PUPs sur WIndows 10 : OurSurfing, Boxore, Gameo,..

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

Debilon

PUPs sur WIndows 10 : OurSurfing, Boxore, Gameo,..

par Debilon »

Bonsoir,

J'ai plusieurs virus à nettoyer impossible de détruire détectés par mes antivirus. Tout d'abord je suis un utilisateur de Microsoft Windows 10, j'utilise comme protection Avast et les logiciels de nettoyage :
ADW Cleaner/ Rogue Killer/ Hitman Pro/ ZHPDiag (ZHPFix)/ Malwarebytes Anti-Malware/ Spybot S&D/ JRT/ CCleaner

1) Un virus est détecté chaque jours sur JRT (Junk Removal Tool) :
Successfully deleted: C:\Users\Theodore\AppData\Roaming\sp_data.sys (File)
Comment le supprimer pour de bon ?

2) CCleaner me détecte toujours 5 121 Ko (1 fichier) de fichier temporaire de la part d'Internet Explorer alors que je n'utilise pas ce navigateur, dois-je m’inquiéter ou ce fichier qui ne se supprime pas n'est pas important ?

3) ZHPDiag me détecte toujours :

Code : Tout sélectionner

---\\ Récapitulatif des éléments trouvés sur votre station (3) - 0s
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/?p=90  =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Gameo
Mais ils ne se suppriment pas dans ZHPFix, comment s'en débarrasser ?

Voilà le rapport de ZHPDiag :

Code : Tout sélectionner

~ ZHPDiag v2015.12.18.188 Par Nicolas Coolman (2015/12/18)
~ Démarré par Theodore (Administrator)  (2015/12/19 00:36:14)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version:  Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Theodore\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Theodore\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 10586)

---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v47.0.2526.106
MSIE: Internet Explorer v11.20.10586.0

---\\ Informations sur les produits Windows (8) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 2YRWQ
Windows License : OK
~ Windows Remaining Initializations Number :  999
Windows Automatic Updates : OK

---\\ Logiciels de protection (3) - 1s
Avast Free Antivirus v10.4.2233
Malwarebytes Anti-Malware version 2.2.0.1024
Windows Defender  (Deactivate)

---\\ Logiciels de protection et autres (Superflus) (1) - 1s
Spybot - Search & Destroy v2.4.40

---\\ Logiciels d'optimisation (1) - 1s
CCleaner v5.12

---\\ Surveillance de Logiciels (1) - 1s
Adobe Flash Player 20 NPAPI

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System:  64-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 8268.804 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 86 GB () free of 381 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: THÉODORE
~ User Name: Theodore
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 86 GB free of 381 GB  (System)
~ Drive D: has 550 GB free of 550 GB

---\\ Etat du Centre de Sécurité Windows (9) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (25) - 0s
[MD5.4572EB3DDBD2DFA10DE7A037A6CC6D53] - 30/10/2015 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [4502864]  =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] ©
[MD5.CAD491DD9EC00BB841EA407D9C498C4A] - 30/10/2015 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [290856]  =>.Microsoft Windows Publisher®
[MD5.AB4C1A9F37C0B8467AC923ED4AD727D6] - 22/11/2015 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [2647552] ©
[MD5.46C8E60DEDBDA95C102D1B2E74676578] - 30/10/2015 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [584704] ©
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] ©
[MD5.E7B524818100B0FDE2B057C74B0C0DCD] - 30/10/2015 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [686984]  =>.Microsoft Windows®
[MD5.2796C0957F6F05A528DD64B8591371B6] - 30/10/2015 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535088]  =>.Microsoft Windows®
[MD5.CE50037751671682D1FDBBE7C9B37F4A] - 30/10/2015 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [20480] ©
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 13/11/2015 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912]  =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512]  =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] ©
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] ©
[MD5.C9478D7DB7BE5D7ACE65CB1167F07320] - 30/10/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] ©
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] ©
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] ©
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] ©
[MD5.61F9F27A8C3D7BCD287FE98A440421CE] - 30/10/2015 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944]  =>.Microsoft Windows®
[MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - 30/10/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279552] ©
[MD5.EFEFC245B884B1BE0401931398DCD707] - 01/12/2015 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152800]  =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] ©
[MD5.381B8F2311A0375676B635EA5E7C8AB0] - 30/10/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] ©
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] ©
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 13/11/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624]  =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560]  =>.Microsoft Windows®

---\\ Liste des services NT non Microsoft et non désactivés (25) - 2s
O23 - Service: AdobeUpdateService (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe  =>.Adobe Systems Incorporated®
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - AGS Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe  =>.Adobe Systems Incorporated®
O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe  =>.ASUSTeK Computer Inc.®
O23 - Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe ©
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe  =>.ASUSTeK Computer Inc.®
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe  =>.AVAST Software a.s.®
O23 - Service: DriverMFTService (DriverMFTService) . (.ASUSTek Computer Inc. - Driver MFT Service.) - C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe ©
O23 - Service: ExpressCache (ExpressCache) . (.Condusiv Technologies - ExpressCache Service.) - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe {14FEE2983B54274D1B49694F7FB044A9} ©
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) . (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe ©
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe  =>.WildTangent Inc®
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe  =>.NVIDIA Corporation®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe  =>.Intel Corporation - pGFX®
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe  =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe  =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe  =>.Intel Corporation - Software and Firmware Products®
O23 - Service: MBAMService (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe  =>.Malwarebytes Corporation®
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe  =>.NVIDIA Corporation®
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe  =>.NVIDIA Corporation®
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 359.0.) - C:\Windows\System32\nvvsvc.exe  =>.NVIDIA Corporation®
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\WINDOWS\system32\PnkBstrA.exe (.not file.)
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe  =>.Skype Software Sarl®
O23 - Service:  (Update service) . (.Popcorn Time - Updater.) - C:\Program Files (x86)\Popcorn Time\Updater.exe ©
O23 - Service: ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ©

---\\ Tâches planifiées en automatique (33) - 3s
[MD5.F54564025D2284AE498E51D7C139F971] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [269504]  =>.Adobe Systems Incorporated®
[MD5.761986319F4F6EDB33B3F046D254C781] [APT] [ASUS Live Update1] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe   [2998552]  =>.ASUSTeK Computer Inc.®
[MD5.761986319F4F6EDB33B3F046D254C781] [APT] [ASUS Live Update2] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe   [2998552]  =>.ASUSTeK Computer Inc.®
[MD5.910279027CDBD609396EAD402A9177E2] [APT] [ASUS Smart Gesture Launcher] (.AsusTek.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe   [18416]  =>.ASUSTeK Computer Inc.®
[MD5.D7C763585907733B9F97E08914AF3F9E] [APT] [ASUS Splendid ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe   [58440]  =>.ASUSTeK Computer Inc.®
[MD5.61205A84623464E7B3574E31FE3D5AE8] [APT] [ASUS USB Charger Plus] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe   [19853392]  =>.ASUSTeK Computer Inc.®
[MD5.08B018EF53C79AF2DAC005B494B9AF53] [APT] [ATK Package 36D18D69AFC3] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe   [109880]  =>.ASUSTeK Computer Inc.®
[MD5.D9E35285D8CCE58241038E5B23507DAB] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [1382112]  =>.AVAST Software a.s.®
[MD5.5C35525CEBE7B59FAFA05D5E98D7EDEF] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [6602152]  =>.Piriform Ltd®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [144200]  =>.Google Inc®
[MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [144200]  =>.Google Inc®
[MD5.9928ACBA0AC68AB206D3D5DB950249ED] [APT] [RtHDVBg] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe   [1387224]  =>.Realtek Semiconductor Corp®
[MD5.DA2D7BED47EF71BDFEEDDEEE76C965FD] [APT] [RTKCPL] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe   [13672664]  =>.Realtek Semiconductor Corp®
[MD5.EFF8FFF2D81A26919EC1D1FCEEDEDAAD] [APT] [Update Checker] (...) -- C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe   [12288]
[MD5.1E827B1C08007E18424315DDA4756279] [APT] [{46A84D8C-72AA-4A02-9BCC-CE1934599BF9}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe   [741704]  =>.Google Inc®
[MD5.B5C90CBC7AC91FF982C2C8C71ABBE5EA] [APT] [ASUS\ASUS Product Register Service] (.ASUSTek Computer Inc..) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe   [1271424] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job   [1002] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job   [1086] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job   [1090] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater   [3842] ©
O39 - APT: ASUS Live Update1 - (.ASUSTeK Computer Inc..) -- C:\WINDOWS\System32\Tasks\ASUS Live Update1   [3544] ©
O39 - APT: ASUS Live Update2 - (.ASUSTeK Computer Inc..) -- C:\WINDOWS\System32\Tasks\ASUS Live Update2   [3534] ©
O39 - APT: ASUS Smart Gesture Launcher - (.AsusTek.) -- C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher   [3628] ©
O39 - APT: ASUS Splendid ACMON - (.ASUS.) -- C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON   [2054] ©
O39 - APT: ASUS USB Charger Plus - (.ASUSTek Computer Inc..) -- C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus   [2188] ©
O39 - APT: ATK Package 36D18D69AFC3 - (.ASUSTek Computer Inc..) -- C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3   [2782] ©
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\System32\Tasks\avast! Emergency Update   [4134] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC   [2036] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore   [3916] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA   [4148] ©
O39 - APT: RtHDVBg - (.Realtek Semiconductor.) -- C:\WINDOWS\System32\Tasks\RtHDVBg   [2180] ©
O39 - APT: RTKCPL - (.Realtek Semiconductor.) -- C:\WINDOWS\System32\Tasks\RTKCPL   [2174] ©
O39 - APT: Update Checker - (...) -- C:\WINDOWS\System32\Tasks\Update Checker   [2428]

---\\ Processus lancés (9) - 1s
[MD5.5117F48112199D74343318A4520B6D64] - (.Condusiv Technologies - ExpressCache Service.) -- C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656] [PID.2800] {14FEE2983B54274D1B49694F7FB044A9} ©
[MD5.F07F814FF63E42C2FB1EE9344012A435] - (.ASUSTek Computer Inc. - Driver MFT Service.) -- C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe [9728] [PID.2808] ©
[MD5.1355EBE184F9DAB1718BC587F8A7E05E] - (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376] [PID.2816] ©
[MD5.0DB1E3F6189C628675F855C0EB510419] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696] [PID.2856] ©
[MD5.BD93D1A0E0A7A96BEA4585F17C9B3307] - (.Popcorn Time - Updater.) -- C:\Program Files (x86)\Popcorn Time\Updater.exe [339968] [PID.2340] ©
[MD5.DB5610839DBEBE48AA963DFA96FD7103] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) -- C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168] [PID.2636] ©
[MD5.86B8B1F5C1189D68B07666784BE882FE] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584] [PID.3088] ©
[MD5.A7BFC2C5D570EC93720DABC8B85ADEF9] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe [144384] [PID.7268]
[MD5.6D4DF03425DE3447284A70B596A2B5EE] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\Theodore\ZHPDiag3.exe [2026496] [PID.5188] ©

---\\ Google Chrome, Démarrage,Recherche,Extensions (13) - 0s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.fr
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/  =>PUP.Optional.OurSurfing
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [hongpdkjnjhijmdnogoicadboadgllhi] agar.io server browser
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest  =>.Google Inc.

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (3) - 0s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll ©
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf] - (...) -- C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ©

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKEY_USERS\S-1-5-21-3642564182-623770762-403295420-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object de navigateur (BHO) (2) - 0s
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll  =>.AVAST Software a.s.®
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll  =>.Skype Software Sarl®

---\\ Applications lancées au démarrage du système (27) - 1s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe  =>.Adobe Systems Incorporated®
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe  =>.NVIDIA Corporation®
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe ©
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe  =>.Valve®
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Theodore\AppData\Roaming\Spotify\SpotifyWebHelper.exe  =>.Spotify AB®
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Theodore\AppData\Roaming\Spotify\Spotify.exe  =>.Spotify AB®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe  =>.Piriform Ltd®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\OneDrive.exe  =>.Microsoft Corporation®
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe ©
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe ©
O4 - HKLM\..\Wow6432Node\Run: [WebStorage] . (...) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe {165262D16ED95E4D5D40A107FC3774EE}
O4 - HKLM\..\Wow6432Node\Run: [ROGNB] . (.(C) 2011 ASUS, Inc. - ASUS ROG Gaming Mouse hid.) -- C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe  =>.AVAST Software a.s.®
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe  =>.Adobe Systems Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [TrayServer] . (.Magix - Trayserver.) -- C:\Program Files (x86)\MAGIX\Video_deluxe_17_Version_a_telecharger\TrayServer_fr.exe ©
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle America, Inc.®
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe  =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3642564182-623770762-403295420-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe  =>.Valve®
O4 - HKUS\S-1-5-21-3642564182-623770762-403295420-1001\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Theodore\AppData\Roaming\Spotify\SpotifyWebHelper.exe  =>.Spotify AB®
O4 - HKUS\S-1-5-21-3642564182-623770762-403295420-1001\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Theodore\AppData\Roaming\Spotify\Spotify.exe  =>.Spotify AB®
O4 - HKUS\S-1-5-21-3642564182-623770762-403295420-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe  =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-3642564182-623770762-403295420-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\OneDrive.exe  =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3642564182-623770762-403295420-1001\..\RunOnce: [Uninstall C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe ©
O4 - HKUS\S-1-5-21-3642564182-623770762-403295420-1001\..\RunOnce: [Uninstall C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe ©

---\\ Modification Domaine/Adresses DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

---\\ Protocole additionnel (23) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll  =>.Skype Software Sarl®
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©

---\\ Logiciels installés (95) - 4s
O42 - Logiciel: 8GadgetPack - (.Helmut Buhler.) [HKLM][64Bits] -- {CA2865AD-EFF4-44F0-A2C9-DCDC0A90F27E} ©
O42 - Logiciel: A3Launcher version 0.0.1.5 - (.Maca134.) [HKLM][64Bits] -- {E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1
O42 - Logiciel: Adobe After Effects CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {147EC100-14BE-45EF-AB42-35BAEE7D02F0}  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Lightroom - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {793C2BF7-A4FE-4608-91C9-9282C5801C21}  =>.Adobe Systems Incorporated®
O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM][64Bits] -- {7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} ©
O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} ©
O42 - Logiciel: Arma 3 - (.Bohemia Interactive.) [HKLM][64Bits] -- Steam App 107410  =>.Valve®
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {FA540E67-095C-4A1B-97BA-4D547DEC9AF4} ©
O42 - Logiciel: ASUS ROG Gaming Mouse - (.ASUS.) [HKLM][64Bits] -- {3B9E171F-A955-4834-B877-447C0A437260}  =>.Macrovision Corporation®
O42 - Logiciel: ASUS Smart Gesture - (.ASUS.) [HKLM][64Bits] -- {4D3286A6-F6AB-498A-82A4-E4F040529F3D} ©
O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64Bits] -- {0969AF05-4FF6-4C00-9406-43599238DE0D} ©
O42 - Logiciel: ASUS USB Charger Plus - (.ASUS.) [HKLM][64Bits] -- {A859E3E5-C62F-4BFA-AF1D-2B95E03166AF} ©
O42 - Logiciel: ASUS Virtual Camera - (.ASUS.) [HKLM][64Bits] -- {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1} ©
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE} ©
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast  =>.AVAST Software a.s.®
O42 - Logiciel: Battlefield 3™ - (.Electronic Arts.) [HKLM][64Bits] -- {76285C16-411A-488A-BCE3-C83CB933D8CF}  =>.Electronic Arts®
O42 - Logiciel: Battlelog Web Plugins - (.EA Digital Illusions CE AB.) [HKLM][64Bits] -- Battlelog Web Plugins ©
O42 - Logiciel: Breaking Point - (.The Zombie Infection.) [HKLM][64Bits] -- {D94AC775-62AF-4630-8292-7EB26691AAAE} ©
O42 - Logiciel: Breaking Point - (.The Zombie Infection.) [HKLM][64Bits] -- Breaking Point 5.0.2.9 ©
O42 - Logiciel: Call of Duty: Black Ops - (.Treyarch.) [HKLM][64Bits] -- Steam App 42700  =>.Valve®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner  =>.Piriform Ltd®
O42 - Logiciel: Chivalry: Medieval Warfare - (.Torn Banner Studios.) [HKLM][64Bits] -- Steam App 219640  =>.Valve®
O42 - Logiciel: CyberLink MediaStory - (.CyberLink Corp..) [HKLM][64Bits] -- {55762F9A-FCE3-45d5-817B-051218658423}  =>.CyberLink Corp.®
O42 - Logiciel: CyberLink MediaStory - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}  =>.CyberLink Corp.®
O42 - Logiciel: Device Setup - (.ASUSTek Computer Inc..) [HKLM][64Bits] -- {1F07F2C7-596F-4F34-B805-2C61A3E50E5A} ©
O42 - Logiciel: Emily is Away - (.Kyle Seeley.) [HKLM][64Bits] -- Steam App 417860  =>.Valve®
O42 - Logiciel: ExpressCache - (.Condusiv Technologies.) [HKLM][64Bits] -- {44EAE7F6-8BBF-4C3F-A573-3CD5A3C067FA} ©
O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM][64Bits] -- {34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485} ©
O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU][64Bits] -- GameRanger {2FD2CC87CEAAC00CC88A5269ED263B70} ©
O42 - Logiciel: GameSpy Arcade - (...) [HKLM][64Bits] -- GameSpy Arcade
O42 - Logiciel: Garry's Mod - (.Facepunch Studios.) [HKLM][64Bits] -- Steam App 4000  =>.Valve®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome  =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Intel Driver Update Utility - (.Intel.) [HKLM][64Bits] -- {ca4bc3a8-b99c-4416-90d8-351a8ceab458}  =>.Intel(R) Driver Update Utility®
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}  =>.Intel Corporation - pGFX®
O42 - Logiciel: Intel(R) Driver Update Utility 2.2 - (.Intel.) [HKLM][64Bits] -- {3EE9923D-3045-46AB-9CAA-E375993AEB4A} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}  =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}  =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6} ©
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} ©
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} ©
O42 - Logiciel: MAGIX Screenshare - (.MAGIX AG.) [HKLM][64Bits] -- {3677B336-9F6D-45DF-9543-C049E35EE590} ©
O42 - Logiciel: MAGIX Speed burnR (MSI) - (.MAGIX AG.) [HKLM][64Bits] -- {A72DAA6B-A81F-4EE5-B1B2-C7620888776B} ©
O42 - Logiciel: MAGIX Vidéo deluxe 17 Version à télécharger - (.MAGIX AG.) [HKLM][64Bits] -- {5965E2D2-6E8D-4B14-BFBE-B6C3B6F22633} ©
O42 - Logiciel: MAGIX Vidéo deluxe 17 Version à télécharger - (.MAGIX AG.) [HKLM][64Bits] -- MAGIX_MSI_Videodeluxe17  =>.Magix AG®
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Middle-earth: Shadow of Mordor - (.Monolith Productions, Inc..) [HKLM][64Bits] -- Steam App 241930  =>.Valve®
O42 - Logiciel: Minecraft - (.Mojang.) [HKLM][64Bits] -- {1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} ©
O42 - Logiciel: Mises à jour NVIDIA 2.7.4.10 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update ©
O42 - Logiciel: NVIDIA GeForce Experience 2.7.4.10 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience ©
O42 - Logiciel: NVIDIA GeForce Experience Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService ©
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer ©
O42 - Logiciel: NVIDIA LED Visualizer 1.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer ©
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.15.0428 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX ©
O42 - Logiciel: NVIDIA Network Service - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service ©
O42 - Logiciel: NVIDIA Optimus Update 2.7.4.10 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus ©
O42 - Logiciel: NVIDIA Pilote graphique 359.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver ©
O42 - Logiciel: NVIDIA ShadowPlay 2.7.4.10 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay ©
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core ©
O42 - Logiciel: NVIDIA Virtual Audio 1.2.31 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver ©
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin  =>.Electronic Arts, Inc.®
O42 - Logiciel: Package de pilotes Windows - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) - (.ASUS.) [HKLM][64Bits] -- 14588A15B66655338DBCC021FFA81E31DC281859  =>.ASUSTeK Computer Inc.®
O42 - Logiciel: paint.net - (.dotPDN LLC.) [HKLM][64Bits] -- {DF3A46D9-67B3-44B2-9D01-25C8BA772C8A} ©
O42 - Logiciel: Panneau de configuration NVIDIA 359.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel ©
O42 - Logiciel: PixelMaster Video HDR - (.ASUS.) [HKLM][64Bits] -- {65302154-AAF6-4020-A070-76CAA9CEC8D3} ©
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc ©
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Communications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801} ©
O42 - Logiciel: Qualcomm Atheros Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} ©
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC} ©
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}  =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}  =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}  =>.Realtek Semiconductor Corp®
O42 - Logiciel: Rome - Total War - Gold Edition - (.The Creative Assembly.) [HKLM][64Bits] -- {2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24} {3C7C992B1CFEB7AEFF5ACF481E933EBB} ©
O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv ©
O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Skype™ 7.14 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} ©
O42 - Logiciel: Software Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify  =>.Spotify AB®
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 ©
O42 - Logiciel: STAR WARS™ Battlefront™ - (.Electronic Arts.) [HKLM][64Bits] -- {E402D891-4E45-4ce9-B41F-DD35864EF170}  =>.Electronic Arts®
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam  =>.Valve®
O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM][64Bits] -- {04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7} ©
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKCU][64Bits] -- TeamSpeak 3 Client ©
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App  =>.WildTangent Inc®
O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay  =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: Watch_Dogs - (.Ubisoft.) [HKLM][64Bits] -- Uplay Install 274  =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: WebStorage - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- WebStorage ©
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus  =>.WildTangent Inc®
O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D} ©
O42 - Logiciel: WinRAR 5.21 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver  =>.win.rar GmbH®
O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPFix_is1 ©
Haut
Debilon

Re: Virus recurents

par Debilon »

Code : Tout sélectionner

---\\ HKCU & HKLM Software Keys (114) - 4s
HKLM\SOFTWARE\Wow6432Node\8GadgetPack
HKLM\SOFTWARE\Wow6432Node\activision
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\AsLdr
HKLM\SOFTWARE\Wow6432Node\ASUS
HKLM\SOFTWARE\Wow6432Node\Atheros
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\Battlelog Web Plugins
HKLM\SOFTWARE\Wow6432Node\bohemia interactive
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\EA Games
HKLM\SOFTWARE\Wow6432Node\ECAREME
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\MAGIX
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\Mojang
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Origin
HKLM\SOFTWARE\Wow6432Node\Origin Games
HKLM\SOFTWARE\Wow6432Node\Overwolf
HKLM\SOFTWARE\Wow6432Node\Piriform
HKLM\SOFTWARE\Wow6432Node\PocketSoft
HKLM\SOFTWARE\Wow6432Node\Qualcomm Atheros
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Software
HKLM\SOFTWARE\Wow6432Node\SuppHelpDir
HKLM\SOFTWARE\Wow6432Node\TeamSpeak 3 Client
HKLM\SOFTWARE\Wow6432Node\The Creative Assembly
HKLM\SOFTWARE\Wow6432Node\The Zombie Infection
HKLM\SOFTWARE\Wow6432Node\Ubisoft
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WildTangent
HKLM\SOFTWARE\Wow6432Node\Yahoo
HKLM\SOFTWARE\Wow6432Node\Even Balance
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\8GadgetPack
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Adobe Lightroom
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ASUS
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Bohemia Interactive
HKCU\SOFTWARE\Clipboarder
HKCU\SOFTWARE\ECAREME
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\GameRanger
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kyle Seeley
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Magix
HKCU\SOFTWARE\MAGIX AG
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mojang
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\paint.net
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Popcorn Time
HKCU\SOFTWARE\PopcornTime
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\Spotify
HKCU\SOFTWARE\SyncEngines
HKCU\SOFTWARE\System Requirements Lab
HKCU\SOFTWARE\TeamSpeak 3 Client
HKCU\SOFTWARE\TheCreativeAssembly
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\U-Games
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

---\\ Contenu des dossiers Programmes (236) - 5s
O43 - CFD: 23/11/2015 - [] AD -- C:\Program Files (x86)\A3Launcher
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\ASUS
O43 - CFD: 28/01/2015 - [] AD -- C:\Program Files (x86)\ASUS Gaming Mouse
O43 - CFD: 25/06/2015 - [] AD -- C:\Program Files (x86)\Battlelog Web Plugins
O43 - CFD: 13/11/2015 - [] AD -- C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 28/11/2015 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 28/01/2015 - [] D -- C:\Program Files (x86)\Cyberlink
O43 - CFD: 25/07/2015 - [] D -- C:\Program Files (x86)\GameSpy Arcade
O43 - CFD: 15/12/2015 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 25/07/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 28/01/2015 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 08/10/2015 - [] AD -- C:\Program Files (x86)\Intel Driver Update Utility
O43 - CFD: 15/12/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 22/07/2015 - [] D -- C:\Program Files (x86)\MAGIX
O43 - CFD: 11/11/2015 - [] AD -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 28/06/2015 - [] D -- C:\Program Files (x86)\Microsoft Games
O43 - CFD: 29/10/2014 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 29/09/2015 - [] AD -- C:\Program Files (x86)\Minecraft
O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 28/11/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 17/12/2015 - [] AD -- C:\Program Files (x86)\Origin
O43 - CFD: 25/11/2015 - [] D -- C:\Program Files (x86)\Origin Games
O43 - CFD: 10/12/2015 - [] D -- C:\Program Files (x86)\Popcorn Time
O43 - CFD: 28/01/2015 - [] AD -- C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 01/10/2015 - [] AD -- C:\Program Files (x86)\QuickTime
O43 - CFD: 28/01/2015 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 14/10/2015 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files (x86)\Steam
O43 - CFD: 08/10/2015 - [] AD -- C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 28/01/2015 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 25/07/2015 - [] D -- C:\Program Files (x86)\The Creative Assembly
O43 - CFD: 12/06/2015 - [] D -- C:\Program Files (x86)\Ubisoft
O43 - CFD: 13/11/2015 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 29/10/2014 - [] D -- C:\Program Files (x86)\WildTangent Games
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 13/11/2015 - [] ASHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 30/06/2015 - [0] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 30/09/2015 - [] AD -- C:\Program Files (x86)\ZHPFix
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
O43 - CFD: 23/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A3Launcher
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Gaming Mouse
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
O43 - CFD: 22/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breaking Point
O43 - CFD: 13/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
O43 - CFD: 13/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
O43 - CFD: 15/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 13/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
O43 - CFD: 28/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 09/10/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront Beta
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 29/06/2015 - [] D -- C:\ProgramData\Age of Empires 3
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Apple
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\ASUS Smart Gesture
O43 - CFD: 29/10/2014 - [] D -- C:\ProgramData\ASUS WebStorage
O43 - CFD: 29/10/2014 - [] D -- C:\ProgramData\ASUSLogos
O43 - CFD: 31/05/2015 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 31/05/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 22/11/2015 - [] D -- C:\ProgramData\Bohemia Interactive
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 22/11/2015 - [] D -- C:\ProgramData\Caphyon
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 28/01/2015 - [] D -- C:\ProgramData\Condusiv Technologies
O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 01/06/2015 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 01/06/2015 - [] D -- C:\ProgramData\EA Logs
O43 - CFD: 01/06/2015 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 28/01/2015 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 08/10/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\LogMeIn
O43 - CFD: 22/07/2015 - [] AD -- C:\ProgramData\MAGIX
O43 - CFD: 31/05/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 11/11/2015 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 13/11/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 13/11/2015 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 02/12/2015 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 28/11/2015 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Origin
O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 28/01/2015 - [] D -- C:\ProgramData\Qualcomm Atheros
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 13/11/2015 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 15/12/2015 - [] D -- C:\ProgramData\RogueKiller
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\SetupTPDriver
O43 - CFD: 24/11/2015 - [] D -- C:\ProgramData\Skype
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 26/11/2015 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 28/01/2015 - [] D -- C:\ProgramData\Temp
O43 - CFD: 31/05/2015 - [] D -- C:\ProgramData\USBChargerPlus
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 13/11/2015 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 29/10/2014 - [] D -- C:\ProgramData\WebStorage
O43 - CFD: 29/10/2014 - [] D -- C:\ProgramData\WildTangent
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 28/01/2015 - [] D -- C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 31/05/2015 - [] D -- C:\Program Files (x86)\Common Files\AWS
O43 - CFD: 24/11/2015 - [] D -- C:\Program Files (x86)\Common Files\BattlEye
O43 - CFD: 25/11/2015 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 28/06/2015 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 13/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/07/2015 - [] D -- C:\Program Files (x86)\Common Files\MAGIX Services
O43 - CFD: 03/06/2015 - [] D -- C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 28/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 28/01/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 28/08/2015 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 15/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 28/10/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\.minecraft
O43 - CFD: 30/09/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Adobe
O43 - CFD: 06/10/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Apple Computer
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\ASUS
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Atheros
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\AVAST Software
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\awsRun
O43 - CFD: 23/07/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\GameRanger
O43 - CFD: 03/06/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Identities
O43 - CFD: 19/07/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\java
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Macromedia
O43 - CFD: 22/07/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\MAGIX
O43 - CFD: 13/11/2015 - [] SD -- C:\Users\Theodore\AppData\Roaming\Microsoft
O43 - CFD: 30/09/2015 - [0] D -- C:\Users\Theodore\AppData\Roaming\Opera Software
O43 - CFD: 02/06/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Origin
O43 - CFD: 02/12/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Skype
O43 - CFD: 19/11/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Spotify
O43 - CFD: 10/12/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\stremio
O43 - CFD: 01/10/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Sun
O43 - CFD: 22/11/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\The Zombie Infection
O43 - CFD: 29/10/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\TS3Client
O43 - CFD: 21/10/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\vlc
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\WebStorage
O43 - CFD: 30/09/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\WildTangent
O43 - CFD: 28/06/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\WinRAR
O43 - CFD: 19/12/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\ZHP
O43 - CFD: 13/11/2015 - [0] D -- C:\Users\Theodore\AppData\Local\ActiveSync
O43 - CFD: 24/07/2015 - [] D -- C:\Users\Theodore\AppData\Local\Activision
O43 - CFD: 18/12/2015 - [] D -- C:\Users\Theodore\AppData\Local\Adobe
O43 - CFD: 01/10/2015 - [] D -- C:\Users\Theodore\AppData\Local\Apple
O43 - CFD: 13/11/2015 - [0] SHD -- C:\Users\Theodore\AppData\Local\Application Data
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Local\Apps
O43 - CFD: 23/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Arma 3
O43 - CFD: 22/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Arma 3 Launcher
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Local\BMExplorer
O43 - CFD: 22/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Bohemia_Interactive
O43 - CFD: 22/07/2015 - [] D -- C:\Users\Theodore\AppData\Local\CEF
O43 - CFD: 01/06/2015 - [] D -- C:\Users\Theodore\AppData\Local\Clipboarder
O43 - CFD: 30/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Comms
O43 - CFD: 19/12/2015 - [0] D -- C:\Users\Theodore\AppData\Local\CrashDumps
O43 - CFD: 29/08/2015 - [0] D -- C:\Users\Theodore\AppData\Local\Diagnostics
O43 - CFD: 21/11/2015 - [0] D -- C:\Users\Theodore\AppData\Local\ElevatedDiagnostics
O43 - CFD: 14/06/2015 - [0] SHD -- C:\Users\Theodore\AppData\Local\EmieBrowserModeList
O43 - CFD: 14/06/2015 - [0] SHD -- C:\Users\Theodore\AppData\Local\EmieSiteList
O43 - CFD: 14/06/2015 - [0] SHD -- C:\Users\Theodore\AppData\Local\EmieUserList
O43 - CFD: 15/09/2015 - [] D -- C:\Users\Theodore\AppData\Local\Google
O43 - CFD: 03/06/2015 - [] D -- C:\Users\Theodore\AppData\Local\GWX
O43 - CFD: 13/11/2015 - [0] SHD -- C:\Users\Theodore\AppData\Local\Historique
O43 - CFD: 08/10/2015 - [] D -- C:\Users\Theodore\AppData\Local\Intel
O43 - CFD: 24/07/2015 - [] D -- C:\Users\Theodore\AppData\Local\LogMeIn
O43 - CFD: 31/10/2015 - [] D -- C:\Users\Theodore\AppData\Local\LogMeIn Hamachi
O43 - CFD: 14/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Microsoft
O43 - CFD: 19/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\MicrosoftEdge
O43 - CFD: 13/11/2015 - [0] D -- C:\Users\Theodore\AppData\Local\NetworkTiles
O43 - CFD: 28/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\NVIDIA
O43 - CFD: 28/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\NVIDIA Corporation
O43 - CFD: 30/09/2015 - [0] D -- C:\Users\Theodore\AppData\Local\Opera Software
O43 - CFD: 01/06/2015 - [] D -- C:\Users\Theodore\AppData\Local\Origin
O43 - CFD: 11/12/2015 - [] D -- C:\Users\Theodore\AppData\Local\Packages
O43 - CFD: 12/06/2015 - [] D -- C:\Users\Theodore\AppData\Local\paint.net
O43 - CFD: 21/10/2015 - [] D -- C:\Users\Theodore\AppData\Local\Popcorn Time
O43 - CFD: 21/10/2015 - [] D -- C:\Users\Theodore\AppData\Local\PopcornTimeDesktop
O43 - CFD: 04/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Programs
O43 - CFD: 13/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Publishers
O43 - CFD: 01/06/2015 - [] D -- C:\Users\Theodore\AppData\Local\PunkBuster
O43 - CFD: 14/10/2015 - [] D -- C:\Users\Theodore\AppData\Local\Sidebar7
O43 - CFD: 28/08/2015 - [] D -- C:\Users\Theodore\AppData\Local\Skype
O43 - CFD: 19/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Spotify
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Theodore\AppData\Local\Steam
O43 - CFD: 28/10/2015 - [] D -- C:\Users\Theodore\AppData\Local\TeamSpeak 3 Client
O43 - CFD: 19/12/2015 - [] D -- C:\Users\Theodore\AppData\Local\Temp
O43 - CFD: 13/11/2015 - [0] SHD -- C:\Users\Theodore\AppData\Local\Temporary Internet Files
O43 - CFD: 13/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\TileDataLayer
O43 - CFD: 16/11/2015 - [] D -- C:\Users\Theodore\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 26/07/2015 - [] D -- C:\Users\Theodore\AppData\Local\VirtualStore
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 15/12/2015 - [] RD -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 21/11/2015 - [] RD -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/11/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 21/11/2015 - [] RD -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 30/10/2015 - [] RD -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 13/11/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 16/11/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 13/11/2015 - [] D -- C:\Users\Theodore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Theodore\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll  =>.Microsoft Corporation®
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll  =>.AVAST Software a.s.®

---\\ Liste des pilotes du système (74) - 3s
O58 - SDL:2015/10/30 08:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys   [107360]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra - PMC-Sierra Storport  Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys   [1135456]  =>.Microsoft Windows®
O58 - SDL:2014/09/11 17:48:20 A . (.ASUSTek Computer Inc. - ASUS Charger driver.) -- C:\WINDOWS\System32\drivers\AiCharger.sys   [17152]  =>.ASUSTeK Computer Inc.®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys   [83296]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys   [259424]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys   [26976]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys   [131936]  =>.Microsoft Windows®
O58 - SDL:2015/05/13 05:44:24 A . (.ASUS - HID driver for ASUS Wireless Radio Control.) -- C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys   [19976]  =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/08/23 17:08:16 A . (.ASUS Corporation - Asus TP Filter Driver(X64).) -- C:\WINDOWS\System32\drivers\AsusTP.sys   [100776]  =>.ASUSTeK Computer Inc.®
O58 - SDL:2015/10/08 13:00:48 A . (.AVAST Software - avast! HWID.) -- C:\WINDOWS\System32\drivers\aswHwid.sys   [28656]  =>.AVAST Software a.s.®
O58 - SDL:2015/10/08 13:00:48 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys   [90968]  =>.AVAST Software a.s.®
O58 - SDL:2015/10/08 13:00:48 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswRdr2.sys   [93528]  =>.AVAST Software a.s.®
O58 - SDL:2015/10/08 13:00:48 A . (.AVAST Software - avast! Revert.) -- C:\WINDOWS\System32\drivers\aswRvrt.sys   [65224]  =>.AVAST Software a.s.®
O58 - SDL:2015/11/06 17:15:42 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswsnx.sys   [1059656]  =>.AVAST Software a.s.®
O58 - SDL:2015/11/06 17:15:43 A . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswsp.sys   [449992]  =>.AVAST Software a.s.®
O58 - SDL:2015/10/08 13:00:48 A . (.AVAST Software - Stream Filter.) -- C:\WINDOWS\System32\drivers\aswStm.sys   [153744]  =>.AVAST Software a.s.®
O58 - SDL:2015/10/08 13:00:48 A . (.AVAST Software - avast! VM Monitor.) -- C:\WINDOWS\System32\drivers\aswVmm.sys   [274808]  =>.AVAST Software a.s.®
O58 - SDL:2015/06/26 17:23:54 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys   [4325544]  =>.WDKTestCert qcaswbld,130129545209614653®
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys   [9728] ©
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys   [9728] ©
O58 - SDL:2014/08/27 20:23:44 A . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\WINDOWS\System32\drivers\btath_bus.sys   [35016]  =>.Qualcomm Atheros®
O58 - SDL:2015/06/29 11:22:38 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys   [609992]  =>.Qualcomm Atheros®
O58 - SDL:2015/10/30 08:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys   [531296]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys   [3436896]  =>.Microsoft Windows®
O58 - SDL:2013/11/18 15:02:00 A . (.Condusiv Technologies - ExpressCache Filesystem Filter Driver.) -- C:\WINDOWS\System32\drivers\excfs.sys   [25840] {14FEE2983B54274D1B49694F7FB044A9} ©
O58 - SDL:2013/11/18 15:02:00 A . (.Condusiv Technologies - ExpressCache Driver.) -- C:\WINDOWS\System32\drivers\excsd.sys   [117488] {14FEE2983B54274D1B49694F7FB044A9} ©
O58 - SDL:2015/10/26 11:11:22 AH . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\WINDOWS\System32\drivers\Hamdrv.sys   [45680]  =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/10/30 08:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys   [64352]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys   [81408] ©
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys   [165888] ©
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys   [38128]  =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys   [113152] ©
O58 - SDL:2014/06/26 03:56:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\WINDOWS\System32\drivers\iaStorA.sys   [670056]  =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys   [673120]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys   [412000]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys   [424800]  =>.Microsoft Windows®
O58 - SDL:2015/07/18 00:36:32 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys   [6389688]  =>.Intel Corporation - pGFX®
O58 - SDL:2014/05/05 12:01:50 N . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys   [450520]  =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2014/03/26 00:31:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys   [38296]  =>.Intel Wireless Display®
O58 - SDL:2012/08/06 04:17:18 A . (. - Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\kbfiltr.sys   [17280]  =>.ASUSTeK Computer Inc.®
O58 - SDL:2015/10/01 06:44:16 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\lavyxdjt.sys   [79064]  =>.Malwarebytes Corporation®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys   [108888]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys   [104800]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys   [99168]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys   [82784]  =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys   [25816]  =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys   [109272]  =>.Malwarebytes Corporation®
O58 - SDL:2015/12/15 16:27:46 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys   [192216]  =>.Malwarebytes Corporation®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys   [59744]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys   [575840]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys   [705376]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys   [63840]  =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:22 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys   [64216]  =>.Malwarebytes Corporation®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys   [76128]  =>.Microsoft Windows®
O58 - SDL:2015/10/08 13:00:41 A . (.AVAST Software - avast! NG snapshot driver.) -- C:\WINDOWS\System32\drivers\ngvss.sys   [132656]  =>.AVAST Software a.s.®
O58 - SDL:2015/11/26 01:34:46 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys   [11228488]  =>.NVIDIA Corporation®
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys   [150368]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys   [166240]  =>.Microsoft Windows®
O58 - SDL:2015/11/16 04:54:55 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys   [50472]  =>.NVIDIA Corporation®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys   [58208]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys   [58720]  =>.Microsoft Windows®
O58 - SDL:2015/07/07 23:25:38 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys   [895256]  =>.Realtek Semiconductor Corp®
O58 - SDL:2014/07/01 13:30:36 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys   [4002008]  =>.Realtek Semiconductor Corp®
O58 - SDL:2015/05/14 11:44:38 A . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\WINDOWS\System32\drivers\RtsPer.sys   [751632]  =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys   [44896]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys   [81760]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys   [31072]  =>.Microsoft Windows®
O58 - SDL:2013/09/03 17:52:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverx64.sys   [99288]  =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2015/12/18 18:26:44 A . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys   [30848]  =>.Adlice®
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys   [166752]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS   [305504]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys   [26976]  =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys   [59232]  =>.Microsoft Windows®
O58 - SDL:2014/09/09 01:39:24 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\athwbx.sys   [4221952] ©

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (19) - 8s
O61 - LFC: 2015/12/19 00:34:47 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin   [8192]
O61 - LFC: 2015/12/19 00:20:56 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\Contacts_01.040c.digest.bin   [1148]
O61 - LFC: 2015/12/18 19:01:35 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\Contacts_02.040c.digest.bin   [1148]
O61 - LFC: 2015/12/19 00:20:58 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicAlbum_01.040c.digest.bin   [412]
O61 - LFC: 2015/12/18 19:04:28 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicAlbum_02.040c.digest.bin   [412]
O61 - LFC: 2015/12/19 00:20:57 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicGenre_01.040c.digest.bin   [356]
O61 - LFC: 2015/12/18 19:04:27 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicGenre_02.040c.digest.bin   [356]
O61 - LFC: 2015/12/19 00:20:59 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicSong_01.040c.digest.bin   [492]
O61 - LFC: 2015/12/18 19:04:28 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\MusicSong_02.040c.digest.bin   [492]
O61 - LFC: 2015/12/18 19:01:37 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_01.040c.digest.bin   [56]
O61 - LFC: 2015/12/19 00:21:03 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest2_02.040c.digest.bin   [56]
O61 - LFC: 2015/12/19 00:21:03 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_01.040c.digest.bin   [56]
O61 - LFC: 2015/12/18 19:01:37 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\PointsOfInterest_02.040c.digest.bin   [56]
O61 - LFC: 2015/12/18 19:01:36 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\VaStartMenu_01.040c.digest.bin   [19476]
O61 - LFC: 2015/12/19 00:21:01 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\Grammars\VaStartMenu_02.040c.digest.bin   [19476]
O61 - LFC: 2015/12/19 00:34:21 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\cache\proactive\proactive-cache.bin   [187175]
O61 - LFC: 2015/12/15 16:51:06 A . (..) -- C:\Users\Theodore\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635857834771703871.bin   [56892]
O61 - LFC: 2015/12/16 12:30:04 A . (..) -- C:\Users\Theodore\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin   [6090019]
O61 - LFC: 2015/12/19 00:32:34 A . (..) -- C:\Users\Theodore\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin   [16148]

---\\ Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe  =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe  ©
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©

---\\ Recherche d'infection sur les navigateurs (1) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Enumère les services démarrés par Svchost (41) - 0s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\WINDOWS\System32\certprop.dll   [192000] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\WINDOWS\System32\certprop.dll   [192000] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\system32\srvsvc.dll   [283136] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll   [1338368] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll   [957952] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\WINDOWS\System32\iphlpsvc.dll   [958464] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll   [31232] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\WINDOWS\System32\appinfo.dll   [94720] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll   [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll   [112640] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll   [1012224] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll   [225280] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\WINDOWS\System32\browser.dll   [134656] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll   [328192] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll   [372736] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\WINDOWS\System32\wercplsupport.dll   [96256] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll   [186880] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll   [2058240] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\WINDOWS\System32\ncasvc.dll   [168960] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Configuration du réseau.) -- C:\WINDOWS\System32\NetSetupSvc.dll   [203776] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\WINDOWS\system32\themeservice.dll   [59392] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll   [1073152] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de géolocalisation.) -- C:\Windows\System32\lfsvc.dll   [27136] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\WINDOWS\System32\rasauto.dll   [106496] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\WINDOWS\System32\rasmans.dll   [696320] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [507904] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\WINDOWS\System32\sens.dll   [73216] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\WINDOWS\System32\ipnathlp.dll   [457728] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll   [311808] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\WINDOWS\system32\wuaueng.dll   [2280448] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\System32\qmgr.dll   [1144320] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [608768] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll   [57856] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\WINDOWS\System32\bdesvc.dll   [360448] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll   [1035776] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à jour la session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll   [360960] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll   [1130496] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - DLL Windows Management Service.) -- C:\Windows\System32\Windows.Internal.Management.dll   [278016] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\WINDOWS\System32\DeviceSetupManager.dll   [205824] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll   [912384] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll   [948224] ©

---\\ Liste des exceptions du parefeu Windows (37) - 3s
O87 - FAEL: "UDP Query User{D0A84AEC-D81E-4A2B-83AB-BFCED0DBD5F2}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe (.not file.)
O87 - FAEL: "TCP Query User{6F0BE01B-9EB0-4020-B010-C2E01EBAFB77}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe (.not file.)
O87 - FAEL: "{27C5E6B6-6C94-4683-BB47-4CCC0ED73F6C}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe (.not file.)
O87 - FAEL: "{39E37C55-7A38-4CCD-B49D-CA87687A61B2}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe (.not file.)
O87 - FAEL: "{F02464CD-2C7A-4E53-8A56-3A7DE102DA8C}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
O87 - FAEL: "{FE2A3BFF-FF2F-4C0B-BE14-75F9780AA1B7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
O87 - FAEL: "{86D430FA-4F13-4493-BBE5-80D6DF68DF6D}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Boxore\Boxore\Node.exe (.not file.)  =>PUP.Optional.Boxore
O87 - FAEL: "{0F669B11-B249-458C-80AF-0E67DCDDE596}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (.not file.)
O87 - FAEL: "{D3F83854-AB92-4126-A7BC-BFFC191F1512}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (.not file.)
O87 - FAEL: "{89710CCD-3E4D-4233-A34F-8BAFD791B90C}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (.not file.)
O87 - FAEL: "{0642AA82-3013-4A00-8E04-89F5F2A524F1}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (.not file.)
O87 - FAEL: "{8985BBD9-69E0-4583-B8C3-AE4725C14B2D}" [In-None-P17-TRUE] .(.IGN Entertainment, Inc. - GameSpy Arcade.) -- C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
O87 - FAEL: "{89D47FA5-B8E1-435D-8FDD-32F842FCDA4A}" [In-None-P6-TRUE] .(.IGN Entertainment, Inc. - GameSpy Arcade.) -- C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
O87 - FAEL: "{200962F7-3A0C-4D84-99BE-DF487B50D6FD}" [In-None-P6-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.783\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "{3E153D47-AAFF-4DF6-A416-2D3A43A9F676}" [In-None-P17-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.783\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "UDP Query User{578B0D5E-18EE-443B-85DA-C5D6073168FD}C:\users\theodore\appdata\local\temp\rar$exa0.783\slender - survivors\survivors_beta_3.exe" [In-None-P17-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.783\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "TCP Query User{509DD3CA-E6F2-4174-9059-5A02A4245DEA}C:\users\theodore\appdata\local\temp\rar$exa0.783\slender - survivors\survivors_beta_3.exe" [In-None-P6-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.783\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "{9B0E58F2-8A93-4529-B9D9-39D96CC29191}" [In-None-P6-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.620\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "{E8B3D636-A3BC-4A9F-9FEB-180D99FF28AC}" [In-None-P17-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.620\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "UDP Query User{29D9CF5E-26F6-4E97-958F-B416DE9B8FC4}C:\users\theodore\appdata\local\temp\rar$exa0.620\slender - survivors\survivors_beta_3.exe" [In-None-P17-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.620\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "TCP Query User{76F45ADC-8F85-4B95-933E-7ED33BF7D828}C:\users\theodore\appdata\local\temp\rar$exa0.620\slender - survivors\survivors_beta_3.exe" [In-None-P6-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.620\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "UDP Query User{8D8EFA96-1DBB-4338-AB10-F308F70DFA71}C:\users\theodore\appdata\local\temp\rar$exa0.560\slender - survivors\survivors_beta_3.exe" [In-None-P17-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.560\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "TCP Query User{DCC63124-DE8E-4338-8C88-6B05E187D671}C:\users\theodore\appdata\local\temp\rar$exa0.560\slender - survivors\survivors_beta_3.exe" [In-None-P6-TRUE] .(...) -- C:\users\theodore\appdata\local\temp\rar$exa0.560\slender - survivors\survivors_beta_3.exe (.not file.)
O87 - FAEL: "UDP Query User{1F9A603F-9451-429F-8F3A-AE7726B70F05}C:\users\theodore\appdata\local\popcorn time\nw.exe" [In-None-P17-TRUE] .(...) -- C:\users\theodore\appdata\local\popcorn time\nw.exe (.not file.)
O87 - FAEL: "TCP Query User{5A93DB42-011D-454E-966A-596AEBFDF45D}C:\users\theodore\appdata\local\popcorn time\nw.exe" [In-None-P6-TRUE] .(...) -- C:\users\theodore\appdata\local\popcorn time\nw.exe (.not file.)
O87 - FAEL: "UDP Query User{3D31B461-A5C0-4E7B-B8A8-1E9A98DE499B}C:\users\theodore\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P17-TRUE] .(...) -- C:\users\theodore\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.)
O87 - FAEL: "TCP Query User{3DB9169F-14C6-4A86-B783-14BDB298131F}C:\users\theodore\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P6-TRUE] .(...) -- C:\users\theodore\appdata\local\popcorn time\node-webkit\popcorn time.exe (.not file.)
O87 - FAEL: "{1B3337C6-B5AC-46FE-880F-AA32BCA7CEEB}" [In-None-P17-TRUE] .(.WB Games, Inc. - Middle-earth: Shadow of Mordor™.) -- C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
O87 - FAEL: "{BCA817B0-709F-4F7D-BACF-E30BEDCB2B6A}" [In-None-P6-TRUE] .(.WB Games, Inc. - Middle-earth: Shadow of Mordor™.) -- C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
O87 - FAEL: "{AC9337EC-0BBA-461C-8445-6B38ABB1130E}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameOldLoad.exe (.not file.)  =>PUP.Optional.Gameo
O87 - FAEL: "{AC2E6493-CCDF-4A28-9BC1-2468864B4BF8}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameOldLoad.exe (.not file.)  =>PUP.Optional.Gameo
O87 - FAEL: "{EC0FADAB-0D0C-438E-B838-31F6964188FB}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe (.not file.)
O87 - FAEL: "{3A1F9F34-8FBB-4F85-8B5A-095CC7694B68}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe (.not file.)
O87 - FAEL: "{2B8499C8-93E7-4414-9FBA-B9D77C1CDDAA}" [In-None-P17-TRUE] .(.Copyright ©  2013 - CDWLauncher.) -- C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
O87 - FAEL: "{C7B783A1-62C1-458F-A111-B93618FC5491}" [In-None-P6-TRUE] .(.Copyright ©  2013 - CDWLauncher.) -- C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
O87 - FAEL: "{42B2CD0E-9703-4674-A871-01ACBF255DDA}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (.not file.)
O87 - FAEL: "{84783C49-9209-4DD1-BC23-EDF5FD98F354}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (.not file.)
Haut
Debilon

Re: Virus recurents

par Debilon »

Code : Tout sélectionner

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (37) - 14s

SS - Demand [09/12/2015] [  269504]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  =>.Adobe Systems Incorporated®
SR - Auto   [15/09/2015] [  669872]  AdobeUpdateService (AdobeUpdateService) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe  =>.Adobe Systems Incorporated®
SR - Auto   [25/11/2015] [ 2016448]  Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe  =>.Adobe Systems Incorporated®
SR - Auto   [26/03/2014] [  115512]  ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe  =>.ASUSTeK Computer Inc.®
SR - Auto   [20/08/2014] [   71168]  Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation.) - C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe ©
SR - Auto   [21/11/2011] [   96896]  ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe  =>.ASUSTeK Computer Inc.®
SR - Auto   [08/10/2015] [  146600]  Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe  =>.AVAST Software a.s.®
SS - Demand [08/10/2015] [ 4048280]  AvastVBox COM Service (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe  =>.AVAST Software a.s.®
SS - Demand [22/11/2015] [ 1225216]  BattlEye Service (BEService) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe  =>.Bastian Suter®
SR - Demand [18/07/2015] [  283024]  Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe  =>.Intel Corporation - pGFX®
SR - Auto   [29/10/2014] [    9728]  DriverMFTService (DriverMFTService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe ©
SR - Auto   [18/11/2013] [  828656]  ExpressCache (ExpressCache) . (.Condusiv Technologies.) - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe {14FEE2983B54274D1B49694F7FB044A9} ©
SR - Auto   [27/08/2009] [ 1253376]  FABS - Helping agent for MAGIX media database (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe ©
SS - Demand [07/08/2008] [ 3276800]  Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
SR - Auto   [24/04/2014] [  227904]  GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe  =>.WildTangent Inc®
SS - Demand [24/04/2014] [  203344]  GamesAppService (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe  =>.WildTangent Inc®
SR - Auto   [16/11/2015] [ 1156400]  NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe  =>.NVIDIA Corporation®
SS - Auto   [15/12/2015] [  144200]  Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [15/12/2015] [  144200]  Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [03/04/2005] [   69632]  InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe ©
SR - Auto   [18/07/2015] [  351120]  Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe ©
SR - Auto   [11/05/2013] [  733696]  Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SS - Demand [11/05/2013] [  822232]  Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe  =>.Intel® Trusted Connect Service®
SR - Auto   [03/09/2013] [  131544]  Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe  =>.Intel Corporation - Intel® Management Engine Firmware®
SR - Auto   [03/09/2013] [  169432]  Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe  =>.Intel Corporation - Intel® Management Engine Firmware®
SR - Auto   [03/09/2013] [  390616]  Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe  =>.Intel Corporation - Software and Firmware Products®
SS - Auto   [05/10/2015] [ 1135416]  MBAMService (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe  =>.Malwarebytes Corporation®
SR - Auto   [16/11/2015] [ 1872688]  NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe  =>.NVIDIA Corporation®
SR - Demand [16/11/2015] [ 8133424]  NVIDIA Streamer Network Service (NvStreamNetworkSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe  =>.NVIDIA Corporation®
SR - Auto   [16/11/2015] [ 5915440]  NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe  =>.NVIDIA Corporation®
SS - Auto   [24/11/2015] [  938616]  NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe ©
SS - Demand [17/12/2015] [ 2104840]  Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe  =>.Electronic Arts, Inc.®
SS - Auto   [09/07/2015] [  327296]  Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe  =>.Skype Software Sarl®
SS - Demand [14/12/2015] [  836176]  Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe  =>.Valve®
SR - Auto   [19/10/2015] [  339968]   (Update service) . (.Popcorn Time.) - C:\Program Files (x86)\Popcorn Time\Updater.exe ©
SR - Auto   [27/08/2014] [  323584]  ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ©

---\\ Scan Additionnel (1) - 0s
~ Aucun élément malicieux ou superflu trouvé.

---\\ Récapitulatif des éléments trouvés sur votre station (3) - 0s
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/?p=90  =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Gameo

~ End of the scan, 25738 items in 00h01mn01s (946)(0)
Merci de votre aide :)
Si besoin de plus d'informations je suis à votre disposition !
Haut
Malekal_morte
Messages : 113189
Inscription : 10 sept. 2005 13:57

Re: PUPs sur WIndows 10 : OurSurfing, Boxore, Gameo,..

par Malekal_morte »

Salut,

Pas infecté, les détections, c'est juste des pseudos restes sur Google Chrome etc pour ZHPDiag.
JRT sert à rien et la détection n'est pas malicieuse.

Après pour CCleaner, c'est pas bien grave non plus.

Je te conseille de désinstaller Spybot, pas super efficace, selon moi.
Voir ce sujet : Adwares : Antispyware comment ne pas désinfecter son PC
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Haut
Debilon

Re: PUPs sur WIndows 10 : OurSurfing, Boxore, Gameo,..

par Debilon »

Ok merci pour ZHPDiag mais le virus sur JRT est plutôt agacent, il m'empêche de jouer
à certains jeux sur Origin ou ralenti mon PC considérablement et je suis obligé de scanner chaque fois avec JRT
pour remettre les choses en ordre !
Haut
Malekal_morte
Messages : 113189
Inscription : 10 sept. 2005 13:57

Re: PUPs sur WIndows 10 : OurSurfing, Boxore, Gameo,..

par Malekal_morte »

Encore une fois C:\Users\Theodore\AppData\Roaming\sp_data.sys n'est pas malicieux.

Tu es sûr que tes problèmes de jeux ne sont pas arrivés depuis que tu es passé sur Windows 10 ?
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Haut
Debilon

Re: PUPs sur WIndows 10 : OurSurfing, Boxore, Gameo,..

par Debilon »

Ah probablement :)
Merci !
Haut
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »