cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2015.6.16.57 - Nicolas Coolman (16/06/2015)
~ Launched by aBDELhAK (23/06/2015 05:03:27)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : http://www.forum.nicolascoolman.fr
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Activate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17843
MFIE: Mozilla Firefox 35.0.1
GCIE: Google Chrome v43.0.2357.130 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, VOLUME_MAK channel
~ Windows Partial Key : YVWC4
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)

---\\ System protection software
Kaspersky Internet Security v15.0.1.415
Malwarebytes Anti-Malware version 2.1.6.1022
Windows Defender W7 (Activate)

---\\ System optimization software

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 16 ActiveX
Adobe Reader XI

---\\ Information on the system
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2731 MB (8% free)
System Restore: Activé (Enable)
System drive C: has 223 GB (65%) free of 342 GB

---\\ Connection to the system mode
~ Computer Name: ABDELHAK-PC
~ User Name: aBDELhAK
~ All Users Names: Administrateur, aBDELhAK,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\aBDELhAK\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\aBDELhAK\AppData\Roaming\
~ %Desktop% : C:\Users\aBDELhAK\Desktop\
~ %Favorites% : C:\Users\aBDELhAK\Favorites\
~ %LocalAppData% : C:\Users\aBDELhAK\AppData\Local\
~ %StartMenu% : C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 223 Go of 342 Go)
D: Hard drive, Flash drive, Thumb drive (Free 181 Go of 590 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 05:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/05/2015 - 02:20:35.) -- C:\Windows\System32\wininet.dll [1950720]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 01:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 06:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 08:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 08:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 02:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 01:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/5
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 1/325
~ Mon Bureau (My Desktop) : 3/1185
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 00mn 06s



---\\ Process running
[MD5.7E212E742BF06BF678AE35E9C1B74B8F] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6212920] [PID.2616]
[MD5.A8FD8550DB68767204EE4616BBD4871A] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Settings\dmhkcore.exe [1087056] [PID.3244]
[MD5.3F0A99ED4F39B0387F8F27782F1EB933] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [199152] [PID.4080]
[MD5.CB273E2EEDB61044B40309E5BEFE0FAA] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576] [PID.5664]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.5508]
[MD5.3D2496BCA132B08D9B23856D65F30513] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe [193128] [PID.5020]
[MD5.B2B2243531E4A7E3D8064EE3F5E9F651] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [1943336] [PID.4832]
[MD5.0DDE5237E9892A6CDD508221C9604172] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [181232] [PID.4508]
[MD5.27F14C16E20E063F3D1BA2E7ED0BA764] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [189936] [PID.3800]
[MD5.D9E8723CC486A22E224450D8E72CB982] - (.Intel Corporation - Bluetooth Media Player Controller.) -- C:\Program Files\Intel\Bluetooth\BTPlayerCtrl.exe [985424] [PID.5412]
[MD5.6189C8A4DD0C54A28429CAF3F101908C] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3886672] [PID.5504]
[MD5.6EBAD8F37C11E280722657A49584402E] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [1602344] [PID.4388]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.6024]
[MD5.789374E7F582667D8D2C43A548FD80BF] - (...) -- C:\Program Files\Rainmeter\Rainmeter.exe [36032] [PID.5640]
[MD5.98FA788238E71D9563D4BF177A4FC22C] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [813896] [PID.2936]
[MD5.338B3A65F24FD9728C289A626246A0E0] - (.Kaspersky Lab ZAO - Kaspersky Native Messaging Server for plugi.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\plugin-nm-server.exe [827688] [PID.6920]
[MD5.E7B58CE9BD61BF575E2880088F4E5447] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8218112] [PID.7680]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Google Chrome Extension Folder
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [__MSG_appName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [__MSG_extName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbaffjopmgmcijlkoafmgnaiciogpdel [Shield For Chrome ]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [__MSG_ExtensionName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [__MSG_appName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop [Facebook Unseen]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [IDM Integration Module]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapandologlbgjondeamljhnlodccikh [Flutter]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkakdehcmmnojcdalpkfgmhphnicaonm [Extension Defender]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [Download Master]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk [__MSG_title__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [Save to Pocket]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlldbplhbaopldicmcoogopmkonpebjm [__MSG_extName__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [__MSG_ext_name__]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\oakhnpcgdembaopakdnfkejfcaeipeik [Mata]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [Send from Gmail (by Google)]
G2 - EXT: C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
~ Google Lines Browser: 46 Scanned in 00mn 00s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Lync.) -- C:\Program Files\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 12.1.5.155.) -- C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.25.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.25.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.25.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/Lync,version=15.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Lync.) -- C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Share.) -- C:\Program Files\Microsoft Office\Office15\NPSPWRAP.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) -- C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
~ Firefox Browser: 29 Scanned in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 10 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office15\URLREDIR.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft SkyDrive Pro Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.dll =>.Microsoft Corporation
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: Safe Money Plugin - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} . (.Kaspersky Lab ZAO - Cumulative module contains VK, CB and OB pl.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
~ BHO: 18 Scanned in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\QuickLaunch [aBDELhAK]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\aBDELhAK\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 04s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files\Intel\Bluetooth\btmshell.dll
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KeyLemon LemonScreen] . (.KeyLemon - Locks the session with face recognition.) -- C:\Program Files\KeyLemon\KLLockEngine.exe
O4 - HKLM\..\Run: [KeyLemon Updater] . (.KeyLemon - KeyLemon Updater.) -- C:\Program Files\KeyLemon\KLUpdater.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\aBDELhAK\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\.DEFAULT\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-18\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-625421500-1447043760-960492028-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-625421500-1447043760-960492028-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-625421500-1447043760-960492028-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\aBDELhAK\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-625421500-1447043760-960492028-1000\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
~ Application: Scanned in 00mn 00s



---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Virtual Keyboard - {09A10376-994C-4BBF-9121-F50CF7BA237E} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kbrd.ico
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office15\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Site in Trusted Zone (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.hola.org
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{209A40AE-1C00-48BB-BDF5-4F91589520CD}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5068E53-52FA-4FDA-AEB7-7FB84963878B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{209A40AE-1C00-48BB-BDF5-4F91589520CD}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{C5068E53-52FA-4FDA-AEB7-7FB84963878B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{209A40AE-1C00-48BB-BDF5-4F91589520CD}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{C5068E53-52FA-4FDA-AEB7-7FB84963878B}: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Arp Intelligent Protection Service (AIPS) . (.Arcai.com - Arp Intelligent Protection Service.) - D:\netcut\services\AIPS.exe
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) . (.Intel Corporation - Intel® Centrino® Bluetooth 3.0 + High Speed.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Autodesk Content Service (Autodesk Content Service) . (.No owner - Service.) - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.1 (AVP15.0.1) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
O23 - Service: Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Intel Corporation - Bluetooth Device Monitor.) - C:\Program Files\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Intel Corporation - Bluetooth OBEX Service.) - C:\Program Files\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed (BTHSSecurityMgr) . (.Intel(R) Corporation - Intel(R) BlueTooth(R) HS Security Manager S.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Service KMSELDI (Service KMSELDI) . (.No owner - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc
~ Services: 21 Scanned in 00mn 10s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Task Planned Automatically (039)
[MD5.4E48A7DF7ECACB38C686B2BEBAA687A3] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.E265333FED70984757A2506DE17CF381] [APT] [AdobeAAMUpdater-1.0-aBDELhAK-PC-aBDELhAK] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768]
[MD5.A1BA1862ED87D09DDCD36F878392CA47] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [3153408] =>Hacktool.AutoKMS
[MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] =>PUA.KMSpico
[MD5.2BA712058D3C7D273CA4DCA470EA20D3] [APT] [Driver Booster Scan] (.IObit.) -- C:\Program Files\IObit\Driver Booster\Scheduler.exe [67904]
[MD5.92EEBEF2AB77D512D41AA8EC0077FAE0] [APT] [Driver Booster SkipUAC (aBDELhAK)] (.IObit.) -- C:\Program Files\IObit\Driver Booster\DriverBooster.exe [4363072]
[MD5.AD613DE74A1A3DF1082EF684407155A0] [APT] [Driver Booster Update] (.IObit.) -- C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [1439040]
[MD5.A8FD8550DB68767204EE4616BBD4871A] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Settings\dmhkcore.exe [1087056]
[MD5.F172AD4E906D97ED8F071896FC6789DC] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.F172AD4E906D97ED8F071896FC6789DC] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.98FA788238E71D9563D4BF177A4FC22C] [APT] [{17F04727-F334-419F-980D-09AC877AF409}] (.Google Inc..) -- c:\program files\google\chrome\application\chrome.exe [813896]
[MD5.1CEA2C2C9658D84A8E5E1207E1780E8C] [APT] [{5D86220F-D465-432F-A10A-09AA2A529947}] (.Arcai.com.) -- C:\Program Files\netcut\netcut.exe [897024]
[MD5.1CEA2C2C9658D84A8E5E1207E1780E8C] [APT] [{DE3EA001-D6A6-4187-BAA4-D38E9EA3B036}] (.Arcai.com.) -- C:\Program Files\netcut\netcut.exe [897024]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1054]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1058]
~ Scheduled Task: 19 Scanned in 00mn 06s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_16_0_0_235.ocx
~ Active Setup: 12 Scanned in 00mn 00s



---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (HWiNFO32) . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) - C:\Windows\system32\drivers\HWiNFO32.sys
O41 - Driver: (klhk) . (.Kaspersky Lab ZAO - KLHK [fre_wlh_x86].) - C:\Windows\System32\DRIVERS\klhk.sys
O41 - Driver: (KLIF) . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x86].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver: (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys
O41 - Driver: (klpd) . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x86].) - C:\Windows\System32\DRIVERS\klpd.sys
O41 - Driver: (kltdi) . (.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) - C:\Windows\System32\DRIVERS\kltdi.sys
O41 - Driver: (Klwtp) . (.Kaspersky Lab ZAO - Network filtering component.) - C:\Windows\System32\DRIVERS\klwtp.sys
O41 - Driver: (kneps) . (.Kaspersky Lab ZAO - KNEPS Power [fre_wxp_x86].) - C:\Windows\System32\DRIVERS\kneps.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\Windows\system32\Drivers\SABI.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 93 Scanned in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}
O42 - Logiciel: Adobe After Effects CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B5FCBF46-D2DA-455C-8AB1-148181AEBA14}
O42 - Logiciel: Adobe After Effects CS4 Presets - (.Adobe Systems Incorporated.) [HKLM] -- {44E240EC-2224-4078-A88B-2CEE0D3016EF}
O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {1618734A-3957-4ADD-8199-F973763109A8}
O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {83877DB1-8B77-45BC-AB43-2BAC22E093E0} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {94D398EB-D2FD-4FD1-B8C4-592635E8A191}
O42 - Logiciel: Adobe CS4 American English Speech Analysis Models - (.Adobe Systems Incorporated.) [HKLM] -- {297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
O42 - Logiciel: Adobe Color Video Profiles AE CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B15381DD-FF97-4FCD-A881-ED4DB0975500}
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {C52E3EC1-048C-45E1-8D53-10B0C6509683}
O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {67F0E67A-8E93-4C2C-B29D-47C48262738A} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Dynamiclink Support - (.Adobe Systems Incorporated.) [HKLM] -- {60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
O42 - Logiciel: Adobe Encore CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {5EAD5443-7194-46CC-A055-428E6ABB1BAF}
O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F8EF2B3F-C345-4F20-8FE4-791A20333CD5} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {054EFA56-2AC1-48F4-A883-0AB89874B972}
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
O42 - Logiciel: Adobe Media Encoder CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
O42 - Logiciel: Adobe Media Encoder CS4 Additional Exporter - (.Adobe Systems Incorporated.) [HKLM] -- {BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
O42 - Logiciel: Adobe Media Encoder CS4 Dolby - (.Adobe Systems Incorporated.) [HKLM] -- {EE353798-E875-42E0-B58D-7E6696182EA8}
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM] -- {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
O42 - Logiciel: Adobe MotionPicture Color Files CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
O42 - Logiciel: Adobe OnLocation CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {7406DF60-016D-476B-A2C7-55D997592047}
O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM] -- {BB4E33EC-8181-4685-96F7-8554293DEC6A}
O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F93C84A6-0DC6-42AF-89FA-776F7C377353}
O42 - Logiciel: Adobe Photoshop CC 2014 (32 Bit) - (.Adobe Systems Incorporated.) [HKLM] -- {7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}
O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {E528A747-DC66-4FD4-AB53-110D024561CC}
O42 - Logiciel: Adobe Premiere Pro CS4 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {9EA5CC76-8B4D-407B-87F4-DB052978D8A7}
O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {05308C4E-7285-4066-BAE3-6B50DA6ED755}
O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: AutoCAD 2012 - English - (.Autodesk.) [HKLM] -- AutoCAD 2012 - English
O42 - Logiciel: AutoCAD 2012 - English - (.Autodesk.) [HKLM] -- {5783F2D7-A001-0409-0002-0060B0CE6BBA}
O42 - Logiciel: Autodesk Content Service - (.Autodesk.) [HKLM] -- {086F9A69-CD39-4893-A9FB-D3A0634CE3F7}
O42 - Logiciel: Autodesk Inventor Fusion 2012 - (.Autodesk, Inc..) [HKLM] -- Autodesk Inventor Fusion 2012
O42 - Logiciel: Autodesk Inventor Fusion 2012 - (.Autodesk, Inc..) [HKLM] -- {FFF5619F-6669-4EC5-A85E-9994F70A9E5D}
O42 - Logiciel: Autodesk Inventor Fusion 2012 Language Pack - (.Autodesk, Inc..) [HKLM] -- {FFF7F80F-929E-497F-A112-B070DE816128}
O42 - Logiciel: Autodesk Inventor Fusion plug-in for AutoCAD 2012 - (.Autodesk.) [HKLM] -- Autodesk Inventor Fusion plug-in for AutoCAD 2012
O42 - Logiciel: Autodesk Inventor Fusion plug-in for AutoCAD 2012 - (.Autodesk.) [HKLM] -- {EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}
O42 - Logiciel: Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 - (.Autodesk.) [HKLM] -- {E552C39C-C70E-464F-9733-8311331BDD90}
O42 - Logiciel: Autodesk Material Library 2012 - (.Autodesk.) [HKLM] -- {8F0837C2-EE09-4903-88F3-1976FE7FFF4E}
O42 - Logiciel: Autodesk Material Library Base Resolution Image Library 2012 - (.Autodesk.) [HKLM] -- {65420DC9-306E-4371-905F-F4DC3B418E52}
O42 - Logiciel: Cheat Engine 6.3 - (.Cheat Engine.) [HKLM] -- Cheat Engine 6.3_is1
O42 - Logiciel: Counter-Strike version 1.6 - (...) [HKLM] -- Counter-Strike_is1
O42 - Logiciel: CrystalDiskMark 3.0.3b - (.Crystal Dew World.) [HKLM] -- CrystalDiskMark_is1
O42 - Logiciel: Dev-C++ 5 beta 9 release (4.9.9.2) - (...) [HKLM] -- Dev-C++
O42 - Logiciel: Dofus - (.Ankama.) [HKCU] -- 2744A393-554C-4E35-A24F-DEF0392B4484-2
O42 - Logiciel: Driver Booster 2.2 - (.IObit.) [HKLM] -- Driver Booster_is1
O42 - Logiciel: ETDWare PS/2-X86 10.0.7.2_WHQL - (.ELAN Microelectronic Corp..) [HKLM] -- Elantech
O42 - Logiciel: Easy Settings - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy Software Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {DE256D8B-D971-456D-BC02-CB64DA24F115}
O42 - Logiciel: Euro Truck Simulator 2 - (.SCS Software.) [HKLM] -- {1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1
O42 - Logiciel: FARO LS 1.1.406.58 - (.FARO Scanner Production.) [HKLM] -- {951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Half-Life - (.KingSOFT DVD.) [HKLM] -- Half-Life_is1
O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM] -- {31B12C11-AE4E-479F-8D6D-242DC265368D}
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM] -- ProInst
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed - (.Intel Corporation.) [HKLM] -- {A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0}
O42 - Logiciel: KMPlayer (remove only) - (.PandoraTV.) [HKLM] -- The KMPlayer
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM] -- KMSpico_is1 =>PUA.KMSpico
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM] -- {8ED07EBD-22AD-415A-B71E-C1AD86862C2E}
O42 - Logiciel: KeyLemon - (.KeyLemon Solutions S.A..) [HKLM] -- KeyLemon
O42 - Logiciel: MP3 Voice Recorder 1.1 - (.prvsoft.com.) [HKLM] -- MP3 Voice Recorder_is1
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0117-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NetCut 2.1.4 - (.arcai.com.) [HKLM] -- NetCut_is1
O42 - Logiciel: PC Remote - (.PC Remote.) [HKLM] -- {C934DF74-D0D9-445C-90AA-34012A04E11D}
O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM] -- {CC75AB5C-2110-4A7F-AF52-708680D22FE8}
O42 - Logiciel: Pixel Bender Toolkit - (.Adobe Systems Incorporated.) [HKLM] -- {43509E18-076E-40FE-AF38-CA5ED400A5A9}
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO
O42 - Logiciel: Premiere Pro CS4 and After Effects CS4, 32-bit support for CS5 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_1b5a11fde44351ae0f4c7fd0e4daadc
O42 - Logiciel: Premiere Pro CS4 and After Effects CS4, 32-bit support for CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {D45B21D2-1ABA-46C4-A226-722DC28EAAC4}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
O42 - Logiciel: ROX Player version 1.480 - (...) [HKLM] -- ROX Player_is1
O42 - Logiciel: Rainmeter - (...) [HKLM] -- Rainmeter
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1
O42 - Logiciel: Skype™ 7.0 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Snagit 11 - (.TechSmith Corporation.) [HKLM] -- {A56C6348-59D0-433B-A48A-75914858664E}
O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {842B4B72-9E8F-4962-B3C1-1C422A5C4434}
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM] -- VMware_Workstation =>.VMware, Inc
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6} =>.VMware, Inc
O42 - Logiciel: Vista Shortcut Manager - (.Frameworkx.) [HKLM] -- {47609E69-4C5E-48B1-A889-24C6B82B5C04}
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst
O42 - Logiciel: WinRAR 5.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: WinSCP 5.5.6 - (.Martin Prikryl.) [HKLM] -- winscp3_is1
O42 - Logiciel: recALL version 15.01 - (...) [HKLM] -- recALL_is1
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249}
O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65}
O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM] -- {197597A7-AD33-4898-9D8E-73066818B464}
O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}
O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}
O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM] -- {FFD9383C-01D5-4897-A954-43AF599AED30}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 56 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Ankama]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\ThinPrint]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Arcai.com]
[HKCU\Software\Autodesk, Inc.]
[HKCU\Software\Autodesk]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Caphyon]
[HKCU\Software\Cheat Engine]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\Earth Resource Mapping]
[HKCU\Software\Elantech]
[HKCU\Software\Google]
[HKCU\Software\HitLeap]
[HKCU\Software\Hola]
[HKCU\Software\IM Providers]
[HKCU\Software\ImgBurn]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KMPlayer]
[HKCU\Software\KasperskyLab]
[HKCU\Software\KeyLemon]
[HKCU\Software\Macromedia]
[HKCU\Software\Martin Prikryl]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PC Remote]
[HKCU\Software\Policies]
[HKCU\Software\PowerISO]
[HKCU\Software\Realtek]
[HKCU\Software\RocketDock]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\TeamViewer]
[HKCU\Software\TechSmith]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VMware, Inc.]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Xenocode]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Arcai]
[HKLM\Software\Autodesk]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\Hola]
[HKLM\Software\IM Providers]
[HKLM\Software\IObit]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KMPlayer]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Kaydara]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Martin Prikryl]
[HKLM\Software\Minnetonka Audio Software]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SCS Software]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\Skype]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\TechSmith]
[HKLM\Software\ThinPrint]
[HKLM\Software\VMware, Inc.]
[HKLM\Software\VideoLAN]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinPcap]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
~ Key Software: 301 Scanned in 00mn 01s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 28/12/2014 - 21:47:02 - [] ----D C:\Program Files\Adobe
O43 - CFD: 28/12/2014 - 21:40:49 - [] ----D C:\Program Files\Adobe Media Player
O43 - CFD: 03/02/2015 - 13:26:38 - [] ----D C:\Program Files\Ahead
O43 - CFD: 29/12/2014 - 06:15:22 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 01/04/2015 - 19:55:21 - [] ----D C:\Program Files\Autodesk
O43 - CFD: 29/01/2015 - 01:07:41 - [] ----D C:\Program Files\Cheat Engine 6.3
O43 - CFD: 01/04/2015 - 19:39:52 - [] ----D C:\Program Files\Common Files
O43 - CFD: 22/12/2014 - 18:40:24 - [] ----D C:\Program Files\CrystalDiskMark
O43 - CFD: 23/12/2014 - 07:26:11 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 21/12/2014 - 20:15:53 - [] ----D C:\Program Files\Elantech
O43 - CFD: 03/04/2015 - 13:57:44 - [] ----D C:\Program Files\Euro Truck Simulator 2
O43 - CFD: 21/12/2014 - 20:03:51 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 21/12/2014 - 22:45:01 - [] ----D C:\Program Files\Frameworkx
O43 - CFD: 21/12/2014 - 20:53:57 - [] ----D C:\Program Files\Google
O43 - CFD: 23/01/2015 - 03:50:12 - [] ----D C:\Program Files\HitLeap
O43 - CFD: 18/02/2015 - 16:23:59 - [] ----D C:\Program Files\Hola
O43 - CFD: 21/12/2014 - 21:03:01 - [] ----D C:\Program Files\ImgBurn
O43 - CFD: 21/12/2014 - 20:17:39 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/12/2014 - 01:09:06 - [] ----D C:\Program Files\Intel
O43 - CFD: 21/12/2014 - 21:03:35 - [] ----D C:\Program Files\Internet Download Manager
O43 - CFD: 11/06/2015 - 02:31:00 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 23/12/2014 - 00:49:42 - [] ----D C:\Program Files\IObit
O43 - CFD: 21/12/2014 - 21:00:50 - [] ----D C:\Program Files\Java
O43 - CFD: 21/12/2014 - 22:17:44 - [] ----D C:\Program Files\Kaspersky Lab
O43 - CFD: 07/04/2015 - 21:41:44 - [] ----D C:\Program Files\KeyLemon
O43 - CFD: 15/01/2015 - 22:58:54 - [] ----D C:\Program Files\KMSpico =>PUA.KMSpico
O43 - CFD: 23/04/2015 - 10:19:04 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 24/12/2014 - 00:57:00 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 24/12/2014 - 00:59:07 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 21/12/2014 - 21:41:50 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 24/12/2014 - 00:59:43 - [] ----D C:\Program Files\Microsoft SQL Server
O43 - CFD: 24/12/2014 - 00:59:43 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 29/01/2015 - 01:17:07 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 29/01/2015 - 01:17:04 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 28/03/2015 - 23:16:29 - [] ----D C:\Program Files\MP3 Voice Recorder
O43 - CFD: 14/07/2009 - 04:52:30 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 08/03/2015 - 02:08:04 - [] ----D C:\Program Files\netcut
O43 - CFD: 11/06/2015 - 12:57:26 - [] ----D C:\Program Files\PC Remote
O43 - CFD: 24/12/2014 - 00:46:13 - [] ----D C:\Program Files\PowerISO
O43 - CFD: 29/12/2014 - 06:17:43 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 08/04/2015 - 16:18:38 - [] ----D C:\Program Files\Rainmeter
O43 - CFD: 21/12/2014 - 20:11:52 - [] ----D C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 04:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 08/04/2015 - 16:23:00 - [] ----D C:\Program Files\RocketDock
O43 - CFD: 21/12/2014 - 20:17:39 - [] ----D C:\Program Files\Samsung
O43 - CFD: 21/12/2014 - 21:18:41 - [] R---D C:\Program Files\Skype
O43 - CFD: 07/04/2015 - 22:06:45 - [] ----D C:\Program Files\TeamViewer
O43 - CFD: 20/01/2015 - 14:06:33 - [] ----D C:\Program Files\TechSmith
O43 - CFD: 21/12/2014 - 20:11:26 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 14/07/2009 - 04:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 09/03/2015 - 17:02:07 - [] ----D C:\Program Files\Valve
O43 - CFD: 21/12/2014 - 21:17:12 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 25/12/2014 - 13:13:10 - [] ----D C:\Program Files\VMware
O43 - CFD: 24/12/2014 - 04:19:15 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 17/05/2015 - 02:01:26 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 23/12/2014 - 07:26:11 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 11/06/2015 - 02:30:58 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 21/12/2014 - 20:03:51 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 23/12/2014 - 07:26:10 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 23/12/2014 - 07:26:10 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 23/12/2014 - 07:26:11 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 31/03/2015 - 18:08:06 - [] ----D C:\Program Files\WinPcap
O43 - CFD: 21/12/2014 - 21:02:47 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 21/12/2014 - 21:05:39 - [] ----D C:\Program Files\WinSCP
O43 - CFD: 28/12/2014 - 17:08:13 - [0] ----D C:\Program Files\Xenocode
O43 - CFD: 23/06/2015 - 05:01:52 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 28/12/2014 - 21:44:40 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 21/12/2014 - 20:58:24 - [] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 03/02/2015 - 13:15:25 - [] ----D C:\Program Files\Common Files\Ahead
O43 - CFD: 29/12/2014 - 06:15:41 - [] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 01/04/2015 - 19:56:06 - [] ----D C:\Program Files\Common Files\Autodesk Shared
O43 - CFD: 24/12/2014 - 00:59:56 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 21/12/2014 - 20:10:26 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 21/12/2014 - 20:10:14 - [] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 21/12/2014 - 21:01:13 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 28/12/2014 - 21:34:15 - [] ----D C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 25/12/2014 - 13:12:26 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 21/12/2014 - 20:08:26 - [] ----D C:\Program Files\Common Files\postureAgent
O43 - CFD: 28/12/2014 - 21:45:58 - [] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 02:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 21/12/2014 - 21:18:41 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - 02:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 24/12/2014 - 07:08:31 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 25/12/2014 - 13:14:27 - [] ----D C:\Program Files\Common Files\VMware
O43 - CFD: 28/12/2014 - 22:35:37 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 31/05/2015 - 09:27:18 - [0] ----D C:\ProgramData\APN
O43 - CFD: 29/12/2014 - 06:15:21 - [] ----D C:\ProgramData\Apple
O43 - CFD: 29/12/2014 - 06:16:49 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 16/04/2015 - 18:01:24 - [] ----D C:\ProgramData\Autodesk
O43 - CFD: 21/12/2014 - 20:03:51 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 21/12/2014 - 20:03:51 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 16/04/2015 - 17:35:40 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 21/12/2014 - 21:02:11 - [0] ----D C:\ProgramData\IDM
O43 - CFD: 23/12/2014 - 00:49:55 - [] ----D C:\ProgramData\IObit
O43 - CFD: 23/06/2015 - 04:25:00 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 07/04/2015 - 21:44:17 - [] ----D C:\ProgramData\KeyLemon
O43 - CFD: 21/12/2014 - 22:10:24 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 21/12/2014 - 20:03:51 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 20/01/2015 - 13:48:21 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 24/12/2014 - 01:07:22 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 24/12/2014 - 01:20:28 - [] ----D C:\ProgramData\Microsoft Toolkit
O43 - CFD: 21/12/2014 - 20:03:51 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 29/01/2015 - 01:17:03 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 03/02/2015 - 13:12:01 - [] ----D C:\ProgramData\Nero
O43 - CFD: 21/12/2014 - 21:00:55 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 07/04/2015 - 21:39:03 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 27/03/2015 - 00:07:56 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 28/12/2014 - 17:13:53 - [] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 24/12/2014 - 00:59:31 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 20/01/2015 - 14:06:44 - [] ----D C:\ProgramData\regid.1995-08.com.techsmith
O43 - CFD: 23/06/2015 - 03:52:22 - [] ----D C:\ProgramData\RogueKiller
O43 - CFD: 01/01/2015 - 02:00:22 - [] ----D C:\ProgramData\Samsung
O43 - CFD: 20/02/2015 - 03:52:44 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 21/12/2014 - 21:01:14 - [] ----D C:\ProgramData\Sun
O43 - CFD: 20/01/2015 - 14:06:37 - [] ----D C:\ProgramData\TechSmith
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 23/06/2015 - 04:23:37 - [] ----D C:\ProgramData\VMware
O43 - CFD: 23/12/2014 - 01:09:38 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 21/12/2014 - 18:57:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 28/12/2014 - 21:40:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 31/03/2015 - 18:07:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
O43 - CFD: 01/04/2015 - 19:56:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
O43 - CFD: 24/12/2014 - 00:52:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
O43 - CFD: 29/01/2015 - 01:07:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
O43 - CFD: 21/06/2015 - 19:35:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
O43 - CFD: 22/12/2014 - 18:40:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark
O43 - CFD: 27/03/2015 - 00:06:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
O43 - CFD: 03/04/2015 - 13:57:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
O43 - CFD: 14/07/2009 - 09:02:05 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 21/12/2014 - 20:54:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 21/12/2014 - 21:03:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
O43 - CFD: 21/12/2014 - 21:02:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 21/12/2014 - 21:01:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 21/12/2014 - 22:18:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
O43 - CFD: 27/12/2014 - 00:17:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\keit.co
O43 - CFD: 07/04/2015 - 21:41:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyLemon
O43 - CFD: 15/01/2015 - 22:56:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 14/07/2009 - 04:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 23/04/2015 - 10:19:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 25/12/2014 - 13:37:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 21/12/2014 - 21:42:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 28/03/2015 - 23:16:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Voice Recorder
O43 - CFD: 24/12/2014 - 00:46:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 29/12/2014 - 06:17:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 08/04/2015 - 16:23:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
O43 - CFD: 10/01/2015 - 23:58:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROX Player
O43 - CFD: 21/12/2014 - 20:17:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 22/12/2014 - 19:47:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 15/06/2015 - 18:18:17 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 14/07/2009 - 09:00:41 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 20/01/2015 - 14:06:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
O43 - CFD: 09/03/2015 - 17:04:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
O43 - CFD: 21/12/2014 - 21:17:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 25/12/2014 - 13:14:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 31/03/2015 - 18:08:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 21/12/2014 - 21:02:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 23/06/2015 - 05:01:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 14/03/2015 - 01:38:15 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\.ACEStream
O43 - CFD: 28/12/2014 - 22:29:48 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Adobe
O43 - CFD: 15/02/2015 - 16:19:28 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\AnkamaCertificates
O43 - CFD: 15/02/2015 - 16:18:56 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\app
O43 - CFD: 29/12/2014 - 09:23:58 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Apple Computer
O43 - CFD: 16/04/2015 - 18:01:24 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Autodesk
O43 - CFD: 24/12/2014 - 01:17:47 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Dev-Cpp
O43 - CFD: 22/06/2015 - 23:42:10 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\DMCache
O43 - CFD: 20/06/2015 - 14:09:14 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Dofus
O43 - CFD: 10/02/2015 - 15:36:42 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\EurekaLab s.a.s
O43 - CFD: 21/12/2014 - 20:04:12 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Identities
O43 - CFD: 01/03/2015 - 14:49:51 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\IDM
O43 - CFD: 03/02/2015 - 14:02:38 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\ImgBurn
O43 - CFD: 21/12/2014 - 20:08:43 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\InstallShield
O43 - CFD: 23/12/2014 - 00:49:49 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\IObit
O43 - CFD: 27/12/2014 - 00:17:45 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\keit.co
O43 - CFD: 21/12/2014 - 20:23:50 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 09:00:41 - [0] ----D C:\Users\aBDELhAK\AppData\Roaming\Media Center Programs
O43 - CFD: 06/06/2015 - 02:16:01 - [] -S--D C:\Users\aBDELhAK\AppData\Roaming\Microsoft
O43 - CFD: 29/01/2015 - 01:17:17 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Mozilla
O43 - CFD: 03/02/2015 - 12:54:38 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Nero
O43 - CFD: 11/06/2015 - 12:57:41 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\PC Remote
O43 - CFD: 28/01/2015 - 15:31:30 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\PDAppFlex
O43 - CFD: 24/12/2014 - 00:48:19 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\PowerISO
O43 - CFD: 08/04/2015 - 16:19:51 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Rainmeter
O43 - CFD: 15/02/2015 - 16:18:56 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Reg
O43 - CFD: 10/01/2015 - 23:58:28 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\RoxTemp
O43 - CFD: 22/06/2015 - 23:38:11 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Skype
O43 - CFD: 22/12/2014 - 19:24:14 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\TeamViewer
O43 - CFD: 23/06/2015 - 04:25:11 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 06/05/2015 - 12:56:22 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\vlc
O43 - CFD: 17/05/2015 - 20:38:43 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\VMware
O43 - CFD: 21/12/2014 - 21:02:59 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\WinRAR
O43 - CFD: 23/06/2015 - 05:04:10 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 20/06/2015 - 02:00:03 - [] ----D C:\Users\aBDELhAK\AppData\Local\Adobe
O43 - CFD: 03/02/2015 - 13:22:29 - [] ----D C:\Users\aBDELhAK\AppData\Local\Ahead
O43 - CFD: 15/02/2015 - 14:54:27 - [] ----D C:\Users\aBDELhAK\AppData\Local\Ankama
O43 - CFD: 29/12/2014 - 06:15:27 - [] ----D C:\Users\aBDELhAK\AppData\Local\Apple
O43 - CFD: 21/12/2014 - 20:04:00 - [] -SH-D C:\Users\aBDELhAK\AppData\Local\Application Data
O43 - CFD: 21/12/2014 - 20:51:47 - [] ----D C:\Users\aBDELhAK\AppData\Local\Apps
O43 - CFD: 20/01/2015 - 14:09:47 - [] ----D C:\Users\aBDELhAK\AppData\Local\assembly
O43 - CFD: 01/04/2015 - 19:45:57 - [] ----D C:\Users\aBDELhAK\AppData\Local\Autodesk
O43 - CFD: 16/04/2015 - 18:01:37 - [] ----D C:\Users\aBDELhAK\AppData\Local\cache
O43 - CFD: 23/06/2015 - 04:25:03 - [] ----D C:\Users\aBDELhAK\AppData\Local\CrashDumps
O43 - CFD: 22/12/2014 - 18:40:56 - [] ----D C:\Users\aBDELhAK\AppData\Local\CrystalDiskMark
O43 - CFD: 21/12/2014 - 20:51:59 - [0] ----D C:\Users\aBDELhAK\AppData\Local\Deployment
O43 - CFD: 20/06/2015 - 06:39:16 - [0] ----D C:\Users\aBDELhAK\AppData\Local\Diagnostics
O43 - CFD: 24/01/2015 - 06:33:10 - [0] ----D C:\Users\aBDELhAK\AppData\Local\ElevatedDiagnostics
O43 - CFD: 16/04/2015 - 21:05:57 - [] -SH-D C:\Users\aBDELhAK\AppData\Local\EmieBrowserModeList
O43 - CFD: 16/04/2015 - 21:05:57 - [] -SH-D C:\Users\aBDELhAK\AppData\Local\EmieSiteList
O43 - CFD: 16/04/2015 - 21:05:57 - [] -SH-D C:\Users\aBDELhAK\AppData\Local\EmieUserList
O43 - CFD: 21/12/2014 - 22:45:36 - [] ----D C:\Users\aBDELhAK\AppData\Local\Frameworkx.com
O43 - CFD: 21/12/2014 - 20:54:06 - [] ----D C:\Users\aBDELhAK\AppData\Local\Google
O43 - CFD: 02/06/2015 - 14:44:42 - [] ----D C:\Users\aBDELhAK\AppData\Local\GWX
O43 - CFD: 21/12/2014 - 20:04:00 - [] -SH-D C:\Users\aBDELhAK\AppData\Local\Historique
O43 - CFD: 27/05/2015 - 20:28:29 - [] ----D C:\Users\aBDELhAK\AppData\Local\KeyLemon
O43 - CFD: 20/01/2015 - 15:13:21 - [] ----D C:\Users\aBDELhAK\AppData\Local\Microsoft
O43 - CFD: 05/02/2015 - 20:18:55 - [] ----D C:\Users\aBDELhAK\AppData\Local\Microsoft Help
O43 - CFD: 29/01/2015 - 01:17:17 - [] ----D C:\Users\aBDELhAK\AppData\Local\Mozilla
O43 - CFD: 21/12/2014 - 21:05:36 - [] ----D C:\Users\aBDELhAK\AppData\Local\Programs
O43 - CFD: 23/04/2015 - 20:23:25 - [] ----D C:\Users\aBDELhAK\AppData\Local\ROX Player
O43 - CFD: 21/12/2014 - 22:43:27 - [] ----D C:\Users\aBDELhAK\AppData\Local\Skype
O43 - CFD: 20/01/2015 - 14:06:33 - [] ----D C:\Users\aBDELhAK\AppData\Local\TechSmith
O43 - CFD: 23/06/2015 - 05:03:15 - [] ----D C:\Users\aBDELhAK\AppData\Local\Temp
O43 - CFD: 21/12/2014 - 20:04:00 - [] -SH-D C:\Users\aBDELhAK\AppData\Local\Temporary Internet Files
O43 - CFD: 28/12/2014 - 17:02:02 - [] ----D C:\Users\aBDELhAK\AppData\Local\VirtualStore
O43 - CFD: 17/05/2015 - 20:41:17 - [] ----D C:\Users\aBDELhAK\AppData\Local\VMware
O43 - CFD: 14/07/2009 - 04:42:04 - [] R---D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/03/2015 - 01:47:54 - [] R---D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/12/2014 - 22:45:02 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Frameworkx
O43 - CFD: 19/06/2015 - 18:00:05 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 21/12/2014 - 21:02:07 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 14/07/2009 - 04:37:42 - [] R---D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/12/2014 - 13:37:59 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 03/02/2015 - 13:16:30 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 11/06/2015 - 12:57:27 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
O43 - CFD: 08/04/2015 - 16:18:38 - [] R---D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 21/12/2014 - 21:23:48 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 21/12/2014 - 21:02:47 - [] ----D C:\Users\aBDELhAK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 241 Scanned in 00mn 05s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.58788565442368B0615DDAF1D452B843] - 10/06/2015 - 03:06:52 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll [530432]
O44 - LFC:[MD5.9412097ABD7E3D11988D6A892096ECD8] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [3072]
O44 - LFC:[MD5.2805BDA6C65C5F6F80F6CBE8652BF839] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [3072]
O44 - LFC:[MD5.A3C654B4E49FBBE37F734DE16E36BEBF] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [3072]
O44 - LFC:[MD5.263285CEC5ECE29DE881086BE7A0B901] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [3072]
O44 - LFC:[MD5.7A296AC7320B57AD5FCF6F649F8A246F] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [3072]
O44 - LFC:[MD5.814E1903DC98072E5740F37EE093C145] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [5120]
O44 - LFC:[MD5.B2783855236695F09EFBBBC816802627] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [3072]
O44 - LFC:[MD5.06B628A68BBFC265DC2070F8323A8CFB] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [3584]
O44 - LFC:[MD5.F647FC94092D695A3341CC375DAAA0CA] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [3584]
O44 - LFC:[MD5.31883E222CDEF7C24C3DE82E7B71E7FE] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [3072]
O44 - LFC:[MD5.172DD06D47C8E608C67A45D46BE216AD] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [3584]
O44 - LFC:[MD5.F4BBC62035CABE902895415C87EE1BB7] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [4096]
O44 - LFC:[MD5.89950E4A406D45E6768925907C5EC9BD] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [3584]
O44 - LFC:[MD5.BD9C4BBB5E71838AAF6F448F460D5056] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [3584]
O44 - LFC:[MD5.787405D1D048961F62BB87159E6AEEDA] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [3584]
O44 - LFC:[MD5.46785605AF4F939703821C079D162AA0] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [3072]
O44 - LFC:[MD5.2284CBD2729CA878456459959B87EDA1] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [3072]
O44 - LFC:[MD5.38818135F7D5C6B576F894FA865BDE27] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [3072]
O44 - LFC:[MD5.03048E620D5270CF03F170BD22D81C72] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [4608]
O44 - LFC:[MD5.7A5D9333128F2DB6C5E8855BE84941A4] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [3072]
O44 - LFC:[MD5.2A702D4E4B2A54288709096D6EBF9E54] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [3584]
O44 - LFC:[MD5.F5DD54F2BA89C3D57768F0CD2C930F4E] - 10/06/2015 - 03:06:54 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [6144]
O44 - LFC:[MD5.87A703DECCDC1BFCAC67E1D4686F67B6] - 10/06/2015 - 03:06:55 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [293376]
O44 - LFC:[MD5.957655757F43858692289B96F73716D8] - 10/06/2015 - 03:06:55 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll [868352]
O44 - LFC:[MD5.A83DD77AC941A8B1B2652035EA589149] - 10/06/2015 - 03:06:55 ---A- . (.Microsoft Corporation - DLL serveur de Windows multi-utilisateurs.) -- C:\Windows\System32\winsrv.dll [169984]
O44 - LFC:[MD5.015E337ABA03750D890A035819688FE1] - 10/06/2015 - 03:06:55 ---A- . (.Microsoft Corporation - Hôte de la fenêtre de la console.) -- C:\Windows\System32\conhost.exe [271360]
O44 - LFC:[MD5.920C2CB45F771062E8222F9E99A3F2DD] - 10/06/2015 - 03:06:55 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [3072]
O44 - LFC:[MD5.292EE50A9E31AF14118B47F5AD744CF3] - 10/06/2015 - 03:06:55 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [4096]
O44 - LFC:[MD5.9B17AF38184CF41FEA00EE2F0146523F] - 10/06/2015 - 03:06:55 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [4096]
O44 - LFC:[MD5.C1CD21544BA297980FD2CDFA385C80E7] - 10/06/2015 - 03:06:55 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [4608]
O44 - LFC:[MD5.05DC12B38CED8E7DC42F8A91F10AC985] - 10/06/2015 - 03:06:55 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [4096]
O44 - LFC:[MD5.AFE8F872B25BA0CB506B714BA486D222] - 10/06/2015 - 03:06:55 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [4096]
O44 - LFC:[MD5.2401379E0610D15FAB78A4B1646F5B8D] - 10/06/2015 - 03:06:57 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\dxmasf.dll [4096]
O44 - LFC:[MD5.2401379E0610D15FAB78A4B1646F5B8D] - 10/06/2015 - 03:06:57 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\msdxm.ocx [4096]
O44 - LFC:[MD5.DA27A4EA7B7C77FAFDB3F94D83E310C1] - 10/06/2015 - 03:06:57 ---A- . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.DLL [12625408]
O44 - LFC:[MD5.605E9B2CFA3445ED7716D0B345EE21EC] - 10/06/2015 - 03:06:57 ---A- . (.Microsoft Corporation - Windows Media Player System Preparation DLL.) -- C:\Windows\System32\spwmp.dll [8192]
O44 - LFC:[MD5.A98E8F79C738CAF23C152DBCABD978FE] - 10/06/2015 - 03:06:58 ---A- . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll [11411456]
O44 - LFC:[MD5.911B76808EB28284B7395E62C8645319] - 10/06/2015 - 03:07:35 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\UtcResources.dll [36864]
O44 - LFC:[MD5.52C869A640B8169D7C8460FB1646ABF5] - 10/06/2015 - 03:07:36 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656]
O44 - LFC:[MD5.619D5101114C71E1A4A585C5E68301B7] - 10/06/2015 - 03:07:36 ---A- . (.Microsoft Corporation - DLL des événements d’audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [146432]
O44 - LFC:[MD5.2E65BF3D85BB2C831669FBCBDE6C9879] - 10/06/2015 - 03:07:36 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [686080]
O44 - LFC:[MD5.7E7933E63BBE2BE71CC908EF140458EF] - 10/06/2015 - 03:07:36 ---A- . (.Microsoft Corporation - Nom d’audit des objets système.) -- C:\Windows\System32\msobjs.dll [60416]
O44 - LFC:[MD5.9A50B2567918BF7DDD600ECE5DB5ED76] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Bibliothèque de chiffrement Windows.) -- C:\Windows\System32\ncrypt.dll [221184]
O44 - LFC:[MD5.4238391DE3E3FDCD2C731C1E4E0F402C] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\System32\tdh.dll [635392]
O44 - LFC:[MD5.7A9F94E0F53C8F6E09405351AC104A3C] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [17408]
O44 - LFC:[MD5.ABD1DC994FD40C5F74F7DFDCEEB64599] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Gestionnaire de sessions Windows.) -- C:\Windows\System32\smss.exe [69632]
O44 - LFC:[MD5.65A5E27C2217D606E212B6088CCD6104] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\Windows\System32\sechost.dll [92160]
O44 - LFC:[MD5.87BCBD110BB804C8AB3632CEB3B8DA32] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [15872]
O44 - LFC:[MD5.D2967F6D4205A227AAA7D094C12F7141] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [22528]
O44 - LFC:[MD5.A9E8F961F7FE1EDEEF8F46EEB800F2D8] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [172032]
O44 - LFC:[MD5.FCA6EFFEE6D7D42E794F0E538297026C] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [43008]
O44 - LFC:[MD5.629AD3FDA168D82D459164044A29F9BB] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Moniteur de performance de la ligne de comm.) -- C:\Windows\System32\typeperf.exe [40448]
O44 - LFC:[MD5.C5C99A03FD48D39B6D36D46682A93B7D] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Processus d'exécution client-serveur.) -- C:\Windows\System32\csrsrv.dll [38912]
O44 - LFC:[MD5.F85FA29340A536C8E0A16151B9B03923] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Programme de stratégie d’audit.) -- C:\Windows\System32\auditpol.exe [50176]
O44 - LFC:[MD5.2D23A10FBFA09DC1B61799128BBA91A2] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [22016]
O44 - LFC:[MD5.769E395FF48802E1276FB615466E38C9] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [100352]
O44 - LFC:[MD5.FB224B0A63B8F58E91FE8A314AD295AD] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Utilitaire de configuration des performance.) -- C:\Windows\System32\diskperf.exe [17408]
O44 - LFC:[MD5.3E6731BF36A7D6C62D09671B427B6B67] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Utilitaire de réenregistrement de Performan.) -- C:\Windows\System32\relog.exe [37888]
O44 - LFC:[MD5.5643A88C6DA8AAEC9CE2845431942650] - 10/06/2015 - 03:07:37 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [65536]
O44 - LFC:[MD5.3C9D9DFCF517103677D7B6255C727B48] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [67520]
O44 - LFC:[MD5.0DFC56491C8B56A35AD52EAF770752FE] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [137664]
O44 - LFC:[MD5.EA141596564AE0C670EDD0F2636EC29C] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [259584]
O44 - LFC:[MD5.583FFF12D2F0D6E1A8746462C433895F] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [3934144]
O44 - LFC:[MD5.3C1BE79C3CE6EB378108B11D94CA1072] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - Outil de rapport de suivi d’événements.) -- C:\Windows\System32\tracerpt.exe [364544]
O44 - LFC:[MD5.CA2628766DC1DFAF7D993C1E33391478] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe [262656]
O44 - LFC:[MD5.BBABC6702529CFADAC0EC2B28168A288] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [248832]
O44 - LFC:[MD5.3B5DA649BF7B7D07510C06DE0AEEB4EB] - 10/06/2015 - 03:07:38 ---A- . (.Microsoft Corporation - Utilitaire d’enregistrement des Performance.) -- C:\Windows\System32\logman.exe [82944]
O44 - LFC:[MD5.9E68E1BDEBD85FC8803707370BE0FC6E] - 10/06/2015 - 03:07:40 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\System32\advapi32.dll [641536]
O44 - LFC:[MD5.6D4B495554B49F5221A946F4DA3A6A74] - 10/06/2015 - 03:07:40 ---A- . (.Microsoft Corporation - Bibliothèque principale de Restauration du.) -- C:\Windows\System32\srcore.dll [400896]
O44 - LFC:[MD5.7EBEA2FD2CA9200B18BC8252AF018797] - 10/06/2015 - 03:07:40 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1307648]
O44 - LFC:[MD5.8DF4BACE3A14DA53F787631839C9A400] - 10/06/2015 - 03:07:40 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1061376]
O44 - LFC:[MD5.641A14E6AC492ED45BC68815E2E2F566] - 10/06/2015 - 03:07:40 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntkrnlpa.exe [3989440]
O44 - LFC:[MD5.7AB2DE012C88870C9274E966EC88AB61] - 10/06/2015 - 03:07:41 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\diagtrack.dll [853504]
O44 - LFC:[MD5.2CA16814DA3C5B2D8C7E70DC47A45ED1] - 10/06/2015 - 03:07:41 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [551424]
O44 - LFC:[MD5.927E38A35E4DFC4E294BD130BAA6F759] - 10/06/2015 - 03:08:26 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2278912]
O44 - LFC:[MD5.3FD7E6DB5D81FE400DB4D81D278596E6] - 10/06/2015 - 03:08:27 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [4305920]
O44 - LFC:[MD5.975421AC32F9F6E27A58F75DAB4B5871] - 10/06/2015 - 03:08:27 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [19607040]
O44 - LFC:[MD5.9F6066005D8B8620598085C7499E9B70] - 10/06/2015 - 03:08:28 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [64000]
O44 - LFC:[MD5.85E21CCF38166E0D6DE2E42D9D3823BD] - 10/06/2015 - 03:08:28 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1155072]
O44 - LFC:[MD5.6B7210618D7E2CE0404ECF748701253A] - 10/06/2015 - 03:08:28 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [76288]
O44 - LFC:[MD5.EF853EA2A6A7BD891CCF31B0C2915352] - 10/06/2015 - 03:08:29 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [341504]
O44 - LFC:[MD5.1A628C1F5470F0AF21E37E425026F27A] - 10/06/2015 - 03:08:30 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [478208]
O44 - LFC:[MD5.DB254D50B4527C2821C537E0587B44E8] - 10/06/2015 - 03:08:30 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [12829696]
O44 - LFC:[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - 10/06/2015 - 03:08:31 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1950720]
O44 - LFC:[MD5.AD392013A39DE951627EE402002E800C] - 10/06/2015 - 03:08:31 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.C27C8CACEBC712BE2AD791715E9734EC] - 10/06/2015 - 03:08:31 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [664064]
O44 - LFC:[MD5.FB5C9234E4BF6BDAF4A954763A4582BA] - 10/06/2015 - 03:08:32 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [168960]
O44 - LFC:[MD5.5C06EE62F06E990E9521EA80B8D4D4B8] - 10/06/2015 - 03:08:32 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [62464]
O44 - LFC:[MD5.8C8B8C78C0CCD5D36ABCB115B0B581E1] - 10/06/2015 - 03:08:32 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.4ABEEF30EA5B9F4718312DCB60B6C9BC] - 10/06/2015 - 03:08:32 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2052608]
O44 - LFC:[MD5.53E9614ADFA6A40A452BA014CEF6F261] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1309696]
O44 - LFC:[MD5.C93AE4D14AEF5169791B35D97AE7C9FC] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [47104]
O44 - LFC:[MD5.2DED8A99E45053C42DD21D6937D3960C] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [689152]
O44 - LFC:[MD5.B6D8148C1C697A7BF04EE0FE82408B6A] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [710144]
O44 - LFC:[MD5.FA628D79E5FD267039A2F7637BA10754] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [667648]
O44 - LFC:[MD5.7DBCBB1647B7CD71E2039C1B50A12717] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [620032]
O44 - LFC:[MD5.96837E5864777688477AF6DE2332C06D] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [503808]
O44 - LFC:[MD5.E21AE910DF0C5CB7D46D8FA17A4567DE] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [115712]
O44 - LFC:[MD5.AD2726E4A53EC118D88CCA40260E1AE0] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [342728]
O44 - LFC:[MD5.81C1182A9EE7AC4D21187811DE66A7D0] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [30720]
O44 - LFC:[MD5.ABE3B4B605499D726C27ACB6F756BC11] - 10/06/2015 - 03:08:33 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [685568]
O44 - LFC:[MD5.8C3A03295F56D1FFB51D9D05DA42B12D] - 10/06/2015 - 03:08:34 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [47616]
O44 - LFC:[MD5.C842601A18BA4D9058E7C0EFA5683513] - 10/06/2015 - 03:08:34 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [102912]
O44 - LFC:[MD5.185490A6C3BEDAC5EF547314F68AB07B] - 10/06/2015 - 03:08:34 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416]
O44 - LFC:[MD5.BCD4C37A7043E75131111EA447210DE7] - 10/06/2015 - 03:08:36 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2384384]
O44 - LFC:[MD5.575DF237408CA735631F7A0DC423D873] - 10/06/2015 - 03:08:36 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\Drivers\stream.sys [54656]
O44 - LFC:[MD5.628F87288466FBC0826FFE97B33D0B5A] - 11/06/2015 - 02:01:28 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [136900096]
O44 - LFC:[MD5.8C3F787D848AFFFA346EB8C9A06D8DE9] - 11/06/2015 - 02:33:26 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [3044504]
O44 - LFC:[MD5.F00FA956D788F0E5AB468455C63D8D84] - 23/06/2015 - 04:22:58 ---A- . (...) -- C:\Windows\MEMORY.DMP [282229719]
O44 - LFC:[MD5.222162D352496CA14A16558982736683] - 23/06/2015 - 04:23:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9082AB3D381DAB28E3F73AE0C1D27F07] - 23/06/2015 - 04:23:08 ---A- . (...) -- C:\Windows\setupact.log [72669]
O44 - LFC:[MD5.04B309A1A653177994630C2773E659F1] - 23/06/2015 - 04:24:29 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O44 - LFC:[MD5.FD44FA80DA03EA144153A76DEBBB61B4] - 23/06/2015 - 04:26:03 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [35064]
O44 - LFC:[MD5.453F6FAB1E13637AEEC9BDFB5100AF82] - 23/06/2015 - 04:27:37 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1706668]
O44 - LFC:[MD5.49872F4D30815DE213AB219752E33605] - 23/06/2015 - 04:32:33 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1675410]
O44 - LFC:[MD5.F3286EDDD63EC776B7DEEF6E548575A1] - 23/06/2015 - 04:32:33 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122826]
O44 - LFC:[MD5.4402922FC66C68D98756262F4FE7C58F] - 23/06/2015 - 04:32:33 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150262]
O44 - LFC:[MD5.B02A98B6E41D326508A5219B9A7B5EF3] - 23/06/2015 - 04:32:33 ---A- . (...) -- C:\Windows\System32\perfh009.dat [656428]
O44 - LFC:[MD5.08D21D63CBE4394C024F867964E24506] - 23/06/2015 - 04:32:33 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [739808]
~ Files: 122 Scanned in 00mn 27s



---\\ Latest files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.183BAACBB2F42B0D248B2CDB43E28912] - 22/06/2015 - 23:51:56 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-8874D457.pf =>P2P.µTorrent
~ Prefetcher: 1 Scanned in 00mn 00s



---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{3372a7cd-e5e0-11e4-8c4c-b803057cfc12}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{7ffa242d-8942-11e4-9192-806e6f6e6963}\AutoRun\command. (...) -- E:\SecSWMgrGuide.exe (.not file.)
O51 - MPSK:{c3cd1d8e-9d2e-11e4-9cc8-d0ec057b05f9}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Creative Cloud [Key] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\aBDELhAK\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O53 - SMSR:HKLM\...\startupreg\vmware-tray.exe [Key] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe =>.VMware, Inc
~ SMSR Keys: 7 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:28/03/2015 - 15:47:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\034B7649.sys [114904]
O58 - SDL:29/12/2014 - 09:25:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\05B6287F.sys [114904]
O58 - SDL:18/03/2015 - 00:10:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\06D41BE4.sys [114904]
O58 - SDL:11/03/2015 - 19:17:14 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\08B066D4.sys [114904]
O58 - SDL:28/12/2014 - 02:19:46 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\0B491461.sys [114904]
O58 - SDL:06/01/2015 - 16:31:19 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\0C775F54.sys [114904]
O58 - SDL:06/04/2015 - 18:20:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\1EC62AA2.sys [114904]
O58 - SDL:15/01/2015 - 08:13:45 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\1FF121B4.sys [114904]
O58 - SDL:17/05/2015 - 20:27:58 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\288C0FE0.sys [119512]
O58 - SDL:02/01/2015 - 13:43:17 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\32A84BB5.sys [114904]
O58 - SDL:30/03/2015 - 23:09:49 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\3EC0655E.sys [114904]
O58 - SDL:02/01/2015 - 02:06:36 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\4A2710F8.sys [114904]
O58 - SDL:12/03/2015 - 01:30:40 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\4A2904A4.sys [114904]
O58 - SDL:10/04/2015 - 18:31:51 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\4F956C15.sys [119512]
O58 - SDL:12/04/2015 - 20:23:38 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\55BF5DE7.sys [119512]
O58 - SDL:20/02/2015 - 16:29:20 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\562419CB.sys [114904]
O58 - SDL:02/01/2015 - 05:25:50 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\56592975.sys [114904]
O58 - SDL:12/02/2015 - 22:08:06 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\5B922C03.sys [114904]
O58 - SDL:28/03/2015 - 16:21:31 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\5C55109A.sys [114904]
O58 - SDL:18/01/2015 - 13:21:06 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\608B7757.sys [114904]
O58 - SDL:03/04/2015 - 00:09:23 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\68B05128.sys [114904]
O58 - SDL:01/01/2015 - 22:20:06 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\6CEC639D.sys [114904]
O58 - SDL:20/04/2015 - 23:32:33 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\75E05F8F.sys [119512]
O58 - SDL:04/01/2015 - 00:28:30 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\77176227.sys [114904]
O58 - SDL:15/01/2015 - 02:24:37 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\7E00167D.sys [114904]
O58 - SDL:01/05/2015 - 15:48:49 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\7E064354.sys [119512]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 01:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:11/03/2011 - 05:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:11/03/2011 - 05:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400]
O58 - SDL:21/04/2011 - 09:22:30 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter.) -- C:\Windows\System32\Drivers\AmpPal.sys [240640]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:13/07/2009 - 22:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 22:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 22:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 00:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 22:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 22:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 22:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:08/03/2011 - 14:41:50 ---A- . (.Intel Corporation - Bluetooth Auxiliary Driver.) -- C:\Windows\System32\Drivers\btmaux.sys [40960]
O58 - SDL:23/12/2014 - 01:09:34 ---A- . (.Motorola Solutions, Inc. - Bluetooth Filter Driver.) -- C:\Windows\System32\Drivers\btmhsf.sys [1110328]
O58 - SDL:13/07/2009 - 22:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:10/12/2007 - 03:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [9072]
O58 - SDL:10/12/2007 - 03:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [9200]
O58 - SDL:14/07/2009 - 01:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:14/01/2013 - 20:10:56 ---A- . (.Kaspersky Lab UK Ltd - Cryptographic Module.) -- C:\Windows\System32\Drivers\cm_km_w.sys [189136]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:13/07/2009 - 22:02:52 ---A- . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6 deserialized driver.) -- C:\Windows\System32\Drivers\e1y6032.sys [214016]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:16/06/2011 - 11:41:12 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [159016]
O58 - SDL:13/07/2009 - 22:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:27/02/2014 - 18:40:48 ---A- . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\Drivers\hcmon.sys [43840]
O58 - SDL:13/07/2009 - 22:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:20/10/2010 - 00:33:40 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECI.sys [41088]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:23/12/2014 - 00:49:49 ---A- . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\Drivers\HWiNFO32.SYS [23840]
O58 - SDL:18/02/2011 - 08:04:32 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStor.sys [355352]
O58 - SDL:11/03/2011 - 05:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160]
O58 - SDL:23/12/2014 - 01:09:34 ---A- . (.Intel Corporation - Intel(R) Centrino(R) Wireless (Bluetooth Adapter) Driver.) -- C:\Windows\System32\Drivers\iBtFltCoex.sys [55776]
O58 - SDL:29/11/2014 - 00:37:06 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [115752]
O58 - SDL:23/12/2014 - 01:07:35 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys [3764224]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:02/03/2004 - 17:37:48 ----- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\Windows\System32\Drivers\imagedrv.sys [5504]
O58 - SDL:02/03/2004 - 17:37:50 ----- . (.Ahead Software AG - Nero Image Server.) -- C:\Windows\System32\Drivers\imagesrv.sys [125184]
O58 - SDL:23/12/2014 - 01:13:12 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [368912]
O58 - SDL:31/03/2014 - 10:47:08 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\Drivers\kl1.sys [143968]
O58 - SDL:02/07/2014 - 15:10:24 ---A- . (.Kaspersky Lab ZAO - Virtual Disk fre_win7_x86.) -- C:\Windows\System32\Drivers\kldisk.sys [36928]
O58 - SDL:03/12/2014 - 08:54:32 ---A- . (.Kaspersky Lab ZAO - Filter Core [fre_wlh_x86].) -- C:\Windows\System32\Drivers\klflt.sys [119816]
O58 - SDL:12/08/2014 - 17:32:56 ---A- . (.Kaspersky Lab ZAO - KLHK [fre_wlh_x86].) -- C:\Windows\System32\Drivers\klhk.sys [36536]
O58 - SDL:10/03/2015 - 17:19:14 ---A- . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\System32\Drivers\klif.sys [673976]
O58 - SDL:25/02/2014 - 12:09:02 ---A- . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\Drivers\klim6.sys [25696]
O58 - SDL:28/03/2014 - 16:51:02 ---A- . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_wlh_x86].) -- C:\Windows\System32\Drivers\klkbdflt.sys [24672]
O58 - SDL:08/08/2013 - 16:10:58 ---A- . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_wlh_x86].) -- C:\Windows\System32\Drivers\klmouflt.sys [25696]
O58 - SDL:12/04/2013 - 14:34:48 ---A- . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x86].) -- C:\Windows\System32\Drivers\klpd.sys [14432]
O58 - SDL:05/06/2014 - 18:02:10 ---A- . (.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) -- C:\Windows\System32\Drivers\kltdi.sys [44992]
O58 - SDL:03/12/2014 - 08:54:32 ---A- . (.Kaspersky Lab ZAO - Network filtering component.) -- C:\Windows\System32\Drivers\klwtp.sys [64200]
O58 - SDL:09/07/2014 - 15:23:54 ---A- . (.Kaspersky Lab ZAO - KNEPS Power [fre_wxp_x86].) -- C:\Windows\System32\Drivers\kneps.sys [146240]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:14/07/2009 - 01:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:14/04/2015 - 08:37:42 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [23256]
O58 - SDL:14/04/2015 - 08:37:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [92888]
O58 - SDL:23/06/2015 - 04:24:29 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:14/04/2015 - 08:37:54 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [51928]
O58 - SDL:01/05/2011 - 14:32:08 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwNs32.sys [7513088]
O58 - SDL:23/12/2014 - 01:09:50 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwsn00.sys [10374144]
O58 - SDL:14/07/2009 - 01:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:25/06/2010 - 17:07:14 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35088]
O58 - SDL:11/03/2011 - 05:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120]
O58 - SDL:11/03/2011 - 05:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744]
O58 - SDL:06/02/2008 - 03:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\Drivers\pxhelp20.sys [44608]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:23/12/2014 - 01:26:39 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\System32\Drivers\Rt86win7.sys [719576]
O58 - SDL:23/12/2014 - 01:27:55 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [3343832]
O58 - SDL:22/09/2011 - 14:39:12 ---A- . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) -- C:\Windows\System32\Drivers\SABI.sys [10752]
O58 - SDL:08/10/2014 - 13:13:16 ---A- . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [113904]
O58 - SDL:13/07/2009 - 20:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:13/07/2009 - 23:45:33 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\serial.sys [83456]
O58 - SDL:12/04/2011 - 21:29:40 ---A- . (.Phoenix Technologies Ltd. - SecureGuard Driver.) -- C:\Windows\System32\Drivers\SGDrv.sys [6144]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:22/01/2014 - 08:52:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [88576]
O58 - SDL:22/01/2014 - 08:52:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [184192]
O58 - SDL:22/01/2014 - 07:52:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [184192]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:23/06/2015 - 04:26:03 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [35064]
O58 - SDL:14/07/2009 - 01:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:08/10/2013 - 18:20:50 ---A- . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\Drivers\vmci.sys [71888]
O58 - SDL:14/04/2014 - 16:40:42 ---A- . (.VMware, Inc. - VMware virtual network driver (32-bit).) -- C:\Windows\System32\Drivers\vmnet.sys [20048]
O58 - SDL:14/04/2014 - 16:40:42 ---A- . (.VMware, Inc. - VMware virtual network adapter driver (32-bit).) -- C:\Windows\System32\Drivers\vmnetadapter.sys [17104]
O58 - SDL:14/04/2014 - 16:40:42 ---A- . (.VMware, Inc. - VMware bridge driver (32-bit).) -- C:\Windows\System32\Drivers\vmnetbridge.sys [37456]
O58 - SDL:14/04/2014 - 16:41:42 ---A- . (.VMware, Inc. - VMware network application interface driver (32-bit).) -- C:\Windows\System32\Drivers\vmnetuserif.sys [26968]
O58 - SDL:14/04/2014 - 16:40:58 ---A- . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\Drivers\vmx86.sys [66136]
O58 - SDL:14/07/2009 - 01:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:08/10/2013 - 18:20:56 ---A- . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\Drivers\vsock.sys [63824]
O58 - SDL:22/02/2013 - 03:28:26 ---A- . (.VMware, Inc. - VMware Virtual Storage Volume Driver.) -- C:\Windows\System32\Drivers\vstor2-mntapi20-shared.sys [23632]
O58 - SDL:13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 21:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 21:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 21:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 21:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 21:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 21:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 21:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 21:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 21:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 21:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 139 Scanned in 00mn 09s



---\\ Last modified or created user files (O61)
O61 - LFC: 20/06/2015 - 05:05:19 ---A- . (.Google Inc..) -- C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll [189256]
O61 - LFC: 21/06/2015 - 05:07:00 R--A- . (...) -- C:\Users\aBDELhAK\Desktop\Counter Strike 1.6\Counter Strike 1.6.exe [455432638]
O61 - LFC: 21/06/2015 - 05:07:01 R--A- . (.EmpowerLabs.) -- C:\Users\aBDELhAK\Desktop\Counter Strike Steam\Counter-Strike 1.6 Steam.exe [366683213]
O61 - LFC: 22/06/2015 - 05:06:47 ---A- . (.Skype Technologies S.A..) -- C:\Users\aBDELhAK\AppData\Local\Temp\SkypeSetup.exe [40422528]
O61 - LFC: 23/06/2015 - 05:05:19 ---A- . (...) -- C:\Users\aBDELhAK\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 23/06/2015 - 05:07:01 ---A- . (...) -- C:\Users\aBDELhAK\Desktop\RogueKiller.exe [17679608]
O61 - LFC: 23/06/2015 - 05:07:01 ---A- . (.Nicolas Coolman.) -- C:\Users\aBDELhAK\Desktop\ZHPDiag2.exe [6883618] =>.Nicolas Coolman
O61 - LFC: 23/06/2015 - 05:07:04 ---A- . (...) -- C:\Users\aBDELhAK\Downloads\RogueKiller.exe [17679608]
O61 - LFC: 23/06/2015 - 05:07:04 ---A- . (.Nicolas Coolman.) -- C:\Users\aBDELhAK\Downloads\ZHPDiag2.exe [6883618] =>.Nicolas Coolman
~ 4160 Fichiers temporaires (Temporary files)
~ 121 Fichiers cookies (Cookies files)
~ Files: 9 Scanned in 01mn 56s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 14/01/2013 - C:\Windows\System32\DRIVERS\cm_km_w.sys (cm_km_w) .(.Kaspersky Lab UK Ltd - Cryptographic Module.) - LEGACY_CM_KM_W
O64 - Services: CurCS - 27/02/2014 - C:\Windows\system32\drivers\hcmon.sys (hcmon) .(.VMware, Inc. - VMware USB monitor.) - LEGACY_HCMON
O64 - Services: CurCS - 23/12/2014 - C:\Windows\system32\drivers\HWiNFO32.sys (HWiNFO32) .(.REALiX(tm) - HWiNFO x86 Kernel Driver.) - LEGACY_HWINFO32
O64 - Services: CurCS - 29/11/2014 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP
O64 - Services: CurCS - 31/03/2014 - C:\Windows\System32\DRIVERS\kl1.sys (kl1) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - 02/07/2014 - C:\Windows\System32\DRIVERS\kldisk.sys (kldisk) .(.Kaspersky Lab ZAO - Virtual Disk fre_win7_x86.) - LEGACY_KLDISK
O64 - Services: CurCS - 12/08/2014 - C:\Windows\System32\DRIVERS\klhk.sys (klhk) .(.Kaspersky Lab ZAO - KLHK [fre_wlh_x86].) - LEGACY_KLHK
O64 - Services: CurCS - 25/02/2014 - C:\Windows\System32\DRIVERS\klim6.sys (KLIM6) .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6
O64 - Services: CurCS - 12/04/2013 - C:\Windows\System32\DRIVERS\klpd.sys (klpd) .(.Kaspersky Lab ZAO - KLPD [fre_wnet_x86].) - LEGACY_KLPD
O64 - Services: CurCS - 05/06/2014 - C:\Windows\System32\DRIVERS\kltdi.sys (kltdi) .(.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) - LEGACY_KLTDI
O64 - Services: CurCS - 03/12/2014 - C:\Windows\System32\DRIVERS\klwtp.sys (Klwtp) .(.Kaspersky Lab ZAO - Network filtering component.) - LEGACY_KLWTP
O64 - Services: CurCS - 09/07/2014 - C:\Windows\System32\DRIVERS\kneps.sys (kneps) .(.Kaspersky Lab ZAO - KNEPS Power [fre_wxp_x86].) - LEGACY_KNEPS
O64 - Services: CurCS - 14/04/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 23/06/2015 - C:\Windows\system32\drivers\MBAMSwissArmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - 14/04/2015 - C:\Windows\system32\drivers\mwac.sys (MBAMWebAccessControl) .(.Malwarebytes Corporation - Malwarebytes Web Access Control.) - LEGACY_MBAMWEBACCESSCONTROL
O64 - Services: CurCS - 25/06/2010 - C:\Windows\System32\drivers\npf.sys (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - 22/09/2011 - C:\Windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/04/2014 - C:\Windows\System32\DRIVERS\vmnetbridge.sys (VMnetBridge) .(.VMware, Inc. - VMware bridge driver (32-bit).) - LEGACY_VMNETBRIDGE
O64 - Services: CurCS - 14/04/2014 - C:\Windows\system32\drivers\vmnetuserif.sys (VMnetuserif) .(.VMware, Inc. - VMware network application interface driver.) - LEGACY_VMNETUSERIF
O64 - Services: CurCS - 14/04/2014 - C:\Windows\system32\Drivers\vmx86.sys (vmx86) .(.VMware, Inc. - VMware kernel driver.) - LEGACY_VMX86
O64 - Services: CurCS - 08/10/2013 - C:\Windows\System32\drivers\vsock.sys (vsock) .(.VMware, Inc. - VMware vSockets Service.) - LEGACY_VSOCK
O64 - Services: CurCS - 22/02/2013 - C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys (vstor2-mntapi20-shared) .(.VMware, Inc. - VMware Virtual Storage Volume Driver.) - LEGACY_VSTOR2-MNTAPI20-SHARED
~ Legacy: 94 Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.scr> [HKCU\..\open\Command] (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
~ FASS Keys: 12 Scanned in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2020864]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]
~ Services: 33 Scanned in 00mn 00s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.DBE62564796498320DC028EA28A54914] [SPRF][21/12/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.21BA3EB0C5D749F65BA2F86838B08851] [SPRF][23/06/2015] (...) -- C:\Users\aBDELhAK\Desktop\RogueKiller.exe [17679608]
[MD5.1833923DA90E73C3A392F05069E3BA8B] [SPRF][23/06/2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\aBDELhAK\Desktop\ZHPDiag2.exe [6883618]
[MD5.E3815CD387F4E37269914D7762903CE4] [SPRF][03/02/2011] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [113888]
~ Files: 4 Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{641E485F-5815-4022-B4C0-C3774A820A56}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\aBDELhAK\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{0E15BDF8-E0D5-4DB8-B955-7FB092FC1D79}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\aBDELhAK\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 02s



---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: Manal!! - {E08E4B31-A291-11E4-9CC8-D0EC057B05F9}
~ MNS: 1 Scanned in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 117 Scanned in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/12/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 23/12/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe
SS - | Demand 01/04/2015 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 21/12/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 21/12/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/01/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 25/06/2010 117264 | (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe
SS - | Auto 11/12/2013 1050904 | (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
SS - | Auto 11/12/2014 315496 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 03/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 28/07/2011 262144 | (AIPS) . (.Arcai.com.) - D:\netcut\services\AIPS.exe
SR - | Auto 21/04/2011 923136 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 02/02/2011 18656 | (Autodesk Content Service) . (...) - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 30/08/2014 234520 | (AVP15.0.1) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
SR - | Auto 30/03/2011 923984 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files\Intel\Bluetooth\devmonsrv.exe
SR - | Demand 30/03/2011 1321296 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files\Intel\Bluetooth\mediasrv.exe
SR - | Auto 30/03/2011 1001808 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files\Intel\Bluetooth\obexsrv.exe
SR - | Auto 21/04/2011 102672 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 04/05/2011 326424 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/04/2015 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 14/04/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 30/03/2015 5448464 | (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe
SR - | Auto 04/05/2011 2656536 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/04/2014 86744 | (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc
SR - | Auto 14/04/2014 359128 | (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\system32\vmnetdhcp.exe
SR - | Auto 27/02/2014 722624 | (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
SR - | Auto 14/04/2014 437976 | (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe
SR - | Auto 14/04/2014 14407384 | (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 19s



---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by aBDELhAK at 23/06/2015 05:09:10
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 05s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (16/06/2015)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 2

[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUA.KMSpico^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files\KMSpico =>PUA.KMSpico^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico^
C:\Users\aBDELhAK\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
~ Additionnel Scan: 500363 Items scanned in 00mn 54s



---\\ Additional information about modules
~ http://www.nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Start,Search,Extensions (G0,G1,G2)
~ http://www.nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://www.nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2)
~ http://www.nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4)
~ http://www.nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.MountPoints2 Shell Key (MPSK) (O51)
~ AMI: 5 Scanned in 00mn 00s



---\\ Summary of the detections found on your workstation
http://www.nicolascoolman.fr/pup-kmspico =>PUA.KMSpico
http://www.nicolascoolman.fr/blog/ =>Hacktool.AutoKMS
~ MSI: 2 link(s) detected in 00mn 00s



End of the scan (1568 lines in 06mn 43s)(0.9)

Publicité


Signaler le contenu de ce document

Publicité