cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.5.17.49 - Nicolas Coolman (17/05/2015)
~ Lancé par user (19/05/2015 22:22:07)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17501
MFIE: Mozilla Firefox 38.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 376MK
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Vista (TM) Ultimate, 32-bit Service Pack 1 (Build 6000)

---\\ Logiciels de protection du système
Avast Free Antivirus v10.0.2208

---\\ Logiciels d'optimisation du système
CCleaner v4.19

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI

---\\ Informations sur le système
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3327 MB (20% free)
System Restore: Activé (Enable)
System drive C: has 218 GB (73%) free of 298 GB

---\\ Mode de connexion au système
~ Computer Name: USER-PC
~ User Name: user
~ All Users Names: user, UpdatusUser, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\user\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\user\AppData\Roaming\
~ %Desktop% : C:\Users\user\Desktop\
~ %Favorites% : C:\Users\user\Favorites\
~ %LocalAppData% : C:\Users\user\AppData\Local\
~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 218 Go of 298 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.5E4E0E43E0A5BF9F089696DFA7A3D677] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/11/2014 - 02:00:20.) -- C:\Windows\System32\wininet.dll [1888256]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1284
~ Mes musiques (My Musics) : 8/577
~ Mes Videos (My Videos) : 2/59
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 3/4289
~ Mon Bureau (My Desktop) : 1/80
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 15s



---\\ Processus lancés
[MD5.8CCDD2784481A88B62451A3B123E6DEA] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1728512] [PID.2084]
[MD5.1046BB7DDC6A71B054332E7671BE047E] - (.FNet Co., Ltd. - Pas de description.) -- C:\Program Files\XFastUsb\XFastUsb.exe [4942336] [PID.2092]
[MD5.8FFCFE3351F51E19B856A2347E19B850] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336] [PID.2100]
[MD5.07AF92553C94A548C38BE54B6A668318] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064] [PID.2112]
[MD5.34084D25BE6F48D072AA54DE630438FD] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896] [PID.2312]
[MD5.A75AE3B84B6423CE6A088E80A2BC23C2] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [31280256] [PID.2472]
[MD5.E6FF299C72B5E8A4303A41662D6CF2D7] - (...) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [265240] [PID.2556]
[MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.2592]
[MD5.870893F2365CA9D91D2AC7C0BD391868] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [4826904] [PID.2776]
[MD5.902054D6B4292329F9594FFF24EE02DB] - (...) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [680984] [PID.3272]
[MD5.14CF73D771FA977A9F1CBAA5C301F912] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [376944] [PID.1596]
[MD5.EF175F7E495F0EEF516BE76A3F3D3011] - (.Comodo - Comodo Dragon.) -- C:\Program Files\Comodo\Dragon\dragon.exe [1261248] [PID.2320]
[MD5.D20916C6EA423DE829717357BE09731C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [270960] [PID.2276]
[MD5.66F6B3894132CC3D347CB85FBAE48D57] - (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe [1892528] [PID.5680]
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8209408] [PID.6488]
[MD5.31B8835B003CAA6D31BEAD83DDBF98E5] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\Windows\system32\nvvsvc.exe [634656] [PID.760]
[MD5.07BA6D17E66879018B30B6C3F976EBED] - (.Creative Technology Ltd - Creative Audio Service.) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe [307200] [PID.1132]
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1300]
[MD5.1ED58DA041A992EEEC934290508B6B71] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [865056] [PID.1372]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1736]
[MD5.803569711F5976AD4A1469A091617946] - (...) -- C:\Program Files\Comodo\Dragon\dragon_updater.exe [2135232] [PID.360]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.4388]
[MD5.F935E817409F78FA50C5921DB39124B3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.5352]
[MD5.EB41502CD9061762A8CDB67DB3FCF571] - (.AVAST Software - avast! NG command-line tool.) -- C:\Program Files\AVAST Software\Avast\ng\ngtool.exe [905256] [PID.7388]
[MD5.496208E0276BFAA171696D7EB38CCC01] - (.Avast Software - AvastVirtualBox Interface.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344] [PID.7328]
[MD5.209A3B1901B83AEB8527ED211CCE9E4C] - (.Microsoft Corporation - Service de cliché instantané de volumes Mic.) -- C:\Windows\system32\vssvc.exe [1025536] [PID.3240]
[MD5.01051E104D6E7B068908E20BB607CD9E] - (.AVAST Software - avast! NG front end.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe [397960] [PID.7900]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.5516]
~ Processes Running: Scanned in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.11.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.45.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.45.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.45.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/GENUINE] - (.Microsoft Corporation - Windows Activation Technologies Plugin for Mozilla.) -- C:\Windows\system32\Wat\npWatWeb.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.3] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.11.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 39 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.11.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15518)
~ Hosts File: Scanned in 00mn 10s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
~ BHO: 8 Scanned in 00mn 04s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Run: [XFastUsb] . (.FNet Co., Ltd. - Pas de description.) -- C:\Program Files\XFastUsb\XFastUsb.exe
O4 - HKLM\..\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe =>.Logitech Inc
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [ASRockOCTuner] Clé orpheline
O4 - HKCU\..\Run: [ASRockIES] Clé orpheline
O4 - HKCU\..\Run: [zASRockInstantBoot] Clé orpheline
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1664838883-52759995-508679714-1000\..\Run: [ASRockOCTuner] Clé orpheline
O4 - HKUS\S-1-5-21-1664838883-52759995-508679714-1000\..\Run: [ASRockIES] Clé orpheline
O4 - HKUS\S-1-5-21-1664838883-52759995-508679714-1000\..\Run: [zASRockInstantBoot] Clé orpheline
O4 - HKUS\S-1-5-21-1664838883-52759995-508679714-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1664838883-52759995-508679714-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 8 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6875766A-03FE-4012-A7D8-D3BE8726E46C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{6875766A-03FE-4012-A7D8-D3BE8726E46C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{6875766A-03FE-4012-A7D8-D3BE8726E46C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Audio Service (CTAudSvcService) . (.Creative Technology Ltd - Creative Audio Service.) - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) . (...) - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 7 Scanned in 00mn 25s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.870893F2365CA9D91D2AC7C0BD391868] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4826904]
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (...) -- C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{03DE1A91-ADE4-4F23-97A1-92E0B98311E7}] (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPhep.exe [1917440]
[MD5.00000000000000000000000000000000] [APT] [{11ABBC6B-86ED-4DD4-915B-FB99C4CE3D19}] (...) -- C:\program files\avira\antivir desktop\setup.exe (.not file.) [0]
[MD5.14CF73D771FA977A9F1CBAA5C301F912] [APT] [{3BDCB639-DA00-4B8E-B358-076071C078AF}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [376944]
[MD5.C155A13687144076286989EF078112C2] [APT] [{592C961A-5939-4E16-B20E-97C536B4050C}] (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe [1917440]
[MD5.C155A13687144076286989EF078112C2] [APT] [{B1F1C339-55AB-4889-A621-A05213BA060C}] (.Nicolas Coolman.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe [1917440]
[MD5.00000000000000000000000000000000] [APT] [{D614BF57-E02B-4C6A-A70D-F8AABEA412EF}] (...) -- C:\users\user\Desktop\ZHPDiag2.exe (.not file.) [0]
O39 - APT: Ad-Aware Update (Weekly) - (...) -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [386]
O39 - APT: Ad-Aware Update (Weekly) - (...) -- C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) [386]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
~ Scheduled Task: 18 Scanned in 00mn 14s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsrAppCharger) . (.Windows (R) Win 7 DDK provider - ASRock App Charger Driver.) - C:\Windows\System32\DRIVERS\AsrAppCharger.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (FNETURPX) . (.FNet Co., Ltd. - FNetUrPx.sys.) - C:\Windows\System32\drivers\FNETURPX.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SBRE) . (. - .) - C:\Windows\system32\drivers\SBREdrv.sys (.not file.)
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 78 Scanned in 00mn 02s



---\\ Logiciels installés (O42)
O42 - Logiciel: ASRock App Charger v1.0.4 - (.ASRock Inc..) [HKLM] -- ASRock App Charger_is1
O42 - Logiciel: ASRock IES v2.0.69 - (...) [HKLM] -- ASRock IES_is1
O42 - Logiciel: ASRock InstantBoot v1.24 - (...) [HKLM] -- ASRock InstantBoot_is1
O42 - Logiciel: ASRock OC Tuner v2.3.91 - (...) [HKLM] -- ASRock OC Tuner_is1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {B92C2C6C-F70E-497B-88A7-1FEF9888272B}
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.11) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}
O42 - Logiciel: Coffret de pilotes Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- lvdrivers_12.0 =>.Logitech Inc
O42 - Logiciel: Comodo Dragon - (.COMODO.) [HKLM] -- Comodo Dragon
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}
O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}
O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}
O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM] -- {174A3B31-4C43-43DD-866F-73C9DB887B48}
O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}
O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}
O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}
O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}
O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215} =>.Logitech Inc
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mises à jour NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 38.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Pilote graphique 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: OpenOffice 4.1.0 - (.Apache Software Foundation.) [HKLM] -- {B3B009FC-6909-4E00-9F43-FFB5CA93D606}
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 7.4 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Smart View 2.0 - (.Samsung.) [HKLM] -- {FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}
O42 - Logiciel: Sound Blaster X-Fi MB - (.Creative Technology Limited.) [HKLM] -- {F3D9AC82-30F4-4BB9-B9AB-8697637568C1}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 4.11 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM] -- {E1C360AE-F225-ABBA-30AB-B76EC70774A2}
O42 - Logiciel: XFastUsb - (...) [HKLM] -- XFastUsb
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 49 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\3ivx]
[HKCU\Software\AC3Filter]
[HKCU\Software\ASRock]
[HKCU\Software\AVAST Software]
[HKCU\Software\Ad-Aware Search Protection]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\COMODO]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Creative Tech]
[HKCU\Software\Digital River]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Fujifilm]
[HKCU\Software\Gabest]
[HKCU\Software\Garmin]
[HKCU\Software\GoldenGate]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel\Indeo\4.1]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\KC Softwares]
[HKCU\Software\Leadertech]
[HKCU\Software\LetsTunes]
[HKCU\Software\Licenses]
[HKCU\Software\LogiShrd]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\OpenOffice]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Reg]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Splashtop Inc.]
[HKCU\Software\TechSmith]
[HKCU\Software\TigerPlayer]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\WM Converter5]
[HKCU\Software\WinAVI]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\dskMetrics]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\AceBIT]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\COMODO]
[HKLM\Software\Canal+ Active]
[HKLM\Software\Chromium]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComodoGroup]
[HKLM\Software\Creative Labs]
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\FNET]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Fujifilm]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Jodix]
[HKLM\Software\JreMetrics]
[HKLM\Software\KC Softwares]
[HKLM\Software\Khronos]
[HKLM\Software\Lavasoft]
[HKLM\Software\Licenses]
[HKLM\Software\LogMeIn Rescue]
[HKLM\Software\LogiShrd]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Neuf]
[HKLM\Software\ODBC]
[HKLM\Software\OpenAL]
[HKLM\Software\OpenOffice]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\QSound Labs, Inc.]
[HKLM\Software\Reg]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Save_Uninstall]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Sensible Vision]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Splashtop Inc.]
[HKLM\Software\Symantec]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\illiminable]
[HKLM\Software\mozilla.org]
~ Key Software: 250 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/12/2014 - 23:42:59 - [] ----D C:\Program Files\Adobe
O43 - CFD: 20/10/2011 - 15:14:29 - [] ----D C:\Program Files\ASRock Utility
O43 - CFD: 15/11/2014 - 16:45:22 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 02/11/2014 - 18:26:58 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 14/05/2015 - 14:26:18 - [] ----D C:\Program Files\Common Files
O43 - CFD: 25/01/2015 - 17:45:19 - [] ----D C:\Program Files\Comodo
O43 - CFD: 20/10/2011 - 15:16:52 - [] ----D C:\Program Files\Creative
O43 - CFD: 25/10/2011 - 13:58:38 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 20/10/2011 - 14:57:50 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 30/07/2012 - 20:44:18 - [] ----D C:\Program Files\FUJIFILM
O43 - CFD: 23/11/2014 - 11:15:28 - [] ----D C:\Program Files\Google
O43 - CFD: 02/02/2013 - 18:44:19 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/12/2014 - 17:26:42 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 14/05/2015 - 14:25:09 - [] ----D C:\Program Files\Java
O43 - CFD: 23/10/2011 - 16:30:07 - [] ----D C:\Program Files\Logitech
O43 - CFD: 28/07/2013 - 20:45:45 - [] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 22/10/2011 - 18:51:19 - [] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 14/07/2009 - 11:00:58 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 14/05/2015 - 09:33:15 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 22/10/2011 - 12:59:22 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/10/2011 - 09:14:20 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 18/05/2015 - 20:41:52 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 19/05/2015 - 08:37:06 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 14/04/2013 - 13:11:37 - [] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 07/05/2014 - 20:50:04 - [] ----D C:\Program Files\OpenOffice 4
O43 - CFD: 09/10/2013 - 20:57:49 - [] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 24/07/2013 - 20:32:38 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 14/07/2009 - 06:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 17/01/2013 - 20:15:29 - [] ----D C:\Program Files\SFR
O43 - CFD: 13/04/2015 - 07:26:17 - [] R---D C:\Program Files\Skype
O43 - CFD: 31/01/2015 - 23:02:40 - [] ----D C:\Program Files\SmartView2
O43 - CFD: 20/10/2011 - 17:54:32 - [] ----D C:\Program Files\Splashtop
O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 20/10/2011 - 15:13:41 - [] ----D C:\Program Files\VIA
O43 - CFD: 05/08/2012 - 21:28:42 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 22/01/2014 - 21:01:28 - [] ----D C:\Program Files\Winamax Poker
O43 - CFD: 31/10/2013 - 22:27:47 - [0] ----D C:\Program Files\WinAVI
O43 - CFD: 11/07/2013 - 19:35:30 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 10/07/2014 - 09:15:26 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 02/02/2013 - 22:44:17 - [] ----D C:\Program Files\Windows Live
O43 - CFD: 25/10/2011 - 13:58:38 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 17/12/2013 - 18:58:36 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 20/10/2011 - 14:57:50 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 25/10/2011 - 13:58:38 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 25/10/2011 - 13:58:38 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 25/10/2011 - 13:58:38 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 17/06/2012 - 09:23:50 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 25/09/2012 - 21:05:10 - [] ----D C:\Program Files\WMR14
O43 - CFD: 20/10/2011 - 15:14:36 - [] ----D C:\Program Files\XFastUsb
O43 - CFD: 19/05/2015 - 22:13:26 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 14/12/2014 - 23:43:09 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 18/01/2014 - 20:11:51 - [] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 14/05/2015 - 12:54:05 - [] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 20/10/2011 - 15:15:57 - [] ----D C:\Program Files\Common Files\Creative Labs Shared
O43 - CFD: 20/10/2011 - 15:15:54 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 14/05/2015 - 14:26:18 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 05/08/2012 - 21:47:08 - [] ----D C:\Program Files\Common Files\LogiShrd
O43 - CFD: 23/10/2011 - 16:28:31 - [] ----D C:\Program Files\Common Files\LWS
O43 - CFD: 01/07/2012 - 09:39:42 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 07/08/2012 - 21:17:17 - [] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 16/09/2014 - 07:36:58 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 09/11/2011 - 14:04:32 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 22/10/2011 - 11:15:53 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 14/05/2015 - 12:34:07 - [] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 20/05/2013 - 10:16:39 - [] ----D C:\ProgramData\Ad-Aware Antivirus
O43 - CFD: 20/05/2013 - 10:04:46 - [] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 14/12/2014 - 23:43:01 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 14/05/2015 - 12:54:05 - [] ----D C:\ProgramData\Apple
O43 - CFD: 16/11/2011 - 19:45:38 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 15/11/2014 - 16:45:22 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 20/10/2011 - 17:49:48 - [] ----D C:\ProgramData\Backup
O43 - CFD: 03/03/2014 - 00:19:20 - [] ----D C:\ProgramData\Battle.net
O43 - CFD: 03/03/2014 - 00:21:02 - [] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 27/10/2014 - 12:10:06 - [] ----D C:\ProgramData\BlueStacksSetup
O43 - CFD: 20/10/2011 - 14:57:50 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 20/10/2011 - 15:17:00 - [] ----D C:\ProgramData\Creative
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 28/07/2013 - 12:35:44 - [] ----D C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 20/05/2013 - 10:04:53 - [] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 20/10/2011 - 14:57:50 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 03/03/2014 - 18:55:27 - [] ----D C:\ProgramData\FNET
O43 - CFD: 30/07/2012 - 20:44:44 - [] ----D C:\ProgramData\FUJIFILM
O43 - CFD: 10/01/2012 - 14:26:13 - [0] ----D C:\ProgramData\Garmin
O43 - CFD: 03/07/2012 - 12:51:08 - [] ----D C:\ProgramData\GFI Software
O43 - CFD: 01/07/2012 - 09:39:41 - [] ----D C:\ProgramData\Lavasoft
O43 - CFD: 22/10/2011 - 11:47:28 - [] ----D C:\ProgramData\LogiShrd
O43 - CFD: 23/10/2011 - 16:28:33 - [] ----D C:\ProgramData\Logitech
O43 - CFD: 23/05/2013 - 18:34:26 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 20/10/2011 - 14:57:50 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 27/12/2014 - 19:24:08 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 20/10/2011 - 14:57:50 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 27/04/2012 - 12:31:27 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 07/08/2012 - 19:51:45 - [] ----D C:\ProgramData\Norton
O43 - CFD: 07/08/2012 - 17:29:02 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 14/04/2013 - 13:11:44 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 05/08/2012 - 21:45:47 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 14/05/2015 - 14:30:48 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 04/05/2015 - 07:28:39 - [] ----D C:\ProgramData\Skype
O43 - CFD: 22/10/2011 - 11:23:41 - [] ----D C:\ProgramData\Splashtop
O43 - CFD: 01/12/2014 - 22:52:14 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 17/11/2011 - 00:03:08 - [] ----D C:\ProgramData\Sun
O43 - CFD: 09/05/2013 - 14:22:56 - [0] ----D C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 06:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 08/01/2012 - 12:39:30 - [] ----D C:\ProgramData\WindSolutions
O43 - CFD: 03/11/2011 - 20:01:37 - [] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 14/04/2013 - 08:53:13 - [] --H-D C:\ProgramData\{6D2CFBB4-9D45-4C31-9E6E-AA9EB4FB9A5E}
O43 - CFD: 20/10/2011 - 15:18:52 - [] --H-D C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
O43 - CFD: 17/10/2014 - 13:49:59 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 06:46:36 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20/10/2011 - 15:14:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
O43 - CFD: 15/01/2015 - 23:47:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 02/11/2014 - 18:27:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 25/01/2015 - 17:45:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
O43 - CFD: 20/10/2011 - 15:16:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
O43 - CFD: 30/07/2012 - 20:44:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJIFILM
O43 - CFD: 20/10/2011 - 19:42:48 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 29/12/2014 - 22:21:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 23/10/2011 - 16:27:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
O43 - CFD: 14/07/2009 - 06:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 13/05/2015 - 23:12:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 07/05/2014 - 20:50:04 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
O43 - CFD: 08/12/2014 - 22:32:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 17/01/2013 - 20:15:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
O43 - CFD: 16/09/2014 - 07:37:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 15/11/2012 - 14:19:26 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 14/07/2009 - 11:00:22 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 10/05/2014 - 22:48:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 16/04/2012 - 19:40:18 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 16/06/2012 - 23:36:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 20/10/2011 - 15:14:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB
O43 - CFD: 19/05/2015 - 22:13:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 23/12/2013 - 03:37:04 - [] ----D C:\Users\user\AppData\Roaming\.minecraft
O43 - CFD: 20/05/2013 - 22:24:49 - [] ----D C:\Users\user\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 22/03/2013 - 19:13:45 - [] ----D C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 14/05/2015 - 12:29:30 - [] ----D C:\Users\user\AppData\Roaming\Apple Computer
O43 - CFD: 15/11/2014 - 16:47:44 - [] ----D C:\Users\user\AppData\Roaming\AVAST Software
O43 - CFD: 08/03/2014 - 02:35:48 - [] ----D C:\Users\user\AppData\Roaming\Battle.net
O43 - CFD: 22/05/2013 - 21:20:58 - [] ----D C:\Users\user\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 11/04/2015 - 01:25:52 - [] ----D C:\Users\user\AppData\Roaming\BitTorrent =>P2P.BitTorrent
O43 - CFD: 10/12/2012 - 19:55:10 - [] ----D C:\Users\user\AppData\Roaming\CometPlayer
O43 - CFD: 18/06/2013 - 19:53:35 - [] ----D C:\Users\user\AppData\Roaming\DivX
O43 - CFD: 28/12/2013 - 13:29:59 - [] ----D C:\Users\user\AppData\Roaming\dvdcss
O43 - CFD: 10/01/2012 - 14:26:13 - [] ----D C:\Users\user\AppData\Roaming\Garmin
O43 - CFD: 15/11/2014 - 16:40:01 - [] --H-D C:\Users\user\AppData\Roaming\GoldenGate
O43 - CFD: 20/10/2011 - 14:58:01 - [] ----D C:\Users\user\AppData\Roaming\Identities
O43 - CFD: 26/05/2013 - 09:56:21 - [] ----D C:\Users\user\AppData\Roaming\LavasoftStatistics
O43 - CFD: 22/10/2011 - 11:20:33 - [] ----D C:\Users\user\AppData\Roaming\Leadertech
O43 - CFD: 22/01/2012 - 15:53:44 - [] ----D C:\Users\user\AppData\Roaming\letstunes
O43 - CFD: 20/10/2011 - 15:15:19 - [] ----D C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 23/05/2013 - 18:34:33 - [] ----D C:\Users\user\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 11:00:22 - [0] ----D C:\Users\user\AppData\Roaming\Media Center Programs
O43 - CFD: 01/12/2014 - 20:10:46 - [] -S--D C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 22/10/2011 - 12:32:05 - [] ----D C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 15/01/2012 - 15:54:04 - [] ----D C:\Users\user\AppData\Roaming\MusicNet
O43 - CFD: 09/10/2013 - 21:00:43 - [] ----D C:\Users\user\AppData\Roaming\OpenOffice
O43 - CFD: 22/10/2011 - 21:54:57 - [] ----D C:\Users\user\AppData\Roaming\OpenOffice.org
O43 - CFD: 04/05/2012 - 23:31:50 - [] ----D C:\Users\user\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 09/05/2013 - 16:19:37 - [] ----D C:\Users\user\AppData\Roaming\player
O43 - CFD: 17/01/2013 - 20:14:45 - [] ----D C:\Users\user\AppData\Roaming\SFR
O43 - CFD: 19/05/2015 - 22:20:40 - [] ----D C:\Users\user\AppData\Roaming\Skype
O43 - CFD: 22/10/2011 - 11:23:41 - [] ----D C:\Users\user\AppData\Roaming\Splashtop
O43 - CFD: 25/11/2012 - 21:53:57 - [] ----D C:\Users\user\AppData\Roaming\tigerplayer
O43 - CFD: 30/06/2012 - 21:55:20 - [] ----D C:\Users\user\AppData\Roaming\TS3Client
O43 - CFD: 21/12/2011 - 13:26:00 - [] ----D C:\Users\user\AppData\Roaming\Unity
O43 - CFD: 14/05/2015 - 12:55:39 - [0] ----D C:\Users\user\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 08/08/2014 - 20:28:20 - [] ----D C:\Users\user\AppData\Roaming\vlc
O43 - CFD: 08/09/2013 - 14:18:12 - [] ----D C:\Users\user\AppData\Roaming\wam
O43 - CFD: 13/11/2011 - 21:39:38 - [] ----D C:\Users\user\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O43 - CFD: 22/01/2012 - 14:57:22 - [] ----D C:\Users\user\AppData\Roaming\WinAVI
O43 - CFD: 20/05/2013 - 09:53:59 - [] ----D C:\Users\user\AppData\Roaming\Windows Live Writer
O43 - CFD: 08/01/2012 - 12:39:58 - [] ----D C:\Users\user\AppData\Roaming\WindSolutions
O43 - CFD: 16/06/2012 - 23:36:16 - [] ----D C:\Users\user\AppData\Roaming\WinRAR
O43 - CFD: 19/05/2015 - 22:24:05 - [] ----D C:\Users\user\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 20/05/2013 - 10:04:49 - [] ----D C:\Users\user\AppData\Local\adawarebp
O43 - CFD: 14/04/2015 - 22:07:19 - [] ----D C:\Users\user\AppData\Local\Adobe
O43 - CFD: 03/11/2011 - 20:00:01 - [] ----D C:\Users\user\AppData\Local\Apple
O43 - CFD: 05/08/2012 - 23:04:39 - [] ----D C:\Users\user\AppData\Local\Apple Computer
O43 - CFD: 20/10/2011 - 14:57:55 - [] -SH-D C:\Users\user\AppData\Local\Application Data
O43 - CFD: 24/03/2012 - 13:35:49 - [] ----D C:\Users\user\AppData\Local\Apps
O43 - CFD: 24/04/2014 - 13:59:20 - [] ----D C:\Users\user\AppData\Local\Battle.net
O43 - CFD: 03/03/2014 - 01:02:16 - [] ----D C:\Users\user\AppData\Local\Blizzard
O43 - CFD: 03/03/2014 - 00:21:13 - [] ----D C:\Users\user\AppData\Local\Blizzard Entertainment
O43 - CFD: 25/01/2015 - 17:45:39 - [] ----D C:\Users\user\AppData\Local\Comodo
O43 - CFD: 17/05/2015 - 10:49:17 - [] ----D C:\Users\user\AppData\Local\CrashDumps
O43 - CFD: 18/06/2013 - 09:09:44 - [0] ----D C:\Users\user\AppData\Local\Diagnostics
O43 - CFD: 05/08/2012 - 18:11:23 - [] ----D C:\Users\user\AppData\Local\Downloaded Installations
O43 - CFD: 30/11/2014 - 21:14:08 - [] ----D C:\Users\user\AppData\Local\ElevatedDiagnostics
O43 - CFD: 17/11/2014 - 09:22:13 - [] -SH-D C:\Users\user\AppData\Local\EmieBrowserModeList
O43 - CFD: 13/07/2014 - 20:46:13 - [] -SH-D C:\Users\user\AppData\Local\EmieSiteList
O43 - CFD: 13/07/2014 - 20:46:13 - [] -SH-D C:\Users\user\AppData\Local\EmieUserList
O43 - CFD: 30/07/2012 - 20:48:19 - [] ----D C:\Users\user\AppData\Local\FUJIFILM
O43 - CFD: 23/11/2014 - 11:14:40 - [] ----D C:\Users\user\AppData\Local\Google
O43 - CFD: 20/10/2011 - 14:57:55 - [] -SH-D C:\Users\user\AppData\Local\Historique
O43 - CFD: 22/10/2011 - 11:20:47 - [] ----D C:\Users\user\AppData\Local\LogiShrd
O43 - CFD: 23/10/2011 - 18:17:43 - [] ----D C:\Users\user\AppData\Local\Logitech® Webcam Software
O43 - CFD: 02/03/2013 - 11:25:46 - [0] ----D C:\Users\user\AppData\Local\LogMeIn Rescue Applet
O43 - CFD: 24/06/2012 - 11:12:34 - [] ----D C:\Users\user\AppData\Local\Macromedia
O43 - CFD: 27/10/2014 - 10:02:31 - [] ----D C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 26/10/2013 - 22:12:33 - [] ----D C:\Users\user\AppData\Local\Microsoft Games
O43 - CFD: 19/09/2013 - 15:50:14 - [] ----D C:\Users\user\AppData\Local\Mozilla
O43 - CFD: 23/05/2013 - 18:34:11 - [] ----D C:\Users\user\AppData\Local\Programs
O43 - CFD: 28/02/2014 - 23:48:25 - [] ----D C:\Users\user\AppData\Local\Skype
O43 - CFD: 31/01/2015 - 23:03:34 - [] ----D C:\Users\user\AppData\Local\SmartView2
O43 - CFD: 19/05/2015 - 22:23:35 - [] ----D C:\Users\user\AppData\Local\Temp
O43 - CFD: 20/10/2011 - 14:57:55 - [] -SH-D C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 09/05/2013 - 14:27:49 - [0] ----D C:\Users\user\AppData\Local\Unity
O43 - CFD: 05/08/2012 - 22:22:31 - [] ----D C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 22/01/2012 - 14:57:22 - [] ----D C:\Users\user\AppData\Local\WinAVI
O43 - CFD: 15/05/2014 - 08:22:21 - [] ----D C:\Users\user\AppData\Local\Windows Live
O43 - CFD: 15/11/2011 - 10:03:25 - [] ----D C:\Users\user\AppData\Local\Windows Live Writer
O43 - CFD: 14/07/2009 - 06:42:04 - [] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/08/2014 - 15:49:38 - [] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:37:42 - [] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/11/2014 - 16:59:30 - [] R---D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 16/06/2012 - 23:36:09 - [] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ 11 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 233 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7D276046F5B16C6C76DD8511294A38FC] - 05/05/2015 - 06:38:40 ---A- . (...) -- C:\Windows\System32\2015-05-05-05-38-38.015-AvastVBoxSVC.exe-4260.log [197]
O44 - LFC:[MD5.C3BD72DE9FDB04AB227F0B9B7DAC902C] - 05/05/2015 - 06:41:24 ---A- . (...) -- C:\Windows\System32\2015-05-05-05-38-42.025-aswFe.exe-5568.log [247]
O44 - LFC:[MD5.22239608E703FEE2B569979DDD6AF8DA] - 05/05/2015 - 06:42:21 ---A- . (...) -- C:\Windows\System32\2015-05-05-05-42-20.020-aswFe.exe-808.log [247]
O44 - LFC:[MD5.FEE6C1EED19E85BF2BAEF0C42E662EA4] - 05/05/2015 - 06:50:07 ---A- . (...) -- C:\Windows\System32\2015-05-05-05-50-05.047-AvastVBoxSVC.exe-5132.log [197]
O44 - LFC:[MD5.7E9FF1E6ED1080B78CBC6A4D2AC1374F] - 05/05/2015 - 06:58:52 ---A- . (...) -- C:\Windows\System32\2015-05-05-05-50-09.099-aswFe.exe-3684.log [247]
O44 - LFC:[MD5.FE4A410D35BBB65A3AE48E689A875CDA] - 05/05/2015 - 06:59:10 ---A- . (...) -- C:\Windows\System32\2015-05-05-05-59-03.096-aswFe.exe-5988.log [247]
O44 - LFC:[MD5.65A771C8542D57DFFA6F1E11D8F529CE] - 05/05/2015 - 07:07:50 ---A- . (...) -- C:\Windows\System32\2015-05-05-06-07-48.076-AvastVBoxSVC.exe-1860.log [197]
O44 - LFC:[MD5.7E2571895BD801BC32434F328A47061A] - 05/05/2015 - 07:07:51 ---A- . (...) -- C:\Windows\System32\2015-05-05-06-07-51.059-aswFe.exe-3632.log [247]
O44 - LFC:[MD5.3275E1C72113D3E1EE872662ED4FB90A] - 05/05/2015 - 18:15:53 ---A- . (...) -- C:\Windows\System32\2015-05-05-17-15-51.087-AvastVBoxSVC.exe-3140.log [197]
O44 - LFC:[MD5.1397D6625C893E5A845C6B336EA0C5A3] - 05/05/2015 - 18:18:25 ---A- . (...) -- C:\Windows\System32\2015-05-05-17-15-57.002-aswFe.exe-4120.log [247]
O44 - LFC:[MD5.281B2226DC27E6AC52DE1250B03C8F5F] - 05/05/2015 - 18:18:30 ---A- . (...) -- C:\Windows\System32\2015-05-05-17-18-28.012-AvastVBoxSVC.exe-5116.log [197]
O44 - LFC:[MD5.61B23C526F6CC22138E4AA196FC2F181] - 05/05/2015 - 18:18:30 ---A- . (...) -- C:\Windows\System32\2015-05-05-17-18-29.060-aswFe.exe-4604.log [247]
O44 - LFC:[MD5.4A1F340615EDF45034CC2DC13E1E0968] - 05/05/2015 - 18:24:16 ---A- . (...) -- C:\Windows\System32\2015-05-05-17-24-15.055-AvastVBoxSVC.exe-1228.log [197]
O44 - LFC:[MD5.C31137F3744B99F05ACAB4778038D01E] - 05/05/2015 - 18:32:32 ---A- . (...) -- C:\Windows\System32\2015-05-05-17-24-17.082-aswFe.exe-1300.log [247]
O44 - LFC:[MD5.27998E04B5E372CF06694E4A056F3CDF] - 05/05/2015 - 18:32:43 ---A- . (...) -- C:\Windows\System32\2015-05-05-17-32-42.027-aswFe.exe-4912.log [247]
O44 - LFC:[MD5.AA1CEF1D9376230FC30DC20DFB8C6FD4] - 06/05/2015 - 06:54:32 ---A- . (...) -- C:\Windows\System32\2015-05-06-05-54-30.003-AvastVBoxSVC.exe-4728.log [197]
O44 - LFC:[MD5.5D230941D03363C6A976FA031B09ACBE] - 06/05/2015 - 06:58:07 ---A- . (...) -- C:\Windows\System32\2015-05-06-05-54-34.066-aswFe.exe-2652.log [247]
O44 - LFC:[MD5.4539B11B71008F586D61EDE2938B4BC3] - 06/05/2015 - 07:01:58 ---A- . (...) -- C:\Windows\System32\2015-05-06-06-01-56.098-AvastVBoxSVC.exe-3748.log [197]
O44 - LFC:[MD5.6061106F191C3D855EEFC6CC94F5E1EC] - 06/05/2015 - 07:10:05 ---A- . (...) -- C:\Windows\System32\2015-05-06-06-01-59.044-aswFe.exe-5964.log [247]
O44 - LFC:[MD5.C4D40D214D4F619B3B455E76495E8D13] - 06/05/2015 - 07:10:17 ---A- . (...) -- C:\Windows\System32\2015-05-06-06-10-14.012-aswFe.exe-5744.log [247]
O44 - LFC:[MD5.411BA7B5B42F0535BEE42B9B3A8FFC0F] - 06/05/2015 - 18:15:41 ---A- . (...) -- C:\Windows\System32\2015-05-06-17-15-40.039-AvastVBoxSVC.exe-5312.log [197]
O44 - LFC:[MD5.FF48DC387AC8583765378EE78A5E60B2] - 06/05/2015 - 18:23:36 ---A- . (...) -- C:\Windows\System32\2015-05-06-17-15-44.094-aswFe.exe-1060.log [247]
O44 - LFC:[MD5.7005962218696590D864649519869EBA] - 06/05/2015 - 18:23:50 ---A- . (...) -- C:\Windows\System32\2015-05-06-17-23-47.069-aswFe.exe-3868.log [247]
O44 - LFC:[MD5.6426D9F165325915762398A7F3A90FD6] - 06/05/2015 - 20:26:35 ---A- . (...) -- C:\Windows\System32\2015-05-06-19-26-34.011-AvastVBoxSVC.exe-6436.log [197]
O44 - LFC:[MD5.5F57733434C36475186458A93CA1CDC1] - 06/05/2015 - 20:39:07 ---A- . (...) -- C:\Windows\System32\2015-05-06-19-26-39.000-aswFe.exe-6968.log [247]
O44 - LFC:[MD5.78E872D2E00413D77058887B42F211B1] - 06/05/2015 - 20:39:17 ---A- . (...) -- C:\Windows\System32\2015-05-06-19-39-14.029-aswFe.exe-1772.log [247]
O44 - LFC:[MD5.ECB2784C4C741FF46B5031F70FE804CF] - 06/05/2015 - 21:51:50 ---A- . (...) -- C:\Windows\System32\2015-05-06-20-51-47.044-AvastVBoxSVC.exe-10036.log [197]
O44 - LFC:[MD5.12C2F21CC40BFABE8465223D5E895CA6] - 06/05/2015 - 21:51:52 ---A- . (...) -- C:\Windows\System32\2015-05-06-20-51-52.078-aswFe.exe-8016.log [247]
O44 - LFC:[MD5.A1BF5AAF7B241E1A329628BAF9AF2058] - 07/05/2015 - 06:53:27 ---A- . (...) -- C:\Windows\System32\2015-05-07-05-53-25.041-AvastVBoxSVC.exe-3668.log [197]
O44 - LFC:[MD5.108A479642DA209745749C9E9D755DE3] - 07/05/2015 - 06:54:53 ---A- . (...) -- C:\Windows\System32\2015-05-07-05-53-30.061-aswFe.exe-1340.log [247]
O44 - LFC:[MD5.B24E0B24573D63154FEBA214DFE17571] - 07/05/2015 - 06:59:13 ---A- . (...) -- C:\Windows\System32\2015-05-07-05-59-11.026-AvastVBoxSVC.exe-5172.log [197]
O44 - LFC:[MD5.F21B25326B8B5E0D12CECD409350F968] - 07/05/2015 - 07:06:47 ---A- . (...) -- C:\Windows\System32\2015-05-07-05-59-15.020-aswFe.exe-1108.log [247]
O44 - LFC:[MD5.902F3500AC246271B6508A93E0F1CE22] - 07/05/2015 - 07:07:04 ---A- . (...) -- C:\Windows\System32\2015-05-07-06-06-58.044-aswFe.exe-4724.log [247]
O44 - LFC:[MD5.78CFB9A2E38C9A40A002B1ACE11C3A27] - 07/05/2015 - 17:27:02 ---A- . (...) -- C:\Windows\System32\2015-05-07-16-27-00.083-AvastVBoxSVC.exe-4548.log [197]
O44 - LFC:[MD5.1B4577063679EB50525B94EFCC64BD07] - 07/05/2015 - 17:38:44 ---A- . (...) -- C:\Windows\System32\2015-05-07-16-27-03.072-aswFe.exe-4516.log [247]
O44 - LFC:[MD5.1D7459502006A40C3E8AAB9D6D3BA5F6] - 07/05/2015 - 17:39:32 ---A- . (...) -- C:\Windows\System32\2015-05-07-16-38-59.048-aswFe.exe-5996.log [247]
O44 - LFC:[MD5.647A23DDF1597F5573C283B3BBED7D58] - 07/05/2015 - 17:42:53 ---A- . (...) -- C:\Windows\System32\2015-05-07-16-42-50.059-AvastVBoxSVC.exe-6036.log [197]
O44 - LFC:[MD5.CF07DC3355814D3C5BDE21C1988579E7] - 07/05/2015 - 17:49:09 ---A- . (...) -- C:\Windows\System32\2015-05-07-16-42-53.000-aswFe.exe-6040.log [247]
O44 - LFC:[MD5.BE892B54D5C62FB568C1566E352F5A71] - 07/05/2015 - 17:49:21 ---A- . (...) -- C:\Windows\System32\2015-05-07-16-49-17.082-aswFe.exe-3352.log [247]
O44 - LFC:[MD5.CA23C9DDC4AFF2A1E69C9BC1710AC500] - 07/05/2015 - 18:40:39 ---A- . (...) -- C:\Windows\System32\2015-05-07-17-40-37.025-AvastVBoxSVC.exe-4836.log [197]
O44 - LFC:[MD5.A35F5F4668974FF26334B6232FC3B8E6] - 07/05/2015 - 19:33:28 ---A- . (...) -- C:\Windows\System32\2015-05-07-17-40-39.036-aswFe.exe-5716.log [247]
O44 - LFC:[MD5.82520A3C3F7DEB5BE92CD8D064C02F42] - 07/05/2015 - 19:37:28 ---A- . (...) -- C:\Windows\System32\2015-05-07-18-37-26.010-AvastVBoxSVC.exe-5328.log [197]
O44 - LFC:[MD5.5D019C43CE7D79C36C2F84137F05FC84] - 07/05/2015 - 19:45:10 ---A- . (...) -- C:\Windows\System32\2015-05-07-18-37-29.070-aswFe.exe-5280.log [247]
O44 - LFC:[MD5.CDAC3CFF47FB5B793F1F7B20A9FAFDA6] - 07/05/2015 - 19:45:24 ---A- . (...) -- C:\Windows\System32\2015-05-07-18-45-19.085-aswFe.exe-5512.log [247]
O44 - LFC:[MD5.E014A87B1181A339083B9F4EE8D06DCF] - 07/05/2015 - 20:05:49 ---A- . (...) -- C:\Windows\System32\2015-05-07-19-05-48.040-AvastVBoxSVC.exe-5916.log [197]
O44 - LFC:[MD5.29A17F1BF2EEEC442CA97D526D8862D5] - 07/05/2015 - 20:16:43 ---A- . (...) -- C:\Windows\System32\2015-05-07-19-05-51.028-aswFe.exe-6028.log [247]
O44 - LFC:[MD5.35104B2FA6652D6D0CF5015BBAC36ED4] - 07/05/2015 - 20:17:01 ---A- . (...) -- C:\Windows\System32\2015-05-07-19-16-54.089-aswFe.exe-3488.log [247]
O44 - LFC:[MD5.8AF45D925FDCA506AF51A39006CA4460] - 08/05/2015 - 08:38:54 ---A- . (...) -- C:\Windows\System32\2015-05-08-07-38-53.026-AvastVBoxSVC.exe-5292.log [197]
O44 - LFC:[MD5.CAFA3B45D1C92E3A2902ED37DC068191] - 08/05/2015 - 08:48:19 ---A- . (...) -- C:\Windows\System32\2015-05-08-07-39-02.020-aswFe.exe-204.log [247]
O44 - LFC:[MD5.F04BB56271F8435F84D453846F65E946] - 08/05/2015 - 08:52:37 ---A- . (...) -- C:\Windows\System32\2015-05-08-07-52-36.032-AvastVBoxSVC.exe-4388.log [197]
O44 - LFC:[MD5.F9447045855625B8502D0044817E36E4] - 08/05/2015 - 09:00:35 ---A- . (...) -- C:\Windows\System32\2015-05-08-07-52-40.040-aswFe.exe-5308.log [247]
O44 - LFC:[MD5.1EA3C4FF313037F38C1422E49C9D7D54] - 08/05/2015 - 09:00:51 ---A- . (...) -- C:\Windows\System32\2015-05-08-08-00-46.074-aswFe.exe-664.log [247]
O44 - LFC:[MD5.ADEC995E8B490394F099C06E53DE2DE8] - 08/05/2015 - 11:27:08 ---A- . (...) -- C:\Windows\System32\2015-05-08-10-27-07.072-AvastVBoxSVC.exe-4888.log [197]
O44 - LFC:[MD5.0A726420903AAC8D857117CD724824E2] - 08/05/2015 - 11:36:59 ---A- . (...) -- C:\Windows\System32\2015-05-08-10-27-12.027-aswFe.exe-5880.log [247]
O44 - LFC:[MD5.EE305D144A556B0C59A2CFD2FBA48819] - 08/05/2015 - 11:37:06 ---A- . (...) -- C:\Windows\System32\2015-05-08-10-37-03.083-aswFe.exe-704.log [247]
O44 - LFC:[MD5.1FFD492B29B9B5C18F4E7AA1A38E7BBF] - 08/05/2015 - 12:01:57 ---A- . (...) -- C:\Windows\System32\2015-05-08-11-01-56.008-AvastVBoxSVC.exe-3804.log [197]
O44 - LFC:[MD5.D0D0509DEA43D210D6428C57DFB29DDD] - 08/05/2015 - 12:10:36 ---A- . (...) -- C:\Windows\System32\2015-05-08-11-02-01.034-aswFe.exe-5252.log [247]
O44 - LFC:[MD5.584EFC04FA86B02388EE518460DC275D] - 08/05/2015 - 12:10:48 ---A- . (...) -- C:\Windows\System32\2015-05-08-11-10-47.091-aswFe.exe-5476.log [247]
O44 - LFC:[MD5.2D8A26C3B30B800ED357115AEB00D7FA] - 08/05/2015 - 21:15:14 ---A- . (...) -- C:\Windows\System32\2015-05-08-20-15-12.063-AvastVBoxSVC.exe-5664.log [197]
O44 - LFC:[MD5.FF1F3E09D2AC647F9842117024940025] - 08/05/2015 - 21:28:06 ---A- . (...) -- C:\Windows\System32\2015-05-08-20-15-21.024-aswFe.exe-4764.log [247]
O44 - LFC:[MD5.CBA003ED9B213B1F51C2AA6EA4D718A2] - 08/05/2015 - 21:34:40 ---A- . (...) -- C:\Windows\System32\2015-05-08-20-34-38.014-AvastVBoxSVC.exe-4484.log [197]
O44 - LFC:[MD5.1080A6AE6FEAB8A1CF3A1F682781F7BB] - 08/05/2015 - 21:44:17 ---A- . (...) -- C:\Windows\System32\2015-05-08-20-34-42.010-aswFe.exe-2776.log [247]
O44 - LFC:[MD5.8844C8B96F93221E925EDF4D2C6543B3] - 08/05/2015 - 21:44:36 ---A- . (...) -- C:\Windows\System32\2015-05-08-20-44-29.003-aswFe.exe-5324.log [247]
O44 - LFC:[MD5.516A73D492F5AF4030234579F3381C5F] - 09/05/2015 - 08:43:13 ---A- . (...) -- C:\Windows\System32\2015-05-09-07-43-10.067-AvastVBoxSVC.exe-4344.log [197]
O44 - LFC:[MD5.36057E6DF44297610B89E1DA9B1C3EDD] - 09/05/2015 - 08:56:31 ---A- . (...) -- C:\Windows\System32\2015-05-09-07-43-14.022-aswFe.exe-5644.log [247]
O44 - LFC:[MD5.6B5DC7EB1BEECAD24965D3BC861CD0F1] - 09/05/2015 - 08:56:46 ---A- . (...) -- C:\Windows\System32\2015-05-09-07-56-42.005-aswFe.exe-5336.log [247]
O44 - LFC:[MD5.3B266E53A0C0398428DE4A2AEF2E0DA8] - 09/05/2015 - 09:01:26 ---A- . (...) -- C:\Windows\System32\2015-05-09-08-01-25.045-AvastVBoxSVC.exe-5684.log [197]
O44 - LFC:[MD5.324E5BC724C5ED17CEA79AB0E25291B2] - 09/05/2015 - 09:07:56 ---A- . (...) -- C:\Windows\System32\2015-05-09-08-01-27.065-aswFe.exe-6092.log [247]
O44 - LFC:[MD5.EEE62C2DF2A974B70810A9D6AE760014] - 09/05/2015 - 09:08:11 ---A- . (...) -- C:\Windows\System32\2015-05-09-08-08-06.041-aswFe.exe-2724.log [247]
O44 - LFC:[MD5.581A062540059B1BAC2CF5A0B37AC1D8] - 09/05/2015 - 09:38:53 ---A- . (...) -- C:\Windows\System32\2015-05-09-08-38-51.049-AvastVBoxSVC.exe-2072.log [197]
O44 - LFC:[MD5.70342A4A2CF5F2C90A18CD8E722E1118] - 09/05/2015 - 09:48:52 ---A- . (...) -- C:\Windows\System32\2015-05-09-08-38-57.022-aswFe.exe-5612.log [247]
O44 - LFC:[MD5.B32205EDDBDBD49FEE50B3F42F22DBF2] - 09/05/2015 - 09:49:00 ---A- . (...) -- C:\Windows\System32\2015-05-09-08-48-58.083-aswFe.exe-5316.log [247]
O44 - LFC:[MD5.0DC76F96CC73938003FE5FF0AB04F594] - 09/05/2015 - 14:59:39 ---A- . (...) -- C:\Windows\System32\2015-05-09-13-59-38.016-AvastVBoxSVC.exe-2672.log [197]
O44 - LFC:[MD5.20002FC1B24341D6875DC34DAF90EC05] - 09/05/2015 - 15:00:44 ---A- . (...) -- C:\Windows\System32\2015-05-09-13-59-40.092-aswFe.exe-5232.log [247]
O44 - LFC:[MD5.0084487394295306C19B6B434667694E] - 09/05/2015 - 15:06:37 ---A- . (...) -- C:\Windows\System32\2015-05-09-14-06-35.071-AvastVBoxSVC.exe-2752.log [197]
O44 - LFC:[MD5.5ECDA8576C4A7DEA74C3C793DC811FBB] - 09/05/2015 - 15:12:39 ---A- . (...) -- C:\Windows\System32\2015-05-09-14-06-37.092-aswFe.exe-3912.log [247]
O44 - LFC:[MD5.8EE68D4509D903AC2658F3CD6AE4327D] - 09/05/2015 - 15:12:51 ---A- . (...) -- C:\Windows\System32\2015-05-09-14-12-48.035-aswFe.exe-4684.log [247]
O44 - LFC:[MD5.2255160C07B0402C8CBDF1C1F6CD3288] - 09/05/2015 - 18:19:41 ---A- . (...) -- C:\Windows\System32\2015-05-09-17-19-40.056-AvastVBoxSVC.exe-524.log [197]
O44 - LFC:[MD5.1742ACF918E162A78E2DB37723608160] - 09/05/2015 - 18:29:59 ---A- . (...) -- C:\Windows\System32\2015-05-09-17-19-42.073-aswFe.exe-2732.log [247]
O44 - LFC:[MD5.F1002F2EE1B815508FD42C0E62FB8BA5] - 09/05/2015 - 18:30:12 ---A- . (...) -- C:\Windows\System32\2015-05-09-17-30-10.020-aswFe.exe-4940.log [247]
O44 - LFC:[MD5.38623B976EE9928AC4B61252BED062B6] - 09/05/2015 - 19:42:02 ---A- . (...) -- C:\Windows\System32\2015-05-09-18-41-59.045-AvastVBoxSVC.exe-192.log [197]
O44 - LFC:[MD5.5C6FE9771A04C0C04C2D38454C43653F] - 09/05/2015 - 19:54:19 ---A- . (...) -- C:\Windows\System32\2015-05-09-18-42-05.037-aswFe.exe-4992.log [247]
O44 - LFC:[MD5.B623BB17E7F26CE2E52051AC7F3AFA67] - 09/05/2015 - 19:54:34 ---A- . (...) -- C:\Windows\System32\2015-05-09-18-54-30.010-aswFe.exe-4536.log [247]
O44 - LFC:[MD5.A6786BC000DD023CD5AF224D9DA0C5F3] - 09/05/2015 - 22:07:25 ---A- . (...) -- C:\Windows\System32\2015-05-09-21-07-23.090-AvastVBoxSVC.exe-7628.log [197]
O44 - LFC:[MD5.8FAEFC0258C06EC3C5449F99CC1A25EA] - 09/05/2015 - 22:17:00 ---A- . (...) -- C:\Windows\System32\2015-05-09-21-07-27.031-aswFe.exe-2392.log [247]
O44 - LFC:[MD5.03960C5011BD1EC1FD23328248922D71] - 09/05/2015 - 22:17:20 ---A- . (...) -- C:\Windows\System32\2015-05-09-21-17-12.041-aswFe.exe-6192.log [247]
O44 - LFC:[MD5.1CAA8D50EEE2CC50B7026EE74F822F45] - 10/05/2015 - 08:59:52 ---A- . (...) -- C:\Windows\System32\2015-05-10-07-59-49.013-AvastVBoxSVC.exe-576.log [197]
O44 - LFC:[MD5.BB41B2441429BA09A98C120221B680AF] - 10/05/2015 - 09:06:43 ---A- . (...) -- C:\Windows\System32\2015-05-10-07-59-53.000-aswFe.exe-4576.log [247]
O44 - LFC:[MD5.C95E33D817BFC9F786D94A68255E121D] - 10/05/2015 - 09:06:55 ---A- . (...) -- C:\Windows\System32\2015-05-10-08-06-52.092-aswFe.exe-4644.log [247]
O44 - LFC:[MD5.89DAE7C17E32A11B3078470C6EED0B6C] - 10/05/2015 - 18:43:42 ---A- . (...) -- C:\Windows\System32\2015-05-10-17-43-39.045-AvastVBoxSVC.exe-2608.log [197]
O44 - LFC:[MD5.D68A57FCF2B86E42F518B8733FD31315] - 10/05/2015 - 18:53:56 ---A- . (...) -- C:\Windows\System32\2015-05-10-17-43-45.041-aswFe.exe-4396.log [247]
O44 - LFC:[MD5.7C41D15C5A616958247745E3A1769848] - 10/05/2015 - 18:54:05 ---A- . (...) -- C:\Windows\System32\2015-05-10-17-54-03.025-aswFe.exe-1068.log [247]
O44 - LFC:[MD5.1E1350870127749A07891B7755C20B5C] - 10/05/2015 - 18:58:49 ---A- . (...) -- C:\Windows\System32\2015-05-10-17-58-47.086-AvastVBoxSVC.exe-4888.log [197]
O44 - LFC:[MD5.6A0B94FDDE978D8FD5FA715531D46A36] - 10/05/2015 - 19:06:43 ---A- . (...) -- C:\Windows\System32\2015-05-10-17-58-50.001-aswFe.exe-5480.log [247]
O44 - LFC:[MD5.C1C53B95D70CC4BC064A068045A85883] - 10/05/2015 - 19:06:54 ---A- . (...) -- C:\Windows\System32\2015-05-10-18-06-50.052-aswFe.exe-1276.log [247]
O44 - LFC:[MD5.15E0281818086A16B3374560F23D8AFC] - 10/05/2015 - 20:19:29 ---A- . (...) -- C:\Windows\System32\2015-05-10-19-19-28.046-AvastVBoxSVC.exe-5536.log [197]
O44 - LFC:[MD5.B946F16D7DE19BE6519F4E6F98C88ECD] - 10/05/2015 - 20:26:36 ---A- . (...) -- C:\Windows\System32\2015-05-10-19-19-30.063-aswFe.exe-5196.log [247]
O44 - LFC:[MD5.F38D7403BD9EAD5065546641C949EAF8] - 10/05/2015 - 20:26:49 ---A- . (...) -- C:\Windows\System32\2015-05-10-19-26-46.063-aswFe.exe-6136.log [247]
O44 - LFC:[MD5.37413751EE15B4C75CB2168847ADF549] - 11/05/2015 - 17:57:57 ---A- . (...) -- C:\Windows\System32\2015-05-11-16-57-55.015-AvastVBoxSVC.exe-5376.log [197]
O44 - LFC:[MD5.9A6561BD0CA933ACC961704DE11707CD] - 11/05/2015 - 18:09:12 ---A- . (...) -- C:\Windows\System32\2015-05-11-16-57-57.077-aswFe.exe-4500.log [247]
O44 - LFC:[MD5.1A48F1C766488681EF9C38D42805795C] - 11/05/2015 - 18:09:19 ---A- . (...) -- C:\Windows\System32\2015-05-11-17-09-18.080-aswFe.exe-1136.log [247]
O44 - LFC:[MD5.3F571DE56901D6BCD75DB6F2116C7D1E] - 11/05/2015 - 18:12:49 ---A- . (...) -- C:\Windows\System32\2015-05-11-17-12-48.072-AvastVBoxSVC.exe-5680.log [197]
O44 - LFC:[MD5.F32798BB0DA1F8CDBFD94349B78581FD] - 11/05/2015 - 18:19:01 ---A- . (...) -- C:\Windows\System32\2015-05-11-17-12-50.071-aswFe.exe-5032.log [247]
O44 - LFC:[MD5.E6612C326B6BD04FB20405B568419723] - 11/05/2015 - 18:19:09 ---A- . (...) -- C:\Windows\System32\2015-05-11-17-19-07.005-aswFe.exe-4112.log [247]
O44 - LFC:[MD5.4914E913C8C47F3A559C100F0DB59310] - 11/05/2015 - 18:52:01 ---A- . (...) -- C:\Windows\System32\2015-05-11-17-51-58.057-AvastVBoxSVC.exe-5644.log [197]
O44 - LFC:[MD5.F57E2C75181AE3F5EE74EF583A3E08B9] - 11/05/2015 - 19:01:49 ---A- . (...) -- C:\Windows\System32\2015-05-11-17-52-04.032-aswFe.exe-4776.log [247]
O44 - LFC:[MD5.B773A5AD05FF5B4E954A6F9B6DB74AFE] - 11/05/2015 - 19:02:01 ---A- . (...) -- C:\Windows\System32\2015-05-11-18-02-00.048-aswFe.exe-4420.log [247]
O44 - LFC:[MD5.9ECF6A03F85BE958E42A135E4BDB2E17] - 11/05/2015 - 19:29:32 ---A- . (...) -- C:\Windows\System32\2015-05-11-18-29-30.086-AvastVBoxSVC.exe-4528.log [197]
O44 - LFC:[MD5.85C79CF850725E121768B503914E9CF0] - 11/05/2015 - 19:37:43 ---A- . (...) -- C:\Windows\System32\2015-05-11-18-29-33.022-aswFe.exe-2100.log [247]
O44 - LFC:[MD5.72ECECA13312943184F4BEE452B79D2B] - 11/05/2015 - 19:37:57 ---A- . (...) -- C:\Windows\System32\2015-05-11-18-37-54.099-aswFe.exe-5148.log [247]
O44 - LFC:[MD5.11631A6B4A77F5F561862A9E9314DF21] - 11/05/2015 - 21:11:44 ---A- . (...) -- C:\Windows\System32\2015-05-11-20-11-41.061-AvastVBoxSVC.exe-4360.log [197]
O44 - LFC:[MD5.DA4F5DD6E90D36BB21204B67060D9BED] - 11/05/2015 - 21:24:58 ---A- . (...) -- C:\Windows\System32\2015-05-11-20-11-44.022-aswFe.exe-7032.log [247]
O44 - LFC:[MD5.86F9635258E57360DFDD0C81DA07A71B] - 11/05/2015 - 21:25:21 ---A- . (...) -- C:\Windows\System32\2015-05-11-20-25-14.013-aswFe.exe-4104.log [247]
O44 - LFC:[MD5.D14AC9748B1566EEA667847613289A98] - 11/05/2015 - 22:14:00 ---A- . (...) -- C:\Windows\System32\2015-05-11-21-13-58.024-AvastVBoxSVC.exe-7156.log [197]
O44 - LFC:[MD5.27A9CD6ECD2128875EC18A7153031F54] - 11/05/2015 - 22:24:28 ---A- . (...) -- C:\Windows\System32\2015-05-11-21-14-01.031-aswFe.exe-1344.log [247]
O44 - LFC:[MD5.F5D7760C1A19C57A740D8D877AE9EAD6] - 11/05/2015 - 22:24:38 ---A- . (...) -- C:\Windows\System32\2015-05-11-21-24-33.091-aswFe.exe-7172.log [247]
O44 - LFC:[MD5.9E9CFC2D844EDF0E3EE664C9E2BCEAE3] - 12/05/2015 - 07:04:08 ---A- . (...) -- C:\Windows\System32\2015-05-12-06-04-06.061-AvastVBoxSVC.exe-3596.log [197]
O44 - LFC:[MD5.FF36DB5CFF8FA773BA9DAE155A01BDCE] - 12/05/2015 - 07:13:23 ---A- . (...) -- C:\Windows\System32\2015-05-12-06-04-10.068-aswFe.exe-3704.log [247]
O44 - LFC:[MD5.B610A2130420C3BF564C7BCFF7777F12] - 12/05/2015 - 07:13:38 ---A- . (...) -- C:\Windows\System32\2015-05-12-06-13-34.036-aswFe.exe-2348.log [247]
O44 - LFC:[MD5.EE019EDFF93ACE5EE08DA2FF03EB356C] - 12/05/2015 - 17:47:18 ---A- . (...) -- C:\Windows\System32\2015-05-12-16-47-16.037-AvastVBoxSVC.exe-5740.log [197]
O44 - LFC:[MD5.9444C9CA12FA100E41B9AA2835550360] - 12/05/2015 - 17:57:28 ---A- . (...) -- C:\Windows\System32\2015-05-12-16-47-19.021-aswFe.exe-4068.log [247]
O44 - LFC:[MD5.632F641E535942045C1A66D156C150DA] - 12/05/2015 - 17:57:34 ---A- . (...) -- C:\Windows\System32\2015-05-12-16-57-33.064-aswFe.exe-4564.log [247]
O44 - LFC:[MD5.B16FA36CDA1DD5640DEBCF3343E4FD25] - 12/05/2015 - 18:08:57 ---A- . (...) -- C:\Windows\System32\2015-05-12-17-08-54.047-AvastVBoxSVC.exe-5428.log [197]
O44 - LFC:[MD5.FEABFDC9D2DC0360C0B6E275A42406B5] - 12/05/2015 - 18:21:03 ---A- . (...) -- C:\Windows\System32\2015-05-12-17-08-58.012-aswFe.exe-2700.log [247]
O44 - LFC:[MD5.0D6A37956FA91ED39AE2B44B01660BC9] - 12/05/2015 - 18:21:17 ---A- . (...) -- C:\Windows\System32\2015-05-12-17-21-14.008-aswFe.exe-5116.log [247]
O44 - LFC:[MD5.41C56DBB37D2EFCFE98E2F5ECC6E8C9B] - 12/05/2015 - 20:47:06 ---A- . (...) -- C:\Windows\System32\2015-05-12-19-47-04.006-AvastVBoxSVC.exe-2040.log [197]
O44 - LFC:[MD5.67BBA2713B9F177E30782F35734B9AA1] - 12/05/2015 - 20:55:55 ---A- . (...) -- C:\Windows\System32\2015-05-12-19-47-11.047-aswFe.exe-5776.log [247]
O44 - LFC:[MD5.1DE33A4B52AF389D4BD630681B630243] - 12/05/2015 - 20:56:13 ---A- . (...) -- C:\Windows\System32\2015-05-12-19-56-05.077-aswFe.exe-5144.log [247]
O44 - LFC:[MD5.9F49B90AE44D6488C669DDC1C9786813] - 13/05/2015 - 06:45:53 ---A- . (...) -- C:\Windows\System32\2015-05-13-05-45-49.083-AvastVBoxSVC.exe-1384.log [197]
O44 - LFC:[MD5.7861177175067F5957BE609DA1914B49] - 13/05/2015 - 06:54:40 ---A- . (...) -- C:\Windows\System32\2015-05-13-05-45-55.087-aswFe.exe-5660.log [247]
O44 - LFC:[MD5.A3991FE9FA48764165790F0601537789] - 13/05/2015 - 06:58:37 ---A- . (...) -- C:\Windows\System32\2015-05-13-05-58-35.014-AvastVBoxSVC.exe-4848.log [197]
O44 - LFC:[MD5.6C9E10533D70C9E1996261F30813056B] - 13/05/2015 - 07:05:48 ---A- . (...) -- C:\Windows\System32\2015-05-13-05-58-38.028-aswFe.exe-4492.log [247]
O44 - LFC:[MD5.4D9E3233CA9E3A7B833D130415D3983C] - 13/05/2015 - 07:06:00 ---A- . (...) -- C:\Windows\System32\2015-05-13-06-05-57.074-aswFe.exe-5032.log [247]
O44 - LFC:[MD5.87CDAE404DC75452528E06B8B4CB0D2A] - 13/05/2015 - 18:53:53 ---A- . (...) -- C:\Windows\System32\2015-05-13-17-53-51.077-AvastVBoxSVC.exe-3484.log [197]
O44 - LFC:[MD5.4714BD2F06F8E55B1D260DCF3F248E97] - 13/05/2015 - 19:04:19 ---A- . (...) -- C:\Windows\System32\2015-05-13-17-53-56.093-aswFe.exe-5512.log [247]
O44 - LFC:[MD5.2FF5A7ABB51FAD99CC4AB41023FC62EB] - 13/05/2015 - 19:04:33 ---A- . (...) -- C:\Windows\System32\2015-05-13-18-04-30.030-aswFe.exe-1184.log [247]
O44 - LFC:[MD5.F4BF196240FA7D6E39F0FD446E1A9FC2] - 13/05/2015 - 22:18:07 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [137310008]
O44 - LFC:[MD5.8349CC2717F9103B797BE260C5CDC6A6] - 14/05/2015 - 09:31:46 ---A- . (...) -- C:\Windows\System32\2015-05-14-08-31-45.026-AvastVBoxSVC.exe-4308.log [197]
O44 - LFC:[MD5.CF2134D2F6E300D694A201F32954D849] - 14/05/2015 - 09:40:56 ---A- . (...) -- C:\Windows\System32\2015-05-14-08-31-51.040-aswFe.exe-3848.log [247]
O44 - LFC:[MD5.8239EA5DFC78F78A268C3A9C73A51B95] - 14/05/2015 - 09:41:13 ---A- . (...) -- C:\Windows\System32\2015-05-14-08-41-08.032-aswFe.exe-5632.log [247]
O44 - LFC:[MD5.5B7396AE77B11DA74DA2F4D944180702] - 14/05/2015 - 13:18:51 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.204FBC5577EEF260B5FEA3326148CF4A] - 14/05/2015 - 13:25:28 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\WindowsAccessBridge.dll [96352]
O44 - LFC:[MD5.F7A1945900461C8E280D92AB8D743074] - 15/05/2015 - 07:05:50 ---A- . (...) -- C:\Windows\System32\2015-05-15-06-05-48.041-AvastVBoxSVC.exe-6004.log [197]
O44 - LFC:[MD5.02F87A73EC354F8EA40EC9A4591AB70A] - 15/05/2015 - 07:19:10 ---A- . (...) -- C:\Windows\System32\2015-05-15-06-05-56.025-aswFe.exe-4676.log [247]
O44 - LFC:[MD5.515DC269C3DF63D508A5ECF0F741F978] - 16/05/2015 - 00:41:42 ---A- . (...) -- C:\Windows\System32\2015-05-15-23-41-39.018-AvastVBoxSVC.exe-4628.log [197]
O44 - LFC:[MD5.DEBDC8F2F98231CB4CB8BB8FDA24B901] - 16/05/2015 - 01:21:13 ---A- . (...) -- C:\Windows\System32\2015-05-15-23-41-51.069-aswFe.exe-2536.log [247]
O44 - LFC:[MD5.6FB28B001AD8A40BF43C3FD072BB6BB6] - 16/05/2015 - 01:21:30 ---A- . (...) -- C:\Windows\System32\2015-05-16-00-21-26.024-aswFe.exe-5824.log [247]
O44 - LFC:[MD5.0FB0FED7ABC923CBA21458C7976D8781] - 16/05/2015 - 01:31:09 ---A- . (...) -- C:\Windows\System32\2015-05-16-00-31-06.026-AvastVBoxSVC.exe-2252.log [0]
O44 - LFC:[MD5.1367665AC6AC1FF2D1CC7BA65EFC3E2F] - 16/05/2015 - 01:46:46 ---A- . (...) -- C:\Windows\System32\2015-05-16-00-31-09.037-aswFe.exe-5000.log [247]
O44 - LFC:[MD5.E5583786C74002AFB370A6D44CFA2F7C] - 16/05/2015 - 01:47:12 ---A- . (...) -- C:\Windows\System32\2015-05-16-00-47-08.030-aswFe.exe-6024.log [247]
O44 - LFC:[MD5.26834E568B8C64041597FB6C2F5BD789] - 16/05/2015 - 10:18:04 ---A- . (...) -- C:\Windows\System32\2015-05-16-09-18-02.038-AvastVBoxSVC.exe-3120.log [197]
O44 - LFC:[MD5.D0C449FA2F54F3ED64EF24CD479BD840] - 16/05/2015 - 10:28:51 ---A- . (...) -- C:\Windows\System32\2015-05-16-09-18-10.004-aswFe.exe-2528.log [247]
O44 - LFC:[MD5.A5C69B9DA984025756E2D66697580244] - 16/05/2015 - 10:29:13 ---A- . (...) -- C:\Windows\System32\2015-05-16-09-29-12.018-aswFe.exe-6108.log [247]
O44 - LFC:[MD5.14FD980A784064027241E46E69F05E95] - 16/05/2015 - 10:37:10 ---A- . (...) -- C:\Windows\System32\2015-05-16-09-37-08.035-AvastVBoxSVC.exe-1192.log [0]
O44 - LFC:[MD5.4F03E712812D375D95B6075C651F0CA6] - 16/05/2015 - 10:50:14 ---A- . (...) -- C:\Windows\System32\2015-05-16-09-37-10.076-aswFe.exe-4592.log [247]
O44 - LFC:[MD5.4E5C06E4E8F4F572E8E3173BA30B0839] - 16/05/2015 - 10:50:29 ---A- . (...) -- C:\Windows\System32\2015-05-16-09-50-24.001-aswFe.exe-5956.log [247]
O44 - LFC:[MD5.60300587548BEDEF39706AD958FE2D4E] - 17/05/2015 - 09:56:35 ---A- . (...) -- C:\Windows\System32\2015-05-17-08-56-33.061-AvastVBoxSVC.exe-4748.log [197]
O44 - LFC:[MD5.02688A0A2B2C4F02C5572CA852965749] - 17/05/2015 - 10:05:55 ---A- . (...) -- C:\Windows\System32\2015-05-17-08-56-39.016-aswFe.exe-452.log [247]
O44 - LFC:[MD5.512CFEC2E8CB49CAACCC778A4955716A] - 17/05/2015 - 10:06:04 ---A- . (...) -- C:\Windows\System32\2015-05-17-09-06-01.085-aswFe.exe-4968.log [247]
O44 - LFC:[MD5.3A001EEFB1C1863BC270AE1C08C0FE9E] - 17/05/2015 - 10:12:33 ---A- . (...) -- C:\Windows\System32\2015-05-17-09-12-31.093-AvastVBoxSVC.exe-3948.log [0]
O44 - LFC:[MD5.4184BB22373DBED82DE2F740181B27FB] - 17/05/2015 - 10:22:00 ---A- . (...) -- C:\Windows\System32\2015-05-17-09-12-34.015-aswFe.exe-3872.log [247]
O44 - LFC:[MD5.8AA4D8F35E063EA5D507C0C742EAD65B] - 17/05/2015 - 10:22:08 ---A- . (...) -- C:\Windows\System32\2015-05-17-09-22-06.056-aswFe.exe-968.log [247]
O44 - LFC:[MD5.71BBD15876DA7CC576111EE23C60B26D] - 18/05/2015 - 07:03:53 ---A- . (...) -- C:\Windows\System32\2015-05-18-06-03-51.061-AvastVBoxSVC.exe-4136.log [197]
O44 - LFC:[MD5.B5150A73429C8253B5741AAF78CA7EAB] - 18/05/2015 - 07:12:08 ---A- . (...) -- C:\Windows\System32\2015-05-18-06-03-56.011-aswFe.exe-2764.log [247]
O44 - LFC:[MD5.82BDAC6CF5DF79D2E0FEF34653519867] - 18/05/2015 - 07:12:22 ---A- . (...) -- C:\Windows\System32\2015-05-18-06-12-19.077-aswFe.exe-1568.log [247]
O44 - LFC:[MD5.0F9083E5B2A0501CBAC88E7A4BFC93DC] - 18/05/2015 - 07:16:56 ---A- . (...) -- C:\Windows\System32\2015-05-18-06-16-54.094-AvastVBoxSVC.exe-3812.log [0]
O44 - LFC:[MD5.BF3A56B6657BCBFCE6B2362AC39D67B6] - 18/05/2015 - 07:23:34 ---A- . (...) -- C:\Windows\System32\2015-05-18-06-16-57.069-aswFe.exe-4624.log [247]
O44 - LFC:[MD5.6E3C3CB3A6B2401ABAA87FDEF386AAD1] - 18/05/2015 - 07:23:43 ---A- . (...) -- C:\Windows\System32\2015-05-18-06-23-40.074-aswFe.exe-6116.log [247]
O44 - LFC:[MD5.FFD5B3E6404004B7C314023B52887E6D] - 18/05/2015 - 18:09:21 ---A- . (...) -- C:\Windows\System32\2015-05-18-17-09-20.072-AvastVBoxSVC.exe-4472.log [197]
O44 - LFC:[MD5.58FD3337445F0E3F2AA7798CE541E783] - 18/05/2015 - 18:41:40 ---A- . (...) -- C:\Windows\System32\2015-05-18-17-09-24.061-aswFe.exe-5028.log [247]
O44 - LFC:[MD5.56802526746D0A368986E7425BC0D828] - 18/05/2015 - 18:41:53 ---A- . (...) -- C:\Windows\System32\2015-05-18-17-41-49.092-aswFe.exe-4180.log [247]
O44 - LFC:[MD5.D35526C4C15B133C96BA86A68297C793] - 18/05/2015 - 18:48:57 ---A- . (...) -- C:\Windows\System32\2015-05-18-17-48-53.012-AvastVBoxSVC.exe-1836.log [0]
O44 - LFC:[MD5.C91D680F118FB3A6FDB3AB3424077DD5] - 18/05/2015 - 19:01:55 ---A- . (...) -- C:\Windows\System32\2015-05-18-17-49-00.033-aswFe.exe-6132.log [247]
O44 - LFC:[MD5.BC14AF55EF99984E24DDDD0C41FA6EFF] - 18/05/2015 - 19:02:10 ---A- . (...) -- C:\Windows\System32\2015-05-18-18-02-07.004-aswFe.exe-232.log [247]
O44 - LFC:[MD5.436E01E4222D99F808896A5673AAE327] - 19/05/2015 - 07:01:04 ---A- . (...) -- C:\Windows\System32\2015-05-19-06-01-01.036-AvastVBoxSVC.exe-3140.log [0]
O44 - LFC:[MD5.A2C0E79DC9259A73A005FDDFEDC8D3DE] - 19/05/2015 - 07:09:53 ---A- . (...) -- C:\Windows\System32\2015-05-19-06-01-06.009-aswFe.exe-4428.log [247]
O44 - LFC:[MD5.1EC5357929FFCB6FFEBED64D2B52D5EC] - 19/05/2015 - 07:10:05 ---A- . (...) -- C:\Windows\System32\2015-05-19-06-10-04.064-aswFe.exe-5860.log [247]
O44 - LFC:[MD5.16D9E565A264974CCB4730D0E8EB1A45] - 19/05/2015 - 07:58:32 ---A- . (...) -- C:\Windows\System32\2015-05-19-06-58-30.070-AvastVBoxSVC.exe-4336.log [197]
O44 - LFC:[MD5.E255C7BC0265BC72DCAD284B41B25F44] - 19/05/2015 - 08:05:15 ---A- . (...) -- C:\Windows\System32\2015-05-19-06-58-33.003-aswFe.exe-6036.log [247]
O44 - LFC:[MD5.1D9F32792948B3235F8D1FD89D7EE81B] - 19/05/2015 - 08:05:23 ---A- . (...) -- C:\Windows\System32\2015-05-19-07-05-20.046-aswFe.exe-4008.log [247]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/05/2015 - 17:39:41 ---A- . (...) -- C:\Windows\System32\Drivers\lvuvc.hs [0]
O44 - LFC:[MD5.8714BB6808DDB9C3254DCA8AFA11C5EC] - 19/05/2015 - 17:39:42 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.03BCE63269D5BB7D90C8C95F6E6A9718] - 19/05/2015 - 18:33:49 ---A- . (...) -- C:\Windows\setupact.log [142286]
O44 - LFC:[MD5.BFE278633784F184B435C60C7CCB92E0] - 19/05/2015 - 18:51:22 ---A- . (...) -- C:\Windows\System32\2015-05-19-17-51-17.052-AvastVBoxSVC.exe-2464.log [197]
O44 - LFC:[MD5.6D014206888ABAEE455FDDFBB7760B14] - 19/05/2015 - 19:08:04 ---A- . (...) -- C:\Windows\System32\2015-05-19-17-51-46.084-aswFe.exe-5804.log [247]
O44 - LFC:[MD5.5656B7AFD02ACC9191B4EE5B9BF4C4DE] - 19/05/2015 - 19:08:15 ---A- . (...) -- C:\Windows\System32\2015-05-19-18-08-12.083-aswFe.exe-4432.log [247]
O44 - LFC:[MD5.6F5F7B698879C8F1E7922EC7287BCF8C] - 19/05/2015 - 19:15:20 ---A- . (...) -- C:\Windows\System32\2015-05-19-18-15-17.088-AvastVBoxSVC.exe-5460.log [197]
O44 - LFC:[MD5.E8273335C791C468D0A08B4A22984333] - 19/05/2015 - 19:24:42 ---A- . (...) -- C:\Windows\System32\2015-05-19-18-15-20.013-aswFe.exe-5756.log [247]
O44 - LFC:[MD5.CEA519CB6D5D2D5C6C6505141080B8E6] - 19/05/2015 - 19:24:57 ---A- . (...) -- C:\Windows\System32\2015-05-19-18-24-53.090-aswFe.exe-344.log [247]
O44 - LFC:[MD5.9EBE7DE26DE0F7862FC2737234DB09DC] - 19/05/2015 - 20:10:35 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1703337]
O44 - LFC:[MD5.41A1DC711D6FB39D4E95C667CCA7B9F5] - 19/05/2015 - 21:18:45 ---A- . (...) -- C:\Windows\System32\2015-05-19-20-18-43.096-AvastVBoxSVC.exe-7328.log [0]
O44 - LFC:[MD5.AEF9E1599AD86A76991BF7BCD9ECA2D1] - 19/05/2015 - 21:18:49 ---A- . (...) -- C:\Windows\System32\2015-05-19-20-18-49.013-aswFe.exe-7900.log [0]
~ Files: 192 Scanned in 01mn 13s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.ac3filter"="ac3filter.acm" . (...) -- C:\Windows\System32\ac3filter.acm
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\Windows\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ac3filter.acm"="AC3Filter ACM codec" . (...) -- C:\Windows\System32\ac3filter.acm
O52 - TDSD: \drivers.desc\"C:\Windows\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\iac25_32.ax
~ TDSD: 12 Scanned in 00mn 02s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Ad-Aware Browsing Protection [Key] . (.Lavasoft - Ad-Aware Browsing Protection and Anti-Phish.) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (...) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\BitComet [Key] . (...) -- C:\Program Files\BitComet\BitComet.exe (.not file.) =>P2P.BitComet
O53 - SMSR:HKLM\...\startupreg\CANAL+ CANALSAT A LA DEMANDE [Key] . (...) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CTSyncService [Key] . (.Creative Technology Ltd - License Sync Service (X-Fi MB).) -- C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (...) -- C:\Program Files\iTunes\iTunesHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\RunDLLEntry [Key] . (.Creative Technology Ltd. - AmbRun Endpoints Dynamic Link Library.) -- C:\Windows\system32\AmbRunE.dll
O53 - SMSR:HKLM\...\startupreg\UpdReg [Key] . (.Creative Technology Ltd. - Creative UpdReg.) -- C:\Windows\UpdReg.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (...) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O53 - SMSR:HKLM\...\startupreg\VolPanel [Key] . (.Creative Technology Ltd - VolPanlu.exe.) -- C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
~ SMSR Keys: 11 Scanned in 00mn 01s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 17 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:11/06/2010 - 13:37:04 ---A- . (.Windows (R) Win 7 DDK provider - ASRock App Charger Driver.) -- C:\Windows\System32\Drivers\AsrAppCharger.sys [13832]
O58 - SDL:22/11/2014 - 02:01:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:22/11/2014 - 02:01:33 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [70384]
O58 - SDL:22/11/2014 - 02:01:32 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [81768]
O58 - SDL:22/11/2014 - 02:01:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:22/11/2014 - 02:01:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [787800]
O58 - SDL:22/11/2014 - 02:01:33 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [422760]
O58 - SDL:22/11/2014 - 02:01:34 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [91496]
O58 - SDL:22/11/2014 - 02:01:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [206248] =>.ALWIL Software
O58 - SDL:13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:20/10/2011 - 14:19:16 ---A- . (.FNet Co., Ltd. - FNetTbos.sys.) -- C:\Windows\System32\Drivers\FNETTBOH_305.SYS [29248]
O58 - SDL:20/10/2011 - 14:14:36 ---A- . (.FNet Co., Ltd. - FNetUrPx.sys.) -- C:\Windows\System32\Drivers\FNETURPX.SYS [14656]
O58 - SDL:20/05/2013 - 09:03:08 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\Windows\System32\Drivers\gfibto.sys [13560]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:11/03/2011 - 06:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:18/01/2012 - 05:44:28 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\System32\Drivers\lvrs.sys [312096]
O58 - SDL:18/01/2012 - 05:44:52 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\System32\Drivers\lvuvc.sys [4332960]
O58 - SDL:04/04/2013 - 13:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:19/02/2013 - 20:32:54 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 307.83.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [10919200]
O58 - SDL:13/07/2009 - 23:02:52 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvm62x32.sys [347264]
O58 - SDL:12/08/2010 - 12:07:48 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvmf6232.sys [298216]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120]
O58 - SDL:11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744]
O58 - SDL:30/06/2009 - 10:32:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor32.sys [212000]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:15/08/2014 - 22:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:25/11/2009 - 14:02:46 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\viahduaa.sys [1108480]
O58 - SDL:14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 78 Scanned in 00mn 05s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/05/2015 - 22:25:49 ---A- . (...) -- C:\Users\user\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [90492]
O61 - LFC: 14/05/2015 - 22:26:15 ---A- . (...) -- C:\Users\user\AppData\Local\Temp\utt5D5F.tmp.bat [100]
O61 - LFC: 14/05/2015 - 22:26:33 ---A- . (.Adobe Systems Incorporated.) -- C:\Users\user\Downloads\flashplayer17_ha_install.exe [1124544]
O61 - LFC: 14/05/2015 - 22:26:33 ---A- . (.Nicolas Coolman.) -- C:\Users\user\Downloads\ZHPDiag2.exe [6881580] =>.Nicolas Coolman
O61 - LFC: 14/05/2015 - 22:26:33 ---A- . (.Oracle Corporation.) -- C:\Users\user\Downloads\jxpiinstall.exe [561248]
O61 - LFC: 19/05/2015 - 22:26:33 ---A- . (.Nicolas Coolman.) -- C:\Users\user\Downloads\ZHPDiag2(1).exe [6880230] =>.Nicolas Coolman
~ 43 Fichiers temporaires (Temporary files)
~ 64 Fichiers cookies (Cookies files)
~ Files: 6 Scanned in 00mn 52s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 11/06/2010 - C:\Windows\System32\DRIVERS\AsrAppCharger.sys (AsrAppCharger) .(.Windows (R) Win 7 DDK provider - ASRock App Charger Driver.) - LEGACY_ASRAPPCHARGER
O64 - Services: CurCS - 22/11/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 22/11/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 22/11/2014 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 22/11/2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 22/11/2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 22/11/2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 22/11/2014 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 22/11/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 20/10/2011 - C:\Windows\System32\drivers\FNETURPX.sys (FNETURPX) .(.FNet Co., Ltd. - FNetUrPx.sys.) - LEGACY_FNETURPX
O64 - Services: CurCS - 20/05/2013 - C:\Windows\System32\drivers\gfibto.sys (gfibto) .(.GFI Software - GFI Boot Time Operations Driver.) - LEGACY_GFIBTO
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\nvstor.sys (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 22/11/2014 - C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys (VBoxAswDrv) .(.Avast Software - VirtualBox Support Driver.) - LEGACY_VBOXASWDRV
~ Legacy: 106 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files\Comodo\Dragon\dragon.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files\Comodo\Dragon\dragon.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.) =>PUP.Torch
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {D9DF26D6-F252-45a0-B2D2-7B39132A5E13} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {B3DD2B37-7D52-496e-ACD0-8BEB8CF217E1} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {B3DD2B37-7D52-496e-ACD0-8BEB8CF217E1} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1973728]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
~ Services: 32 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.405EC7A4811E4251844C29C04B912F92] [SPRF][22/10/2011] (...) -- C:\ProgramData\NTUser.dat [262144]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
~ Files: 3 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.0D0FAC7915432E16F60DCBF9CE19D171] [WIS][14/04/2013] (.iMesh Inc. - iMesh.) -- C:\Windows\Installer\12e58b.msi [352256] =>PUP.iMesh
~ WIS: 1 Scanned in 00mn 05s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 14/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 20/10/2011 79360 | (Creative ALchemy AL6 Licensing Service) . (.Creative Labs.) - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
SS - | Demand 20/10/2011 79360 | (Creative Audio Engine Licensing Service) . (.Creative Labs.) - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
SS - | Demand 18/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 20/10/2011 79360 | (Sound Blaster X-Fi MB Licensing Service) . (.Creative Labs.) - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
SS - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 22/11/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 22/11/2014 3192344 | (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SR - | Auto 23/02/2009 307200 | (CTAudSvcService) . (.Creative Technology Ltd.) - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
SR - | Auto 21/05/2014 2135232 | (DragonUpdater) . (...) - C:\Program Files\Comodo\Dragon\dragon_updater.exe
SR - | Auto 31/01/2013 634656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 54s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by user at 19/05/2015 22:28:23
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ MBR: 9 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by user at 19/05/2015 22:28:25
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 3

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BitComet] =>P2P.BitComet^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.µTorrent^
[HKCU\Software\Softonic] =>PUP.Conduit
C:\Users\user\AppData\Roaming\BitComet =>P2P.BitComet^
C:\Users\user\AppData\Roaming\BitTorrent =>P2P.BitTorrent^
C:\Users\user\AppData\Roaming\uTorrent =>P2P.µTorrent^
[HKCU\Software\BitComet] =>P2P.BitComet^
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.) =>PUP.Torch^
C:\Windows\Installer\12e58b.msi =>PUP.iMesh^
~ Additionnel Scan: 232847 Items scanned in 01mn 58s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.Torch
http://nicolascoolman.fr/pup-imesh =>PUP.iMesh
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
~ MSI: 4 link(s) detected in 00mn 00s



End of the scan (1425 lines in 08mn 38s)(0.9)

Publicité


Signaler le contenu de ce document

Publicité