API tools faq
paste
Advertisement
Guest User

probleme

a guest
Dec 19th, 2012
238
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 64.04 KB | None | 0 0
raw download clone embed print report
  1. Rapport de ZHPDiag v1.33.04 par Nicolas Coolman, Update du 18/12/2012
  2. Run by luca at 18/12/2012 21:10:14
  3. State : Version à jour.
  4. UAC : Deactivate by program
  5.  
  6.  
  7. ---\\ Web Browser
  8. MSIE: Internet Explorer v8.0.7600.16385
  9.  
  10. ---\\ Windows Product Information
  11. ~ Langage: Français
  12. Windows 7 Business Edition, 64-bit (Build 7600)
  13. Windows Server License Manager Script : OK
  14. ~ Windows(R) 7, RETAIL channel
  15. Windows ID Activation : OK
  16. ~ Windows Partial Key : PW487
  17. ~ Windows Remaining Initializations Number : 3
  18. Software Protection Service (Protection logicielle) : OK
  19. Windows Automatic Updates : OK
  20. Windows Activation Technologies : OK
  21.  
  22. ---\\ System Information
  23. ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
  24. ~ Operating System: 64 Bits
  25. Boot mode: Normal (Normal boot)
  26. Total RAM: 8174 MB (79% free)
  27. System Restore: Activé (Enable)
  28. System drive C: has 389 GB (83%) free of 466 GB
  29.  
  30. ---\\ Logged in mode
  31. ~ Computer Name: LUCA-PC
  32. ~ User Name: luca
  33. ~ All Users Names: luca, Administrateur,
  34. ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
  35. Logged in as Administrator
  36.  
  37. ---\\ Environnement Variables
  38. ~ System Unit : C:\
  39. ~ %AppData% : C:\Users\luca\AppData\Roaming\
  40. ~ %Desktop% : C:\Users\luca\Desktop\
  41. ~ %Favorites% : C:\Users\luca\Favorites\
  42. ~ %LocalAppData% : C:\Users\luca\AppData\Local\
  43. ~ %StartMenu% : C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\
  44. ~ %Windir% : C:\Windows\
  45. ~ %System% : C:\Windows\System32\
  46.  
  47. ---\\ DOS/Devices
  48. C:\ Hard drive, Flash drive, Thumb drive (Free 389 Go of 466 Go)
  49. D:\ CD-ROM drive (Not Inserted)
  50.  
  51.  
  52.  
  53. ---\\ Security Center & Tools Informations
  54. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
  55. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
  56. [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
  57. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
  58. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
  59. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
  60. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
  61. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
  62. [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
  63. ~ Scan Security Center in 00mn 00s
  64.  
  65.  
  66.  
  67. ---\\ Recherche particulière de fichiers génériques
  68. [MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 02:39:10.) -- C:\Windows\Explorer.exe [2868224]
  69. [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
  70. [MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 02:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
  71. [MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
  72. [MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
  73. [MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/07/2009 - 00:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
  74. [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
  75. [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
  76. [MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
  77. [MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 00:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
  78. [MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
  79. [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
  80. [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
  81. [MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2009 - 00:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
  82. [MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
  83. [MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
  84. [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
  85. [MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
  86. [MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 01:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
  87. [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
  88. [MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
  89. [MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
  90. ~ Scan Generic Processes in 00mn 00s
  91.  
  92.  
  93.  
  94. ---\\ Etat des fichiers cachés (Caché/Total)
  95. ~ Mes images (My Pictures) : 1/3
  96. ~ Mes Favoris (My Favorites) : 1/26
  97. ~ Mes Documents (My Documents) : 1/60
  98. ~ Mon Bureau (My Desktop) : 1/988
  99. ~ Menu demarrer (Programs) : 1/28
  100. ~ Scan Hidden Files in 00mn 00s
  101.  
  102.  
  103.  
  104. ---\\ Processus lancés
  105. [MD5.D11E6244AE34071D93A77753311B0676] - (.ASRock - Instant Boot.) -- C:\Program Files (x86)\ASRock Utility\InstantBoot\InstantBoot.exe [3915272] [PID.2208]
  106. [MD5.DCFE26AE5BD64C20C0B42AA3FB7679C7] - (.Pas de propriétaire - Tilt driver.) -- C:\Program Files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe [729088] [PID.2460]
  107. [MD5.2D08AC1443FFA7FBED9A5EA5FD49AEB3] - (.Google Inc. - Google Chrome.) -- C:\Users\luca\AppData\Local\Google\Chrome\Application\chrome.exe [1242728] [PID.1456]
  108. [MD5.A3FBEC2CCD8F1AC7B61927C186A4BE1A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3793920] [PID.636]
  109. [MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.]
  110. [MD5.98B16E756243BEA9410E32025B19C06F] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168] [PID.]
  111. [MD5.7A78ED1088890114DFDE2C4AB038D6B6] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.]
  112. ~ Scan Processes Running in 00mn 00s
  113.  
  114.  
  115.  
  116. ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
  117. C:\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Preferences
  118. G1 - GCS: Preference [User Data\Default] None
  119. ~ Scan Google Browser in 00mn 00s
  120.  
  121.  
  122.  
  123. ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
  124. P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\luca\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
  125. P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\luca\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
  126. ~ Scan Firefox Browser in 00mn 00s
  127.  
  128.  
  129.  
  130. ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
  131. R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
  132. R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
  133. R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
  134. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
  135. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
  136. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
  137. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
  138. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
  139. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
  140. R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
  141. R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
  142. R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
  143. R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
  144. ~ Scan IE Browser in 00mn 00s
  145.  
  146.  
  147.  
  148. ---\\ Internet Explorer, Proxy Management (R5)
  149. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
  150. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
  151. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
  152. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
  153. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
  154. ~ Scan Proxy management in 00mn 00s
  155.  
  156.  
  157.  
  158. ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
  159. F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
  160. F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
  161. F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
  162. ~ Scan Keys in 00mn 00s
  163.  
  164.  
  165.  
  166. ---\\ Redirection du fichier Hosts (O1)
  167. ~ Le fichier hosts est sain (The hosts file is clean).
  168. ~ Scan Hosts File in 00mn 00s
  169. ~ Nombre de lignes (Lines number): 21
  170.  
  171.  
  172.  
  173. ---\\ Browser Helper Objects de navigateur (O2)
  174. O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  175. O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
  176. O2 - BHO: FlashGetBHO [64Bits] - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} . (.Trend Media Group - FlashGet Browser Helper Object.) -- C:\Users\luca\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
  177. O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
  178. ~ Scan BHO in 00mn 00s
  179.  
  180.  
  181.  
  182. ---\\ Applications démarrées par registre & par dossier (O4)
  183. O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\luca\AppData\Local\Google\Update\GoogleUpdate.exe
  184. O4 - HKCU\..\Run: [ASRockXTU] Clé orpheline
  185. O4 - HKCU\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe
  186. O4 - HKCU\..\Run: [zASRockInstantBoot] Clé orpheline
  187. O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
  188. O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  189. O4 - HKLM\..\Wow6432Node\Run: [ghost] . (...) -- C:\Program Files (x86)\GIGABYTE\GHOST(6980)\ghostopen.exe
  190. O4 - HKLM\..\Wow6432Node\Run: [Tilt] . (.Pas de propriétaire - Tilt driver.) -- C:\Program Files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe
  191. O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  192. O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
  193. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
  194. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
  195. O4 - HKUS\S-1-5-21-93764424-1778544107-2091175305-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\luca\AppData\Local\Google\Update\GoogleUpdate.exe
  196. O4 - HKUS\S-1-5-21-93764424-1778544107-2091175305-1000\..\Run: [ASRockXTU] Clé orpheline
  197. O4 - HKUS\S-1-5-21-93764424-1778544107-2091175305-1000\..\Run: [FlashGet 3] . (.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe
  198. O4 - HKUS\S-1-5-21-93764424-1778544107-2091175305-1000\..\Run: [zASRockInstantBoot] Clé orpheline
  199. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
  200. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
  201. ~ Scan Application in 00mn 00s
  202.  
  203.  
  204.  
  205. ---\\ Autres liens utilisateurs (O4)
  206. O4 - Global Startup: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  207. O4 - Global Startup: C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  208. O4 - Global Startup: C:\Users\luca\Desktop\FlashGet downloads.lnk . (...) -- C:\Downloads
  209. O4 - Global Startup: C:\Users\luca\Desktop\FlashGet3.lnk . (.Trend Media Corporation Limited.) -- C:\Program Files (x86)\FlashGet Network\FlashGet 3\Flashget3.exe
  210. O4 - Global Startup: C:\Users\luca\Desktop\fsx.exe.limited - Raccourci.lnk . (...) -- C:\Users\luca\Documents\test\fsx.exe.limited.bat
  211. O4 - Global Startup: C:\Users\luca\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\luca\AppData\Local\Google\Chrome\Application\chrome.exe
  212. O4 - Global Startup: C:\Users\luca\Desktop\OCCT.lnk . (.OCCT - Ocbase - Adrien Mercier.) -- C:\Program Files (x86)\OCCTPT\OCCT.exe
  213. O4 - Global Startup: C:\Users\luca\Desktop\PhotoFiltre 7.lnk . (.PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe
  214. O4 - Global Startup: C:\Users\luca\Desktop\SpeedFan.lnk . (.Almico Software (www.almico.com).) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
  215. O4 - Global Startup: C:\Users\luca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FlashGet3.lnk . (.Trend Media Corporation Limited.) -- C:\Program Files (x86)\FlashGet Network\FlashGet 3\Flashget3.exe
  216. O4 - Global Startup: C:\Users\luca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  217. ~ Scan Global Startup in 00mn 00s
  218.  
  219.  
  220.  
  221. ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
  222. O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
  223. ~ Scan IE Control Panel in 00mn 00s
  224.  
  225.  
  226.  
  227. ---\\ Winsock hijacker (Layered Service Provider) (O10)
  228. O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
  229. O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
  230. O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
  231. O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
  232. O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
  233. O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
  234. ~ Scan Winsock in 00mn 00s
  235.  
  236.  
  237.  
  238. ---\\ Modification Domaine/Adresses DNS (O17)
  239. O17 - HKLM\System\CCS\Services\Tcpip\..\{6C58A1F5-6368-489F-B510-BA6010856A2B}: DhcpNameServer = 194.230.1.71 194.230.1.39
  240. O17 - HKLM\System\CCS\Services\Tcpip\..\{6C58A1F5-6368-489F-B510-BA6010856A2B}: DhcpDomain = WAG160N
  241. O17 - HKLM\System\CS1\Services\Tcpip\..\{6C58A1F5-6368-489F-B510-BA6010856A2B}: DhcpNameServer = 194.230.1.71 194.230.1.39
  242. O17 - HKLM\System\CS1\Services\Tcpip\..\{6C58A1F5-6368-489F-B510-BA6010856A2B}: DhcpDomain = WAG160N
  243. O17 - HKLM\System\CS2\Services\Tcpip\..\{6C58A1F5-6368-489F-B510-BA6010856A2B}: DhcpNameServer = 194.230.1.71 194.230.1.39
  244. O17 - HKLM\System\CS2\Services\Tcpip\..\{6C58A1F5-6368-489F-B510-BA6010856A2B}: DhcpDomain = WAG160N
  245. ~ Scan Domain in 00mn 00s
  246.  
  247.  
  248.  
  249. ---\\ Protocole additionnel (O18)
  250. O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
  251. O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  252. O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
  253. O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  254. O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  255. O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  256. O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  257. O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
  258. O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
  259. O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  260. O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
  261. O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
  262. O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  263. O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
  264. O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
  265. O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
  266. O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
  267. O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
  268. O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
  269. O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
  270. O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  271. O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
  272. ~ Scan Protocole Additionnel in 00mn 00s
  273.  
  274.  
  275.  
  276. ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
  277. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
  278. ~ Scan SSODL in 00mn 00s
  279.  
  280.  
  281.  
  282. ---\\ Liste des services NT non Microsoft et non désactivés (O23)
  283. O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  284. O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
  285. O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  286. O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  287. O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\Windows\System32\viakaraokesrv.exe
  288. ~ Scan Services in 00mn 00s
  289.  
  290.  
  291.  
  292. ---\\ Enumération Active Desktop & MHTML Editor (O24)
  293. O24 - Default MHTML Editor: Last - .(...) - (.not file.)
  294. ~ Scan Desktop Component in 00mn 00s
  295.  
  296.  
  297.  
  298. ---\\ BootExecute (O34)
  299. O34 - HKLM BootExecute: (autocheck autochk *) - File not found
  300. ~ Scan Keys in 00mn 00s
  301.  
  302.  
  303.  
  304. ---\\ Tâches planifiées en automatique (O39)
  305. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
  306. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
  307. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-93764424-1778544107-2091175305-1000Core.job
  308. O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-93764424-1778544107-2091175305-1000UA.job
  309. [MD5.7C1A9E44E044DA6051F39B83BF013250] [APT] [DLL-files.com Fixer_MONTHLY] (.Dll-FIles.Com.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
  310. [MD5.7C1A9E44E044DA6051F39B83BF013250] [APT] [DLL-files.com Fixer_UPDATES] (.Dll-FIles.Com.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
  311. [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-93764424-1778544107-2091175305-1000Core] (.Google Inc..) -- C:\Users\luca\AppData\Local\Google\Update\GoogleUpdate.exe
  312. [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-93764424-1778544107-2091175305-1000UA] (.Google Inc..) -- C:\Users\luca\AppData\Local\Google\Update\GoogleUpdate.exe
  313. [MD5.7C1A9E44E044DA6051F39B83BF013250] [APT] [RDReminder] (.Dll-FIles.Com.) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
  314. [MD5.D11E6244AE34071D93A77753311B0676] [APT] [zASRockInstantBoot] (.ASRock.) -- C:\Program Files (x86)\ASRock Utility\InstantBoot\InstantBoot.exe
  315. ~ Scan Scheduled Task in 00mn 02s
  316.  
  317.  
  318.  
  319. ---\\ Composants installés (ActiveSetup Installed Components) (O40)
  320. O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
  321. O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
  322. O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
  323. O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
  324. O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
  325. O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
  326. O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
  327. O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
  328. O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
  329. O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
  330. O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
  331. ~ Scan Active Setup in 00mn 00s
  332.  
  333.  
  334.  
  335. ---\\ Pilotes lancés au démarrage (O41)
  336. O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
  337. O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
  338. O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
  339. O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
  340. O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
  341. O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
  342. O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
  343. O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
  344. O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
  345. O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
  346. O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
  347. O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
  348. O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
  349. O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
  350. O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
  351. O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
  352. O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
  353. O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
  354. O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
  355. O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
  356. O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
  357. O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
  358. ~ Scan Drivers in 00mn 00s
  359.  
  360.  
  361.  
  362. ---\\ Logiciels installés (O42)
  363. O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
  364. O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {504184A2-1B0E-5D93-603A-517E93E7EDB3}
  365. O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {46DA7FD9-8BC1-7BA8-98D1-27F46647871B}
  366. O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0407893F-352C-B182-E04A-A8C3333DA29B}
  367. O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}
  368. O42 - Logiciel: ASRock InstantBoot v1.26 - (.Pas de propriétaire.) [HKLM][64Bits] -- ASRock InstantBoot_is1
  369. O42 - Logiciel: ASRock eXtreme Tuner v0.1.169 - (.Pas de propriétaire.) [HKLM][64Bits] -- ASRock eXtreme Tuner_is1
  370. O42 - Logiciel: Adobe Reader XI - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
  371. O42 - Logiciel: Aerosoft's - Airbus X - (.Aerosoft.) [HKLM][64Bits] -- {2336573C-3213-48AA-A306-8309BA9BD92C}
  372. O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
  373. O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- BitTorrent
  374. O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
  375. O42 - Logiciel: Defraggler - (.Piriform.) [HKLM][64Bits] -- Defraggler
  376. O42 - Logiciel: Dll-Files.com Fixer - (.Dll-Files.com.) [HKLM][64Bits] -- Dll-Files.com Fixer_is1
  377. O42 - Logiciel: EZdok Camera for Microsoft Flight Simulator X - (.Pas de propriétaire.) [HKLM][64Bits] -- EZdok Camera for Microsoft Flight Simulator X
  378. O42 - Logiciel: FSDreamTeam Geneva FSX/P3D 1.4.1 - (.Pas de propriétaire.) [HKLM][64Bits] -- FSDreamTeam Geneva FSX/P3D_is1
  379. O42 - Logiciel: FSDreamTeam ZurichX 2.5.2 - (.Pas de propriétaire.) [HKLM][64Bits] -- FSDreamTeam ZurichX_is1
  380. O42 - Logiciel: FlashGet3.7 - (.http://www.FlashGet.com.) [HKLM][64Bits] -- FlashGet3.7
  381. O42 - Logiciel: GHOST(6980) - (.Nom de votre société.) [HKLM][64Bits] -- {CE7DAF08-F073-4499-AA99-FC0143DF55BB}
  382. O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
  383. O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
  384. O42 - Logiciel: Java 7 Update 9 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217009FF}
  385. O42 - Logiciel: Malwarebytes Anti-Malware version 1.65.1.1000 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
  386. O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft .NET Framework 4 Client Profile
  387. O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
  388. O42 - Logiciel: Microsoft Flight Simulator X - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}
  389. O42 - Logiciel: Microsoft Flight Simulator X - (.Microsoft Game Studios.) [HKLM][64Bits] -- {F535B2CF-C9BB-4162-B03A-02D6971F32CC}
  390. O42 - Logiciel: Microsoft Flight Simulator X Service Pack 1 - (.Microsoft Game Studios.) [HKLM][64Bits] -- SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC
  391. O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
  392. O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8220EEFE-38CD-377E-8595-13398D740ACE}
  393. O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
  394. O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
  395. O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM][64Bits] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
  396. O42 - Logiciel: OCCT 4.3.2 - (.Ocbase.com.) [HKLM][64Bits] -- OCCT
  397. O42 - Logiciel: PMDG 737 8900 NGX - (.PMDG Simulations, LLC..) [HKLM][64Bits] -- {20708FD5-E94D-4097-A21E-E28564CDBC06}
  398. O42 - Logiciel: PhotoFiltre 7 - (.Pas de propriétaire.) [HKCU][64Bits] -- PhotoFiltre 7
  399. O42 - Logiciel: QualityWings Ultimate 146 Collection FSX - (.Pas de propriétaire.) [HKLM][64Bits] -- QualityWings Ultimate 146 Collection FSX
  400. O42 - Logiciel: REX Essential Plus - (.REX Game Studios, LLC..) [HKLM][64Bits] -- {71450506-2F6C-4A9F-AC67-B15D034313BD}
  401. O42 - Logiciel: Service Pack 2 de Flight Simulator X de Microsoft - (.Microsoft Game Studios.) [HKLM][64Bits] -- {CBB2A905-9FF1-4215-BDA2-0DF694F1D023}
  402. O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM][64Bits] -- SpeedFan
  403. O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
  404. O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
  405.  
  406. ---\\ HKCU & HKLM Software Keys
  407. [HKCU\Software\AMD]
  408. [HKCU\Software\ASRock]
  409. [HKCU\Software\ATI]
  410. [HKCU\Software\Adobe]
  411. [HKCU\Software\AppDataLow]
  412. [HKCU\Software\BitTorrent]
  413. [HKCU\Software\Classes]
  414. [HKCU\Software\Clients]
  415. [HKCU\Software\FSDreamTeam]
  416. [HKCU\Software\FlashGet Network]
  417. [HKCU\Software\GIGABYTE]
  418. [HKCU\Software\Google]
  419. [HKCU\Software\Hewlett-Packard]
  420. [HKCU\Software\JavaSoft]
  421. [HKCU\Software\Licenses]
  422. [HKCU\Software\Malwarebytes' Anti-Malware]
  423. [HKCU\Software\MozillaPlugins]
  424. [HKCU\Software\Netscape]
  425. [HKCU\Software\Piriform]
  426. [HKCU\Software\Policies]
  427. [HKCU\Software\SpeedFan]
  428. [HKCU\Software\TeleCharger]
  429. [HKCU\Software\WinRAR SFX]
  430. [HKCU\Software\WinRAR]
  431. [HKCU\Software\Wow6432Node]
  432. [HKCU\Software\ZebHelpProcess Helper]
  433. [HKCU\Software\dll-files.com]
  434. [HKCU\Software\eSellerate]
  435. [HKLM\Software\AMD]
  436. [HKLM\Software\ATI Technologies]
  437. [HKLM\Software\ATI]
  438. [HKLM\Software\Classes]
  439. [HKLM\Software\Clients]
  440. [HKLM\Software\Intel]
  441. [HKLM\Software\Khronos]
  442. [HKLM\Software\ODBC]
  443. [HKLM\Software\Piriform]
  444. [HKLM\Software\Policies]
  445. [HKLM\Software\QSound Labs, Inc.]
  446. [HKLM\Software\RegisteredApplications]
  447. [HKLM\Software\Sonic]
  448. [HKLM\Software\Wow6432Node\AMD]
  449. [HKLM\Software\Wow6432Node\ATI Technologies]
  450. [HKLM\Software\Wow6432Node\ATI]
  451. [HKLM\Software\Wow6432Node\Adobe]
  452. [HKLM\Software\Wow6432Node\Aerosoft]
  453. [HKLM\Software\Wow6432Node\Bunndle]
  454. [HKLM\Software\Wow6432Node\Caphyon]
  455. [HKLM\Software\Wow6432Node\Classes]
  456. [HKLM\Software\Wow6432Node\Clients]
  457. [HKLM\Software\Wow6432Node\FSFDT]
  458. [HKLM\Software\Wow6432Node\FlashGet Network]
  459. [HKLM\Software\Wow6432Node\Florenc]
  460. [HKLM\Software\Wow6432Node\FlyTampa]
  461. [HKLM\Software\Wow6432Node\Google]
  462. [HKLM\Software\Wow6432Node\InstallShield]
  463. [HKLM\Software\Wow6432Node\Intel]
  464. [HKLM\Software\Wow6432Node\JavaSoft]
  465. [HKLM\Software\Wow6432Node\JreMetrics]
  466. [HKLM\Software\Wow6432Node\Khronos]
  467. [HKLM\Software\Wow6432Node\Licenses]
  468. [HKLM\Software\Wow6432Node\Macrovision]
  469. [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
  470. [HKLM\Software\Wow6432Node\MozillaPlugins]
  471. [HKLM\Software\Wow6432Node\ODBC]
  472. [HKLM\Software\Wow6432Node\PMDG Simulations, LLC.]
  473. [HKLM\Software\Wow6432Node\Policies]
  474. [HKLM\Software\Wow6432Node\RegisteredApplications]
  475. [HKLM\Software\Wow6432Node\Systweak]
  476. [HKLM\Software\Wow6432Node\The FlightSim Store]
  477. [HKLM\Software\Wow6432Node\Tilt_gaming]
  478. [HKLM\Software\Wow6432Node\VIA Technologies, Inc]
  479. [HKLM\Software\Wow6432Node\WinRAR]
  480. [HKLM\Software\Wow6432Node\dll-files.com]
  481. [HKLM\Software\Wow6432Node\eSellerate]
  482. [HKLM\Software\Wow6432Node\lameme]
  483. [HKLM\Software\Wow6432Node]
  484. ~ Scan Softwares in 00mn 00s
  485.  
  486.  
  487.  
  488. ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
  489. O43 - CFD: 12/12/2012 - 16:04:12 - [114,758] ----D C:\Program Files (x86)\Adobe
  490. O43 - CFD: 01/12/2012 - 12:02:59 - [2,145] ----D C:\Program Files (x86)\AMD APP
  491. O43 - CFD: 01/12/2012 - 12:03:01 - [0,389] ----D C:\Program Files (x86)\AMD AVT
  492. O43 - CFD: 14/12/2012 - 22:41:40 - [23,494] ----D C:\Program Files (x86)\ASRock Utility
  493. O43 - CFD: 01/12/2012 - 12:01:21 - [58,510] ----D C:\Program Files (x86)\ATI Technologies
  494. O43 - CFD: 01/12/2012 - 12:41:02 - [5,796] ----D C:\Program Files (x86)\BitTorrent
  495. O43 - CFD: 12/12/2012 - 16:04:12 - [82,496] ----D C:\Program Files (x86)\Common Files
  496. O43 - CFD: 08/12/2012 - 16:30:48 - [14,737] ----D C:\Program Files (x86)\Dll-Files.com Fixer
  497. O43 - CFD: 01/12/2012 - 13:00:14 - [14,451] ----D C:\Program Files (x86)\EZCA
  498. O43 - CFD: 08/12/2012 - 13:21:36 - [18,238] ----D C:\Program Files (x86)\FlashGet Network
  499. O43 - CFD: 08/12/2012 - 12:26:19 - [22,874] ----D C:\Program Files (x86)\GIGABYTE
  500. O43 - CFD: 14/12/2012 - 22:50:15 - [86,235] --H-D C:\Program Files (x86)\InstallShield Installation Information
  501. O43 - CFD: 05/12/2012 - 20:34:46 - [9,003] ----D C:\Program Files (x86)\Intel
  502. O43 - CFD: 14/07/2009 - 16:24:08 - [4,263] ----D C:\Program Files (x86)\Internet Explorer
  503. O43 - CFD: 01/12/2012 - 13:02:23 - [121,165] ----D C:\Program Files (x86)\Java
  504. O43 - CFD: 08/12/2012 - 16:45:04 - [12,645] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
  505. O43 - CFD: 01/12/2012 - 12:11:33 - [897,323] ----D C:\Program Files (x86)\Microsoft Games
  506. O43 - CFD: 01/12/2012 - 12:00:30 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
  507. O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
  508. O43 - CFD: 01/12/2012 - 12:43:42 - [0] ----D C:\Program Files (x86)\MSXML 4.0
  509. O43 - CFD: 14/12/2012 - 22:31:23 - [79,070] ----D C:\Program Files (x86)\OCCTPT
  510. O43 - CFD: 16/12/2012 - 13:05:25 - [7,943] ----D C:\Program Files (x86)\PhotoFiltre 7
  511. O43 - CFD: 14/07/2009 - 06:32:38 - [36,805] ----D C:\Program Files (x86)\Reference Assemblies
  512. O43 - CFD: 18/12/2012 - 21:02:38 - [5,534] ----D C:\Program Files (x86)\SpeedFan
  513. O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
  514. O43 - CFD: 14/12/2012 - 22:49:53 - [27,983] ----D C:\Program Files (x86)\VIA
  515. O43 - CFD: 14/07/2009 - 16:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender
  516. O43 - CFD: 14/07/2009 - 16:24:08 - [5,895] ----D C:\Program Files (x86)\Windows Mail
  517. O43 - CFD: 14/07/2009 - 16:24:08 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
  518. O43 - CFD: 14/07/2009 - 06:32:38 - [11,630] ----D C:\Program Files (x86)\Windows NT
  519. O43 - CFD: 14/07/2009 - 16:24:08 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
  520. O43 - CFD: 14/07/2009 - 06:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
  521. O43 - CFD: 14/07/2009 - 16:24:08 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
  522. O43 - CFD: 01/12/2012 - 12:59:15 - [4,131] ----D C:\Program Files (x86)\WinRAR
  523. O43 - CFD: 18/12/2012 - 21:10:26 - [10,018] ----D C:\Program Files (x86)\ZHPDiag
  524. O43 - CFD: 12/12/2012 - 16:04:13 - [6,224] ----D C:\Program Files (x86)\Common Files\Adobe
  525. O43 - CFD: 01/12/2012 - 12:02:54 - [2,737] ----D C:\Program Files (x86)\Common Files\ATI Technologies
  526. O43 - CFD: 01/12/2012 - 12:09:43 - [4,821] ----D C:\Program Files (x86)\Common Files\InstallShield
  527. O43 - CFD: 01/12/2012 - 13:02:48 - [1,184] ----D C:\Program Files (x86)\Common Files\Java
  528. O43 - CFD: 09/12/2012 - 16:14:19 - [0,997] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
  529. O43 - CFD: 01/12/2012 - 12:43:39 - [0,043] ----D C:\Program Files (x86)\Common Files\Microsoft Games
  530. O43 - CFD: 01/12/2012 - 12:55:49 - [17,500] ----D C:\Program Files (x86)\Common Files\microsoft shared
  531. O43 - CFD: 05/12/2012 - 20:30:08 - [0,155] ----D C:\Program Files (x86)\Common Files\postureAgent
  532. O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
  533. O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
  534. O43 - CFD: 14/07/2009 - 16:24:08 - [9,634] ----D C:\Program Files (x86)\Common Files\System
  535. O43 - CFD: 12/12/2012 - 16:29:59 - [129,044] ----D C:\ProgramData\Adobe
  536. O43 - CFD: 01/12/2012 - 12:03:02 - [0,836] ----D C:\ProgramData\AMD
  537. O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Application Data
  538. O43 - CFD: 01/12/2012 - 12:07:52 - [0,000] ----D C:\ProgramData\ATI
  539. O43 - CFD: 30/11/2012 - 19:52:57 - [0] --H-D C:\ProgramData\Bureau
  540. O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Desktop
  541. O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Documents
  542. O43 - CFD: 08/12/2012 - 12:36:44 - [0,344] ----D C:\ProgramData\Esellerate
  543. O43 - CFD: 30/11/2012 - 19:52:57 - [0] --H-D C:\ProgramData\Favoris
  544. O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Favorites
  545. O43 - CFD: 09/12/2012 - 16:27:21 - [0,001] ----D C:\ProgramData\FLEXnet
  546. O43 - CFD: 08/12/2012 - 12:41:23 - [0,000] ----D C:\ProgramData\Licenses
  547. O43 - CFD: 08/12/2012 - 16:45:04 - [6,245] ----D C:\ProgramData\Malwarebytes
  548. O43 - CFD: 30/11/2012 - 19:52:57 - [0] --H-D C:\ProgramData\Menu Démarrer
  549. O43 - CFD: 01/12/2012 - 12:43:13 - [127,294] -S--D C:\ProgramData\Microsoft
  550. O43 - CFD: 30/11/2012 - 19:52:57 - [0] --H-D C:\ProgramData\Modèles
  551. O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Start Menu
  552. O43 - CFD: 01/12/2012 - 13:02:49 - [0,000] ----D C:\ProgramData\Sun
  553. O43 - CFD: 18/12/2012 - 19:21:40 - [0,000] ---AD C:\ProgramData\TEMP
  554. O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Templates
  555. O43 - CFD: 12/12/2012 - 16:29:20 - [0,041] ----D C:\Users\luca\AppData\Roaming\Adobe
  556. O43 - CFD: 01/12/2012 - 12:07:52 - [0] ----D C:\Users\luca\AppData\Roaming\ATI
  557. O43 - CFD: 18/12/2012 - 19:27:40 - [6,260] ----D C:\Users\luca\AppData\Roaming\BITS
  558. O43 - CFD: 01/12/2012 - 20:25:02 - [0,471] ----D C:\Users\luca\AppData\Roaming\BitTorrent
  559. O43 - CFD: 08/12/2012 - 16:30:55 - [0,017] ----D C:\Users\luca\AppData\Roaming\dll-files.com
  560. O43 - CFD: 01/12/2012 - 13:00:13 - [2,712] ----D C:\Users\luca\AppData\Roaming\EZCA
  561. O43 - CFD: 08/12/2012 - 13:21:36 - [0,157] ----D C:\Users\luca\AppData\Roaming\FlashGet
  562. O43 - CFD: 08/12/2012 - 13:21:41 - [0,566] ----D C:\Users\luca\AppData\Roaming\FlashGetBHO
  563. O43 - CFD: 08/12/2012 - 13:21:44 - [0] ----D C:\Users\luca\AppData\Roaming\FlashgetSetup
  564. O43 - CFD: 30/11/2012 - 19:53:25 - [0] ----D C:\Users\luca\AppData\Roaming\Identities
  565. O43 - CFD: 05/12/2012 - 20:30:02 - [0] ----D C:\Users\luca\AppData\Roaming\InstallShield
  566. O43 - CFD: 08/12/2012 - 16:45:18 - [0,004] ----D C:\Users\luca\AppData\Roaming\Malwarebytes
  567. O43 - CFD: 14/07/2009 - 16:35:18 - [0] ----D C:\Users\luca\AppData\Roaming\Media Center Programs
  568. O43 - CFD: 12/12/2012 - 16:44:10 - [1,707] -S--D C:\Users\luca\AppData\Roaming\Microsoft
  569. O43 - CFD: 16/12/2012 - 13:09:40 - [0,003] ----D C:\Users\luca\AppData\Roaming\PhotoFiltre 7
  570. O43 - CFD: 01/12/2012 - 19:08:05 - [0,000] ----D C:\Users\luca\AppData\Roaming\QualityWings
  571. O43 - CFD: 08/12/2012 - 12:42:57 - [0,000] ----D C:\Users\luca\AppData\Roaming\Virtuali
  572. O43 - CFD: 01/12/2012 - 13:00:01 - [0,000] ----D C:\Users\luca\AppData\Roaming\WinRAR
  573. O43 - CFD: 12/12/2012 - 16:29:20 - [16,811] ----D C:\Users\luca\AppData\Local\Adobe
  574. O43 - CFD: 30/11/2012 - 19:53:05 - [0] ----D C:\Users\luca\AppData\Local\Application Data
  575. O43 - CFD: 01/12/2012 - 12:08:27 - [1,532] ----D C:\Users\luca\AppData\Local\Apps
  576. O43 - CFD: 01/12/2012 - 12:07:52 - [0,060] ----D C:\Users\luca\AppData\Local\ATI
  577. O43 - CFD: 01/12/2012 - 12:08:41 - [0] ----D C:\Users\luca\AppData\Local\Deployment
  578. O43 - CFD: 30/11/2012 - 21:31:39 - [6,793] ----D C:\Users\luca\AppData\Local\Diagnostics
  579. O43 - CFD: 30/11/2012 - 19:54:37 - [0,070] ----D C:\Users\luca\AppData\Local\ElevatedDiagnostics
  580. O43 - CFD: 01/12/2012 - 12:09:17 - [744,910] ----D C:\Users\luca\AppData\Local\Google
  581. O43 - CFD: 30/11/2012 - 19:53:05 - [0] ----D C:\Users\luca\AppData\Local\Historique
  582. O43 - CFD: 04/12/2012 - 19:20:05 - [68,052] ----D C:\Users\luca\AppData\Local\Microsoft
  583. O43 - CFD: 14/12/2012 - 22:43:05 - [0,015] ----D C:\Users\luca\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
  584. O43 - CFD: 18/12/2012 - 21:09:27 - [322,539] ----D C:\Users\luca\AppData\Local\Temp
  585. O43 - CFD: 30/11/2012 - 19:53:05 - [0] ----D C:\Users\luca\AppData\Local\Temporary Internet Files
  586. O43 - CFD: 08/12/2012 - 15:52:21 - [281,826] ----D C:\Users\luca\AppData\Local\VirtualStore
  587. O43 - CFD: 14/07/2009 - 05:54:32 - [0,014] R---D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
  588. O43 - CFD: 30/11/2012 - 19:53:37 - [0,000] R---D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
  589. O43 - CFD: 08/12/2012 - 13:21:44 - [0] ----D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
  590. O43 - CFD: 01/12/2012 - 12:09:21 - [0,005] ----D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
  591. O43 - CFD: 14/07/2009 - 05:49:38 - [0,001] R---D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
  592. O43 - CFD: 14/12/2012 - 22:31:17 - [0] ----D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
  593. O43 - CFD: 16/12/2012 - 13:05:25 - [0] ----D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
  594. O43 - CFD: 11/12/2012 - 17:55:54 - [0] ----D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
  595. O43 - CFD: 30/11/2012 - 19:53:37 - [0,000] R---D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  596. O43 - CFD: 01/12/2012 - 12:59:15 - [0,003] ----D C:\Users\luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
  597. ~ Scan Program Folder in 00mn 01s
  598.  
  599.  
  600.  
  601. ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
  602. O44 - LFC:[MD5.EC6AA10D1C96C835F88912EE729CCF4E] - 18/12/2012 - 19:30:34 ---A- . (...) -- C:\Windows\WindowsUpdate.log [183539]
  603. O44 - LFC:[MD5.2E21E22F425C46ABA7B861E9CB2C71A3] - 18/12/2012 - 19:27:31 ---A- . (...) -- C:\Windows\setupact.log [18953]
  604. O44 - LFC:[MD5.F79448B1908AF55292ACC59CDA3BB5E2] - 18/12/2012 - 19:27:30 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
  605. O44 - LFC:[MD5.0CC61827A92475B5D5037C8A81650B03] - 17/12/2012 - 21:37:36 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [299136]
  606. O44 - LFC:[MD5.F626B9FCE616EB916A45A384D83F672D] - 14/12/2012 - 22:43:46 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP UI component.) -- C:\Windows\SysNative\VIAPropPageExt.dll [993392]
  607. O44 - LFC:[MD5.9335326CA92C906D489ADB60CFD58079] - 12/12/2012 - 20:01:14 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]
  608. O44 - LFC:[MD5.5CDCB5C88E5E5DC2E23EFD6875D9C289] - 12/12/2012 - 20:01:14 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190]
  609. O44 - LFC:[MD5.7200F379AF0C10D38B3787F2AFED3ACB] - 12/12/2012 - 20:01:14 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548]
  610. O44 - LFC:[MD5.82712FEA232C9C18EF47CFE9DBE6022C] - 12/12/2012 - 20:01:14 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810]
  611. O44 - LFC:[MD5.D6A899180FEE3FA3971CB787CB8ECBAD] - 12/12/2012 - 20:01:14 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242]
  612. O44 - LFC:[MD5.9F5300ABE785351EFA87C8686CC30F0A] - 09/12/2012 - 16:21:31 ---A- . (...) -- C:\Windows\DirectX.log [265441]
  613. O44 - LFC:[MD5.902EA87CDA161C0A40A25044D47B2204] - 08/12/2012 - 16:49:25 ---A- . (...) -- C:\Windows\ntbtlog.txt [177318]
  614. O44 - LFC:[MD5.6EC55E88C0FCE0339759CB37FC118B78] - 08/12/2012 - 13:21:58 ---A- . (...) -- C:\Windows\emcore.INI [25]
  615. O44 - LFC:[MD5.2F9CB044D8D49FC5DA6F9E7AF86B7210] - 01/12/2012 - 13:33:21 -SH-- . (...) -- C:\Windows\cnerolf.bin [61]
  616. O44 - LFC:[MD5.6DC2613C4D849BEA6A0EAAA075445D28] - 01/12/2012 - 13:08:39 ---A- . (...) -- C:\Windows\QW146.lic [2048]
  617. O44 - LFC:[MD5.6A9E46B40F97F97842334A4BD5F56DD6] - 01/12/2012 - 12:32:32 ---A- . (.QSound Labs, Inc. - Pas de description.) -- C:\Windows\SysNative\nQPropPageExt.dll [86016]
  618. O44 - LFC:[MD5.951D726EF02B7D706775F34F49FA3C0D] - 01/12/2012 - 12:32:32 ---A- . (.QSound Labs, Inc. - nQ APO.) -- C:\Windows\SysNative\nQAPO.dll [82432]
  619. O44 - LFC:[MD5.224153C26FABE55CD6D751BFDF94FD3B] - 01/12/2012 - 12:32:32 ---A- . (.VIA Technologies, Inc. - Service binary.) -- C:\Windows\SysNative\ViakaraokeSrv.exe [27760]
  620. O44 - LFC:[MD5.2E5C5FB552DCABECA7391C1A7EC04571] - 01/12/2012 - 12:32:32 ---A- . (.VIA Technologies, Inc. - ViaKaraoke APO.) -- C:\Windows\SysNative\ViaKaraokeApo.dll [1161328]
  621. O44 - LFC:[MD5.CFCB3CAEC57F53FA26326707DDFF1B84] - 01/12/2012 - 12:32:32 ---A- . (.VIA Technologies, Inc. - ViaMicArray APO.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll [202864]
  622. O44 - LFC:[MD5.7D6784E8178D5F607EAF9D540AEB1ABC] - 01/12/2012 - 12:32:32 ---A- . (.VIA Technologies,Inc. - VIA APO for MicArray Applications..) -- C:\Windows\SysNative\ViaKaraokePropPageExt.dll [116848]
  623. O44 - LFC:[MD5.F79C7947D0469B942F0932A00C4A5BFD] - 01/12/2012 - 12:32:32 ---A- . (.VIA Technologies,Inc. - VIA APO for MicArray Applications..) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll [87152]
  624. O44 - LFC:[MD5.FB3CFA9DDE1CF41CA3C25A89825B9F38] - 01/12/2012 - 12:32:31 ---A- . (.Creative Technology Ltd. - Audio Processing Object Chaining Module.) -- C:\Windows\SysNative\VMWRP64.DLL [74240]
  625. O44 - LFC:[MD5.D89C6201CE1BF4287209456E1020044E] - 01/12/2012 - 12:32:31 ---A- . (.Creative Technology Ltd. - Creative Audio Processing Object Module.) -- C:\Windows\SysNative\VMAPO64.DLL [866304]
  626. O44 - LFC:[MD5.4A4D8A930C704AFFDB13E55AFE293718] - 01/12/2012 - 12:32:31 ---A- . (.Creative Technology Ltd. - Creative Chaining Property Page Loader Modu.) -- C:\Windows\SysNative\VMPPCN64.DLL [53760]
  627. O44 - LFC:[MD5.DD817A75F70508C5E54F3AEB73021E6B] - 01/12/2012 - 12:32:31 ---A- . (.Creative Technology Ltd. - Creative Property Page Loader Module.) -- C:\Windows\SysNative\VMPPLD64.DLL [57856]
  628. O44 - LFC:[MD5.D6305BFC3D3776A8153F8EE15C9FDBB8] - 01/12/2012 - 12:32:31 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP Component.) -- C:\Windows\SysNative\VIASysFx.dll [553072]
  629. O44 - LFC:[MD5.7B4C46E98C6E33FB72DB8717E73BABBB] - 01/12/2012 - 12:32:29 ---A- . (.VIA Technologies, Inc. - DTS Surround Sensation Control Page.) -- C:\Windows\SysNative\Dts2PropPageExt.dll [91760]
  630. O44 - LFC:[MD5.E4B7297EBE1E8329831B129FB96D4EEA] - 01/12/2012 - 12:32:29 ---A- . (.Windows (R) Codename Longhorn DDK provider - DTS2 APO.) -- C:\Windows\SysNative\Dts2APO.dll [248944]
  631. O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/12/2012 - 12:07:31 ---A- . (...) -- C:\Windows\ativpsrm.bin [0]
  632. O44 - LFC:[MD5.4473EDCA3345EB34E8857FF4A8F372CC] - 30/11/2012 - 19:41:18 ---A- . (...) -- C:\Windows\SysNative\license.rtf [57694]
  633. O44 - LFC:[MD5.4473EDCA3345EB34E8857FF4A8F372CC] - 30/11/2012 - 19:41:18 ---A- . (...) -- C:\Windows\System32\license.rtf [57694]
  634. O44 - LFC:[MD5.670EF6245859B41F970216D811BCC7DC] - 30/11/2012 - 19:40:47 ---A- . (...) -- C:\Windows\DtcInstall.log [1774]
  635. O44 - LFC:[MD5.1AC6C8677D9D71C52B7E84635ACB4D34] - 30/11/2012 - 19:40:39 ---A- . (...) -- C:\Windows\TSSysprep.log [1313]
  636. O44 - LFC:[MD5.77980C9B2B95CD1726C9054FEC145FDD] - 31/05/2012 - 12:25:12 . (...) -- C:\Windows\System32\MpSigStub.exe [57694]]
  637. ~ Scan Files in 00mn 04s
  638.  
  639.  
  640.  
  641. ---\\ Export de clé d'application autorisée (O47)
  642. O47 - AAKE:Key Export SP - "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" [Enabled] .(.Trend Media Corporation Limited - FlashGet3.) -- C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe
  643. ~ Scan Keys in 00mn 00s
  644.  
  645.  
  646.  
  647. ---\\ Déni du service (Local Security Authority) (O48)
  648. O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
  649. O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
  650. O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
  651. O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
  652. O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
  653. O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
  654. O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
  655. O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
  656. ~ Scan Keys in 00mn 00s
  657.  
  658.  
  659.  
  660. ---\\ Contrôle du Safe Boot (CSB) (O49)
  661. O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
  662. O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
  663. O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
  664. O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
  665. O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
  666. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
  667. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
  668. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
  669. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
  670. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
  671. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
  672. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
  673. O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
  674. ~ Scan CSB in 00mn 00s
  675.  
  676.  
  677.  
  678. ---\\ MountPoints2 Shell Key (O51) (None)
  679.  
  680. ---\\ Trojan Driver Search Data (HKLM) (O52)
  681. O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
  682. O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
  683. ~ Scan Keys in 00mn 00s
  684.  
  685.  
  686.  
  687. ---\\ ShareTools MSconfig StartupReg (O53) (None)
  688.  
  689. ---\\ Microsoft Control Security Providers (O54)
  690. O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
  691. O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
  692. ~ Scan Keys in 00mn 00s
  693.  
  694.  
  695.  
  696. ---\\ Microsoft Windows Policies System (O55)
  697. O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
  698. O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
  699. O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
  700. O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
  701. O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
  702. O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
  703. O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
  704. O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
  705. O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
  706. O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
  707. O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
  708. O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
  709. O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
  710. O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
  711. O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
  712. O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
  713. ~ Scan Keys in 00mn 00s
  714.  
  715.  
  716.  
  717. ---\\ Microsoft Windows Policies Explorer (O56)
  718. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
  719. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
  720. O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
  721. ~ Scan Keys in 00mn 00s
  722.  
  723.  
  724.  
  725. ---\\ Liste des Drivers Système (O58)
  726. O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
  727. O58 - SDL:[MD5.12583AF6CBE0050651EAF2723B3AD7B3] - 18/03/2011 - 17:08:56 ---A- . (.Almico Software - SpeedFan x64 Driver.) -- C:\Windows\SysWOW64\speedfan.sys [29592]
  728. ~ Scan Drivers in 00mn 00s
  729.  
  730.  
  731.  
  732. ---\\ Liste des outils de nettoyage (O63)
  733. O63 - Logiciel: ZHPDiag 1.32 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
  734. ~ Scan ADS in 00mn 00s
  735.  
  736.  
  737.  
  738. ---\\ Liste des services Legacy (O64)
  739. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
  740. O64 - Services: CurCS - 28/09/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
  741. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
  742. O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
  743. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
  744. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
  745. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
  746. O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
  747. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
  748. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
  749. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
  750. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
  751. O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
  752. O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
  753. O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
  754. O64 - Services: CurCS - 18/03/2011 - C:\Windows\Syswow64\speedfan.sys (speedfan) .(.Almico Software - SpeedFan x64 Driver.) - LEGACY_SPEEDFAN
  755. O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
  756. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT
  757. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
  758. O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
  759. O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
  760. ~ Scan Services in 00mn 00s
  761.  
  762.  
  763.  
  764. ---\\ File Associations Shell Spawning (O67)
  765. O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
  766. O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
  767. O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
  768. O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
  769. O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.ex
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!