D C:\Users\goulven\AppData\Local\Colossal Order
O43 - CFD: 10/05/2015 - 18:59:30 - [] ----D C:\Users\goulven\AppData\Local\CrashDumps
O43 - CFD: 05/04/2015 - 17:34:33 - [] ----D C:\Users\goulven\AppData\Local\CrashRpt
O43 - CFD: 12/04/2015 - 17:07:53 - [] ----D C:\Users\goulven\AppData\Local\CyberLink
O43 - CFD: 02/05/2015 - 15:41:13 - [0] ----D C:\Users\goulven\AppData\Local\Diagnostics
O43 - CFD: 02/05/2015 - 17:50:12 - [] ----D C:\Users\goulven\AppData\Local\DisplayFusion
O43 - CFD: 01/05/2015 - 17:11:46 - [] ----D C:\Users\goulven\AppData\Local\Downloaded Installations
O43 - CFD: 13/04/2015 - 19:33:58 - [] ----D C:\Users\goulven\AppData\Local\ElevatedDiagnostics
O43 - CFD: 14/04/2015 - 17:19:31 - [] ----D C:\Users\goulven\AppData\Local\fontconfig
O43 - CFD: 14/04/2015 - 17:19:30 - [] ----D C:\Users\goulven\AppData\Local\gegl-0.2
O43 - CFD: 22/04/2015 - 21:50:34 - [] ----D C:\Users\goulven\AppData\Local\Google
O43 - CFD: 19/04/2015 - 20:35:49 - [] ----D C:\Users\goulven\AppData\Local\gtk-2.0
O43 - CFD: 24/04/2015 - 20:20:31 - [] -SH-D C:\Users\goulven\AppData\Local\Historique
O43 - CFD: 29/03/2015 - 17:11:41 - [] ----D C:\Users\goulven\AppData\Local\Logitech
O43 - CFD: 22/04/2015 - 21:50:34 - [] ----D C:\Users\goulven\AppData\Local\LogMeIn
O43 - CFD: 13/05/2015 - 19:58:18 - [] ----D C:\Users\goulven\AppData\Local\LogMeIn Hamachi
O43 - CFD: 29/03/2015 - 21:02:23 - [] ----D C:\Users\goulven\AppData\Local\Macromedia
O43 - CFD: 04/05/2015 - 21:27:34 - [] ----D C:\Users\goulven\AppData\Local\Microsoft
O43 - CFD: 11/04/2015 - 21:04:30 - [] ----D C:\Users\goulven\AppData\Local\Mirillis
O43 - CFD: 29/03/2015 - 18:03:57 - [] ----D C:\Users\goulven\AppData\Local\Mozilla
O43 - CFD: 12/04/2015 - 13:36:25 - [] ----D C:\Users\goulven\AppData\Local\Origin
O43 - CFD: 04/05/2015 - 22:09:00 - [] ----D C:\Users\goulven\AppData\Local\Packages
O43 - CFD: 29/03/2015 - 16:06:13 - [0] ----D C:\Users\goulven\AppData\Local\PackageStaging
O43 - CFD: 09/05/2015 - 22:01:24 - [] ----D C:\Users\goulven\AppData\Local\Pinnacle
O43 - CFD: 01/05/2015 - 20:07:32 - [] ----D C:\Users\goulven\AppData\Local\Pinnacle_Studio_17
O43 - CFD: 29/03/2015 - 20:30:30 - [] ----D C:\Users\goulven\AppData\Local\Programs
O43 - CFD: 23/04/2015 - 00:35:23 - [] ----D C:\Users\goulven\AppData\Local\Rockstar Games
O43 - CFD: 21/04/2015 - 17:31:10 - [] ----D C:\Users\goulven\AppData\Local\Skype
O43 - CFD: 03/05/2015 - 00:54:37 - [] ----D C:\Users\goulven\AppData\Local\Skyrim
O43 - CFD: 05/04/2015 - 23:46:48 - [] ----D C:\Users\goulven\AppData\Local\Sony
O43 - CFD: 29/03/2015 - 20:07:22 - [] ----D C:\Users\goulven\AppData\Local\SplitMediaLabs
O43 - CFD: 05/04/2015 - 23:59:22 - [] ----D C:\Users\goulven\AppData\Local\Stardock
O43 - CFD: 01/04/2015 - 15:13:02 - [] ----D C:\Users\goulven\AppData\Local\Steam
O43 - CFD: 13/05/2015 - 22:39:17 - [] ----D C:\Users\goulven\AppData\Local\Temp
O43 - CFD: 24/04/2015 - 20:20:31 - [] -SH-D C:\Users\goulven\AppData\Local\Temporary Internet Files
O43 - CFD: 29/03/2015 - 16:04:53 - [] ----D C:\Users\goulven\AppData\Local\TileDataLayer
O43 - CFD: 03/04/2015 - 20:15:17 - [] ----D C:\Users\goulven\AppData\Local\Ubisoft
O43 - CFD: 17/04/2015 - 12:53:29 - [] ----D C:\Users\goulven\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 05/04/2015 - 17:40:12 - [] ----D C:\Users\goulven\AppData\Local\VirtualStore
O43 - CFD: 09/05/2015 - 13:56:44 - [] ----D C:\Users\goulven\AppData\Local\wf-launcher
O43 - CFD: 12/04/2015 - 16:11:19 - [] ----D C:\Users\goulven\AppData\Local\Windows Live
O43 - CFD: 14/03/2015 - 10:58:51 - [] R---D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 24/04/2015 - 20:38:48 - [] R---D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 24/04/2015 - 20:39:05 - [] R---D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.ASPackage
O43 - CFD: 14/03/2015 - 10:58:51 - [] ----D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/04/2015 - 20:39:05 - [] R---D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 10/05/2015 - 19:17:48 - [] ----D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 12/05/2015 - 21:58:19 - [] ----D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Meat Boy
O43 - CFD: 14/03/2015 - 10:58:51 - [] R---D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 24/04/2015 - 20:22:08 - [] ----D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
O43 - CFD: 24/04/2015 - 20:25:39 - [] ----D C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 269 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4FCCA9F7E80C4EC6E0D4FCAD7A6DE5AB] - 02/05/2015 - 17:49:37 ---A- . (...) -- C:\WINDOWS\ATICIM.MIF [26]
O44 - LFC:[MD5.F5A02AC4501FAD92E360E4DC75B8C34C] - 05/05/2015 - 19:39:11 ---A- . (...) -- C:\WINDOWS\DirectX.log [599949]
O44 - LFC:[MD5.93A433E968ED32EF25C89361D425A7B4] - 07/05/2015 - 20:01:40 ---A- . (...) -- C:\WINDOWS\PFRO.log [13270]
O44 - LFC:[MD5.B0AC2709CC33986E1B25F94BB350602D] - 09/05/2015 - 16:25:56 ---A- . (...) -- C:\WINDOWS\System32\.crusader [37970]
O44 - LFC:[MD5.3A797A259CD9F68629622A9D8BD741CF] - 12/05/2015 - 21:15:48 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1838642]
O44 - LFC:[MD5.4B58A659971DD9F8A7E545E330BDC661] - 12/05/2015 - 21:15:48 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [137964]
O44 - LFC:[MD5.2A9C9B97B56E78D0A70CF2885FAAA56D] - 12/05/2015 - 21:15:48 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [153916]
O44 - LFC:[MD5.269761F3A8B5003F40A73408193A4BAC] - 12/05/2015 - 21:15:48 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [731158]
O44 - LFC:[MD5.4DD9229EC8B62C2F8CC610FF69D99F1C] - 12/05/2015 - 21:15:48 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [819364]
O44 - LFC:[MD5.66FCF9188C7F67636358329F63106751] - 12/05/2015 - 21:30:29 ---A- . (...) -- C:\WINDOWS\comsetup.log [16747]
O44 - LFC:[MD5.88D6806F3F7ED3FF34334374646F7624] - 12/05/2015 - 21:31:05 ---A- . (...) -- C:\WINDOWS\setuperr.log [9903]
O44 - LFC:[MD5.ABCA04B479CB58551992286F257FAA24] - 12/05/2015 - 21:33:04 ---A- . (...) -- C:\WINDOWS\DtcInstall.log [5786]
O44 - LFC:[MD5.8BD0D4111F0AAD4DF2F44E8DB9356EBF] - 12/05/2015 - 21:34:04 ---A- . (...) -- C:\WINDOWS\diagerr.xml [104208]
O44 - LFC:[MD5.A828760267806A3569A1A23DDC23C18A] - 12/05/2015 - 21:34:04 ---A- . (...) -- C:\WINDOWS\diagwrn.xml [85728]
O44 - LFC:[MD5.F28C171347A8A4C47C684798332E874B] - 12/05/2015 - 21:34:05 ---A- . (...) -- C:\WINDOWS\setupact.log [1178157]
O44 - LFC:[MD5.CC250020FB3E31947CC9643CC2482570] - 13/05/2015 - 18:52:39 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [67584]
O44 - LFC:[MD5.2201F4EB9A8D461BFABC2EAFF79424A3] - 13/05/2015 - 19:48:49 --H-- . (...) -- C:\$UPG$PBR.MARKER [34]
O44 - LFC:[MD5.056DD3FFB35656564147F1D44C6611E4] - 13/05/2015 - 20:27:09 ---A- . (...) -- C:\WINDOWS\System32\WIN-1KCFOGDMBJQ_goulven_HistoryPrediction.bin [16148]
O44 - LFC:[MD5.4AE3B0FED54F49C4D9ABC4F289B04347] - 13/05/2015 - 20:58:22 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [191]
O44 - LFC:[MD5.6B1DC19AFFD7ECB821D0DD3E0DBF93E0] - 13/05/2015 - 21:08:25 ---A- . (...) -- C:\WINDOWS\WindowsUpdate_AU_deprecated.log [267783]
~ Files: 20 Scanned in 00mn 02s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.A90502E58B6A77432CF37FCA0F614BF6] - 09/05/2015 - 16:05:12 ---A- - C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER(1).EXE-D7871841.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.E2C8CAD73D53BA9B60DD1298ACA9BBEC] - 09/05/2015 - 16:03:05 ---A- - C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-1ACF9807.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.25E28ECED6CED38FBA6072C31AF49FF9] - 13/05/2015 - 20:41:06 ---A- - C:\WINDOWS\Prefetch\UTORRENT.EXE-DF8CE8BD.pf =>P2P.µTorrent
~ Prefetcher: 3 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll
~ LSA: 3 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\WINDOWS\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\WINDOWS\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\WINDOWS\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\WINDOWS\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (...) -- C:\WINDOWS\System32\Drivers\hitmanpro37.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Pilote du gestionnaire de volumes.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\WINDOWS\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\WINDOWS\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\WINDOWS\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\WINDOWS\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (...) -- C:\WINDOWS\System32\Drivers\hitmanpro37.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Pilote du gestionnaire de volumes.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
~ CSB: 19 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{115dcb3d-e47d-11e4-ab52-fcaa1453ab16}\AutoRun\command. (...) -- I:\OriginInstaller.exe (.not file.)
O51 - MPSK:{56b6afc4-d628-11e4-ab34-fcaa1453ab16}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\WINDOWS\System32\frapsv64.dll
O52 - TDSD: \Drivers32\"VIDC.FICV"="ficvdec_x64.dll" . (...) -- C:\WINDOWS\System32\ficvdec_x64.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\WINDOWS\System32\frapsv64.dll
~ TDSD: 5 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\WINDOWS\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DSCAutomationHostEnabled"=2
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsHistory"=0
~ MWPE Keys: 4 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:09/03/2015 - 09:00:33 ---A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\WINDOWS\System32\Drivers\360AvFlt.sys [77896]
O58 - SDL:09/03/2015 - 09:00:34 ---A- . (.360.cn - 360Box64.) -- C:\WINDOWS\System32\Drivers\360Box64.sys [305736]
O58 - SDL:09/03/2015 - 09:00:33 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Proactive Defense.) -- C:\WINDOWS\System32\Drivers\360fsflt.sys [314448]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\Drivers\3ware.sys [104720]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\WINDOWS\System32\Drivers\adp80xx.sys [778000]
O58 - SDL:21/06/2014 - 18:01:44 ---A- . (.Windows (R) Win 7 DDK provider - KSL Kernel-Mode Dll.) -- C:\WINDOWS\System32\Drivers\amdacpksl.sys [142848]
O58 - SDL:23/09/2012 - 00:17:24 ---A- . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\WINDOWS\System32\Drivers\amdkmafd.sys [21160]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\Drivers\amdsata.sys [79120]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\WINDOWS\System32\Drivers\amdsbs.sys [255248]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\Drivers\amdxata.sys [22800]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\Drivers\arcsas.sys [129296]
O58 - SDL:21/06/2014 - 18:02:02 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\WINDOWS\System32\Drivers\AtihdWB6.sys [223232]
O58 - SDL:24/04/2015 - 19:52:10 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\Drivers\atikmdag.sys [21078016]
O58 - SDL:24/04/2015 - 19:52:10 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\atikmpag.sys [615424]
O58 - SDL:09/03/2015 - 09:00:33 ---A- . (.Qihu 360 Software Co., Ltd. - 360 Internet Security Cloud Security.) -- C:\WINDOWS\System32\Drivers\BAPIDRV64.SYS [180816]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:14/03/2015 - 09:49:17 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\Drivers\bxvbda.sys [527120]
O58 - SDL:29/03/2015 - 17:09:00 ---A- . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) -- C:\WINDOWS\System32\Drivers\dtlitescsibus.sys [30352] =>.DT Soft Ltd
O58 - SDL:14/03/2015 - 09:49:17 ---A- . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\Drivers\evbda.sys [3432720]
O58 - SDL:30/03/2015 - 14:28:52 --HA- . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\WINDOWS\System32\Drivers\Hamdrv.sys [44296]
O58 - SDL:25/10/2014 - 21:52:20 ---A- . (.Windows (R) Win 7 DDK provider - Filter Driver for HID-KMDF Interface.) -- C:\WINDOWS\System32\Drivers\hidkmdf.sys [14136]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\WINDOWS\System32\Drivers\HpSAMD.sys [60176]
O58 - SDL:14/03/2015 - 09:49:01 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:14/03/2015 - 09:49:01 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (inbox) - x64.) -- C:\WINDOWS\System32\Drivers\iaStorAV.sys [666896]
O58 - SDL:14/03/2015 - 09:49:18 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\Drivers\iaStorV.sys [407824]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\Drivers\ibbus.sys [420624]
O58 - SDL:24/11/2009 - 01:37:50 ---A- . (.Logitech Inc. - Logitech WingMan Virtual Bus Enumerator Driver.) -- C:\WINDOWS\System32\Drivers\LGBusEnum.sys [22408]
O58 - SDL:24/11/2009 - 01:38:00 ---A- . (.Logitech Inc. - Logitech GamePanel Virtual Hid Device Driver.) -- C:\WINDOWS\System32\Drivers\LGVirHid.sys [16008]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas.sys [105232]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [93968]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [86288]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sss.sys [78608]
O58 - SDL:23/09/2005 - 21:18:34 ---A- . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\WINDOWS\System32\Drivers\MarvinBus64.sys [261120]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\Drivers\megasas.sys [57104]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\Drivers\megasr.sys [571664]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\Drivers\mlx4_bus.sys [701200]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\Drivers\mvumis.sys [59664]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\Drivers\ndfltr.sys [71952]
O58 - SDL:14/03/2015 - 09:53:01 ---A- . (...) -- C:\WINDOWS\System32\Drivers\NetAdapterCx.sys [66560]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\Drivers\nvraid.sys [146192]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\Drivers\nvstor.sys [162064]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\Drivers\percsas2i.sys [54032]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\Drivers\percsas3i.sys [54544]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Driver.) -- C:\WINDOWS\System32\Drivers\rt640x64.sys [587776]
O58 - SDL:20/09/2012 - 13:38:00 ---A- . (.Saitek - Saitek Hid Driver.) -- C:\WINDOWS\System32\Drivers\SaiK1705.sys [180584]
O58 - SDL:20/09/2012 - 13:38:00 ---A- . (.Saitek - Saitek Usb Driver.) -- C:\WINDOWS\System32\Drivers\SaiU1705.sys [47208]
O58 - SDL:14/03/2015 - 09:57:07 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid2.sys [40720]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid4.sys [77584]
O58 - SDL:14/03/2015 - 09:49:21 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\WINDOWS\System32\Drivers\stexstor.sys [26896]
O58 - SDL:16/04/2015 - 19:45:12 ---A- . (...) -- C:\WINDOWS\System32\Drivers\TrueSight.sys [37624]
O58 - SDL:14/03/2015 - 09:50:19 ----- . (...) -- C:\WINDOWS\System32\Drivers\Udecx.sys [43008]
O58 - SDL:29/03/2015 - 15:42:37 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\WINDOWS\System32\Drivers\viahduaa.sys [689672]
O58 - SDL:29/03/2015 - 15:42:37 ---A- . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\WINDOWS\System32\Drivers\VMfilt64.sys [30728]
O58 - SDL:14/03/2015 - 09:49:22 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\Drivers\vsmraid.sys [162576]
O58 - SDL:14/03/2015 - 09:49:22 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [301328]
O58 - SDL:25/10/2014 - 21:52:20 ---A- . (.Wacom Technology - Wacom HID Router.) -- C:\WINDOWS\System32\Drivers\wachidrouter.sys [100664]
O58 - SDL:25/10/2014 - 21:52:20 ---A- . (.Wacom Technology - Wacom Router Filter Driver.) -- C:\WINDOWS\System32\Drivers\wacomrouterfilter.sys [15160]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\Drivers\winmad.sys [22800]
O58 - SDL:14/03/2015 - 09:49:20 ---A- . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\Drivers\winverbs.sys [55568]
O58 - SDL:02/07/2014 - 19:49:08 ---A- . (.SplitmediaLabs Limited - XSplit Stream Audio.) -- C:\WINDOWS\System32\Drivers\xspltspk.sys [26200]
~ Drivers: 62 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/05/2015 - 22:41:39 ---A- . (...) -- C:\Users\goulven\AppData\Local\Packages\Microsoft.Cortana_8wekyb3d8bbwe\LocalState\cache\proactive\proactive-cache.bin [82137]
O61 - LFC: 07/05/2015 - 22:41:40 ----- . (.Java(TM) Native Access (JNA).) -- C:\Users\goulven\AppData\Local\Temp\jna\jna142527456352763178.dll [441220]
O61 - LFC: 08/05/2015 - 22:41:40 ---A- . (.BitTorrent Inc..) -- C:\Users\goulven\AppData\Roaming\uTorrent\uTorrent.exe [1694560] =>P2P.BitTorrent
O61 - LFC: 08/05/2015 - 22:41:40 ---A- . (.BitTorrent Inc..) -- C:\Users\goulven\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe [1694560] =>P2P.BitTorrent
O61 - LFC: 09/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\AMD\GLCache\410cd4515939a69c_22.bin [653046]
O61 - LFC: 09/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\Saved Games\My Games\WarfaceWest\Shaders\Cache\D3D9\lookupdata.bin [7428]
O61 - LFC: 09/05/2015 - 22:41:40 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\goulven\Downloads\SpyHunter-Installer(1).exe [3109248] =>PUP.EnigmaSoftware
O61 - LFC: 09/05/2015 - 22:41:40 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\goulven\Downloads\SpyHunter-Installer.exe [3109248] =>PUP.EnigmaSoftware
O61 - LFC: 09/05/2015 - 22:41:40 ---A- . (.SurfRight B.V..) -- C:\Users\goulven\Downloads\HitmanPro_x64.exe [11024496]
O61 - LFC: 10/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\AMD\GLCache\1c075cb1e5f0bba0_22.bin [47405]
O61 - LFC: 10/05/2015 - 22:41:40 ---A- . (.SplitmediaLabs.) -- C:\Users\goulven\Downloads\XSplit_Gamecaster_2.2.1502.1751.exe [67748800]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\OpenAL32.dll [390144]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\OpenAL64.dll [382464]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\avutil-ttv-51.dll [246332]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\jinput-dx8.dll [61952]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\jinput-dx8_64.dll [65024]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\jinput-raw.dll [59392]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\jinput-raw_64.dll [62464]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\jinput-wintab.dll [56832]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\libmp3lame-ttv.dll [394810]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\lwjgl.dll [298496]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\lwjgl64.dll [310272]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\swresample-ttv-0.dll [113171]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\twitchsdk.dll [1145344]
O61 - LFC: 11/05/2015 - 22:41:40 ---A- . (.Intel Corporation.) -- C:\Users\goulven\AppData\Roaming\.minecraft\versions\1.8-ShadersMod2.4.11\1.8-ShadersMod2.4.11-natives-3511274835209\libmfxsw32.dll [16196504]
O61 - LFC: 12/05/2015 - 22:41:39 ---A- . (...) -- C:\Users\goulven\AppData\Local\Microsoft\Windows\appsFolderLayout-menu.bin [437]
O61 - LFC: 12/05/2015 - 22:41:39 ---A- . (...) -- C:\Users\goulven\AppData\Local\Microsoft\Windows\appsFolderLayout.bin [437]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (...) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\CollectOneDriveLogs.bat [5850]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\ETWlog.dll [28872]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSync.LocalizedResources.dll [82632]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSync.Resources.dll [2653896]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSyncApi.dll [227008]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSyncClient.dll [1943752]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSyncConfig.exe [149704]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSyncSessions.dll [1359560]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSyncShell.dll [1605832]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\LoggingPlatform.dll [110784]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\OneDriveSetup.exe [7668424]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\RemoteAccess.dll [765640]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\SqmWrapper.dll [39104]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\SyncEngine.dll [3188928]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\Telemetry.dll [317128]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\VideoStreamingPlugin.dll [414408]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\WnsClientApi.dll [393928]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncApi64.dll [291008]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncShell64.dll [1645256]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\LoggingPlatform64.dll [135880]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\msvcp110.dll [661448]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\msvcr110.dll [828872]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\msvcp110.dll [534480]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\msvcr110.dll [862664]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\sqmapi.dll [196416]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\wlmfds.dll [427208]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664]
O61 - LFC: 13/05/2015 - 22:41:39 ---A- . (.Microsoft Corporation.) -- C:\Users\goulven\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe [7668424]
O61 - LFC: 13/05/2015 - 22:41:40 ---A- . (...) -- C:\Users\goulven\AppData\Roaming\AMD\GLCache\a0f6b86b65e7ddd0_22.bin [53686]
O61 - LFC: 13/05/2015 - 22:41:40 ---A- . (.Nicolas Coolman.) -- C:\Users\goulven\Downloads\ZHPDiag2.exe [6881580] =>.Nicolas Coolman
~ 410 Fichiers temporaires (Temporary files)
~ Files: 57 Scanned in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\WINDOWS\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
F:\Nouveau dossier\Corel Pinnacle Studio v18.0.1.10212 Ultimate Multilingual\CONT\Heroglyph402254\keygen.exe =>.Crack,Keygen
F:\tele\rar-password-cracker_4-20_en_171956 [1].exe =>.Crack,Keygen
F:\tele\rar-password-cracker_4-20_en_171956.exe =>.Crack,Keygen
~ Files: Scanned in 00mn 29s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [177152]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [177152]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\System32\srvsvc.dll [284160]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll [1330688]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll [1051648]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll [920064]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\WINDOWS\System32\appinfo.dll [93184]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\WINDOWS\System32\schedsvc.dll [1309184]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll [223232]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\WINDOWS\System32\browser.dll [132608]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll [325120]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\WINDOWS\System32\sessenv.dll [337920]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\WINDOWS\System32\wercplsupport.dll [94720]
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\System32\dcpsvc.dll [195584]
O83 - Search Svchost Services: DiagTrack (DiagTrack) . (.Microsoft Corporation - Suivi des diagnostics Microsoft Windows.) -- C:\WINDOWS\System32\diagtrack.dll [1430016]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\WINDOWS\System32\ncasvc.dll [164864]
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\WINDOWS\System32\NetSetupSvc.dll [135168]
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RetailDemoService.) -- C:\WINDOWS\System32\RetailDemoService.dll [332800]
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\WINDOWS\System32\Windows.Internal.Management.dll [267776]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\WINDOWS\System32\bdesvc.dll [355840]
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\System32\dmwappushsvc.dll [111616]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\WINDOWS\System32\wlidsvc.dll [1648128]
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [591360]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\WINDOWS\System32\themeservice.dll [58368]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\WINDOWS\System32\lfsvc.dll [23040]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\WINDOWS\System32\rasauto.dll [105984]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\WINDOWS\System32\rasmans.dll [693248]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\WINDOWS\System32\mprdim.dll [498176]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\WINDOWS\System32\sens.dll [72192]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [449536]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [311808]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\WINDOWS\System32\wuaueng.dll [2259456]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\System32\qmgr.dll [975360]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [592384]
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\WINDOWS\System32\usocore.dll [220672]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [203264]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\System32\appmgmts.dll [199168]
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filter.) -- C:\WINDOWS\System32\KeyboardFilterSvc.dll [87824]
~ Services: 41 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.3E588EBFD36C38ADA0FC9092D6A33FAB] [SPRF][05/04/2015] (.Pas de propriétaire - Crash Handling Module.) -- C:\Users\goulven\AppData\Roaming\CrashRpt1402.dll [159200]
[MD5.046A78D20889A0B96B84646B2E59729F] [SPRF][11/04/2015] (.TeamExtreme - 1.8.1 Minecraft Launcher.) -- C:\Users\goulven\Desktop\Minecraft Launcher.exe [1674929]
~ Files: 2 Scanned in 00mn 00s



---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 12/04/2015 - 23:39:19 - [] ----D C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
~ Files: Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{0A52D9B6-596E-4E10-B237-84350C02176E}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\goulven\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{10017630-C3E4-4428-AA4F-3D80B905A4FA}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\goulven\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 04/05/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 26/02/2015 1272592 | (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe =>.DT Soft Ltd
SS - | Auto 07/01/2015 3169648 | (DisplayFusionService) . (.Binary Fortress Software.) - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
SS - | Auto 22/04/2015 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/04/2015 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 30/03/2015 2490216 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SS - | Demand 09/04/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - | Demand 21/04/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 12/04/2015 1931632 | (Origin Client Service) . (.Electronic Arts.) - F:\Origin\OriginClientService.exe
SS - | Demand 14/03/2015 289280 | (SensorDataService) . (...) - C:\WINDOWS\System32\SensorDataService.exe
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 14/04/2015 836288 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 14/03/2015 35160 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 24/04/2015 244736 | (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\System32\atiesrxx.exe
SR - | Auto 28/01/2015 344064 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 09/05/2015 127752 | (HitmanProScheduler) . (.SurfRight B.V..) - C:\Program Files\HitmanPro\hmpsched.exe
SR - | Auto 30/03/2015 417552 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 22/07/1658 0 | (PnkBstrA) . (...) - C:\WINDOWS\system32\PnkBstrA.exe
SR - | Auto 09/03/2015 821872 | (QHActiveDefense) . (...) - C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
SR - | Auto 29/03/2015 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\WINDOWS\System32\viakaraokesrv.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 19/08/2014 656664 | (WTabletServiceCon) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
SR - | Auto 26/02/2015 672024 | (WTabletServicePro) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
~ Services: Scanned in 00mn 16s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by goulven at 13/05/2015 22:42:38
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by goulven at 13/05/2015 22:42:40
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (13/05/2015)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 8

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage] =>PUP.ASPackage^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OLBPre] =>PUP.MyPCBackup^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:gmsd_fr_386 =>PUP.CrossRider^
C:\Program Files (x86)\Cinema PlusV07.04-ntf =>PUP.CrossRider^
C:\Program Files (x86)\OLBPre =>PUP.MyPCBackup^
C:\Users\goulven\AppData\Roaming\ASPackage =>PUP.ASPackage^
C:\Users\goulven\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\goulven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage =>PUP.ASPackage^
C:\Users\goulven\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Program Files (x86)\OLBPre\OLBPre.exe =>PUP.MyPCBackup^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\Cinema PlusV07.04-ntf] =>PUP.CrossRider^
[HKCU\Software\Cinema PlusV07.04-nv-ie] =>PUP.CrossRider^
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard^
[HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] =>PUP.Infonaut^
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard^
~ Additionnel Scan: 235637 Items scanned in 00mn 41s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Hijacker.LuckySearches
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://www.nicolascoolman.fr/blog/ =>PUP.ASPackage
http://www.nicolascoolman.fr/blog/ =>PUP.SafeGuard
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/crapware-spyhunter =>Crapware.SpyHunter
http://www.nicolascoolman.fr/blog/ =>PUP.EnigmaSoftware
~ MSI: 9 link(s) detected in 00mn 00s



End of the scan (1403 lines in 02mn 12s)(3.10)

Publicité


Signaler le contenu de ce document

Publicité