ZHPDiag v2016.1.31.23 System Report

~ ZHPDiag v2016.1.31.
23 Par Nicolas Coolman (2016/01/30)

~ Dmarr par ouadie (Administrator) (2017/03/11 02:44:24)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier rseau
~ Mode: Scanner
~ Rapport: C:\Users\ouadie\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\ouadie\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Dmarrage du systme: Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Navigateurs Internet (3) - 0s
GCIE: Google Chrome v57.0.2987.98
MFIE: Mozilla Firefox 52.0 (x86 en-US)
MSIE: Internet Explorer v8.0.7601.17514
---\\ Informations sur les produits Windows (10) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Gnration : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 733WD
Windows License : OK
~ Windows Remaining Initializations Number : 3
Windows Automatic Updates : OK
Windows Activation Technologies : KO
---\\ Logiciels de protection (1) - 2s
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation (1) - 3s
CCleaner v4.15
---\\ Surveillance de Logiciels (2) - 3s
Adobe Flash Player 24 PPAPI
Adobe Acrobat Reader DC
---\\ Informations sur le systme (6) - 0s
~ Operating System: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3987.304 MB (66% free)
System Restore: Activ (Enable)
System drive C: has 38 GB () free of 150 GB
---\\ Mode de connexion au systme (3) - 0s
~ Computer Name: OUADIE-PC
~ User Name: ouadie
~ Logged in as Administrator
---\\ Enumration des units disques (3) - 0s
~ Drive C: has 38 GB free of 150 GB (System)
~ Drive D: has 0 GB free of 154 GB
~ Drive P: has 0 GB free of 0 GB
---\\ Etat du Centre de Scurit Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDeskt
opChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\
NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\
SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Applicati
on: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulire de fichiers gnriques (26) - 1s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation -
Explorateur Windows.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corpora
tion
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation -
Processus hte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =
>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation -
Application de dmarrage de Windows.) -- C:\Windows\System32\Wininit.exe [129024]
=>.Microsoft Corporation
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - 21/11/2010 - (.Microsoft Corporation -
Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1188864] =
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 21/11/2010 - (.Microsoft Corporation -
Application douverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [
390656] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation -
Bibliothque de licences.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Micro
soft Corporation
[MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 21/11/2010 - (.Microsoft Corporation -
DNS DLL de lAPI Client.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft
Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 21/11/2010 - (.Microsoft Corporation -
DNS DLL de lAPI Client.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft
Corporation
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - 12/04/2011 - (.Microsoft Corporation -
DLL client de lAPI uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.
dll.mui [20480] =>.Microsoft Corporation
[MD5.314C17917AC8523EC77A710215012A65] - 14/09/2013 - (.Microsoft Corporation -
Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation -
ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>
.Microsoft Windows
[MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation -
CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.
Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation -
SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Micro
soft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation -
DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation -
High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation -
Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation -
IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224
] =>.Microsoft Corporation
[MD5.C2B4651001A867FF3F8865863B592991] - 23/02/2011 - (.Microsoft Corporation -
Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.
[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation -
MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Mic
rosoft Corporation
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 24/01/2014 - (.Microsoft Corporation -
Pilote du systme de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [168492
8] =>.Microsoft Windows
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation -
Pilote de port parallle.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation -
RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.
sys [129536] =>.Microsoft Corporation
[MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation -
Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [1658
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation -
SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Micros
oft Corporation
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010 - (.Microsoft Corporation -
TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Mic
rosoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation -
Pilote de clich instantan du volume.) -- C:\Windows\System32\drivers\volsnap.sys [
295808] =>.Microsoft Windows
---\\ Liste des services NT non Microsoft et non dsactivs (2) - 0s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems
Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Fi
les\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebyte
s Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe {044E3B
F58976880FFD074448A8F7A058} =>.Malwarebytes
---\\ Services non Microsoft (SR=Dmarr,SS=Stopp) (7) - 30s
SR - Auto [19/12/2016] [ 82640] Adobe Acrobat Update Service (AdobeARMservi
ce) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe
\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated
SS - Disabl [13/12/2016] [ 270936] Adobe Flash Player Update Service (AdobeFla
shPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macrom
ed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated
SS - Disabl [31/08/2015] [ 144200] Service Google Update (gupdate) (gupdate) .
(.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Goo
gle Inc
SS - Disabl [31/08/2015] [ 144200] Service Google Update (gupdatem) (gupdatem)
. (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.G
oogle Inc
SR - Auto [14/12/2016] [ 4317648] Malwarebytes Service (MBAMService) . (.Malw
arebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe {044E3BF
58976880FFD074448A8F7A058} =>.Malwarebytes
SS - Demand [02/03/2017] [ 172488] Mozilla Maintenance Service (MozillaMainten
ance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Serv
ice\maintenanceservice.exe =>.Mozilla Corporation
---\\ Tches planifies en automatique (2) - 3s
[MD5.A0747D9A94EDFD251ED8E6556E70BA37] [APT] [Adobe Acrobat Update Task] (.Adobe
Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\Ado
beARM.exe [1160408] =>.Adobe Systems, Incorporated
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Wind
ows\System32\Tasks\Adobe Acrobat Update Task [4476] =>.Adobe Systems Incorpor
ated
---\\ Processus lancs (5) - 1s
[MD5.B932E0EE190778D840F1442DFC0F9612] - (.Adobe Systems Incorporated - Adobe Ac
robat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\arms
vc.exe [82640] [PID.1448] =>.Adobe Systems, Incorporated
[MD5.28E521A6ABA9DE062A3719452816F495] - (.Malwarebytes - Malwarebytes Service.)
-- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648] [PID.16
72] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes
[MD5.666FEA598D1776C7F8EDD7746F0F7F59] - (.Malwarebytes - Malwarebytes Tray Appl
ication.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2776528] [
PID.2568] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes
[MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Use
rs\ouadie\AppData\Roaming\ZHP\ZHPDiag3.exe [2105344] [PID.1596] =>.Nicolas Cool
man
[MD5.0316CB3AEE06C049AED87B75283A4DAE] - (.Intel Corporation - igfxsrvc Module.)
-- C:\Windows\System32\igfxsrvc.exe [510232] [PID.2840] =>.Intel Corporation
---\\ Google Chrome, Dmarrage,Recherche,Extensions (5) - 0s
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Goog
le Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Goog
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Goog
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Goog
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chro
me Media Router
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (4) - 1s
P2 - EXT FILE: (...) -- C:\Users\ouadie\AppData\Roaming\Mozilla\Firefox\Profiles
\0QVVMcjl.default\extensions\abs@avira.com.xpi
P2 - EXT: (...) -- C:\Users\ouadie\AppData\Roaming\Mozilla\Firefox\Profiles\0QVV
Mcjl.default\extensions\abs@avira.com
P2 - EXT: (.Avira - Avira SafeSearch Plus.) -- C:\Users\ouadie\AppData\Roaming\M
ozilla\Firefox\Profiles\0QVVMcjl.default\extensions\safesearchplus2@avira.com =
>.Avira
P2 - EXT: (.Echipa R&D Bitdefender - Bitdefender QuickScan.) -- C:\Users\oua
die\AppData\Roaming\Mozilla\Firefox\Profiles\0QVVMcjl.default\extensions\{e001c7
31-5e37-4538-a5cb-8168736a2360}
---\\ Internet Explorer,Dmarrage,Recherche,URLSearchHook (13) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo
.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.micr
osoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = htt
p://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww
w.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
www.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mic
rosoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww
w.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:
noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:s
ecurityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = ht
tp://www.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL
= http://www.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off P
age = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Pa
ge = about:securityrisk
---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnabl
e = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigratePro
xy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp
1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfig
Proxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnabl
e = 0
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\System32\Userinit.exe (.Microsoft Corpo
ration.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>
.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.ex
e (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hte est sain (The hosts file is clean) (29)
---\\ Internet Explorer, Barre d outil (2) - 0s
O3 - Toolbar: 0x2D54584647526A0076A77A786E7484D7 - [HKCU]{4658542D-5247-006A-76A
7-7A786E7484D7} . (...) -- (.not file.)
O3 - Toolbar: 0xB8C1AA4B0008C9428FA608B211F356B8 - [HKCU]{4BAAC1B8-0800-42C9-8FA
6-08B211F356B8} . (...) -- (.not file.)
---\\ Applications lances au dmarrage du systme (5) - 0s
O4 - HKLM\..\Run: [Malwarebytes TrayApp] . (.Malwarebytes - Malwarebytes Tray Ap
plication.) -- C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe {044E3BF5
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bure
au Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft
Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bure
au Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft
Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.)
-- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.)
-- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
---\\ Raccourcis Global Startup (25) - 5s
O4 - GS\Desktop [Administrateur]: Hein 4.4.1.lnk . (.Hero Hero - Hero Hero.) C:\
Program Files (x86)\Microsoft Silverlight\5.1.50901.0\Hein.exe
O4 - GS\Desktop [Administrateur]: Hein Recovery 1.5.lnk . (.Hero Hero - Hero Fam
ily.) C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\Hein Recovery.exe
O4 - GS\Desktop [Administrateur]: matlab - 2016b.lnk . (...) C:\Program Files\MA
TLAB\R2016b\bin\matlab.exe
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:
\Users\ouadie\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (...) C:\Program Files
(x86)\Foxit Software\Foxit Reader\Foxit Reader.exe =>.Foxit Corporation
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google
Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACA
AA63A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chr
ome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63
A3C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation -
Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corpora
tion
O4 - GS\Desktop [ouadie]: Hein 4.4.1.lnk . (.Hero Hero - Hero Hero.) C:\Program
Files (x86)\Microsoft Silverlight\5.1.50901.0\Hein.exe
O4 - GS\Desktop [ouadie]: Hein Recovery 1.5.lnk . (.Hero Hero - Hero Family.) C:
\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\Hein Recovery.exe
O4 - GS\Desktop [ouadie]: matlab - 2016b.lnk . (...) C:\Program Files\MATLAB\R20
16b\bin\matlab.exe
O4 - GS\Desktop [ouadie]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\o
uadie\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [ouadie]: Foxit Reader.lnk . (...) C:\Program Files (x86)\Fo
xit Software\Foxit Reader\Foxit Reader.exe =>.Foxit Corporation
O4 - GS\Quicklaunch [ouadie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.
) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3C5
8A7B9322BEE948D} =>.Google Inc.
O4 - GS\TaskBar [ouadie]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:
\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3C58A7B
9322BEE948D} =>.Google Inc.
O4 - GS\TaskBar [ouadie]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.
) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation
O4 - GS\CommonDesktop [Public]: DS150E.lnk . (...) C:\Program Files (x86)\Delphi
Diagnostics\DS150E\Main.exe
O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (...) C:\Program Files (x86)\
Foxit Software\Foxit Reader\Foxit Reader.exe =>.Foxit Corporation
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrom
e.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {2A9C21ACAAA63A3
C58A7B9322BEE948D} =>.Google Inc.
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - Malwarebytes
.) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe {044E3BF58976880FFD074448
A8F7A058} =>.Malwarebytes
O4 - GS\CommonDesktop [Public]: MATLAB R2009b.lnk . (.The MathWorks Inc. - MATLA
B Starter Application.) D:\bin\matlab.exe =>.The MathWorks Inc.
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Fi
refox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporati
on
O4 - GS\CommonDesktop [Public]: TELL ME MORE Performance.lnk . (.Auralog - Start
Launch MFC Application.) C:\Program Files (x86)\Auralog\TELL ME MORE Performance
\bin\StartLaunch.exe =>.AURALOG
O4 - GS\Programs [Public]: Applian FLV Player.lnk . (...) C:\Program Files (x86)
\FLV Player\FLVPlayer.exe =>PUP.Optional.FLVPlayer
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\tas
kschd.msc
---\\ Modification Domaine/Adresses DNS (5) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22897699-93F6-4C19-8
ACD-E1DA549DCB97}: NameServer = 192.168.60.58 192.168.50.55
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EA610C5-726C-4F2D-B
43E-9973A5CFFE4C}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA8B8E82-91FF-4E38-9
DCC-7C0A6674F3EE}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D544C5F9-268F-4D2C-A
2C3-6B3D01EE0A68}: DhcpNameServer = 192.168.1.1
---\\ Protocole additionnel (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Micro
soft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtm
l.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microso
ft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microso
ft Corporation - Contrle ActiveX pour le flux vido.) -- C:\Windows\SysWOW64\MSVidC
tl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Micros
oft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dl
l =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microso
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Micros
oft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dl
l =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Micro
soft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.d
ll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microso
ft Corporation - Microsoft InfoTech Storage System Library.) -- C:\Windows\System
32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.
Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\
mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Micro
soft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.d
ll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Micr
osoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\msht
ml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Micro
soft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\Sy
stem32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsof
t Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Mic
rosoft Corporation - Microsoft Help Data Services Module.) -- C:\Program Files (x
86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Micr
osoft Corporation - Microsoft InfoTech Storage System Library.) -- C:\Windows\Sys
tem32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microso
ft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.
dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsof
t Corporation - Contrle ActiveX pour le flux vido.) -- C:\Windows\SysWOW64\MSVidCt
l.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Mi
crosoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\ms
html.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04
F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -
- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79
ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C
:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04
F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -
- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Micr
osoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.
dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microso
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Mic
rosoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86
)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation
---\\ Enumre les donnes de BootExecute (1) - 1s
O34 - HKLM BootExecute: (Partizan) (.Greatis Software - Partizan - First Bootwat
ch Anti-Rootkit.) -- C:\Windows\System32\Partizan.exe
---\\ Logiciels installs (39) - 12s
O42 - Logiciel: Abaqus 6.13-4 - (.Dassault Systemes Simulia Corp..) [HKLM][64Bit
s] -- Abaqus 6.13-4
O42 - Logiciel: Abaqus FLEXnet License Server - (.Dassault Systemes Simulia Corp
..) [HKLM][64Bits] -- Abaqus FLEXnet License Server
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][
64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [
HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 24 PPAPI - (.Adobe Systems Incorporated.) [HK
LM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64
Bits] -- {AC76BA86-0804-1033-1959-001824211354} =>.Adobe Systems Incorporated
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU
][64Bits] -- Akamai =>.Akamai Technologies, Inc.
O42 - Logiciel: Applian FLV Player - (.Applian Technologies Inc..) [HKLM][64Bits
] -- Applian FLV Player2.0.23
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform
Ltd
O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] -- 9204f5692a8faf3b
=>.Dell
O42 - Logiciel: Delphi DS150E - (...) [HKLM][64Bits] -- Delphi DS150E
O42 - Logiciel: DevID Agent - (.DevID.) [HKLM][64Bits] -- DevID_Agent
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bi
ts] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} =>.Skype Limited
O42 - Logiciel: FARO LS 1.1.505.0 (64bit) - (.FARO Scanner Production.) [HKLM][6
4Bits] -- {8834451B-6209-4E02-9EF4-4EF9E3C1F70F} =>.FARO Scanner Production
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
{2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {07A12123-B717
-496B-B471-48AF6407B433} =>.Google, Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC98
0A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: GrindEQ Math Utilities (remove only) - (...) [HKLM][64Bits] -- G
rindEQ
O42 - Logiciel: GrindEQ MathType-to-Equation (remove only) - (...) [HKLM][64Bits
] -- GrindEQm2e
O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM][64Bits] -- ProInst
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bit
s] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation
O42 - Logiciel: Intel RealSense SDK 2014 Runtime (x64): Core - (.Intel Corporatio
n.) [HKLM][64Bits] -- {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporati
on
O42 - Logiciel: Logiciel Intel(R) PROSet/Wireless WiFi - (.Intel Corporation.) [
HKLM][64Bits] -- {4327107B-E95E-415C-9194-458FCED6BF12} =>.Intel Corporation
O42 - Logiciel: Malwarebytes version 3.0.5.1299 - (.Malwarebytes.) [HKLM][64Bits
] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 {044E3BF58976880FFD074448A8F7A05
8} =>.Malwarebytes
O42 - Logiciel: MathType 6 - (.Design Science, Inc..) [HKLM][64Bits] -- DSMT6 {3
9A08329609E6BA2A374CFE759C864FC} =>.Design Science, Inc.
O42 - Logiciel: MATLAB R2009b - (.The MathWorks, Inc..) [HKLM][64Bits] -- Matlab
R2009b {61E152F6F50D2E22D4C9D0BA75D6B1FD} =>.The MathWorks, Inc.
O42 - Logiciel: Microsoft Fix it Center - (.Microsoft Corporation.) [HKLM][64Bit
s] -- {B7588D45-AFDC-4C93-9E2E-A100F3554B64} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Fortran PowerStation 4.0 - (...) [HKLM][64Bits] -- MSF
ortranPowerStation
O42 - Logiciel: Microsoft HPC Pack 2008 R2 MS-MPI Redistributable Pack - (.Micro
soft Corporation.) [HKLM][64Bits] -- {D3299935-57F7-403A-9D7B-0B8F9F56F44B} =>.
O42 - Logiciel: Microsoft XNA Framework Redistributable 1.0 Refresh - (.Microsof
t Corporation.) [HKLM][64Bits] -- {311F799A-FCE9-4D9E-B5D2-CBB8859B40BB} =>.Mic
rosoft Corporation
O42 - Logiciel: Mozilla Firefox 52.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] --
Mozilla Firefox 52.0 (x86 en-US) =>.Mozilla Corporation
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- Mozi
llaMaintenanceService =>.Mozilla
O42 - Logiciel: PDFCreator - (.Frank Heindrfer, Philip Chinery.) [HKLM][64Bits] -
- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} =>.Frank Heindrfer, Philip Chinery
O42 - Logiciel: SIMULIA FLEXnet License Server - (.Dassault Systemes Simulia Cor
p..) [HKLM][64Bits] -- SIMULIA FLEXnet License Server
O42 - Logiciel: SLD Codec Pack - (...) [HKLM][64Bits] -- SLD Codec Pack
O42 - Logiciel: TELL ME MORE - (...) [HKLM][64Bits] -- TMM90 =>.AURALOG
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] --
UnityWebPlayer =>.Unity Technologies ApS
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media play
er =>.VideoLAN
O42 - Logiciel: WinRAR 5.10 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR
archiver =>.win.rar GmbH
---\\ HKCU & HKLM Software Keys (151) - 12s
HKLM\SOFTWARE\Wow6432Node\360Safe
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\Arcai
HKLM\SOFTWARE\Wow6432Node\Auralog
HKLM\SOFTWARE\Wow6432Node\Autodesk
HKLM\SOFTWARE\Wow6432Node\Avira
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\CloudOPTInfo
HKLM\SOFTWARE\Wow6432Node\Comodo
HKLM\SOFTWARE\Wow6432Node\ComodoGroup
HKLM\SOFTWARE\Wow6432Node\Cygwin
HKLM\SOFTWARE\Wow6432Node\DDA639CAA3621A8FFC58362F4D88F51C =>PUP.Optional.Cross
Rider
HKLM\SOFTWARE\Wow6432Node\Delphi DS150E
HKLM\SOFTWARE\Wow6432Node\Design Science
HKLM\SOFTWARE\Wow6432Node\Diaginstinfo
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\e
HKLM\SOFTWARE\Wow6432Node\Eset
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Greatis
HKLM\SOFTWARE\Wow6432Node\GrindEQ
HKLM\SOFTWARE\Wow6432Node\HewlettPackard
HKLM\SOFTWARE\Wow6432Node\Install Options
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\LDSGameCenter
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\LiveUpdate360
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\MathWorks
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugin
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nalpeiron
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PDFCreator
HKLM\SOFTWARE\Wow6432Node\PegasusImaging
HKLM\SOFTWARE\Wow6432Node\Pravly
HKLM\SOFTWARE\Wow6432Node\Shiregh
HKLM\SOFTWARE\Wow6432Node\SIMULIA
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SLD
HKLM\SOFTWARE\Wow6432Node\svshost
HKLM\SOFTWARE\Wow6432Node\TOSHIBA
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WafCX
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\360WallPaper
HKCU\SOFTWARE\4shared
HKCU\SOFTWARE\ABAQUS, Inc.
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Affinix
HKCU\SOFTWARE\Akamai
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Arcai.com
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Autodesk
HKCU\SOFTWARE\Avg
HKCU\SOFTWARE\Avira
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Binary Noise
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CatalinaGroup
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\COMODO
HKCU\SOFTWARE\Cygwin
HKCU\SOFTWARE\DDA639CAA3621A8FFC58362F4D88F51C =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Design Science
HKCU\SOFTWARE\DevID
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DjVuLibre
HKCU\SOFTWARE\dlr
HKCU\SOFTWARE\DownloadAstro
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\FileOpen
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Greatis
HKCU\SOFTWARE\GrindEQ
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Install Options
HKCU\SOFTWARE\InstallDate
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\IRAI
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Malwarebytes
HKCU\SOFTWARE\MathWorks
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\NavPlugin
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nitro
HKCU\SOFTWARE\NJ Soft
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\P2PDownloader
HKCU\SOFTWARE\paint.net
HKCU\SOFTWARE\PDFCreator
HKCU\SOFTWARE\PegasusImaging
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PopWnd
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\QiLu Inc.
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Regressi
HKCU\SOFTWARE\Regrun
HKCU\SOFTWARE\RSpark
HKCU\SOFTWARE\Salford Software
HKCU\SOFTWARE\Simply Super Software
HKCU\SOFTWARE\skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\SmartDeblur
HKCU\SOFTWARE\SpeedBit
HKCU\SOFTWARE\SUPERAntiSpyware.com
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\UpgSvr
HKCU\SOFTWARE\WindowsUpdater
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\PasswordBox
HKCU\SOFTWARE\AppDataLow\Software\Unity
---\\ Contenu des dossiers Programmes (231) - 106s
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems,
Incorporated
O43 - CFD: 09/03/2017 - [] D -- C:\Program Files (x86)\Auralog =>.AURALOG
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Bigger Notes ANTP
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 11/03/2017 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Delphi Diagnostics
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\DevID Agent
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\ffdshow
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit
Corporation
O43 - CFD: 10/03/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\GrindEQ
O43 - CFD: 10/03/2017 - [] D -- C:\Program Files (x86)\GUMA679.tmp =>.Google In
c
O43 - CFD: 15/12/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installati
on Information
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporati
on
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\MagicISO
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\MathType {39A08329609E6BA
2A374CFE759C864FC}
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\MATLAB
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Servic
es
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Micr
osoft Corporation
O43 - CFD: 09/03/2017 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Comp
act Edition
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Microsoft Synchronization
Services
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 08/03/2017 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozil
la Corporation
O43 - CFD: 08/03/2017 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Servi
ce =>.Mozilla Corporation
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\MPC-HC
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\PDFCreator
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\SLD Codec Pack
O43 - CFD: 18/12/2016 - [] D -- C:\Program Files (x86)\UnHackMe
O43 - CFD: 15/12/2016 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 15/12/2016 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH
O43 - CFD: 15/12/2016 - [0] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 20/12/2016 - [] D -- C:\Program Files (x86)\XviD
O43 - CFD: 15/12/2016 - [] HD -- C:\Program Files (x86)\Zero G Registry
O43 - CFD: 13/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Prog
rams\Abaqus 6.13-4
rams\Abaqus Licensing
O43 - CFD: 04/12/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Pro
grams\Accessories
grams\Administrative Tools
rams\CCleaner
rams\Electronics Workbench
rams\ffdshow
rams\ffdshow x64
rams\Fortran PowerStation 4.0
rams\Foxit Reader
grams\Games
rams\Google Drive
rams\GrindEQ Math Utilities
rams\Intel PROSet Wireless
rams\IRAI
O43 - CFD: 15/12/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Pro
grams\MagicISO
grams\Maintenance
rams\Malwarebytes
rams\MathType 6
rams\MATLAB
rams\Microsoft Office
rams\MPC-HC
rams\PDFCreator
rams\PhotoFiltre Studio X
rams\SharePoint
rams\SIMULIA FLEXnet Licensing
rams\SLD Codec Pack
grams\Startup
rams\TELL ME MORE Performance
rams\UnHackMe
rams\VideoLAN
rams\WinRAR
rams\XviD
O43 - CFD: 06/12/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 08/03/2017 - [] D -- C:\ProgramData\Autodesk
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\Avg
O43 - CFD: 14/08/2014 - [] D -- C:\ProgramData\AVG2014
O43 - CFD: 08/03/2017 - [] D -- C:\ProgramData\Avira
O43 - CFD: 21/01/2015 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 02/07/2014 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 14/04/2016 - [] D -- C:\ProgramData\Cache
O43 - CFD: 02/12/2015 - [] HD -- C:\ProgramData\CanonBJ
O43 - CFD: 20/03/2016 - [] D -- C:\ProgramData\Common Diagnostics
O43 - CFD: 03/07/2014 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 26/12/2016 - [] D -- C:\ProgramData\COMODO
O43 - CFD: 05/02/2015 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 03/07/2014 - [] D -- C:\ProgramData\DassaultSystemes
O43 - CFD: 20/11/2016 - [] D -- C:\ProgramData\Delphi
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 02/07/2014 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 03/05/2015 - [] D -- C:\ProgramData\FileOpen
O43 - CFD: 07/06/2016 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 03/07/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 03/07/2014 - [] D -- C:\ProgramData\Intel
O43 - CFD: 29/09/2015 - [] D -- C:\ProgramData\Internet Mobile
O43 - CFD: 25/03/2016 - [] D -- C:\ProgramData\Internet Mobile+
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\IObit
O43 - CFD: 22/02/2017 - [] RASHD -- C:\ProgramData\Key-Base
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\Licenses
O43 - CFD: 03/07/2014 - [] D -- C:\ProgramData\Macrovision
O43 - CFD: 11/03/2017 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 18/12/2016 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 02/07/2014 - [0] SHD -- C:\ProgramData\Menu Dmarrer
O43 - CFD: 14/08/2014 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 15/12/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 05/09/2014 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 02/07/2014 - [0] SHD -- C:\ProgramData\Modles
O43 - CFD: 03/05/2015 - [] D -- C:\ProgramData\Nitro
O43 - CFD: 08/03/2017 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 23/12/2016 - [0] D -- C:\ProgramData\RegRun
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\Simply Super Software
O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Skype
O43 - CFD: 05/03/2017 - [0] D -- C:\ProgramData\SpeedBit
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 18/12/2016 - [] D -- C:\ProgramData\SUPERAntiSpyware.com
O43 - CFD: 05/03/2017 - [] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\WinCacheData
O43 - CFD: 13/11/2016 - [] D -- C:\ProgramData\winfirewall
O43 - CFD: 15/12/2016 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 01/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 08/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Autodesk Sha
red
O43 - CFD: 07/11/2016 - [] D -- C:\Program Files (x86)\Common Files\AV
O43 - CFD: 03/07/2014 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 08/03/2017 - [] D -- C:\Program Files (x86)\Common Files\EPSON Projec
tor
O43 - CFD: 07/12/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShiel
d
O43 - CFD: 03/07/2014 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 12/02/2017 - [] D -- C:\Program Files (x86)\Common Files\microsoft sh
ared
O43 - CFD: 22/12/2016 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngine
s
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 06/12/2016 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 18/12/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\360wp
O43 - CFD: 17/12/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\Adobe
O43 - CFD: 19/02/2017 - [] D -- C:\Users\ouadie\AppData\Roaming\App ata
O43 - CFD: 08/03/2017 - [] D -- C:\Users\ouadie\AppData\Roaming\Autodesk
O43 - CFD: 03/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\AVG2014
O43 - CFD: 21/01/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\BavMini
O43 - CFD: 30/12/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\DAEMON Tools Lit
e
O43 - CFD: 03/07/2014 - [0] D -- C:\Users\ouadie\AppData\Roaming\DassaultSysteme
s
O43 - CFD: 21/11/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\Delphi
O43 - CFD: 04/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\Design Science
O43 - CFD: 17/12/2016 - [] HD -- C:\Users\ouadie\AppData\Roaming\DIFX
O43 - CFD: 31/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\DMCache
O43 - CFD: 03/05/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\Downloaded Insta
llations
O43 - CFD: 03/05/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\FileOpen
O43 - CFD: 12/09/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\Foxit Software
O43 - CFD: 14/02/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\Identities
O43 - CFD: 15/08/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\IDM
O43 - CFD: 03/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\Intel
O43 - CFD: 04/12/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\IObit
O43 - CFD: 12/02/2017 - [] D -- C:\Users\ouadie\AppData\Roaming\ITS PLC MHJ Edit
ion
O43 - CFD: 08/03/2017 - [] SHD -- C:\Users\ouadie\AppData\Roaming\Latas
O43 - CFD: 12/12/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\Macromedia
O43 - CFD: 03/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\MathWorks
O43 - CFD: 12/04/2011 - [0] D -- C:\Users\ouadie\AppData\Roaming\Media Center Pr
ograms
O43 - CFD: 14/07/2014 - [0] D -- C:\Users\ouadie\AppData\Roaming\Media Player Cl
assic
O43 - CFD: 09/03/2017 - [] SD -- C:\Users\ouadie\AppData\Roaming\Microsoft
O43 - CFD: 14/11/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\Mozilla
O43 - CFD: 15/12/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\navplugin
O43 - CFD: 03/05/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\Nitro
O43 - CFD: 07/06/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\Nitro PDF
O43 - CFD: 27/03/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\Opera Software
O43 - CFD: 29/11/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\PowerISO
O43 - CFD: 19/02/2017 - [] SHD -- C:\Users\ouadie\AppData\Roaming\Pr
O43 - CFD: 15/12/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\Profiles
O43 - CFD: 20/02/2015 - [] D -- C:\Users\ouadie\AppData\Roaming\Regressi
O43 - CFD: 07/12/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\SilverFrost
O43 - CFD: 26/03/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\Skype
O43 - CFD: 25/02/2017 - [] D -- C:\Users\ouadie\AppData\Roaming\SpeedBit
O43 - CFD: 15/12/2016 - [0] D -- C:\Users\ouadie\AppData\Roaming\Stenoing
O43 - CFD: 03/03/2017 - [] D -- C:\Users\ouadie\AppData\Roaming\Subversion
O43 - CFD: 03/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\TuneUp Software
O43 - CFD: 04/03/2017 - [] D -- C:\Users\ouadie\AppData\Roaming\vlc
O43 - CFD: 04/12/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\WinBatch
O43 - CFD: 11/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\WinRAR
O43 - CFD: 20/11/2016 - [] SHD -- C:\Users\ouadie\AppData\Roaming\wyUpdate AU
O43 - CFD: 13/11/2016 - [] D -- C:\Users\ouadie\AppData\Roaming\Yamicsoft
O43 - CFD: 11/03/2017 - [] D -- C:\Users\ouadie\AppData\Roaming\ZHP
O43 - CFD: 06/12/2016 - [] D -- C:\Users\ouadie\AppData\Local\Adobe
O43 - CFD: 25/11/2016 - [] D -- C:\Users\ouadie\AppData\Local\Akamai
O43 - CFD: 02/07/2014 - [0] SHD -- C:\Users\ouadie\AppData\Local\Application Dat
a
O43 - CFD: 15/12/2016 - [] D -- C:\Users\ouadie\AppData\Local\Apps
O43 - CFD: 23/06/2016 - [] D -- C:\Users\ouadie\AppData\Local\assembly
O43 - CFD: 03/07/2014 - [] D -- C:\Users\ouadie\AppData\Local\Avg2014
O43 - CFD: 01/10/2015 - [] D -- C:\Users\ouadie\AppData\Local\CEF
O43 - CFD: 12/11/2016 - [] D -- C:\Users\ouadie\AppData\Local\Chromium
O43 - CFD: 04/08/2014 - [] D -- C:\Users\ouadie\AppData\Local\CrashRpt =>.Super
fluous.CrashReports
O43 - CFD: 03/07/2014 - [0] D -- C:\Users\ouadie\AppData\Local\DassaultSystemes
O43 - CFD: 13/07/2014 - [0] D -- C:\Users\ouadie\AppData\Local\Deployment
O43 - CFD: 10/01/2017 - [] D -- C:\Users\ouadie\AppData\Local\Diagnostics
O43 - CFD: 09/01/2017 - [0] D -- C:\Users\ouadie\AppData\Local\ElevatedDiagnosti
cs
O43 - CFD: 15/12/2016 - [] D -- C:\Users\ouadie\AppData\Local\ESET
O43 - CFD: 31/08/2014 - [] D -- C:\Users\ouadie\AppData\Local\Facebook
O43 - CFD: 14/11/2016 - [] D -- C:\Users\ouadie\AppData\Local\Google
O43 - CFD: 02/07/2014 - [0] SHD -- C:\Users\ouadie\AppData\Local\Historique
O43 - CFD: 11/03/2017 - [] D -- C:\Users\ouadie\AppData\Local\Installer =>PUP.O
ptional.InstallPedia
O43 - CFD: 03/03/2017 - [] D -- C:\Users\ouadie\AppData\Local\MathWorks
O43 - CFD: 03/07/2014 - [] D -- C:\Users\ouadie\AppData\Local\MFAData
O43 - CFD: 29/11/2016 - [] D -- C:\Users\ouadie\AppData\Local\Microsoft
O43 - CFD: 12/12/2014 - [] D -- C:\Users\ouadie\AppData\Local\Microsoft Help
O43 - CFD: 18/12/2016 - [0] DC -- C:\Users\ouadie\AppData\Local\MigWiz
O43 - CFD: 13/11/2016 - [] D -- C:\Users\ouadie\AppData\Local\Mozilla
O43 - CFD: 27/03/2015 - [] D -- C:\Users\ouadie\AppData\Local\Opera Software
O43 - CFD: 14/02/2015 - [] D -- C:\Users\ouadie\AppData\Local\paint.net
O43 - CFD: 04/08/2014 - [] D -- C:\Users\ouadie\AppData\Local\Programs
O43 - CFD: 12/02/2017 - [] D -- C:\Users\ouadie\AppData\Local\Real_Games_Lda
O43 - CFD: 26/03/2016 - [] D -- C:\Users\ouadie\AppData\Local\SkypePlugin
O43 - CFD: 11/03/2017 - [] D -- C:\Users\ouadie\AppData\Local\Temp
O43 - CFD: 02/07/2014 - [0] SHD -- C:\Users\ouadie\AppData\Local\Temporary Inter
net Files
O43 - CFD: 13/11/2016 - [] D -- C:\Users\ouadie\AppData\Local\Unity
O43 - CFD: 18/11/2016 - [] D -- C:\Users\ouadie\AppData\Local\VirtualStore
O43 - CFD: 06/12/2016 - [] D -- C:\Users\ouadie\AppData\Local\Wondershare
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\ouadie\AppData\Roaming\Microsoft\Windo
ws\Start Menu\Programs\Accessories
ws\Start Menu\Programs\Administrative Tools
O43 - CFD: 03/07/2014 - [] D -- C:\Users\ouadie\AppData\Roaming\Microsoft\Window
s\Start Menu\Programs\Dell
s\Start Menu\Programs\Fortran PowerStation 4.0
ws\Start Menu\Programs\Maintenance
ws\Start Menu\Programs\Startup
s\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell]
- {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL dextensio
n denvironnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microso
ft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer I
con Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Mic
rosoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program F
iles (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Ove
rlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corpora
tion - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Mic
rosoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explor
er Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399
}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\P
rogram Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporat
ion
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon O
verlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Cor
poration - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)
\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer I
con Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Mic
rosoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program F
iles (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9F
C9-929BAA2E7235}. (.Microsoft Corporation - Extensions de linterprteur de commande
s p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ Enumration des cls StartupReg (2) - 0s
O53 - SMSR:HKLM\...\startupreg\EPSON_UD_START [Key] . (...) -- C:\Program Files
(x86)\EPSON Projector\Epson USB Display V1.5\EMP_UD.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\GoogleDriveSync [Key] . (.Google - Google Drive.
) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe =>.Google
---\\ Liste des pilotes du systme (68) - 61s
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Sto
rport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microso
ft Windows
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storpor
t Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft W
indows
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SC
SI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Micr
osoft Windows
O58 - SDL:2009/07/14 01:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver
.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows
O58 - SDL:2010/11/21 03:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Dri
ver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Window
s
O58 - SDL:2009/07/14 01:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI
Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
=>.Microsoft Windows
O58 - SDL:2010/11/21 03:23:47 A . (.Advanced Micro Devices - Storage Filter Driv
er.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver
.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver
.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows
O58 - SDL:2016/12/04 01:01:02 A . (.Broadcom Limited - Broadcom NetXtreme Gigabi
t Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [467736] =>.
Broadcom Corporation
O58 - SDL:2016/12/04 01:00:33 A . (.Broadcom Corporation. - Broadcom Bluetooth F
irmware Download Filter.) -- C:\Windows\System32\drivers\bcbtums.sys [172760]
=>.Broadcom Corporation
O58 - SDL:2015/01/08 08:01:54 A . (.Baidu, Inc. - Baidu Antivirus Sandbox.) -- C
:\Windows\System32\drivers\BdSandbox.sys [232440] {3BDB1994B98BBB19AB55A42337F
A4F5C} =>.Baidu, Inc.
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Ma
ss-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [1843
2] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Ma
ss-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704
] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:19:07 A . (.Brother Industries Ltd. - Pilote Brother Srie
I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother I
ndustries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother Serial dri
ver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Br
other Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Dr
iver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industr
ies Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB Serial
Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Indu
stries Ltd.
O58 - SDL:2016/12/04 01:00:33 A . (.Broadcom Corporation. - Broadcom Bluetooth U
SB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys [600280]
=>.Broadcom Corporation
O58 - SDL:2009/06/10 20:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II
GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Co
rporation
O58 - SDL:2009/07/14 01:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Drive
r.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows
O58 - SDL:2009/07/14 01:47:48 A . (.Emulex - Storport Miniport Driver for LightP
ulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft W
indows
O58 - SDL:2011/01/06 11:37:26 A . (.SEIKO EPSON CORPORATION - EPSON Projector Vi
rtual Audio Device.) -- C:\Windows\System32\drivers\EMP_UDAU.sys [23040] =>.S
eiko Epson Corporation
O58 - SDL:2015/11/06 11:33:20 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\
Windows\System32\drivers\EpfwLWF.sys [52872] =>.ESET, spol. s r.o.
O58 - SDL:2009/06/10 20:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II
10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom
Corporation
O58 - SDL:2009/06/26 12:03:12 A . (.Huawei Technologies Co., Ltd. - USB Mass Sto
rage Device Filter Driver.) -- C:\Windows\System32\drivers\ewmassfilter.sys [
10240] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2017/03/11 02:40:25 A . (.Malwarebytes - Malwarebytes Anti-Ransomware
Protection.) -- C:\Windows\System32\drivers\farflt.sys [102856] {044E3BF589768
O58 - SDL:2010/08/24 12:32:00 A . (.FTDI Ltd. - FTDIBUS USB Driver.) -- C:\Windo
ws\System32\drivers\ftdibus.sys [72648] {525DE6D376A7E434A293A186496FE7BE} =>
.FTDI Ltd.
O58 - SDL:2010/08/24 12:32:00 A . (.FTDI Ltd. - FTDIBUS Serial Device Driver.) -
- C:\Windows\System32\drivers\ftser2k.sys [85320] {525DE6D376A7E434A293A186496
FE7BE} =>.FTDI Ltd.
O58 - SDL:2009/06/10 20:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge W
inTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys
[31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/09/17 19:54:54 A . (.Intel Corporation - Intel(R) Management Engi
ne Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [56344] =>.Intel Co
rporation
O58 - SDL:2010/11/21 03:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SA
TA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
=>.Microsoft Windows
O58 - SDL:2010/11/21 03:23:47 A . (.Intel Corporation - Intel Matrix Storage Man
ager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Mi
crosoft Windows
O58 - SDL:2014/06/09 08:41:00 A . (.Tonec Inc. - Internet Download Manager WFP D
river.) -- C:\Windows\System32\drivers\idmwfp.sys [180136] =>.Tonec Inc.
O58 - SDL:2011/06/10 18:16:10 A . (.Intel Corporation - Intel Graphics Kernel Mo
de Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12230912] =>.Intel C
orporation
O58 - SDL:2009/07/14 01:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid
Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Micros
oft Windows
O58 - SDL:2010/02/26 23:32:14 A . (.Intel Corporation - Intel(R) Turbo Boost Tec
hnology Driver.) -- C:\Windows\System32\drivers\Impcd.sys [158976] =>.Intel C
orporation
O58 - SDL:2016/12/04 00:46:35 A . (.Intel(R) Corporation - Intel(R) Display Audi
o Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [317440] =>.Intel(R) C
orporation
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (
StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft W
indows
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver
(StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft
Windows
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorP
ort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windo
ws
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver
(StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microso
ft Windows
O58 - SDL:2016/12/14 12:55:14 A . (...) -- C:\Windows\System32\drivers\mbae64.sy
s [77416] {044E3BF58976880FFD074448A8F7A058}
O58 - SDL:2017/03/11 02:40:19 A . (.Malwarebytes - Malwarebytes Real-Time Protec
tion.) -- C:\Windows\System32\drivers\mbam.sys [43968] {044E3BF58976880FFD0744
48A8F7A058} =>.Malwarebytes
O58 - SDL:2017/03/11 02:16:04 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C
:\Windows\System32\drivers\MBAMChameleon.sys [176064] {044E3BF58976880FFD07444
O58 - SDL:2017/03/11 02:40:17 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C
:\Windows\System32\drivers\MBAMSwissArmy.sys [250816] {044E3BF58976880FFD07444
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Dr
iver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Micr
osoft Windows
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Softwar
e RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microso
ft Windows
O58 - SDL:2012/09/26 05:45:35 A . (.Marvell Semiconductor, Inc. - USB EWS Device
Driver.) -- C:\Windows\System32\drivers\mvusbews.sys [20480] =>.Marvell Semi
conductor, Inc.
O58 - SDL:2017/03/11 02:40:24 A . (.Malwarebytes - Malwarebytes Web Protection.)
-- C:\Windows\System32\drivers\mwac.sys [81696] {044E3BF58976880FFD074448A8F7
A058} =>.Malwarebytes
O58 - SDL:2010/07/14 04:42:58 A . (.Intel Corporation - Intel Wireless WiFi Link
Driver.) -- C:\Windows\System32\drivers\NETwNs64.sys [7821312] =>.Intel Corpo
ration
O58 - SDL:2016/12/04 00:59:37 A . (.Intel Corporation - Intel Wireless WiFi Link
Driver.) -- C:\Windows\System32\drivers\NETwsw01.sys [11534096] =>.Intel Corp
oration-Wireless Connectivity Solutions
O58 - SDL:2009/07/14 01:48:26 A . (.IBM Corporation - IBM ServeRAID Controller D
river.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windo
ws
O58 - SDL:2010/11/21 03:23:47 A . (.NVIDIA Corporation - NVIDIA nForce(TM) RAID D
river.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windo
ws
O58 - SDL:2010/11/21 03:23:47 A . (.NVIDIA Corporation - NVIDIA nForce(TM) Sata P
erformance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Mic
rosoft Windows
O58 - SDL:2009/07/14 01:45:46 A . (.QLogic Corporation - QLogic Fibre Channel St
or Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.M
icrosoft Windows
O58 - SDL:2009/07/14 01:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport M
iniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Micros
oft Windows
O58 - SDL:2009/06/10 20:37:19 A . (.Macrovision Corporation, Macrovision Europe
Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.s
ys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 01:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID
Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>
.Microsoft Windows
O58 - SDL:2009/07/14 01:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-M
iniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Micro
soft Windows
O58 - SDL:2016/12/04 00:45:23 A . (.Synaptics Incorporated - Synaptics SMBus Dri
ver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960] =>.Synaptic
s Incorporated
O58 - SDL:2016/12/04 01:01:52 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB
Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [
129152] =>.Samsung Electronics CO., LTD.
O58 - SDL:2016/09/05 05:47:12 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Andr
oid Modem Device Driver.) -- C:\Windows\System32\drivers\ssudmdm.sys [165504]
=>.Samsung Electronics CO., LTD.
O58 - SDL:2016/09/05 05:47:20 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB
Mobile Logging Device Driver.) -- C:\Windows\System32\drivers\ssudserd.sys [16
5504] =>.Samsung Electronics CO., LTD.
O58 - SDL:2009/07/14 01:45:55 A . (.Promise Technology - Promise SuperTrak EX S
eries Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>
.Microsoft Windows
O58 - SDL:2016/10/26 11:09:36 A . (.The OpenVPN Project - TAP-Windows Virtual Ne
twork Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [35784] =>
.Avira Operations GmbH & Co. KG
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE
Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft
Windows
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER
FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Micro
soft Windows
---\\ Derniers fichiers modifis ou cres (Utilisateur) (2) - 53s
O61 - LFC: 2017/03/09 00:25:59 A . (.ESET spol. s r.o..) -- C:\Users\ouadie\Down
loads\esetonlinescanner_enu.exe [6751360] {1DE10DED541D51E73BC486F492498836}
O61 - LFC: 2017/03/09 00:27:27 A . (.Bitdefender SRL.) -- C:\Users\ouadie\AppDat
a\Roaming\Mozilla\Firefox\Profiles\0QVVMcjl.default\extensions\{e001c731-5e37-45
38-a5cb-8168736a2360}\plugins\npqscan.dll [1688376] {3DB29A3651F3F5E49CE079D28
3957630}
---\\ Associations Shell Spawning (12) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corp
oration - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microso
ft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corpora
tion - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\even
tvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corpo
ration - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplor
e.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporati
on - Microsoft Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corpora
tion - diteur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corp
oration - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mo
zilla Corporation
O67 - Shell Spawning: <.scr> <AutoCADScriptFile>[HKCU\..\open\Command] (.Microso
ft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe =>.Microsoft C
orporation
---\\ Menu de dmarrage Internet (12) - 0s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Comm
and] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox
\firefox.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Comm
and] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\App
lication\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\C
ommand] (.Microsoft Corporation - Internet Explorer.) -- C:\PROGRAM FILES (X86)\
INTERNET EXPLORER\IEXPLORE.EXE =>.Microsoft Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\Sho
wIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86
)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\Sho
wIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\
Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\
ShowIconsCommand] (.Microsoft Corporation - Utilitaire dinitialisation dInternet E
xpl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\Rei
nstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\Rei
nstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\
ReinstallCommand] (.Microsoft Corporation - Utilitaire dinitialisation dInternet E
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\Hid
eIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\Hid
eIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\
HideIconsCommand] (.Microsoft Corporation - Utilitaire dinitialisation dInternet E
---\\ Recherche d infection sur les navigateurs (1) - 3s
O69 - SBI: SearchScopes [HKCU] {0AA24E16-07B3-4694-8357-3C21ACC5F516} [DefaultSc
ope] - (Yahoo!) - http://fr.search.yahoo.com/ =>.Yahoo Search
---\\ Enumre les services dmarrs par Svchost (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporati
on - Service Exprience dapplication.) -- C:\Windows\System32\aelupsvc.dll [72192
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporati
on - Service de propagation de certificats de ca.) -- C:\Windows\System32\certpr
op.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporati
on - Service de propagation de certificats de ca.) -- C:\Windows\System32\certpr
op.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corpora
tion - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032] =>
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client
de stratgie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft
Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Exten
sion IKE.) -- C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporatio
n
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - S
ervice Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] =>.Micros
oft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Ges
tionnaire de numrotation automatique d.) -- C:\Windows\System32\rasauto.dll [993
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gesti
onnaire de connexions daccs distant.) -- C:\Windows\System32\rasmans.dll [344064
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corpora
tion - Gestionnaire dinterface dynamique.) -- C:\Windows\System32\mprdim.dll [9
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service d
e notification dvnements systm.) -- C:\Windows\System32\Sens.dll [64512] =>.Micro
soft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corpora
tion - Composants de lapplication dassistance .) -- C:\Windows\System32\ipnathlp.dl
l [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Ser
veur de tlphonie Microsoft Windows(TM.) -- C:\Windows\System32\tapisrv.dll [31692
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporati
on - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsr
v.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - A
gent de mise jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll
[2428952] =>.Microsoft Windows Component Publisher
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service d
e transfert intelligent en arrire.) -- C:\Windows\System32\qmgr.dll [849920] =
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft
Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dl
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - S
ervice offrant une connectivit IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll
[569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - D
LL de service douverture de session secon.) -- C:\Windows\system32\seclogon.dll
[30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Ser
vice Informations dapplication.) -- C:\Windows\System32\appinfo.dll [70656] =>
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Ser
vice de dcouverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Micr
osoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service
Planificateur de classes multimdia.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI
.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation
- Service Configuration des services Bureau .) -- C:\Windows\System32\SessEnv.dl
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL
du service Explorateur dordinateurs.) -- C:\Windows\System32\browser.dll [1367
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Ser
vice EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Micros
oft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - S
ervice du Planificateur de tches.) -- C:\Windows\system32\schedsvc.dll [1110016
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Servi
ce Gestion des cls.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Cor
poration
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corpo
ration - Rapports et solutions aux problmes.) -- C:\Windows\System32\wercplsuppor
t.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - Pro
fSvc.) -- C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL d
u service des thmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Servi
ce BDE.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Ser
vice Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536]
---\\ Liste des exceptions du parefeu Windows (24) - 2s
O87 - FAEL: "TCP Query User{40DFDBC6-038C-4FB2-99BF-8EF7FA166660}C:\simulia\abaq
us\6.13-1\code\bin\elit_driverlm.exe" [In-None-P6-TRUE] .(...) -- C:\simulia\aba
qus\6.13-1\code\bin\elit_driverlm.exe (.not file.)
O87 - FAEL: "UDP Query User{DD4BB3C0-D512-4943-8D5D-49AA63C66E56}C:\simulia\abaq
us\6.13-1\code\bin\elit_driverlm.exe" [In-None-P17-TRUE] .(...) -- C:\simulia\ab
aqus\6.13-1\code\bin\elit_driverlm.exe (.not file.)
O87 - FAEL: "TCP Query User{D78C1B51-35E8-4863-890C-894CC230D050}C:\simulia\abaq
us\6.13-1\code\bin\abqcaek.exe" [In-None-P6-TRUE] .(...) -- C:\simulia\abaqus\6.
13-1\code\bin\abqcaek.exe (.not file.)
O87 - FAEL: "UDP Query User{C57B3849-02EC-4347-9464-E4059BE518C8}C:\simulia\abaq
us\6.13-1\code\bin\abqcaek.exe" [In-None-P17-TRUE] .(...) -- C:\simulia\abaqus\6
.13-1\code\bin\abqcaek.exe (.not file.)
O87 - FAEL: "{1AFAC919-972E-4F7C-AF6B-3A6FBFAC641D}" [In-None-P6-TRUE] .(...) --
C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe (.not file.)
O87 - FAEL: "{0971D90C-1962-418A-B5FB-69B478489E9B}" [In-None-P17-TRUE] .(...) -
- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe (.not file.)
O87 - FAEL: "TCP Query User{B81AD608-E6E7-413D-BBDC-97E47663D840}D:\6.10-1\exec\
abqcaek.exe" [In-None-P6-TRUE] .(...) -- D:\6.10-1\exec\abqcaek.exe (.not file.)
O87 - FAEL: "UDP Query User{E8FDE26D-3EE7-47BC-9506-6F73DDF84B52}D:\6.10-1\exec\
abqcaek.exe" [In-None-P17-TRUE] .(...) -- D:\6.10-1\exec\abqcaek.exe (.not file.
)
O87 - FAEL: "TCP Query User{C90C96C6-FA01-4B24-9A0F-A0D110D1FFC2}C:\users\ouadie
\appdata\local\catalinagroup\citrio\application\chrome.exe" [In-None-P6-TRUE] .(
...) -- C:\users\ouadie\appdata\local\catalinagroup\citrio\application\chrome.ex
e (.not file.)
O87 - FAEL: "UDP Query User{48D825A3-345A-4020-A1AF-4304A568D8FD}C:\users\ouadie
\appdata\local\catalinagroup\citrio\application\chrome.exe" [In-None-P17-TRUE] .
(...) -- C:\users\ouadie\appdata\local\catalinagroup\citrio\application\chrome.e
xe (.not file.)
O87 - FAEL: "TCP Query User{FFD6204B-6366-445E-BCD9-0AF89609F402}D:\6.13-4\code\
bin\elit_driverlm.exe" [In-None-P6-TRUE] .(...) -- D:\6.13-4\code\bin\elit_drive
rlm.exe
O87 - FAEL: "UDP Query User{71A35157-6F5D-4FAF-A477-7C001AAA4F5D}D:\6.13-4\code\
bin\elit_driverlm.exe" [In-None-P17-TRUE] .(...) -- D:\6.13-4\code\bin\elit_driv
erlm.exe
O87 - FAEL: "TCP Query User{5AB3EDE6-83FB-4F5E-9EDA-9390231D18C3}D:\6.13-4\code\
bin\abqcaek.exe" [In-None-P6-TRUE] .(...) -- D:\6.13-4\code\bin\abqcaek.exe
O87 - FAEL: "UDP Query User{9314EE69-249D-499B-9FB1-5EF7A9309730}D:\6.13-4\code\
bin\abqcaek.exe" [In-None-P17-TRUE] .(...) -- D:\6.13-4\code\bin\abqcaek.exe
O87 - FAEL: "{E311CAE2-2153-4B41-BF41-377C9643A863}" [In-None-P17-TRUE] .(...) -
- C:\Users\ouadie\AppData\Local\Amigo\Application\amigo.exe (.not file.)
O87 - FAEL: "{1BA99670-9174-4DA4-BBA1-2D8186FFD812}" [In-None-P17-TRUE] .(...) -
- C:\Users\ouadie\AppData\Local\Temp\is-T2E30.tmp\download\MiniThunderPlatform.e
xe (.not file.)
O87 - FAEL: "{CF83E9C6-1951-4295-A73D-234CF4C38448}" [In-None-P17-TRUE] .(...) -
- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.)
O87 - FAEL: "{AF957224-DEFE-43AB-A245-66E8D89367CE}" [In-None-P17-TRUE] .(...) -
- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.)
O87 - FAEL: "{64B26A31-CB31-4B3D-8FCE-80DF3032CF27}" [In-None-P17-TRUE] .(...) -
- C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPl
atform.exe (.not file.)
O87 - FAEL: "{24B325A1-F6E7-4247-8CA9-8B739719694F}" [In-None-P6-TRUE] .(...) --
C:\Program Files (x86)\LuDaShi\ComputerZTray.exe (.not file.)
O87 - FAEL: "{DCACEA08-F759-4D2F-8718-4FFB9BE2FE18}" [In-None-P17-TRUE] .(...) -
- C:\Program Files (x86)\LuDaShi\ComputerZTray.exe (.not file.)
O87 - FAEL: "{1F7AD10C-BADD-4ED7-A19A-4C89C3171C89}" [In-None-P17-TRUE] .(...) -
- C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe (.not file.)
O87 - FAEL: "TCP Query User{EDAC1FCA-87CE-4113-AA78-4607D5EF3EE3}C:\program file
s\matlab\r2016b\bin\win64\matlab.exe" [In-None-P6-TRUE] .(...) -- C:\program fil
es\matlab\r2016b\bin\win64\matlab.exe (.not file.)
O87 - FAEL: "UDP Query User{F90BBC24-D5DA-4CA2-BF6D-FBCC7119D177}C:\program file
s\matlab\r2016b\bin\win64\matlab.exe" [In-None-P17-TRUE] .(...) -- C:\program fi
les\matlab\r2016b\bin\win64\matlab.exe (.not file.)
---\\ Scan Additionnel (4) - 0s
HKLM\SOFTWARE\Wow6432Node\DDA639CAA3621A8FFC58362F4D88F51C =>PUP.Optional.Cross
Rider
HKCU\SOFTWARE\DDA639CAA3621A8FFC58362F4D88F51C =>PUP.Optional.CrossRider
C:\Users\ouadie\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\Users\ouadie\AppData\Local\Installer =>PUP.Optional.InstallPedia
---\\ Rcapitulatif des lments trouvs sur votre station (3) - 0s
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/?p=943 =>PUP.Optional.InstallPedia
~ End of the scan, 23977 items in 00h04mn57s (804)(0)

ZHPDiag v2016.1.31.23 System Report

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ZHPDiag v2016.1.31.23 System Report

Uploaded by

Copyright:

Available Formats

~ ZHPDiag v2016.1.31.

23 Par Nicolas Coolman (2016/01/30)

You might also like