ZHPDiag

~ ZHPDiag v2016.1.31.
23 Par Nicolas Coolman (2016/01/30)

~ Démarré par GP72 (Administrator) (2018/10/15 05:34:01)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Users\GP72\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\GP72\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 17134)
---\\ Navigateurs Internet (4) - 1s

GCIE: Google Chrome v69.0.3497.100
MFIE: Mozilla Firefox 62.0.3 (x64 fr)
OPIE: Opera 56.0.3051.36
MSIE: Internet Explorer v11.345.17134.0
---\\ Informations sur les produits Windows (8) - 0s

~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : TJF7F
Windows License : OK
~ Windows Remaining Initializations Number : 1001
Windows Automatic Updates : OK
---\\ Logiciels de protection (2) - 3s

Norton Security v22.15.1.8
Windows Defender (Deactivate)
---\\ Logiciels d'optimisation (1) - 4s

CCleaner v5.30
---\\ Logiciels de partage P2P (1) - 4s

eMule
---\\ Informations sur le système (6) - 0s

~ Operating System: Intel64 Family 6 Model 94 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 16656.284 MB (67% free)
System Restore: Activé (Enable)
System drive C: has 133 GB () free of 242 GB
---\\ Mode de connexion au système (3) - 0s

~ Computer Name: MSI
~ User Name: GP72
~ Logged in as Administrator
---\\ Enumération des unités disques (2) - 0s

~ Drive C: has 133 GB free of 242 GB (System)
~ Drive D: has 754 GB free of 937 GB
---\\ Etat du Centre de Sécurité Windows (7) - 0s

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOH
IDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHO
WALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application:
OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (25) - 1s

[MD5.E4A81EDDFF8B844D85C8B45354E4144E] - 06/07/2018 - (.Microsoft Corporation -
Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [3932672]
{330000017469DE108B3765A8D7000000000174} =>.Microsoft Corporation
[MD5.73C519F050C20580F8A62C849D49215A] - 12/04/2018 - (.Microsoft Corporation -
Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632]
=>.Microsoft Corporation
[MD5.A58B0CB069DA7840B935872ADCD7F0C2] - 12/04/2018 - (.Microsoft Corporation -
Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [366792]
{330000016B5AF7A2A57141582700000000016B} =>.Microsoft Corporation
[MD5.F871B78E0A56297D1E3F9AE0B333C1CB] - 20/09/2018 - (.Microsoft Corporation -
Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [4615680]
[MD5.749CA1F1B638E4E4A8A1F0990377012F] - 08/09/2018 - (.Microsoft Corporation -
Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe
[677888] =>.Microsoft Corporation
[MD5.7A377800FF15426B7D89768A8727CFEF] - 12/04/2018 - (.Microsoft Corporation -
Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [415232]
[MD5.F4B9F200B9D7EBC8BD4C8E39F02A44E3] - 06/07/2018 - (.Microsoft Corporation - DNS
DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [766608]
[MD5.BE663A3C8E4F3ED2E8404A808614BCE3] - 06/07/2018 - (.Microsoft Corporation - DNS
DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [573904]
[MD5.80BC3B8D2055BC38ECD84769C074C18F] - 12/04/2018 - (.Microsoft Corporation - DLL
client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-
FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.4DCCC3E02A22ED4A4ADB11386F226071] - 12/04/2018 - (.Microsoft Corporation -
Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys
[626592] {330000017469DE108B3765A8D7000000000174} =>.Microsoft Corporation
[MD5.90AB4ED8EBD72A1C096A40CC35404B91] - 12/04/2018 - (.Microsoft Corporation -
ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28568]
[MD5.D3CBC6DE5955D014407C7BD1FFE80F00] - 12/04/2018 - (.Microsoft Corporation - CD-
ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93696]
[MD5.6834DBBA2A1DBA5B9B6360D0B9A3CBB5] - 15/06/2018 - (.Microsoft Corporation -
SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [159744]
[MD5.8A1C10410FDA4287A76EC5A64371E221] - 15/06/2018 - (.Microsoft Corporation - DFS
Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [141312]
[MD5.DED74127C7A2266715C0B8EA2EE75214] - 12/04/2018 - (.Microsoft Corporation -
High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys
[MD5.DA179667B8CEC22E4ECBBF4210DC0E35] - 12/04/2018 - (.Microsoft Corporation -
Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [105984]
[MD5.7408B83959A4B8271EF67FD06A6B366B] - 12/04/2018 - (.Microsoft Corporation - IP
Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214528]
[MD5.6C321DB795F5EF5FF870737177825FC9] - 20/09/2018 - (.Microsoft Corporation -
Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [500536]
{33000001C422B2F79B793DACB20000000001C4} =>.Microsoft Corporation
[MD5.A6C01E478CD9ED26F6FB7ABCF9A2C773] - 03/08/2018 - (.Microsoft Corporation - MBT
Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [311296] =>.Microsoft
Corporation
[MD5.8AA13C67D70E9452B55B7A5C8B96BD36] - 20/09/2018 - (.Microsoft Corporation -
Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys
[2421248] {33000001C422B2F79B793DACB20000000001C4} =>.Microsoft Corporation
[MD5.13B175715A4391E4E5D2AB2EBC8CDBB5] - 12/04/2018 - (.Microsoft Corporation -
Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [98816]
[MD5.775ED7E51B58CF9EB415A1DBA540DACF] - 12/04/2018 - (.Microsoft Corporation - RAS
L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys
[MD5.3DE4216324BE32FC3AF7667AE2406EE5] - 15/06/2018 - (.Microsoft Corporation -
Redirecteur de périphérique de Microsoft RD.) --
C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation
[MD5.16071C42E21CE3378FA449322FB9AB1D] - 12/04/2018 - (.Microsoft Corporation - TDI
Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [121248]
[MD5.F0EE4E6028CCA58BEA9A04E7BEAB7DB4] - 12/04/2018 - (.Microsoft Corporation -
Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys
[398240] {330000017469DE108B3765A8D7000000000174} =>.Microsoft Corporation
---\\ Liste des services NT non Microsoft et non désactivés (33) - 2s

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (...) - C:\Program
Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (.not file.)
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple
Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast
Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
{07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
O23 - Service: Avast Firewall Service (avast! Firewall) . (.AVAST Software - Avast
firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.)
- C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: CyberGhost 6 Service (CG6Service) . (.CyberGhost S.A. - CyberGhost
Service.) - C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
{74C7928ED55A6735BEA8DA78D054DC44}
O23 - Service: Avast Cleanup Premium (CleanupPSvc) . (.AVAST Software - Avast
Cleanup Service.) - C:\Program Files (x86)\AVAST Software\Avast
Cleanup\TuneupSvc.exe {07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel
Corporation - Intel HD Graphics Drivers for Windows(R).) -
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\I
ntelCpHDCPSvc.exe {330000BB0B8823E10D1669124600020000BB0B} =>.Intel Corporation
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation
- Intel(R) PROSet/Wireless Event Log Service.) - C:\Program
Files\Intel\WiFi\bin\EvtEng.exe =>.Intel Corporation-Wireless Connectivity
Solutions®
O23 - Service: ExpressVpn Service (ExpressVpnService) . (.Public Domain; Author
Iain Patterson 2003-2014 - The non-sucking service manager.) - C:\Program Files
(x86)\ExpressVPN\bootstrap\AMD64\nssm.exe {00E307F6F1FAC7423E6C00336A94105B17}
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) . (.MAGIX AG -
Verzeichnisüberwachung und Hilfsaufgaben fü.) - C:\Program Files (x86)\Common
Files\MAGIX Services\Database\bin\FABS.exe =>.MAGIX AG
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA
Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA
Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA
Corporation®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. -
Programme d'installation de Google.) - C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel
Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage
Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Rapid Storage Technology®
O23 - Service: @oem22.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) . (...)
- C:\WINDOWS\system32\ibtsiva (.not file.)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) .
(.Intel Corporation - igfxCUIService Module.) -
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\i
gfxCUIService.exe {330000BB0B8823E10D1669124600020000BB0B} =>.Intel Corporation
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) . (...) - C:\Program
Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service
(jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.)
- C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP
Blocks Group®
O23 - Service: (Killer Network Service) . (.Rivet Networks - Killer Network
Service.) -
C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
{33000000584C084C80A1C8D561000000000058} =>.Rivet Networks
O23 - Service: Killer Service V2 (Killer Service V2) . (.Rivet Networks - Killer
Network Service.) - C:\Program Files\Killer Networking\Network
Manager\KillerService.exe =>.Rivet Networks
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) .
(.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation
- Embedded Subsystems and IP Blocks Group®
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes
Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
{044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes
O23 - Service: Micro Star SCM (Micro Star SCM) . (.Micro-Star International Co.,
Ltd. - MSI SCM Service.) - C:\Program Files (x86)\SCM\MSIService.exe =>.MICRO-STAR
INTERNATIONAL CO., LTD.
O23 - Service: Norton Security (NortonSecurity) . (.Symantec Corporation - Norton
Security.) - C:\Program Files (x86)\Norton
Security\Engine\22.15.1.8\NortonSecurity.exe {3D2A7788B48A440827200DFF2AB4D818}
=>.Symantec Corporation
O23 - Service: Norton WSC Service (nsWscSvc) . (.Symantec Corporation - Norton
Security WSC Service.) - C:\Program Files (x86)\Norton
Security\Engine\22.15.1.8\nswscsvc.exe {3D2A7788B48A440827200DFF2AB4D818}
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) .
(.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA
Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation -
NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA
Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation -
NVIDIA Streamer Service.) - C:\Program Files\NVIDIA
Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation®
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) . (.The
OpenVPN Project - OpenVPN Service.) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
{03E49B29AE75DF4C50DC1662670776B9} =>.The OpenVPN Project
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R)
Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common
Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity
Solutions®
O23 - Service: SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at
University of Tsukuba, Japan - SoftEther VPN.) - C:\Program Files\SoftEther VPN
Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN
Project at University of Tsukuba, Japan
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated
- 64-bit Synaptics Pointing Enhance Service.) - C:\Program
Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service
(ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure
Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel
Corporation-Wireless Connectivity Solutions®
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (48) - 61s
SR - Auto [02/09/2015] [ 77104] Apple Mobile Device Service (Apple Mobile

Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile
Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Demand [31/08/2018] [ 7994520] aswbIDSAgent (aswbIDSAgent) . (.AVAST
Software.) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
SR - Auto [31/08/2018] [ 322464] Avast Antivirus (avast! Antivirus) . (.AVAST
Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - Auto [01/09/2018] [ 431544] Avast Firewall Service (avast! Firewall) .
(.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SS - Demand [31/08/2018] [ 57504] (AvastWscReporter) . (.AVAST Software.) -
C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
SR - Auto [30/08/2011] [ 462184] Service Bonjour (Bonjour Service) . (.Apple
Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Auto [11/06/2018] [ 204880] CyberGhost 6 Service (CG6Service) .
(.CyberGhost S.A..) - C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
{74C7928ED55A6735BEA8DA78D054DC44}
SR - Auto [25/09/2018] [ 9116128] Avast Cleanup Premium (CleanupPSvc) . (.AVAST
Software.) - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
SR - Demand [31/07/2017] [ 389232] Intel(R) Content Protection HECI Service
(cphs) . (.Intel Corporation.) -
ntelCpHeciSvc.exe {330000BB0B8823E10D1669124600020000BB0B} =>.Intel Corporation
SR - Auto [31/07/2017] [ 605296] Intel(R) Content Protection HDCP Service
(cplspcon) . (.Intel Corporation.) -
ntelCpHDCPSvc.exe {330000BB0B8823E10D1669124600020000BB0B} =>.Intel Corporation
SR - Auto [09/07/2015] [ 640928] Intel(R) PROSet/Wireless Event Log (EvtEng) .
(.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe =>.Intel
SR - Auto [31/07/2018] [ 339168] ExpressVpn Service (ExpressVpnService) .
(.Public Domain; Author Iain Patterson 2003-2014.) - C:\Program Files
(x86)\ExpressVPN\bootstrap\AMD64\nssm.exe {00E307F6F1FAC7423E6C00336A94105B17}
SR - Auto [24/01/2012] [ 1858048] FABS - Helping agent for MAGIX media database
(Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX
Services\Database\bin\FABS.exe =>.MAGIX AG
SS - Disabl [26/04/2011] [ 2702848] Firebird Server - MAGIX Instance
(FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\Common
Files\MAGIX Services\Database\bin\fbserver.exe
SR - Auto [02/06/2016] [ 1156400] NVIDIA GeForce Experience Service
(GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA
Corporation\GeForce Experience Service\GfExperienceService.exe =>.NVIDIA
Corporation®
SS - Auto [18/07/2017] [ 107848] Service Google Update (gupdate) (gupdate) .
(.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google
Inc®
SS - Demand [18/07/2017] [ 107848] Service Google Update (gupdatem) (gupdatem) .
(.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google
Inc®
SR - Auto [24/06/2015] [ 18856] Intel(R) Rapid Storage Technology
(IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid
Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Rapid Storage
Technology®
SR - Auto [31/07/2017] [ 407152] Intel(R) HD Graphics Control Panel Service
(igfxCUIService2.0.0.0) . (.Intel Corporation.) -
gfxCUIService.exe {330000BB0B8823E10D1669124600020000BB0B} =>.Intel Corporation
SS - Demand [22/05/2015] [ 881152] Intel(R) Capability Licensing Service TCP IP
Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R)
Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel®
Trusted Connect Service®
SR - Demand [19/05/2015] [ 335872] Intel(R) Security Assist (Intel(R) Security
Assist) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Security
Assist\isa.exe =>.Intel Corporation
SS - Demand [12/09/2015] [ 643856] Service de l’iPod (iPod Service) . (.Apple
Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.®
SS - Auto [19/05/2015] [ 7680] Intel(R) Security Assist Helper (isaHelperSvc)
. (...) - C:\Program Files (x86)\Intel\Intel(R) Security
Assist\isaHelperService.exe
SR - Auto [07/08/2015] [ 207648] Intel(R) Dynamic Application Loader Host
Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel
Corporation - Embedded Subsystems and IP Blocks Group®
SR - Auto [06/03/2018] [ 2327488] (Killer Network Service) . (.Rivet Networks.)
- C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
=>.Rivet Networks
SR - Auto [07/10/2015] [ 451072] Killer Service V2 (Killer Service V2) .
(.Rivet Networks.) - C:\Program Files\Killer Networking\Network
Manager\KillerService.exe =>.Rivet Networks
SR - Auto [07/08/2015] [ 415520] Intel(R) Management and Security Application
Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation
- Embedded Subsystems and IP Blocks Group®
SR - Auto [19/09/2018] [ 6347056] Malwarebytes Service (MBAMService) .
(.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
SR - Auto [16/04/2016] [ 160768] Micro Star SCM (Micro Star SCM) . (.Micro-Star
International Co., Ltd..) - C:\Program Files (x86)\SCM\MSIService.exe =>.MICRO-
STAR INTERNATIONAL CO., LTD.
SS - Demand [08/10/2018] [ 196048] Mozilla Maintenance Service
(MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla
Maintenance Service\maintenanceservice.exe {0C5396DCB2949C70FAC48AB08A07338E}
=>.Mozilla Foundation
SS - Demand [09/07/2015] [ 268192] Wireless PAN DHCP Server (MyWiFiDHCPDNS) .
(.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program
Files\Intel\WiFi\bin\PanDhcpDns.exe =>.Intel Corporation-Wireless Connectivity
Solutions®
SS - Demand [18/06/2015] [ 4362568] Norton Online Backup (NOBU) . (.Symantec
Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
=>.Symantec Corporation®
SR - Auto [07/09/2018] [ 328648] Norton Security (NortonSecurity) . (.Symantec
Corporation.) - C:\Program Files (x86)\Norton
Security\Engine\22.15.1.8\NortonSecurity.exe {3D2A7788B48A440827200DFF2AB4D818}
SR - Auto [07/09/2018] [ 915712] Norton WSC Service (nsWscSvc) . (.Symantec
Corporation.) - C:\Program Files (x86)\Norton
Security\Engine\22.15.1.8\nswscsvc.exe {3D2A7788B48A440827200DFF2AB4D818}
SR - Auto [01/05/2017] [ 462968] NVIDIA Display Container LS
(NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA
Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
SR - Auto [02/06/2016] [ 1872688] NVIDIA Network Service (NvNetworkService) .
(.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA
Corporation\NetService\NvNetworkService.exe =>.NVIDIA Corporation®
SS - Auto [02/06/2016] [ 5915440] NVIDIA Streamer Service (NvStreamSvc) .
(.NVIDIA Corporation.) - C:\Program Files\NVIDIA
Corporation\NvStreamSrv\NvStreamService.exe =>.NVIDIA Corporation®
SS - Demand [06/03/2018] [ 24192] OpenVPNService (OpenVPNService) . (...) -
C:\Program Files\OpenVPN\bin\openvpnserv2.exe {03E49B29AE75DF4C50DC1662670776B9}
SR - Auto [26/04/2018] [ 75392] OpenVPN Interactive Service
(OpenVPNServiceInteractive) . (.The OpenVPN Project.) - C:\Program
Files\OpenVPN\bin\openvpnserv.exe {03E49B29AE75DF4C50DC1662670776B9} =>.The
OpenVPN Project
SS - Demand [26/04/2018] [ 75392] OpenVPN Legacy Service
(OpenVPNServiceLegacy) . (.The OpenVPN Project.) - C:\Program
Files\OpenVPN\bin\openvpnserv.exe {03E49B29AE75DF4C50DC1662670776B9} =>.The
OpenVPN Project
SR - Auto [09/07/2015] [ 157088] Intel(R) PROSet/Wireless Registry Service
(RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common
Files\Intel\WirelessCommon\RegSrvc.exe =>.Intel Corporation-Wireless Connectivity
Solutions®
SS - Demand [01/03/2013] [ 118520] Remote Packet Capture Protocol v.0
(experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files
(x86)\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.®
SR - Auto [08/07/2018] [ 5248456] SoftEther VPN Client (SEVPNCLIENT) .
(.SoftEther VPN Project at University of Tsukuba, Japan.) - C:\Program
Files\SoftEther VPN Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E}
=>.SoftEther VPN Project at University of Tsukuba, Japan
SS - Demand [07/08/2018] [ 153272] Letasoft Sound Booster Service
(SoundBoosterService) . (.Letasoft.) - C:\Program Files (x86)\Letasoft Sound
Booster\SoundBoosterService.exe {09F6F084764B3FF5686B213D91D8AB64}
SS - Disabl [10/03/2018] [ 495616] OpenSSH Authentication Agent (ssh-agent) .
(...) - C:\Windows\System32\OpenSSH\ssh-agent.exe
SR - Auto [16/05/2017] [ 279104] SynTPEnh Caller Service (SynTPEnhService) .
(.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
=>.Synaptics Incorporated®
SR - Auto [09/07/2015] [ 3831712] Intel(R) PROSet/Wireless Zero Configuration
Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program
Files\Intel\WiFi\bin\ZeroConfigService.exe =>.Intel Corporation-Wireless
Connectivity Solutions®
---\\ Tâches planifiées en automatique (44) - 5s

[MD5.00000000000000000000000000000000] [APT] [Adobe Acrobat Update Task] (...) --
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AdobeAAMUpdater-1.0-MSI-GP72] (...)
-- C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AdobeGCInvoker-1.0-MSI-GP72] (...) --
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (.not
file.) [0]
[MD5.42B7615200E359FC575F91741A62652F] [APT] [Avast Emergency Update] (.AVAST
Software.) -- C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2752216]
[MD5.D3691E23E2CB5E7809C4AF25B1943983] [APT] [Avast TUNEUP Update] (.AVAST
Software.) -- C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
[1693488] {07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
[MD5.00000000000000000000000000000000] [APT] [AvastUpdateTaskMachineCore] (...) --
C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (.not
file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AvastUpdateTaskMachineUA] (...) --
C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (.not
file.) [0]
[MD5.E5550587CC154E805433DFC99CE7937E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) --
C:\Program Files\CCleaner\CCleaner.exe [7619288] =>.Piriform Ltd®
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google
Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
=>.Google Inc®
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google
Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
=>.Google Inc®
[MD5.85F3530120F2E313515F8CBF347A503F] [APT] [MSI_Dragon Gaming Center] (.TODO: <公
司名稱>.) -- C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe
[1680520]
[MD5.1697FE350005DEA21DFDB67A3B92713A] [APT] [MSI_Help_Desk_Agent] (.Micro-Star
International Co., Ltd..) -- C:\Program Files (x86)\MSI\Help Desk\MSI Update
Agent.exe [431384] =>.MICRO-STAR INTERNATIONAL CO., LTD.
[MD5.4CE596D1487430B8625647F809262C48] [APT] [Nahimic2Svc32Run] (...) -- C:\Program
Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [4412088]
{0CB6C99A74AB3C7107797065317087EF}
[MD5.264CB1D91733B8659A4069C865CBB09F] [APT] [Nahimic2Svc64Run] (...) -- C:\Program
Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [520376]
{0CB6C99A74AB3C7107797065317087EF}
[MD5.4FE4B82BCE16D2E62F2115CAF3FFDBB5] [APT] [Nahimic2UILauncherRun] (.Nahimic.) --
C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734904]
{0CB6C99A74AB3C7107797065317087EF} =>.Nahimic
[MD5.97021B7EBD947FA11588DF391C702D6C] [APT] [Norton WSC Integration] (.Symantec
Corporation.) -- C:\Program Files (x86)\Norton
Security\Engine\22.15.1.8\wscstub.exe [2271704]
{3D2A7788B48A440827200DFF2AB4D818} =>.Symantec Corporation
[MD5.EB1BAF97E102F73EFDD21BD0E5A4C5FF] [APT] [Opera scheduled Autoupdate
1531180545] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [1359448]
{0FDE84F0D55D8D3368325DC0CDC4A979} =>.Opera Software
[MD5.C63BF68865C29586798651B49BD3BA2B] [APT] [PDVDServ12 Task] (.CyberLink Corp..)
-- C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [85432]
=>.CyberLink Corp.®
[MD5.2B50EBFAEFCD429E14D4D8801C5555ED] [APT] [Private Internet Access Startup]
(...) -- C:\Program Files\pia_manager\pia_manager.exe [8906097]
[MD5.6B51F9177E4A9AF07B0AD02A52F5963D] [APT] [WpsExternal_GP72_20180416224358]
(.Zhuhai Kingsoft Office Software Co.,Ltd.) --
C:\Users\GP72\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [1257600]
{60864463BBBC2E4E67D42771E4CBD9A5} =>.Zhuhai Kingsoft Office Software Co.,Ltd
[MD5.0AEE78510C46E3A200B6BC21AC1C954D] [APT] [WpsUpdateTask_GP72] (.Zhuhai Kingsoft
Office Software Co.,Ltd.) -- C:\Users\GP72\AppData\Local\Kingsoft\WPS
Office\10.2.0.6020\wtoolex\wpsupdate.exe [648320]
{60864463BBBC2E4E67D42771E4CBD9A5} =>.Zhuhai Kingsoft Office Software Co.,Ltd
[MD5.BC41666FF68C364CD3EAA486E50C9270] [APT] [Apple\AppleSoftwareUpdate] (.Apple
Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
[563000] =>.Apple Inc.®
[MD5.979A3295847F5C5A78D1A248A803E33A] [APT] [Avast Software\Overseer] (.AVAST
Software.) -- C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
[2038320] {07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
O39 - APT: Adobe Acrobat Update Task - (...) -- C:\WINDOWS\System32\Tasks\Adobe
Acrobat Update Task [3482] (.Orphean.)
O39 - APT: AdobeAAMUpdater-1.0-MSI-GP72 - (...) --
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MSI-GP72 [2748] (.Orphean.)
O39 - APT: AdobeGCInvoker-1.0-MSI-GP72 - (...) --
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MSI-GP72 [2702] (.Orphean.)
O39 - APT: Avast Emergency Update - (.AVAST Software.) --
C:\WINDOWS\System32\Tasks\Avast Emergency Update [4264] =>.AVAST Software
O39 - APT: Avast TUNEUP Update - (.AVAST Software.) --
C:\WINDOWS\System32\Tasks\Avast TUNEUP Update [4008] =>.AVAST Software
O39 - APT: AvastUpdateTaskMachineCore - (...) --
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore [3332] (.Orphean.)
O39 - APT: AvastUpdateTaskMachineUA - (...) --
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA [3556] (.Orphean.)
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) --
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2844] =>.Piriform Ltd
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) --
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3292] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) --
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3516] =>.Google Inc.
O39 - APT: MSI_Dragon Gaming Center - (.TODO: <公司名稱>.) --
C:\WINDOWS\System32\Tasks\MSI_Dragon Gaming Center [2502]
O39 - APT: MSI_Help_Desk_Agent - (.Micro-Star International Co., Ltd..) --
C:\WINDOWS\System32\Tasks\MSI_Help_Desk_Agent [3114] =>.MICRO-STAR INTERNATIONAL
CO., LTD.
O39 - APT: Nahimic2Svc32Run - (...) -- C:\WINDOWS\System32\Tasks\Nahimic2Svc32Run
[2376]
O39 - APT: Nahimic2Svc64Run - (...) -- C:\WINDOWS\System32\Tasks\Nahimic2Svc64Run
[2384]
O39 - APT: Nahimic2UILauncherRun - (.Nahimic.) --
C:\WINDOWS\System32\Tasks\Nahimic2UILauncherRun [2396] =>.Nahimic
O39 - APT: Norton WSC Integration - (.Symantec Corporation.) --
C:\WINDOWS\System32\Tasks\Norton WSC Integration [2622] =>.Symantec Corporation
O39 - APT: Opera scheduled Autoupdate 1531180545 - (.Opera Software.) --
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1531180545 [3308] =>.Opera
Software
O39 - APT: PDVDServ12 Task - (.CyberLink Corp..) --
C:\WINDOWS\System32\Tasks\PDVDServ12 Task [2218] =>.CyberLink Corp.
O39 - APT: Private Internet Access Startup - (...) --
C:\WINDOWS\System32\Tasks\Private Internet Access Startup [2496]
O39 - APT: WpsExternal_GP72_20180416224358 - (.Zhuhai Kingsoft Office Software
Co.,Ltd.) -- C:\WINDOWS\System32\Tasks\WpsExternal_GP72_20180416224358 [2948]
=>.Zhuhai Kingsoft Office Software Co.,Ltd
O39 - APT: WpsUpdateTask_GP72 - (.Zhuhai Kingsoft Office Software Co.,Ltd.) --
C:\WINDOWS\System32\Tasks\WpsUpdateTask_GP72 [2676] =>.Zhuhai Kingsoft Office
Software Co.,Ltd
---\\ Processus lancés (70) - 5s

[MD5.2AE5694D8A4CB9E28FE8BF042E064180] - (.NVIDIA Corporation - NVIDIA Container.)
-- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
[462968] [PID.1856] =>.NVIDIA Corporation®
[MD5.2AE5694D8A4CB9E28FE8BF042E064180] - (.NVIDIA Corporation - NVIDIA Container.)
-- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
[462968] [PID.1428] =>.NVIDIA Corporation®
[MD5.610EC7F110400DB546A7F6BBE2790E66] - (.Intel Corporation - igfxCUIService
Module.) --
gfxCUIService.exe [407152] [PID.2152] {330000BB0B8823E10D1669124600020000BB0B}
=>.Intel Corporation
[MD5.5F2BC495E3E89B271EBAFB8CCC371D8D] - (.Intel Corporation - igfxEM Module.) --
gfxEM.exe [559728] [PID.3676] {330000BB0B8823E10D1669124600020000BB0B} =>.Intel
Corporation
[MD5.BA1348BA828EF18CD905A7FFE3945A6B] - (.AVAST Software - Avast firewall
service.) -- c:\program files\avast software\Avast\afwServ.exe [431544] [PID.4500]
[MD5.AA2D30992087047EF638674198209948] - (.Public Domain; Author Iain Patterson
2003-2014 - The non-sucking service manager.) -- C:\Program Files
(x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [339168] [PID.4748]
{00E307F6F1FAC7423E6C00336A94105B17}
[MD5.3E7C6639E424FD28952C29D66B7E5277] - (.Apple Inc. - MobileDeviceService.) --
C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe [77104] [PID.4756] =>.Apple Inc.®
[MD5.BB74CE3D20EB4407EDF2927B982D8261] - (.Intel Corporation - Intel(R) Wireless
Bluetooth(R) iBtSiva Serv.) -- C:\Windows\System32\ibtsiva.exe [515768] [PID.4788]
{330000BBD8C011D30F92827BED00020000BBD8} =>.Intel Corporation
[MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) --
C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.4808] =>.Apple Inc.®
[MD5.44772422A651431FADDCE47A002BB681] - (.Intel Corporation - Intel HD Graphics
Drivers for Windows(R).) --
ntelCpHDCPSvc.exe [605296] [PID.4824] {330000BB0B8823E10D1669124600020000BB0B}
[MD5.E03BE7755C3883A2287575570DA92289] - (.Intel(R) Corporation - Intel(R)
PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
[640928] [PID.4852] =>.Intel Corporation-Wireless Connectivity Solutions®
[MD5.5E42BDFF22707E577AD82BE4C43C3BCE] - (.NVIDIA Corporation - NVIDIA GeForce
ExperienceService.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience
Service\GfExperienceService.exe [1156400] [PID.4860] =>.NVIDIA Corporation®
[MD5.8EDF16450B8CD03A0D62A257024743C8] - (.Rivet Networks - Killer Network
Service.) -- C:\Program Files\Killer Networking\Network Manager\KillerService.exe
[451072] [PID.4908] =>.Rivet Networks
[MD5.C8F0C144BBB96C5A6643D5745C8F1BA3] - (.AVAST Software - Avast Cleanup Service.)
-- C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9116128]
[PID.4960] {07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
[MD5.71C6748EE8DE938532057EF10B4B7E44] - (.Micro-Star International Co., Ltd. - MSI
SCM Service.) -- C:\Program Files (x86)\SCM\MSIService.exe [160768] [PID.4972]
=>.MICRO-STAR INTERNATIONAL CO., LTD.
[MD5.ABEFB9BB3216F387661DF8F9ABB1DA54] - (.Symantec Corporation - Norton Security.)
-- C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NortonSecurity.exe
[328648] [PID.5088] {3D2A7788B48A440827200DFF2AB4D818} =>.Symantec Corporation
[MD5.2CCD9A74A0F9C7605EAFA3F3AC8DC476] - (.NVIDIA Corporation - NVIDIA Network
Service.) -- C:\Program Files (x86)\NVIDIA
Corporation\NetService\NvNetworkService.exe [1872688] [PID.4120] =>.NVIDIA
Corporation®
[MD5.C9A520DEFDAAA6EDBA269B045F822E44] - (.Rivet Networks - Killer Network
Service.) --
C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2327488]
[PID.2176] {33000000584C084C80A1C8D561000000000058} =>.Rivet Networks
[MD5.6931B3E8CB8BA54E7105578D0A4A3701] - (.The OpenVPN Project - OpenVPN Service.)
-- c:\program files\OpenVPN\bin\openvpnserv.exe [75392] [PID.4208]
{03E49B29AE75DF4C50DC1662670776B9} =>.The OpenVPN Project
[MD5.193026DD0B72B560A798F8DA9A38679A] - (.Intel(R) Corporation - Intel(R)
PROSet/Wireless Registry Service.) -- C:\Program Files\Common
Files\Intel\WirelessCommon\RegSrvc.exe [157088] [PID.4172] =>.Intel Corporation-
Wireless Connectivity Solutions®
[MD5.004D1CF0250B5635C572DDEC489E3709] - (.SoftEther VPN Project at University of
Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN
Client\vpnclient_x64.exe [5248456] [PID.4308]
{1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of
Tsukuba, Japan
[MD5.796E18471F1BE8A7F746EC9057DBED6F] - (.Synaptics Incorporated - 64-bit
Synaptics Pointing Enhance Service.) -- C:\Program
Files\Synaptics\SynTP\SynTPEnhService.exe [279104] [PID.4868] =>.Synaptics
Incorporated®
[MD5.A2859A7B82A1B840AF33E68455E058D9] - (.Intel® Corporation - Intel®
PROSet/Wireless Zero Configure Servi.) -- C:\Program
Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712] [PID.5256] =>.Intel
[MD5.ECB760B2391608BA4E0A7987ADA70CCF] - (.Malwarebytes - Malwarebytes Service.) --
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056] [PID.5536]
[MD5.89C90468BEB5849B16B5A8F156FEAE25] - (...) -- C:\Program Files
(x86)\ExpressVPN\xvpnd\xvpnd.exe [8749184] [PID.5548]
{00E307F6F1FAC7423E6C00336A94105B17}
[MD5.6581A8AA7D4CDE34EBE6DDF6A9913F86] - (.CyberGhost S.A. - CyberGhost Service.)
-- C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880] [PID.5572]
{74C7928ED55A6735BEA8DA78D054DC44}
[MD5.98E874FF1376813ADD941BE6B051A593] - (.Synaptics Incorporated - Synaptics
TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[4384824] [PID.5596] =>.Synaptics Incorporated®
[MD5.1BA41B86B986CA865DA557C012C11D2A] - (.Intel Corporation - IntelCpHeciSvc
Executable.) --
ntelCpHeciSvc.exe [389232] [PID.6188] {330000BB0B8823E10D1669124600020000BB0B}
[MD5.0ADC5B14C7F239A5E9636D507A9A03E0] - (.Synaptics Incorporated - Synaptics
Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE
[227904] [PID.7704] =>.Synaptics Incorporated®
[MD5.ABEFB9BB3216F387661DF8F9ABB1DA54] - (.Symantec Corporation - Norton Security.)
-- C:\Program Files (x86)\Norton Security\Engine\22.15.1.8\NortonSecurity.exe
[328648] [PID.8144] {3D2A7788B48A440827200DFF2AB4D818} =>.Symantec Corporation
[MD5.D867B6D5CCB95594F78E36B21F909C0A] - (...) -- C:\Program
Files\WindowsApps\Microsoft.SkypeApp_14.30.98.1000_x64__kzf8qxf38zg5c\SkypeBackgrou
ndHost.exe [181248] [PID.9744]
[MD5.7CB54492F348AB19E882CD22312E2C79] - (...) -- C:\Program
Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.
exe [35124736] [PID.9972]
[MD5.5624E208D204E77166A9F2CD83037A74] - (.NVIDIA Corporation - NVIDIA Settings.)
-- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2457720] [PID.11816]
=>.NVIDIA Corporation®
[MD5.DD37DC13DF1224A8719208AE5CDE2B63] - (.NVIDIA Corporation - NVIDIA Backend.) --
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424]
[PID.12040] =>.NVIDIA Corporation®
[MD5.035FDCCDEFDE2BD945BD1851AF2759CF] - (.Malwarebytes - Malwarebytes Tray
Application.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [3710800]
[PID.11412] {044E3BF58976880FFD074448A8F7A058} =>.Malwarebytes
[MD5.4ED3AA6BF7203F3289DEF1E16CEB649A] - (.Realtek Semiconductor - Gestionnaire
audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217016]
[PID.13176] {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
[MD5.004D1CF0250B5635C572DDEC489E3709] - (.SoftEther VPN Project at University of
Client\vpnclient_x64.exe [5248456] [PID.13500]
{1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of
Tsukuba, Japan
[MD5.527AD68214B87F51F7D6FB2753AAACC3] - (.Innovative Digital Technologies - Ace
Stream.) -- C:\Users\GP72\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960]
[PID.14216] {5A9ADE269E8AD4DA73E0C7A4D62ECA30}
[MD5.C8F2AE6B1188AABA9FA201F2B0FFC9E7] - (.AVAST Software - Avast Cleanup UI.) --
C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe [1750136]
[PID.13552] {07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
[MD5.D6E98FD2590787717ACE50807BBB86CE] - (.SoftEther VPN Project at University of
Client\vpncmgr_x64.exe [5439432] [PID.14200] {1121D141C3B78476420DAB37340E68978A6E}
[MD5.C63BF68865C29586798651B49BD3BA2B] - (.CyberLink Corp. - PowerDVD Service.) --
C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [85432] [PID.13608]
=>.CyberLink Corp.®
[MD5.00B0D1B3D80491A8DD996F977262E766] - (.Micro-Star International Co., Ltd. -
Dragon Gaming Center.) -- C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon
Gaming Center.exe [6835848] [PID.8564] =>.MICRO-STAR INTERNATIONAL CO., LTD.
[MD5.527AD68214B87F51F7D6FB2753AAACC3] - (.Innovative Digital Technologies - Ace
Stream.) -- C:\Users\GP72\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960]
[PID.14724] {5A9ADE269E8AD4DA73E0C7A4D62ECA30}
[MD5.8F9FC35D5BF32D39B26ECAE4052E3D62] - (.Intel Corporation - IAStorIcon.) --
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472]
[PID.708] =>.Intel Corporation - Rapid Storage Technology®
[MD5.977DA3E852FFB80F652A388B433B02B2] - (...) --
C:\Users\GP72\AppData\Roaming\ACEStream\updater\ace_update.exe [27000] [PID.13004]
{0098482CF6234AA973EFE82ED8EEFE5361}
[MD5.8FDA65209157144C3E28809D75A47526] - (.MAGIX AG - Verzeichnisüberwachung und
Hilfsaufgaben fü.) -- C:\Program Files (x86)\Common Files\MAGIX
Services\Database\bin\FABS.exe [1858048] [PID.9036] =>.MAGIX AG
[MD5.14E3DB5ADA7E2187A404129F4E5CE336] - (.Intel Corporation - IAStorDataSvc.) --
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
[18856] [PID.15188] =>.Intel Corporation - Rapid Storage Technology®
[MD5.038CDE75D1D81B157C133EFC3471F939] - (.Intel Corporation - Intel(R) Dynamic
Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management
Engine Components\DAL\jhi_service.exe [207648] [PID.13516] =>.Intel Corporation -
Embedded Subsystems and IP Blocks Group®
[MD5.57AD6DFAB9C84BAAF008F57DFE2335EA] - (.Intel Corporation - Intel(R) Local
Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\LMS\LMS.exe [415520] [PID.14420] =>.Intel Corporation - Embedded
Subsystems and IP Blocks Group®
[MD5.735F19C7920712F76E9A09E66FD06872] - (.BitTorrent Inc. - µTorrent.) --
C:\Users\GP72\AppData\Roaming\uTorrent\uTorrent.exe [1987768] [PID.11892]
{0CF35369A9710762C36F6805FC9E45D6}
[MD5.150025608407CFC4105E70BE6EC8BE56] - (.BitTorrent Inc. - WebHelper.) --
C:\Users\GP72\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe [398008]
[PID.9804] {0CF35369A9710762C36F6805FC9E45D6}
[MD5.150025608407CFC4105E70BE6EC8BE56] - (.BitTorrent Inc. - WebHelper.) --
C:\Users\GP72\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe [398008]
[PID.8040] {0CF35369A9710762C36F6805FC9E45D6}
[MD5.A2DEDC42A69E5DAE63209BF7A3C90930] - (...) -- C:\Program
Files\WindowsApps\Microsoft.WindowsCalculator_10.1808.2461.0_x64__8wekyb3d8bbwe\Cal
culator.exe [4178432] [PID.9212]
[MD5.8213094EA736A9C575AB0E22AD09B0BA] - (.Intel Corporation - Intel(R) Security
Assist.) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872]
[PID.13264] =>.Intel Corporation
[MD5.4A4FF358B1ECCAEDBBDAEF293613CEC5] - (.Piriform Ltd - CCleaner.) -- C:\Program
Files\CCleaner\CCleaner64.exe [9773272] [PID.5664] =>.Piriform Ltd®
[MD5.F8BA54AD76C8F8EC9F3D639871B30F27] - (.Google Inc. - Google Chrome.) --
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1469784] [PID.244]
{2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc.
[MD5.5FA84097D4EE96EE721430BDD48538AF] - (...) -- C:\Program Files
(x86)\ExpressVPN\xvpnd\expressvpn-browser-helper.exe [5929088] [PID.4616]
{00E307F6F1FAC7423E6C00336A94105B17}
[MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) --
C:\Users\GP72\Downloads\ZHPDiag3 (1).exe [2105344] [PID.15184] =>.Nicolas Coolman
---\\ Google Chrome, Démarrage,Recherche,Extensions (10) - 0s

G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google
Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb]
__MSG_name__ =>.AdblocPlus Plugin
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google
G2 - GCE: Preference [User Data\Default] [fgddmllnllkalaagkghckoinaemmogpe]
__MSG_app_name_title__
G2 - GCE: Preference [User Data\Default] [gbchcmhmhahfdphkhkmpfmihenigjmpp]
__MSG_PRODUCT_NAME__
G2 - GCE: Preference [User Data\Default] [mjbepbhonbojpoaenhckjocchgfiaofo] Ace
Script
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome
Media Router
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (5) - 0s

P2 - EXT FILE: (...) --
C:\Users\GP72\AppData\Roaming\Mozilla\Firefox\Profiles\avsi81qo.default\extensions\
search-nudges@shield.mozilla.org.xpi
P2 - EXT FILE: (...) --
sp@avast.com.xpi
P2 - EXT FILE: (...) --
wrc@avast.com.xpi
P2 - FPN: [HKCU] [@acestream.net/acestreamplugin,version=3.1.28] - (.Innovative
Digital Technologies.) --
C:\Users\GP72\AppData\Roaming\ACEStream\player\npace_plugin.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program
Files (x86)\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc.
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (16) - 0s

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://oem15.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://oem15.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page
= about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page
= about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean
=>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (2) - 0s

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable =
0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy
= 1
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft
Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=
---\\ Etude du fichier hosts (1) - 0s

~ Le fichier hôte est sain (The hosts file is clean) (0)
---\\ Browser Helper Object de navigateur (BHO) (4) - 0s

O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
(Orphean)
O2 - BHO: Norton Identity Safety [64Bits] - {602ADB0E-4AFF-4217-8AA1-
95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files
(x86)\Norton Security\Engine32\22.15.1.8\CoIEPlg.dll
O2 - BHO: Adobe Acrobat Create PDF Helper [64Bits] - {AE7CD045-E861-484f-8273-
0445EE161910} . (...) -- C:\Program Files (x86)\Common
Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (.not file.)
O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (...) --
C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
(.not file.)
---\\ Internet Explorer, Barre d'outil (1) - 1s

O3 - Toolbar: 0x00 - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) --
C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
(.not file.)
---\\ Applications lancées au démarrage du système (31) - 1s

O4 - HKLM\..\Run: [SecurityHealth] C:\Program Files (x86)\Windows
Defender\MSASCuiL.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD
Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
{0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) --
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe =>.NVIDIA
Corporation®
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Processus hôte Windows
(Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) --
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [SCM] . (.MSI - SCM.) -- C:\Program Files (x86)\SCM\SCM.exe
=>.MSI
O4 - HKLM\..\Run: [Nahimic2UILauncher] . (.Nahimic - Nahimic2.) -- C:\Program
Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
{0CB6C99A74AB3C7107797065317087EF} =>.Nahimic
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program
Files\iTunes\iTunesHelper.exe =>.Apple Inc.®
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (.not file.)
O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] C:\Program Files (x86)\Common
Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (.not file.)
O4 - HKLM\..\Run: [SoftEther VPN Client UI Helper] . (.SoftEther VPN Project at
University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN
Client\vpnclient_x64.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN
Project at University of Tsukuba, Japan
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) --
C:\Program Files\AVAST Software\Avast\AvLaunch.exe
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) --
C:\Users\GP72\AppData\Local\Microsoft\OneDrive\OneDrive.exe
{33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O4 - HKCU\..\Run: [CyberGhost] . (.CyberGhost S.A. - CyberGhost.) -- C:\Program
Files\CyberGhost 6\CyberGhost.exe {74C7928ED55A6735BEA8DA78D054DC44}
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) --
C:\Users\GP72\AppData\Roaming\uTorrent\uTorrent.exe
{0CF35369A9710762C36F6805FC9E45D6}
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] . (.Adobe Systems Incorporated -
Adobe Collaboration Synchronizer 18.11.) -- C:\Program Files (x86)\Adobe\Acrobat
DC\Acrobat\AdobeCollabSync.exe {068983642C953E46F7BDCE4143F133C1} =>.Adobe Systems
Incorporated
O4 - HKCU\..\Run: [AceStream] . (.Innovative Digital Technologies - Ace Stream.) --
C:\Users\GP72\AppData\Roaming\ACEStream\engine\ace_engine.exe
{5A9ADE269E8AD4DA73E0C7A4D62ECA30}
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program
Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated
- Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative
Cloud\ACC\Creative Cloud.exe {6DC3ED4566163E279D2784C99FFFD787} =>.Adobe Systems
Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. -
AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
{068983642C953E46F7BDCE4143F133C1} =>.Adobe Systems Inc.
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare -
Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare
Helper Compact\WSHelper.exe {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft
OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
{330000004C80D5F9985076B09C00010000004C} =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft
OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
{330000004C80D5F9985076B09C00010000004C} =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows
Contacts.) -- C:\Program Files (x86)\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows
Contacts.) -- C:\Program Files (x86)\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3049142156-2197813001-1129840286-1005\..\Run: [OneDrive] .
(.Microsoft Corporation - Microsoft OneDrive.) --
C:\Users\GP72\AppData\Local\Microsoft\OneDrive\OneDrive.exe
O4 - HKUS\S-1-5-21-3049142156-2197813001-1129840286-1005\..\Run: [CyberGhost] .
(.CyberGhost S.A. - CyberGhost.) -- C:\Program Files\CyberGhost 6\CyberGhost.exe
{74C7928ED55A6735BEA8DA78D054DC44}
O4 - HKUS\S-1-5-21-3049142156-2197813001-1129840286-1005\..\Run: [uTorrent] .
(.BitTorrent Inc. - µTorrent.) --
{0CF35369A9710762C36F6805FC9E45D6}
O4 - HKUS\S-1-5-21-3049142156-2197813001-1129840286-1005\..\Run: [Adobe Acrobat
Synchronizer] . (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer
18.11.) -- C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
{068983642C953E46F7BDCE4143F133C1} =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-21-3049142156-2197813001-1129840286-1005\..\Run: [AceStream] .
(.Innovative Digital Technologies - Ace Stream.) --
C:\Users\GP72\AppData\Roaming\ACEStream\engine\ace_engine.exe
{5A9ADE269E8AD4DA73E0C7A4D62ECA30}
O4 - HKUS\S-1-5-21-3049142156-2197813001-1129840286-1005\..\Run: [CCleaner
Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program
Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
---\\ Raccourcis Global Startup (81) - 4s

O4 - GS\Desktop [Administrateur]: Adobe Photoshop Cs6 Portable.lnk . (...)
C:\Users\GP72\Desktop\Bureau3\Bureau\Photoshop CS6 - DB51\PSCS6.exe
O4 - GS\Desktop [Administrateur]: Kleopatra (2).lnk . (...) C:\Program Files
(x86)\Gpg4win\bin\kleopatra.exe
O4 - GS\Desktop [Administrateur]: PuTTY.lnk . (.Simon Tatham - .) C:\Program Files
(x86)\PuTTY\putty.exe =>.Simon Tatham
O4 - GS\Desktop [Administrateur]: Start Tor Browser.lnk . (.Mozilla Corporation -
Tor Browser.) C:\Users\GP72\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla
Corporation
O4 - GS\Desktop [Administrateur]: Sublime Text 3.lnk . (.Sublime HQ Pty Ltd -
Sublime Text.) C:\Program Files\Sublime Text 3\sublime_text.exe
{7F74C210CC0D477C7F54A8D4822D6A} =>.Sublime HQ Pty Ltd
O4 - GS\Desktop [Administrateur]: VNC Viewer.lnk . (.RealVNC Ltd - .) C:\Program
Files (x86)\RealVNC\VNC Viewer\vncviewer.exe =>.RealVNC Ltd
O4 - GS\Desktop [Administrateur]: WinSCP.lnk . (.Martin Prikryl - WinSCP: SFTP,
FTP, WebDAV, S3 and SCP clien.) C:\Program Files (x86)\WinSCP\WinSCP.exe
{0D5D6AF11B6332703EBF829DBE7605BF} =>.Martin Prikryl
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.)
C:\Users\GP72\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: Avast Secure Browser.lnk . (...) C:\Program
Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
O4 - GS\Quicklaunch [Administrateur]: CyberGhost 6.lnk . (.CyberGhost S.A. -
CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe
{74C7928ED55A6735BEA8DA78D054DC44}
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google
Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Quicklaunch [Administrateur]: iMyFone D-Back.lnk . (.Shenzhen iMyFone
Technology Co., Ltd. - iMyFone D-Back.) C:\Program Files (x86)\iMyFone\iMyFone D-
Back\D-Back.exe {0CFE0220208BB7F0F7096271B431642B}
O4 - GS\Quicklaunch [Administrateur]: Navigateur Opera.lnk . (.Opera Software - .)
C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\Quicklaunch [Administrateur]: Wireshark.lnk . (.The Wireshark developer
community, http://www.wiresha - Wireshark.) C:\Program
Files\Wireshark\Wireshark.exe {0A16AE9F0A11D38047CDDA823769F520}
O4 - GS\Quicklaunch [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)
{0CF35369A9710762C36F6805FC9E45D6}
O4 - GS\sendTo [Administrateur]: WinSCP (pour envoi).lnk . (.Martin Prikryl -
WinSCP: SFTP, FTP, WebDAV, S3 and SCP clien.) C:\Program Files
(x86)\WinSCP\WinSCP.exe {0D5D6AF11B6332703EBF829DBE7605BF} =>.Martin Prikryl
O4 - GS\TaskBar [Administrateur]: ExpressVPN.lnk . (.ExpressVPN - ExpressVPN.)
C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVPN.exe
{00E307F6F1FAC7423E6C00336A94105B17}
O4 - GS\TaskBar [Administrateur]: Firefox.lnk . (.Mozilla Corporation - Firefox.)
C:\Program Files\Mozilla Firefox\firefox.exe {0C5396DCB2949C70FAC48AB08A07338E}
=>.Mozilla Corporation
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google
O4 - GS\TaskBar [Administrateur]: Kleopatra.lnk . (...) C:\Program Files
O4 - GS\TaskBar [Administrateur]: Navigateur Opera.lnk . (.Opera Software - .)
O4 - GS\TaskBar [Administrateur]: Start Tor Browser.lnk . (.Mozilla Corporation -
Tor Browser.) C:\Users\GP72\Desktop\Bureau3\Tor Browser\Browser\firefox.exe
O4 - GS\TaskBar [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)
{0CF35369A9710762C36F6805FC9E45D6}
O4 - GS\Desktop [GP72]: Adobe Photoshop Cs6 Portable.lnk . (...)
O4 - GS\Desktop [GP72]: Kleopatra (2).lnk . (...) C:\Program Files
O4 - GS\Desktop [GP72]: PuTTY.lnk . (.Simon Tatham - .) C:\Program Files
(x86)\PuTTY\putty.exe =>.Simon Tatham
O4 - GS\Desktop [GP72]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor
Browser.) C:\Users\GP72\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla
Corporation
O4 - GS\Desktop [GP72]: Sublime Text 3.lnk . (.Sublime HQ Pty Ltd - Sublime Text.)
C:\Program Files\Sublime Text 3\sublime_text.exe {7F74C210CC0D477C7F54A8D4822D6A}
=>.Sublime HQ Pty Ltd
O4 - GS\Desktop [GP72]: VNC Viewer.lnk . (.RealVNC Ltd - .) C:\Program Files
(x86)\RealVNC\VNC Viewer\vncviewer.exe =>.RealVNC Ltd
O4 - GS\Desktop [GP72]: WinSCP.lnk . (.Martin Prikryl - WinSCP: SFTP, FTP, WebDAV,
S3 and SCP clien.) C:\Program Files (x86)\WinSCP\WinSCP.exe
O4 - GS\Desktop [GP72]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.)
O4 - GS\Quicklaunch [GP72]: Avast Secure Browser.lnk . (...) C:\Program Files
(x86)\AVAST Software\Browser\Application\AvastBrowser.exe
O4 - GS\Quicklaunch [GP72]: CyberGhost 6.lnk . (.CyberGhost S.A. - CyberGhost.)
C:\Program Files\CyberGhost 6\CyberGhost.exe {74C7928ED55A6735BEA8DA78D054DC44}
O4 - GS\Quicklaunch [GP72]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Quicklaunch [GP72]: iMyFone D-Back.lnk . (.Shenzhen iMyFone Technology Co.,
Ltd. - iMyFone D-Back.) C:\Program Files (x86)\iMyFone\iMyFone D-Back\D-Back.exe
{0CFE0220208BB7F0F7096271B431642B}
O4 - GS\Quicklaunch [GP72]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program
Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\Quicklaunch [GP72]: Wireshark.lnk . (.The Wireshark developer community,
http://www.wiresha - Wireshark.) C:\Program Files\Wireshark\Wireshark.exe
{0A16AE9F0A11D38047CDDA823769F520}
O4 - GS\Quicklaunch [GP72]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)
{0CF35369A9710762C36F6805FC9E45D6}
O4 - GS\sendTo [GP72]: WinSCP (pour envoi).lnk . (.Martin Prikryl - WinSCP: SFTP,
O4 - GS\TaskBar [GP72]: ExpressVPN.lnk . (.ExpressVPN - ExpressVPN.) C:\Program
Files (x86)\ExpressVPN\xvpn-ui\ExpressVPN.exe {00E307F6F1FAC7423E6C00336A94105B17}
O4 - GS\TaskBar [GP72]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program
Files\Mozilla Firefox\firefox.exe {0C5396DCB2949C70FAC48AB08A07338E} =>.Mozilla
Corporation
O4 - GS\TaskBar [GP72]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)
O4 - GS\TaskBar [GP72]: Kleopatra.lnk . (...) C:\Program Files
O4 - GS\TaskBar [GP72]: Navigateur Opera.lnk . (.Opera Software - .) C:\Program
Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\TaskBar [GP72]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor
Browser.) C:\Users\GP72\Desktop\Bureau3\Tor Browser\Browser\firefox.exe =>.Mozilla
Corporation
O4 - GS\TaskBar [GP72]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)
{0CF35369A9710762C36F6805FC9E45D6}
O4 - GS\Desktop [WDAGUtilityAccount]: Adobe Photoshop Cs6 Portable.lnk . (...)
O4 - GS\Desktop [WDAGUtilityAccount]: Kleopatra (2).lnk . (...) C:\Program Files
O4 - GS\Desktop [WDAGUtilityAccount]: PuTTY.lnk . (.Simon Tatham - .) C:\Program
Files (x86)\PuTTY\putty.exe =>.Simon Tatham
O4 - GS\Desktop [WDAGUtilityAccount]: Start Tor Browser.lnk . (.Mozilla Corporation
- Tor Browser.) C:\Users\GP72\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla
Corporation
O4 - GS\Desktop [WDAGUtilityAccount]: Sublime Text 3.lnk . (.Sublime HQ Pty Ltd -
Sublime Text.) C:\Program Files\Sublime Text 3\sublime_text.exe
{7F74C210CC0D477C7F54A8D4822D6A} =>.Sublime HQ Pty Ltd
O4 - GS\Desktop [WDAGUtilityAccount]: VNC Viewer.lnk . (.RealVNC Ltd - .)
C:\Program Files (x86)\RealVNC\VNC Viewer\vncviewer.exe =>.RealVNC Ltd
O4 - GS\Desktop [WDAGUtilityAccount]: WinSCP.lnk . (.Martin Prikryl - WinSCP: SFTP,
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.)
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Avast Secure Browser.lnk . (...)
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
O4 - GS\Quicklaunch [WDAGUtilityAccount]: CyberGhost 6.lnk . (.CyberGhost S.A. -
CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe
{74C7928ED55A6735BEA8DA78D054DC44}
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. -
Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Quicklaunch [WDAGUtilityAccount]: iMyFone D-Back.lnk . (.Shenzhen iMyFone
Technology Co., Ltd. - iMyFone D-Back.) C:\Program Files (x86)\iMyFone\iMyFone D-
Back\D-Back.exe {0CFE0220208BB7F0F7096271B431642B}
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Navigateur Opera.lnk . (.Opera Software -
.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Wireshark.lnk . (.The Wireshark developer
community, http://www.wiresha - Wireshark.) C:\Program
Files\Wireshark\Wireshark.exe {0A16AE9F0A11D38047CDDA823769F520}
O4 - GS\Quicklaunch [WDAGUtilityAccount]: µTorrent.lnk . (.BitTorrent Inc. -
µTorrent.) C:\Users\GP72\AppData\Roaming\uTorrent\uTorrent.exe
{0CF35369A9710762C36F6805FC9E45D6}
O4 - GS\sendTo [WDAGUtilityAccount]: WinSCP (pour envoi).lnk . (.Martin Prikryl -
WinSCP: SFTP, FTP, WebDAV, S3 and SCP clien.) C:\Program Files
(x86)\WinSCP\WinSCP.exe {0D5D6AF11B6332703EBF829DBE7605BF} =>.Martin Prikryl
O4 - GS\TaskBar [WDAGUtilityAccount]: ExpressVPN.lnk . (.ExpressVPN - ExpressVPN.)
C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVPN.exe
{00E307F6F1FAC7423E6C00336A94105B17}
O4 - GS\TaskBar [WDAGUtilityAccount]: Firefox.lnk . (.Mozilla Corporation -
Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe
{0C5396DCB2949C70FAC48AB08A07338E} =>.Mozilla Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google
O4 - GS\TaskBar [WDAGUtilityAccount]: Kleopatra.lnk . (...) C:\Program Files
O4 - GS\TaskBar [WDAGUtilityAccount]: Navigateur Opera.lnk . (.Opera Software - .)
O4 - GS\TaskBar [WDAGUtilityAccount]: Start Tor Browser.lnk . (.Mozilla Corporation
- Tor Browser.) C:\Users\GP72\Desktop\Bureau3\Tor Browser\Browser\firefox.exe
O4 - GS\TaskBar [WDAGUtilityAccount]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)
{0CF35369A9710762C36F6805FC9E45D6}
O4 - GS\CommonDesktop [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems
Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative
Cloud\ACC\Creative Cloud.exe {6DC3ED4566163E279D2784C99FFFD787} =>.Adobe Systems
Incorporated
O4 - GS\CommonDesktop [Public]: Avast Premium.lnk . (.AVAST Software - Avast
Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.)
C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.)
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)
O4 - GS\CommonDesktop [Public]: Letasoft Sound Booster.lnk . (.Letasoft - Sound
Booster Application.) C:\Program Files (x86)\Letasoft Sound
Booster\SoundBooster.exe {09F6F084764B3FF5686B213D91D8AB64}
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - Malwarebytes.)
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
O4 - GS\Startup [Public]: Avast Cleanup Premium.lnk . (.AVAST Software - Avast
Cleanup UI.) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
O4 - GS\Startup [Public]: Killer Network Manager.lnk . (.Rivet Networks - .)
C:\Program Files (x86)\Killer Networking\Network Manager\NetworkManager.exe
=>.Rivet Networks
O4 - GS\Startup [Public]: SoftEther VPN Client Manager Startup.lnk . (.SoftEther
VPN Project at University of Tsukuba, Japan - SoftEther VPN.) C:\Program
Files\SoftEther VPN Client\vpncmgr_x64.exe {1121D141C3B78476420DAB37340E68978A6E}
O4 - GS\Programs [Public]: CyberGhost 6.lnk . (.CyberGhost S.A. - .) C:\Program
Files (x86)\CyberGhost 6\CyberGhost.exe
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor
Browser.) C:\Users\GP72\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla
Corporation
---\\ Modification Domaine/Adresses DNS (4) - 0s

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66e0620d-0dd7-4619-
a02c-7552de8c0cdf}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92ae94e8-fb5d-462c-
ae5d-7466eb53d33a}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9a6ce543-d36e-463f-
b97a-b2dec60d52e5}: DhcpNameServer = 10.174.0.1
---\\ Protocole additionnel (27) - 0s

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} .
(.Microsoft Corporation - Visionneuse HTML Microsoft (R).) --
C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft
Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft
Corporation - Contrôle ActiveX pour le flux vidéo.) --
C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} .
(.Microsoft Corporation - Extensions OLE32 pour Win32.) --
C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft
Corporation - Microsoft® InfoTech Storage System Library.) --
C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} .
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} .
(.Microsoft Corporation - Extensions OLE32 pour Win32.) --
C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} .
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} .
(.Microsoft Corporation - Microsoft Internet Messaging API Resources.) --
C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} .
(.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) --
C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-
434302C88D07} . (.Microsoft Corporation - Microsoft Office component.) --
C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} .
(.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files
(x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} .
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} .
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft
Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} .
(.Microsoft Corporation - TBAuth protocol handler.) --
C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft
Corporation - Contrôle ActiveX pour le flux vidéo.) --
C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} .
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} .
(.Microsoft Corporation - TBAuth protocol handler.) --
C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-
00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.)
-- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} .
(.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files
(x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft
Shared\OFFICE16\MSOXMLMF.DLL {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft
Corporation
---\\ Liste des clés Explorer StartupApproved (16) - 0s

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDr
ive
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Googl
eChromeAutoLaunch_8EA06CB5EBD88676974CA0A067E129B0
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Cyber
Ghost
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorr
ent
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Adobe
Acrobat Synchronizer
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AceSt
ream
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Expre
ssVPN4
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OPENV
PN-GUI
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDri
ve
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Google
ChromeAutoLaunch_8EA06CB5EBD88676974CA0A067E129B0
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:CyberG
host
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorre
nt
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Adobe
Acrobat Synchronizer
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AceStr
eam
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Expres
sVPN4
[HKEY_USERS\S-1-5-21-3049142156-2197813001-1129840286-
1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OPENVP
N-GUI
---\\ Logiciels installés (152) - 11s

O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
{0CF35369A9710762C36F6805FC9E45D6}
O42 - Logiciel: Ace Stream Media 3.1.28 - (.Ace Stream Media.) [HKCU][64Bits] --
AceStream =>.Ace Stream Media
O42 - Logiciel: Adobe Acrobat DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] --
{AC76BA86-1033-FFFF-7760-0C0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM]
[64Bits] -- Adobe Creative Cloud {6DC3ED4566163E279D2784C99FFFD787} =>.Adobe
Systems Incorporated
O42 - Logiciel: Adobe Dreamweaver CC 2018 - (.Adobe Systems Incorporated.) [HKLM]
[64Bits] -- DRWV_18_0 {6DC3ED4566163E279D2784C99FFFD787} =>.Adobe Systems
Incorporated
O42 - Logiciel: Adobe Photoshop CC 2017 - (.Adobe Systems Incorporated.) [HKLM]
[64Bits] -- PHSP_18_1_1 {6DC3ED4566163E279D2784C99FFFD787} =>.Adobe Systems
Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM]
[64Bits] -- {AC76BA86-0804-1033-1959-001824298644} =>.Adobe Systems Incorporated
O42 - Logiciel: ApoDispatch Install Configurator - (.Nahimic.) [HKLM][64Bits] --
{2ADDAD83-39C5-4B3F-9D5E-C1150DB98537} =>.Nahimic
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits]
-- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC} =>.Apple Inc.
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits]
-- {D7B824DE-DA32-4772-9E5E-39C5158136A7} =>.Apple Inc.
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] --
{FD244E19-6EFE-4A2D-948A-0D45D4C168BE} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {FFD1F7F1-
1AC9-4BC4-A908-0686D635ABAF} =>.Apple Inc.
O42 - Logiciel: AudioLaunchpad Install Configurator - (.Nahimic.) [HKLM][64Bits] --
{170E5642-7095-4737-B195-D7439276CBC1} =>.Nahimic
O42 - Logiciel: Avast Cleanup Premium - (.AVAST Software.) [HKLM][64Bits] --
{075CC190-59EE-499F-828B-0B5C098C8C15}_is1 {07C70F7CAB145BC1ED385FBE69FA3130}
=>.AVAST Software
O42 - Logiciel: Avast Premium - (.AVAST Software.) [HKLM][64Bits] -- Avast
Antivirus {07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
O42 - Logiciel: Avast Update Helper - (.AVAST Software.) [HKLM][64Bits] --
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.AVAST Software
O42 - Logiciel: Battery Calibration - (.Micro-Star International Co., Ltd..) [HKLM]
[64Bits] -- {634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1} =>.MICRO-STAR INTERNATIONAL
CO., LTD.
O42 - Logiciel: Battery Calibration - (.Micro-Star International Co., Ltd..) [HKLM]
[64Bits] -- InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1} =>.MICRO-STAR
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-
81E3-2B57E8B9DE8D} =>.Apple Inc.
O42 - Logiciel: Boot Configure - (.Micro-Star International Co., Ltd..) [HKLM]
[64Bits] -- {449D0FA3-CC16-4DEB-A2CE-215BE0F66C25} =>.MICRO-STAR INTERNATIONAL
CO., LTD.
O42 - Logiciel: BurnRecovery - (.Application.) [HKLM][64Bits] -- {92A6B009-1343-
4C44-AFB1-8849137CA3F0} =>.Application
O42 - Logiciel: BurnRecovery - (.Application.) [HKLM][64Bits] --
InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0} =>.Application
O42 - Logiciel: Cain & Abel 4.9.56 - (...) [HKLM][64Bits] -- Cain & Abel 4.9.56
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform
Ltd®
O42 - Logiciel: CheckDevices Install Configurator - (.Nahimic.) [HKLM][64Bits] --
{7FF74111-9DA0-4867-BC12-214C451286A3} =>.Nahimic
O42 - Logiciel: Click Install if prompted - (.ExpressVpn.) [HKLM][64Bits] --
{40830C8E-936E-4E08-AE37-240FF3343927}
O42 - Logiciel: CyberGhost 6 - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost
6_is1 {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] --
{B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink Corp.®
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] --
InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink Corp.®
O42 - Logiciel: Dragon Gaming Center - (.Micro-Star International Co., Ltd..)
[HKLM][64Bits] -- {965B16C7-0778-4C45-B7D1-83A59E6FBBCB} =>.MICRO-STAR
O42 - Logiciel: Dragon Gaming Center - (.Micro-Star International Co., Ltd..)
[HKLM][64Bits] -- InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB} =>.MICRO-
STAR INTERNATIONAL CO., LTD.
O42 - Logiciel: Electrum - (.Electrum Technologies GmbH.) [HKCU][64Bits] --
Electrum
O42 - Logiciel: eMule - (...) [HKLM][64Bits] -- eMule
O42 - Logiciel: ExpressVPN - (.ExpressVPN.) [HKLM][64Bits] -- {6C0BF6FC-A4E8-40F3-
9F3E-0C338C3F4D8B}
O42 - Logiciel: ExpressVPN - (.ExpressVPN.) [HKLM][64Bits] -- {73dab67e-2655-4db9-
9ece-a8de079b1fb7} {00E307F6F1FAC7423E6C00336A94105B17}
O42 - Logiciel: FileZilla Client 3.29.0 - (.Tim Kosse.) [HKLM][64Bits] -- FileZilla
Client =>.Tim Kosse
O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM][64Bits]
-- {39AB2E37-1A55-4292-A5D3-971E9F70D0F8} =>.MAGIX AG
O42 - Logiciel: GNU Privacy Guard - (.The GnuPG Project.) [HKLM][64Bits] -- GnuPG
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-
BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Gpg4win (3.1.2) - (.The Gpg4win Project.) [HKLM][64Bits] -- Gpg4win
=>.The Gpg4win Project
O42 - Logiciel: Help Desk - (.Micro-Star International Co., Ltd..) [HKLM][64Bits]
-- {7E8181AF-9679-49B3-B133-C265709B6927} =>.MICRO-STAR INTERNATIONAL CO., LTD.
O42 - Logiciel: Help Desk - (.Micro-Star International Co., Ltd..) [HKLM][64Bits]
-- InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927} =>.MICRO-STAR
O42 - Logiciel: iMyFone D-Back 6.6.0.12 - (.Shenzhen iMyFone Technology Co., Ltd..)
[HKLM][64Bits] -- {071B9303-5881-4BC6-B9E9-2E2D22C015C1}_is1
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM]
[64Bits] -- {55398EAC-F58E-4F19-B553-BDF8B9EFD839} =>.Intel Corporation
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel(R) Corporation.) [HKLM]
[64Bits] -- {c7f54569-0018-439c-809a-48046a4d4ebc} =>.Intel Corporation - Software
and Firmware Products®
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.)
[HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation
[HKLM][64Bits] -- {5BD7E621-9791-4D9F-A620-1BA51153B749} =>.Intel Corporation
[HKLM][64Bits] -- {A53B7EAB-86BD-4F16-8C44-011B1376326A} =>.Intel Corporation
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits]
-- {555B1C57-E71B-4775-BC1D-627EEF693F0D} =>.Intel Corporation
O42 - Logiciel: Intel(R) PRO/Wireless Driver - (.Intel Corporation.) [HKLM][64Bits]
-- {4d4a045b-9761-43d2-811c-1c29cbdb7459} =>.Intel Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits]
-- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM]
[64Bits] -- {205AE40D-8AD7-4F29-A430-DD2168DA562D} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM]
[64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation
O42 - Logiciel: Intel(R) Wireless Bluetooth(R) - (.Intel Corporation.) [HKLM]
[64Bits] -- {31C74FA2-2AB9-41C3-BFBE-693283E4C28B} =>.Intel Corporation
O42 - Logiciel: Intel® PROSet/Wireless Software - (.Intel Corporation.) [HKLM]
[64Bits] -- {795ee3a0-97fa-489a-9543-7564ccc43be4} =>.Intel Corporation-Wireless
Connectivity Solutions®
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM]
[64Bits] -- {C8ADA4FE-F8E7-4A57-8F6C-083195DF78BF} =>.Intel Corporation
O42 - Logiciel: Intel® Security Assist - (.Intel Corporation.) [HKLM][64Bits] --
{4B230374-6475-4A73-BA6E-41015E9C5013} =>.Intel Corporation
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.)
[HKLM][64Bits] -- {7D84E343-A23D-451C-B123-0195B2D903A6} =>.Intel Corporation
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {CEC7613B-E286-4A31-BEE3-
3F7798488D9F} =>.Apple Inc.
O42 - Logiciel: KB4023057 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2D7A08E-
6B70-4336-AC4F-C7F765068281} =>.Microsoft Corporation
O42 - Logiciel: KB9X Radio Switch Driver - (.ENE TECHNOLOGY INC..) [HKLM][64Bits]
-- EC950B206B0E7722C96A318DF396BABFBB057BC0 =>.ENE TECHNOLOGY INC.
O42 - Logiciel: Killer Bandwidth Control Filter Driver - (.Rivet Networks.) [HKLM]
[64Bits] -- {F1D42BC7-5A6A-463A-94F7-87DC10AF24BC} =>.Rivet Networks
O42 - Logiciel: Killer E240x Drivers - (.Rivet Networks.) [HKLM][64Bits] --
{60FDE5D6-FF5D-4875-8ABF-00D17307BC30} =>.Rivet Networks
O42 - Logiciel: Killer Network Manager - (.Rivet Networks.) [HKLM][64Bits] --
{DD1185A8-C3E0-4838-B6D9-07E8625220D3} =>.Rivet Networks
O42 - Logiciel: Killer Performance Suite - (.Rivet Networks.) [HKLM][64Bits] --
{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE} =>.Rivet Networks LLC®
O42 - Logiciel: LauncherSetup Install - (.Nahimic.) [HKLM][64Bits] -- {E24F82D1-
8DCD-477C-AC97-8FCEC506F776} =>.Nahimic
O42 - Logiciel: Letasoft Sound Booster 1.11.0.512 - (.Letasoft LLC.) [HKLM][64Bits]
-- {6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1 {09F6F084764B3FF5686B213D91D8AB64}
O42 - Logiciel: MAGIX Content and Soundpools - (.MAGIX Software GmbH.) [HKLM]
[64Bits] -- MAGIX_GlobalContent {2210A553168B79964813C2C46464FE46} =>.MAGIX
Software GmbH
O42 - Logiciel: MAGIX Music Maker Silver - (.MAGIX Software GmbH.) [HKLM][64Bits]
-- {CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403} =>.MAGIX Software GmbH
O42 - Logiciel: MAGIX Music Maker Silver - (.MAGIX Software GmbH.) [HKLM][64Bits]
-- MX.{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403} {2210A553168B79964813C2C46464FE46}
=>.MAGIX Software GmbH
O42 - Logiciel: MAGIX Music Maker Silver Soundpools - (.MAGIX Software GmbH.)
[HKLM][64Bits] -- {CC8B6E22-F579-46A1-A9F3-985F114590F0} =>.MAGIX Software GmbH
O42 - Logiciel: MAGIX Photo Manager 15 - (.MAGIX Software GmbH.) [HKLM][64Bits] --
{10FDDBB2-C9D3-4207-B3A9-4910464BA0B0} =>.MAGIX Software GmbH
O42 - Logiciel: MAGIX Photo Manager 15 - (.MAGIX Software GmbH.) [HKLM][64Bits] --
MX.{10FDDBB2-C9D3-4207-B3A9-4910464BA0B0} {2210A553168B79964813C2C46464FE46}
=>.MAGIX Software GmbH
O42 - Logiciel: Malwarebytes version 3.6.1.2711 - (.Malwarebytes.) [HKLM][64Bits]
-- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 {044E3BF58976880FFD074448A8F7A058}
=>.Malwarebytes
O42 - Logiciel: Microsoft HEVC Media Extension Installation for
Microsoft.HEVCVideoExtensio - (.Microsoft Corporation.) [HKLM][64Bits] --
{B0169E83-757B-EF66-E2F0-391944D785BC} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] --
OneDriveSetup.exe {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft
Corporation
O42 - Logiciel: Mozilla Firefox 62.0.3 (x64 fr) - (.Mozilla.) [HKLM][64Bits] --
Mozilla Firefox 62.0.3 (x64 fr) {0C5396DCB2949C70FAC48AB08A07338E} =>.Mozilla
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] --
MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MSI Social Media Collection - (.Micro-Star International Co.,
Ltd..) [HKLM][64Bits] -- {7ADEC426-BE95-48EF-84D4-086BD0F4D331} =>.MICRO-STAR
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] --
{196467F1-C11F-4F76-858B-5812ADC83B94} =>.Microsoft Corporation
O42 - Logiciel: MultiBit HD 0.5.1 - (.KeepKey,LLC.) [HKLM][64Bits] -- 6925-4794-
5772-4956
O42 - Logiciel: Nahimic 2+ Audio Driver - (.Nahimic.) [HKLM][64Bits] -- {97024b50-
cc9a-4c2b-9272-aea1246e6bba} {0CB6C99A74AB3C7107797065317087EF} =>.Nahimic
O42 - Logiciel: Nahimic 2+ Audio Driver - (.Nahimic.) [HKLM][64Bits] -- {E9E3E595-
8161-435A-AB32-7DFE3DDE4F11} =>.Nahimic
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] --
{652C1CDF-C61D-4525-9348-8C272CC2DB24} =>.Symantec Corporation
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] --
NARA =>.Symantec Corporation®
O42 - Logiciel: Norton Security - (.Symantec Corporation.) [HKLM][64Bits] -- NGC
O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] --
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits]
-- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA
Corporation
O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM]
[64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer
=>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM]
[64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog
O42 - Logiciel: NVIDIA GeForce Experience 2.7.4.10 - (.NVIDIA Corporation.) [HKLM]
[64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA
Corporation
O42 - Logiciel: NVIDIA GeForce Experience Service - (.NVIDIA Corporation.) [HKLM]
[64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService =>.NVIDIA
Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits]
-- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA LED Visualizer 1.0 - (.NVIDIA Corporation.) [HKLM][64Bits]
-- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer =>.NVIDIA
Corporation
O42 - Logiciel: NVIDIA Network Service - (.NVIDIA Corporation.) [HKLM][64Bits] --
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 2.7.4.10 - (.NVIDIA Corporation.) [HKLM]
[64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA
Corporation
O42 - Logiciel: NVIDIA PhysX System Software 9.15.0428 - (.NVIDIA Corporation.)
[HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA
Corporation
O42 - Logiciel: NVIDIA ShadowPlay 2.7.4.10 - (.NVIDIA Corporation.) [HKLM][64Bits]
-- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update 2.7.4.10 - (.NVIDIA Corporation.) [HKLM][64Bits] --
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] --
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Virtual Audio 1.2.31 - (.NVIDIA Corporation.) [HKLM][64Bits]
-- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA
Corporation
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft
Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration
- (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-
0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft
Corporation.) [HKLM][64Bits] -- {90160000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft
Corporation.) [HKLM][64Bits] -- {90160000-008C-040C-0000-0000000FF1CE}
Corporation.) [HKLM][64Bits] -- {90160000-008C-0C0A-0000-0000000FF1CE}
O42 - Logiciel: OpenVPN 2.4.6-I602 - (.OpenVPN Technologies, Inc..) [HKLM][64Bits]
-- OpenVPN
O42 - Logiciel: Opera Stable 56.0.3051.36 - (.Opera Software.) [HKLM][64Bits] --
Opera 56.0.3051.36 {0FDE84F0D55D8D3368325DC0CDC4A979} =>.Opera Software
O42 - Logiciel: Panneau de configuration NVIDIA 382.05 - (.NVIDIA Corporation.)
[HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel
O42 - Logiciel: PPTX Viewer 2.0 - (...) [HKLM][64Bits] -- PPTX Viewer 2.0
O42 - Logiciel: Private Internet Access Support Files - (.Private Internet Access.)
[HKLM][64Bits] -- {7D72DAFF-DCB2-437B-BC22-4B2ABF21462B} =>.Private Internet
Access
O42 - Logiciel: ProductDaemonSetup Install - (.Nahimic.) [HKLM][64Bits] --
{FF05ED48-74E4-4E17-9D8C-24D23F9A587B} =>.Nahimic
O42 - Logiciel: ProductNS Install Configurator - (.Nahimic.) [HKLM][64Bits] --
{A43FCEB9-A730-4DD1-A77F-D1C621C4BA42} =>.Nahimic
O42 - Logiciel: PuTTY release 0.70 (64-bit) - (.Simon Tatham.) [HKLM][64Bits] --
{45B3032F-22CC-40CD-9E97-4DA7095FA5A2} =>.Simon Tatham
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM]
[64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor
Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
{0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor Corp.
O42 - Logiciel: Remote Desktop Connection - (.Microsoft.) [HKLM][64Bits] --
{60B9A48D-559E-43FA-8F28-D657190E4E52} =>.Microsoft
O42 - Logiciel: SCM - (.Application.) [HKLM][64Bits] -- {6BD35B46-C818-44B1-964A-
7A9C44E1238F} =>.Application
O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] --
{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA
Corporation
O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM]
[64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController
O42 - Logiciel: Sizing Options - (.Application.) [HKLM][64Bits] -- {DFAB6DE8-E45F-
4D5D-95C0-E54C58993F9F} =>.Application
O42 - Logiciel: Sizing Options - (.Application.) [HKLM][64Bits] --
InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F} =>.Application
O42 - Logiciel: SoftEther VPN Client - (.SoftEther VPN Project.) [HKLM][64Bits] --
softether_sevpnclient {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN
Project
O42 - Logiciel: SonicMapper Install Configurator - (.Nahimic.) [HKLM][64Bits] --
{730F4791-8146-439A-94DB-0C9002806258} =>.Nahimic
O42 - Logiciel: Split Tunneling Driver - (.ExpressVpn.) [HKLM][64Bits] --
{F078B0B5-2F41-42C2-9162-B8C628D5E6FE}
O42 - Logiciel: Sublime Text Build 3176 - (.Sublime HQ Pty Ltd.) [HKLM][64Bits] --
Sublime Text 3_is1 {7F74C210CC0D477C7F54A8D4822D6A} =>.Sublime HQ Pty Ltd
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.)
[HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: TAP-Windows 9.21.2 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: UIInstallUpgrade - (.Nahimic.) [HKLM][64Bits] -- {58EE743C-4BC4-
42A5-9AEC-D311103CEE43} =>.Nahimic
O42 - Logiciel: UpdateAssistant - (.Microsoft Corporation.) [HKLM][64Bits] --
{4E67FF7F-C24E-4279-9AB2-C26D57B53742} =>.Microsoft Corporation
O42 - Logiciel: USBPcap 1.2.0.3 - (.Tomasz Mon.) [HKLM][64Bits] -- USBPcap
{6D4606FAF6D69E1D063390B38AFF8F82}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
=>.VideoLAN
O42 - Logiciel: VNC Viewer 6.18.907 - (.RealVNC Ltd.) [HKLM][64Bits] -- {8372DC07-
603C-4627-A604-F9769BADADD0} =>.RealVNC Ltd
O42 - Logiciel: Vulkan Run Time Libraries 1.0.26.0 - (.LunarG, Inc..) [HKLM]
[64Bits] -- VulkanRT1.0.26.0 {03B471CD4D7FFEC29A3B20B2CB0F5F54}
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] --
WinPcapInst =>.Riverbed Technology, Inc.
O42 - Logiciel: WinRAR 5.40 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR
archiver =>.win.rar GmbH®
O42 - Logiciel: WinSCP 5.13.4 - (.Martin Prikryl.) [HKLM][64Bits] -- winscp3_is1
O42 - Logiciel: WinZip 17.5 - (.WinZip Computing, S.L. .) [HKLM][64Bits] --
{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD} =>.WinZip Computing, S.L.
O42 - Logiciel: Wireshark 2.6.2 64-bit - (.The Wireshark developer community,
https://www.wireshark.org.) [HKLM][64Bits] -- Wireshark
{0A16AE9F0A11D38047CDDA823769F520} =>.The Wireshark developer community,
https://www.wireshark.org
O42 - Logiciel: Wondershare Helper Compact 2.5.2 - (.Wondershare.) [HKLM][64Bits]
-- {5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1 =>.Wondershare
O42 - Logiciel: Wondershare PDFelement 6 Pro(Build 6.6.0) - (.Wondershare Software
Co.,Ltd..) [HKLM][64Bits] -- {B026557A-EF19-4812-8A79-B30F94AA0A78}_is1
=>.Wondershare Software Co.,Ltd.
O42 - Logiciel: WPS Office (10.2.0.6020) - (.Kingsoft Corp..) [HKCU][64Bits] --
Kingsoft Office {60864463BBBC2E4E67D42771E4CBD9A5}
---\\ HKCU & HKLM Software Keys (114) - 11s

HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Adobe-BackupByPhotoshopCS6Portable
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Avast
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\BurnRecovery
HKLM\SOFTWARE\Wow6432Node\CyberGhost
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\Dragon Gaming Center
HKLM\SOFTWARE\Wow6432Node\ExpressVpn
HKLM\SOFTWARE\Wow6432Node\FileZilla 3
HKLM\SOFTWARE\Wow6432Node\FileZilla Client
HKLM\SOFTWARE\Wow6432Node\GnuPG
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Gpg4win
HKLM\SOFTWARE\Wow6432Node\iMyFone
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\MAGIX
HKLM\SOFTWARE\Wow6432Node\Martin Prikryl
HKLM\SOFTWARE\Wow6432Node\MAXSOFT-OCRON
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MSI
HKLM\SOFTWARE\Wow6432Node\MSI Remind Manager
HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing
HKLM\SOFTWARE\Wow6432Node\Norton
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OIX
HKLM\SOFTWARE\Wow6432Node\PEPrinter
HKLM\SOFTWARE\Wow6432Node\Piriform
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\WafCX
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\WOW6432Node
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\AceStream
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Adobe-BackupByPhotoshopCS6Portable
HKCU\SOFTWARE\Akeo Consulting
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Avast Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Browser Cleanup
HKCU\SOFTWARE\Cain
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CyberGhost
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Electrum
HKCU\SOFTWARE\eMule
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\ExpressVPN
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HDID
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kingsoft
HKCU\SOFTWARE\KLive
HKCU\SOFTWARE\KsoLogViewer
HKCU\SOFTWARE\Letasoft
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Malwarebytes
HKCU\SOFTWARE\Martin Prikryl
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Nahimic
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\Norton
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\nwjs
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OpenVPN-GUI
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Pangolin
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RealVNC
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\roamingdevice
HKCU\SOFTWARE\SCM
HKCU\SOFTWARE\SimonTatham
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\University of Tsukuba
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinZip Computing
HKCU\SOFTWARE\Wireshark
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\ZHP
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Norton
---\\ Contenu des dossiers Programmes (278) - 10s

O43 - CFD: 02/05/2018 - [] D -- C:\Program Files (x86)\Adobe
{3A478D8A8FBE0B32B9F5D0FE6051EE44}
O43 - CFD: 07/09/2017 - [] AD -- C:\Program Files (x86)\Apple Software Update
=>.Apple Inc.®
O43 - CFD: 15/08/2018 - [] D -- C:\Program Files (x86)\AVAST Software
{07C70F7CAB145BC1ED385FBE69FA3130}
O43 - CFD: 07/09/2017 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.®
O43 - CFD: 11/06/2016 - [] AD -- C:\Program Files (x86)\BurnRecovery
O43 - CFD: 12/10/2018 - [] D -- C:\Program Files (x86)\Cain
O43 - CFD: 11/06/2016 - [] AD -- C:\Program Files (x86)\Cisco
O43 - CFD: 03/10/2018 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\CyberLink =>.CyberLink
Corp.®
O43 - CFD: 06/08/2017 - [] D -- C:\Program Files (x86)\Electrum
O43 - CFD: 05/08/2018 - [] D -- C:\Program Files (x86)\eMule
O43 - CFD: 06/09/2018 - [] D -- C:\Program Files (x86)\ExpressVPN
{00E307F6F1FAC7423E6C00336A94105B17}
O43 - CFD: 06/09/2018 - [] D -- C:\Program Files (x86)\ExpressVpn SplitTunnel
Driver {00E307F6F1FAC7423E6C00336A94105B17}
O43 - CFD: 06/09/2018 - [] D -- C:\Program Files (x86)\ExpressVpn Tap Driver Win10
{07A0ED6DDF2FFED5914CCF4CAB68B414}
O43 - CFD: 23/11/2017 - [] D -- C:\Program Files (x86)\FileZilla FTP Client
{01BCA2F95937E3F850F546B3B60DA86F}
O43 - CFD: 13/08/2017 - [] D -- C:\Program Files (x86)\FoxPDF Software Inc
O43 - CFD: 21/07/2018 - [] D -- C:\Program Files (x86)\GnuPG
O43 - CFD: 18/07/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 21/07/2018 - [] D -- C:\Program Files (x86)\Gpg4win
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files (x86)\iMyFone
{0CFE0220208BB7F0F7096271B431642B}
O43 - CFD: 11/06/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation
Information =>.Realtek Semiconductor Corp.®
O43 - CFD: 27/05/2018 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 14/10/2018 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 07/09/2017 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 08/10/2018 - [] D -- C:\Program Files (x86)\Letasoft Sound Booster
{09F6F084764B3FF5686B213D91D8AB64}
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\MAGIX
O43 - CFD: 03/10/2018 - [] AD -- C:\Program Files (x86)\Microsoft Office
{33000001B1DDEDBA54E965B85F0001000001B1}
O43 - CFD: 11/09/2018 - [] D -- C:\Program Files (x86)\Microsoft OneDrive
{330000013FBFE82DC1EE0D270500010000013F}
O43 - CFD: 27/05/2018 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 09/10/2018 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
{0C5396DCB2949C70FAC48AB08A07338E}
O43 - CFD: 27/05/2018 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\MSI
O43 - CFD: 11/06/2016 - [] AD -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 11/06/2016 - [] AD -- C:\Program Files (x86)\Norton Online Backup ARA
=>.Symantec Corporation®
O43 - CFD: 25/07/2017 - [] AD -- C:\Program Files (x86)\Norton Security
{3D2A7788B48A440827200DFF2AB4D818}
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\NortonInstaller =>.Symantec
Corporation®
O43 - CFD: 19/07/2017 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
=>.NVIDIA Corporation®
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek
Semiconductor Corp®
O43 - CFD: 27/05/2018 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 25/06/2018 - [] AD -- C:\Program Files (x86)\SCM
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Symantec =>.Symantec
Corporation®
O43 - CFD: 11/06/2016 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 19/07/2017 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 02/09/2017 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 19/07/2017 - [] D -- C:\Program Files (x86)\VulkanRT
{03B471CD4D7FFEC29A3B20B2CB0F5F54}
O43 - CFD: 14/10/2018 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 27/05/2018 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 14/10/2018 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files (x86)\windows nt
O43 - CFD: 13/06/2018 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
{33000001797C2E574E52E1CAD6000100000179}
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2018 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 15/08/2018 - [] D -- C:\Program Files (x86)\WinPcap =>.Riverbed
Technology, Inc.®
O43 - CFD: 23/07/2017 - [] AD -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®
O43 - CFD: 09/09/2018 - [] D -- C:\Program Files (x86)\WinSCP
{0D5D6AF11B6332703EBF829DBE7605BF}
O43 - CFD: 02/05/2018 - [] D -- C:\Program Files (x86)\Wondershare =>.BugSplat
LLC®
O43 - CFD: 12/04/2018 - [] RD -- C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\Accessibility
Menu\Programs\Accessories
Menu\Programs\Administrative Tools
O43 - CFD: 15/08/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\AVAST Software
Menu\Programs\BurnRecovery
Menu\Programs\CCleaner
Menu\Programs\CyberGhost 6
Menu\Programs\CyberLink PowerDVD 12
Menu\Programs\eMule
Menu\Programs\ExpressVPN
Menu\Programs\FileZilla FTP Client
Menu\Programs\iMyFone
Menu\Programs\Intel
Menu\Programs\iTunes
Menu\Programs\Killer Networking
Menu\Programs\Letasoft Sound Booster
Menu\Programs\MAGIX
Menu\Programs\Maintenance
Menu\Programs\Malwarebytes
Menu\Programs\MSI
Menu\Programs\MultiBit HD
Menu\Programs\Nahimic 2+ Audio Driver
Menu\Programs\Norton Online Backup
Menu\Programs\Norton Security
Menu\Programs\NVIDIA Corporation
Menu\Programs\OpenVPN
Menu\Programs\Outils Microsoft Office
Menu\Programs\Outils Microsoft Office 2016
Menu\Programs\PuTTY (64-bit)
Menu\Programs\RealVNC
Menu\Programs\SoftEther VPN Client
Menu\Programs\StartUp
Menu\Programs\System Tools
Menu\Programs\TAP-Windows
Menu\Programs\VideoLAN
Menu\Programs\WinPcap
Menu\Programs\WinRAR
Menu\Programs\WinZip
Menu\Programs\Wondershare
O43 - CFD: 01/08/2017 - [] D -- C:\ProgramData\A-Volute
O43 - CFD: 26/09/2018 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 03/05/2018 - [] D -- C:\ProgramData\Adobe-BackupByPhotoshopCS6Portable
O43 - CFD: 07/09/2017 - [] D -- C:\ProgramData\Apple
O43 - CFD: 07/09/2017 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 27/05/2018 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 15/08/2018 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 05/04/2017 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 08/10/2018 - [] SHD -- C:\ProgramData\DIBsection
O43 - CFD: 27/05/2018 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 07/09/2017 - [] D -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 05/08/2018 - [] D -- C:\ProgramData\eMule
O43 - CFD: 15/08/2018 - [] D -- C:\ProgramData\ExpressVPN
O43 - CFD: 19/07/2017 - [] D -- C:\ProgramData\GNU
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Intel
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Intel.sav
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Killer
O43 - CFD: 13/08/2017 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 08/10/2018 - [] D -- C:\ProgramData\Letasoft
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\MAGIX
O43 - CFD: 12/10/2018 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 05/04/2017 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 27/05/2018 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 27/05/2018 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 05/04/2017 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\MSI
O43 - CFD: 18/07/2017 - [] D -- C:\ProgramData\Nahimic22.2.4
O43 - CFD: 01/08/2017 - [] D -- C:\ProgramData\Nahimic22.5.16
O43 - CFD: 01/08/2017 - [0] D -- C:\ProgramData\Nahimic2Profiles
O43 - CFD: 24/02/2018 - [] D -- C:\ProgramData\Norton
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 15/10/2018 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 19/07/2017 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 06/09/2018 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 09/10/2018 - [] D -- C:\ProgramData\Packages
O43 - CFD: 02/05/2018 - [] D -- C:\ProgramData\PDFelement 6 Pro
O43 - CFD: 17/03/2017 - [] D -- C:\ProgramData\Portrait Displays
O43 - CFD: 17/09/2018 - [] D -- C:\ProgramData\regid.1986-12.com.adobe-
BackupByPhotoshopCS6Portable
O43 - CFD: 15/10/2018 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 27/05/2018 - [] D -- C:\ProgramData\RivetNetworks
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Roaming
O43 - CFD: 12/04/2018 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 15/11/2017 - [0] D -- C:\ProgramData\SWCUTemp
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 19/07/2017 - [] D -- C:\ProgramData\Synaptics
O43 - CFD: 11/06/2016 - [] D -- C:\ProgramData\Temp
O43 - CFD: 27/05/2018 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 27/05/2018 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 12/04/2018 - [] D -- C:\ProgramData\WindowsHolographicDevices
O43 - CFD: 23/07/2017 - [] D -- C:\ProgramData\WinZip
O43 - CFD: 02/05/2018 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 26/09/2018 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 02/05/2018 - [] D -- C:\Program Files (x86)\Common Files\Adobe-
O43 - CFD: 07/09/2017 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 03/10/2018 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 27/05/2018 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel
Corporation
O43 - CFD: 11/06/2016 - [] AD -- C:\Program Files (x86)\Common Files\MAGIX Services
O43 - CFD: 03/10/2018 - [] D -- C:\Program Files (x86)\Common Files\microsoft
shared
O43 - CFD: 11/06/2016 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 19/07/2017 - [] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 12/04/2018 - [] D -- C:\Program Files (x86)\Common Files\system
O43 - CFD: 02/05/2018 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 15/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\.ACEStream
O43 - CFD: 19/07/2017 - [] D -- C:\Users\GP72\AppData\Roaming\.kde
O43 - CFD: 13/08/2017 - [] D -- C:\Users\GP72\AppData\Roaming\.oit
O43 - CFD: 12/08/2018 - [] D -- C:\Users\GP72\AppData\Roaming\ACEStream
O43 - CFD: 26/09/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Adobe
O43 - CFD: 17/09/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Adobe-
O43 - CFD: 07/09/2017 - [] D -- C:\Users\GP72\AppData\Roaming\Apple Computer
O43 - CFD: 25/09/2018 - [] D -- C:\Users\GP72\AppData\Roaming\AVAST Software
O43 - CFD: 16/08/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Avast Tuneup
O43 - CFD: 08/08/2017 - [] D -- C:\Users\GP72\AppData\Roaming\Electrum
O43 - CFD: 15/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\FileZilla
O43 - CFD: 14/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\gnupg
O43 - CFD: 09/09/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Google
O43 - CFD: 04/06/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Identities
O43 - CFD: 07/07/2017 - [] D -- C:\Users\GP72\AppData\Roaming\Intel
O43 - CFD: 07/07/2017 - [] D -- C:\Users\GP72\AppData\Roaming\Intel Corporation
O43 - CFD: 13/08/2017 - [] D -- C:\Users\GP72\AppData\Roaming\kingsoft
O43 - CFD: 13/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\kleopatra
O43 - CFD: 06/08/2017 - [] D -- C:\Users\GP72\AppData\Roaming\Macromedia
O43 - CFD: 27/05/2018 - [] SD -- C:\Users\GP72\AppData\Roaming\Microsoft
O43 - CFD: 09/09/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Mozilla
O43 - CFD: 06/08/2017 - [] D -- C:\Users\GP72\AppData\Roaming\MultiBitHD
O43 - CFD: 09/08/2017 - [] D -- C:\Users\GP72\AppData\Roaming\NVIDIA
O43 - CFD: 16/11/2017 - [0] D -- C:\Users\GP72\AppData\Roaming\office6
O43 - CFD: 10/07/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Opera Software
O43 - CFD: 06/05/2018 - [] D -- C:\Users\GP72\AppData\Roaming\PDAppFlex
O43 - CFD: 06/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\RealVNC
O43 - CFD: 18/07/2017 - [] D -- C:\Users\GP72\AppData\Roaming\Skype
O43 - CFD: 25/07/2017 - [] D -- C:\Users\GP72\AppData\Roaming\Synaptics
O43 - CFD: 17/05/2018 - [] D -- C:\Users\GP72\AppData\Roaming\tor
O43 - CFD: 15/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\uTorrent
O43 - CFD: 14/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\vlc
O43 - CFD: 23/07/2017 - [] D -- C:\Users\GP72\AppData\Roaming\WinRAR
O43 - CFD: 17/09/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Wireshark
O43 - CFD: 02/05/2018 - [] D -- C:\Users\GP72\AppData\Roaming\Wondershare
O43 - CFD: 16/11/2017 - [] D -- C:\Users\GP72\AppData\Roaming\wps
O43 - CFD: 15/10/2018 - [] D -- C:\Users\GP72\AppData\Roaming\ZHP
O43 - CFD: 07/07/2017 - [0] D -- C:\Users\GP72\AppData\Local\ActiveSync
O43 - CFD: 26/09/2018 - [] D -- C:\Users\GP72\AppData\Local\Adobe
O43 - CFD: 26/09/2018 - [] D -- C:\Users\GP72\AppData\Local\Adobe-
O43 - CFD: 07/09/2017 - [] D -- C:\Users\GP72\AppData\Local\Apple
O43 - CFD: 07/09/2017 - [] D -- C:\Users\GP72\AppData\Local\Apple Computer
O43 - CFD: 27/05/2018 - [0] SHD -- C:\Users\GP72\AppData\Local\Application Data
O43 - CFD: 14/10/2018 - [] D -- C:\Users\GP72\AppData\Local\AVAST Software
O43 - CFD: 28/07/2017 - [] D -- C:\Users\GP72\AppData\Local\CEF
O43 - CFD: 06/04/2017 - [] D -- C:\Users\GP72\AppData\Local\Comms
O43 - CFD: 31/05/2018 - [] D --
C:\Users\GP72\AppData\Local\ConnectedDevicesPlatform
O43 - CFD: 15/10/2018 - [0] D -- C:\Users\GP72\AppData\Local\CrashDumps
O43 - CFD: 09/08/2017 - [] D -- C:\Users\GP72\AppData\Local\Crashpad
O43 - CFD: 06/08/2017 - [] D -- C:\Users\GP72\AppData\Local\CyberGhost
O43 - CFD: 01/06/2018 - [] D -- C:\Users\GP72\AppData\Local\D3DSCache
O43 - CFD: 23/07/2017 - [0] D -- C:\Users\GP72\AppData\Local\DBG
O43 - CFD: 03/10/2018 - [] D -- C:\Users\GP72\AppData\Local\Diagnostics
O43 - CFD: 22/11/2017 - [0] D -- C:\Users\GP72\AppData\Local\ElevatedDiagnostics
O43 - CFD: 05/08/2018 - [] D -- C:\Users\GP72\AppData\Local\eMule
O43 - CFD: 15/08/2018 - [] D -- C:\Users\GP72\AppData\Local\ExpressVPN
O43 - CFD: 16/09/2018 - [] D -- C:\Users\GP72\AppData\Local\FileZilla
O43 - CFD: 19/07/2017 - [] D -- C:\Users\GP72\AppData\Local\GNU
O43 - CFD: 19/07/2017 - [] D -- C:\Users\GP72\AppData\Local\Google
O43 - CFD: 27/05/2018 - [0] SHD -- C:\Users\GP72\AppData\Local\Historique
O43 - CFD: 08/10/2018 - [0] SHD -- C:\Users\GP72\AppData\Local\icsxml
O43 - CFD: 12/04/2018 - [] D -- C:\Users\GP72\AppData\Local\imyfoneSet
O43 - CFD: 15/08/2018 - [] D -- C:\Users\GP72\AppData\Local\IsolatedStorage
O43 - CFD: 07/07/2017 - [] D -- C:\Users\GP72\AppData\Local\jReminder
O43 - CFD: 13/08/2017 - [] D -- C:\Users\GP72\AppData\Local\Kingsoft
O43 - CFD: 06/08/2017 - [] D -- C:\Users\GP72\AppData\Local\Macromedia
O43 - CFD: 12/10/2018 - [] D -- C:\Users\GP72\AppData\Local\mbam
O43 - CFD: 12/10/2018 - [] D -- C:\Users\GP72\AppData\Local\mbamtray
O43 - CFD: 21/08/2017 - [] D -- C:\Users\GP72\AppData\Local\Micro-
Star_International_
O43 - CFD: 27/05/2018 - [] D -- C:\Users\GP72\AppData\Local\Microsoft
O43 - CFD: 19/07/2017 - [] D -- C:\Users\GP72\AppData\Local\MicrosoftEdge
O43 - CFD: 08/07/2018 - [] D -- C:\Users\GP72\AppData\Local\Mozilla
O43 - CFD: 08/10/2018 - [0] SHD -- C:\Users\GP72\AppData\Local\ms-drivers
O43 - CFD: 07/07/2017 - [] D -- C:\Users\GP72\AppData\Local\MSI
O43 - CFD: 07/07/2017 - [] D -- C:\Users\GP72\AppData\Local\MSIOnlineRegister
O43 - CFD: 20/07/2017 - [] D -- C:\Users\GP72\AppData\Local\Nahimic22.2.4
O43 - CFD: 18/09/2017 - [] D -- C:\Users\GP72\AppData\Local\Nahimic22.5.16
O43 - CFD: 18/07/2017 - [0] D -- C:\Users\GP72\AppData\Local\NetworkTiles
O43 - CFD: 07/07/2017 - [] D -- C:\Users\GP72\AppData\Local\NVIDIA
O43 - CFD: 07/07/2017 - [] D -- C:\Users\GP72\AppData\Local\NVIDIA Corporation
O43 - CFD: 10/07/2018 - [] D -- C:\Users\GP72\AppData\Local\Opera Software
O43 - CFD: 14/09/2018 - [] D -- C:\Users\GP72\AppData\Local\Packages
O43 - CFD: 10/09/2018 - [0] D --
C:\Users\GP72\AppData\Local\PlaceholderTileLogoFolder
O43 - CFD: 09/08/2017 - [] D -- C:\Users\GP72\AppData\Local\Private Internet Access
O43 - CFD: 18/07/2017 - [] D -- C:\Users\GP72\AppData\Local\Programs
O43 - CFD: 11/09/2018 - [] D -- C:\Users\GP72\AppData\Local\Publishers
O43 - CFD: 15/10/2018 - [] D -- C:\Users\GP72\AppData\Local\RealVNC
O43 - CFD: 03/01/2018 - [] D -- C:\Users\GP72\AppData\Local\speech
O43 - CFD: 15/10/2018 - [] D -- C:\Users\GP72\AppData\Local\Temp
O43 - CFD: 27/05/2018 - [0] SHD -- C:\Users\GP72\AppData\Local\Temporary Internet
Files
O43 - CFD: 17/09/2018 - [0] D --
C:\Users\GP72\AppData\Local\Tempzxpsign26b7c3c620ef8e97
O43 - CFD: 17/09/2018 - [0] D --
C:\Users\GP72\AppData\Local\Tempzxpsign4282f3dce32a95cd
O43 - CFD: 17/09/2018 - [0] D --
C:\Users\GP72\AppData\Local\Tempzxpsign593b9fadca10a589
O43 - CFD: 17/09/2018 - [0] D --
C:\Users\GP72\AppData\Local\Tempzxpsign5d5ff3111266c33c
O43 - CFD: 15/11/2017 - [] D -- C:\Users\GP72\AppData\Local\TileDataLayer
O43 - CFD: 01/08/2017 - [] D -- C:\Users\GP72\AppData\Local\VirtualStore
O43 - CFD: 23/07/2017 - [] D -- C:\Users\GP72\AppData\Local\WinZip
O43 - CFD: 02/05/2018 - [] D -- C:\Users\GP72\AppData\Local\Wondershare
O43 - CFD: 08/09/2017 - [] D -- C:\Users\GP72\AppData\Local\ZHP
O43 - CFD: 12/04/2018 - [] RD --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 27/05/2018 - [] RD --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12/08/2018 - [] D --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream
Media
O43 - CFD: 14/10/2018 - [] RD --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative
Tools
O43 - CFD: 09/09/2018 - [] D --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications
Chrome
O43 - CFD: 28/08/2018 - [] D --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
O43 - CFD: 27/05/2018 - [] D --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
O43 - CFD: 12/04/2018 - [] D --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/10/2018 - [] RD --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 12/04/2018 - [] RD --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 12/04/2018 - [] RD --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows
PowerShell
O43 - CFD: 27/05/2018 - [] D --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 27/05/2018 - [] D --
C:\Users\GP72\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
---\\ ShellIconOverlayIdentifiers (SIOI) (11) - 1s

O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-
C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) --
C:\Users\GP72\AppData\Local\Microsoft\OneDrive\18.151.0729.0012\FileSyncShell.dll
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-
AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) --
O106 - SIOI: UpToDateCloudOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-
9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.)
--
O106 - SIOI: UpToDatePinnedOverlayHandler Class [ OneDrive4] - {F241C880-6982-
4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell
Extension.) --
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-
95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) --
O106 - SIOI: ReadOnlyOverlayHandler Class [ OneDrive6] - {9AA2F32D-362A-42D9-9328-
24A483E2CCC3}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) --
O106 - SIOI: OverlayExcluded Class [ OverlayExcluded] - {4433A54A-1AC8-432F-90FC-
85F045CF383C}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files
(x86)\Norton Security\Engine32\22.15.1.8\BuShell.dll
O106 - SIOI: OverlayPending Class [ OverlayPending] - {F17C0B1E-EF8E-4AD4-8E1B-
7D7E8CB23225}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files
O106 - SIOI: OverlayProtected Class [ OverlayProtected] - {476D0EA3-80F9-48B5-
B70B-05E677C9C148}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files
O106 - SIOI: UpToDateUnpinnedOverlayHandler Class [ OneDrive7] - {C5FF006E-2AE9-
408C-B85B-2DFDD5449D9C}. (.Microsoft Corporation - Microsoft OneDrive Shell
Extension.) --
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST
Software - Avast Shell Extension.) -- C:\Program Files\AVAST
Software\Avast\ashShell.dll {07C70F7CAB145BC1ED385FBE69FA3130} =>.AVAST Software
---\\ Liste des pilotes du système (96) - 7s

O58 - SDL:2018/04/12 01:33:48 A . (.LSI - LSI 3ware SCSI Storport Driver.) --
C:\WINDOWS\System32\drivers\3ware.sys [107416]
{330000017469DE108B3765A8D7000000000174} =>.LSI
O58 - SDL:2018/04/12 01:33:48 A . (.PMC-Sierra - PMC-Sierra Storport Driver For
SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135520]
{330000017469DE108B3765A8D7000000000174} =>.PMC-Sierra
O58 - SDL:2018/04/12 01:33:48 A . (.Advanced Micro Devices - AHCI 1.3 Device
Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83360]
{330000017469DE108B3765A8D7000000000174} =>.Advanced Micro Devices
O58 - SDL:2018/04/12 01:33:48 A . (.AMD Technologies Inc. - AMD Technology AHCI
Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259480]
{330000017469DE108B3765A8D7000000000174} =>.AMD Technologies Inc.
O58 - SDL:2018/04/12 01:33:48 A . (.Advanced Micro Devices - Storage Filter
Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27032]
{330000017469DE108B3765A8D7000000000174} =>.Advanced Micro Devices
O58 - SDL:2018/04/12 01:33:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03
Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [132000]
{330000017469DE108B3765A8D7000000000174} =>.PMC-Sierra, Inc.
O58 - SDL:2018/08/31 12:08:55 A . (.AVAST Software - Avast anti rootkit.) --
C:\WINDOWS\System32\drivers\aswArPot.sys [199712]
O58 - SDL:2018/08/31 12:08:42 A . (.AVAST Software - IDS Application Activity
Monitor Driver..) -- C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384]
O58 - SDL:2018/08/31 12:08:42 A . (.AVAST Software - Application Activity Monitor
Helper Driver.) -- C:\WINDOWS\System32\drivers\aswbidsha.sys [201320]
O58 - SDL:2018/08/31 12:08:42 A . (.AVAST Software - Logging Driver.) --
C:\WINDOWS\System32\drivers\aswbloga.sys [346664]
O58 - SDL:2018/08/31 12:08:42 A . (.AVAST Software - Universal Driver.) --
C:\WINDOWS\System32\drivers\aswbuniva.sys [59568]
O58 - SDL:2018/08/17 02:13:17 A . (.AVAST Software - Avast ELAM Driver.) --
C:\WINDOWS\System32\drivers\aswElam.sys [15360]
{33000001DEC68215095CFF17C60000000001DE} =>.AVAST Software
O58 - SDL:2018/08/31 12:08:55 A . (.AVAST Software - Avast HWID.) --
C:\WINDOWS\System32\drivers\aswHwid.sys [46968]
{07C70F7CAB145BC1ED385FBE69FA3130} =>.ALWIL Software
O58 - SDL:2018/09/11 17:20:43 A . (.AVAST Software - Avast File System Minifilter
for Windows 20.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [163392]
O58 - SDL:2018/09/01 01:20:25 A . (.AVAST Software - Avast Firewall Driver.) --
C:\WINDOWS\System32\drivers\aswNetSec.sys [662056]
O58 - SDL:2018/08/31 12:08:55 A . (.AVAST Software - Avast WFP Redirect Driver.) --
C:\WINDOWS\System32\drivers\aswRdr2.sys [111864]
O58 - SDL:2018/08/31 12:09:12 A . (.AVAST Software - Avast Revert.) --
C:\WINDOWS\System32\drivers\aswRvrt.sys [87904]
O58 - SDL:2018/08/31 12:08:52 A . (.AVAST Software - Avast Virtualization Driver.)
-- C:\WINDOWS\System32\drivers\aswSnx.sys [1027720]
O58 - SDL:2018/09/04 17:20:44 A . (.AVAST Software - Avast self protection module.)
-- C:\WINDOWS\System32\drivers\aswSP.sys [467320]
O58 - SDL:2018/09/12 21:20:44 A . (.AVAST Software - Stream Filter.) --
C:\WINDOWS\System32\drivers\aswStm.sys [215920]
O58 - SDL:2018/08/31 12:08:55 A . (.AVAST Software - Avast VM Monitor.) --
C:\WINDOWS\System32\drivers\aswVmm.sys [381560]
O58 - SDL:2018/04/12 01:33:48 A . (.Windows (R) Win 7 DDK provider - BCM Function 2
Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R)
Win 7 DDK provider
O58 - SDL:2015/10/01 00:00:32 A . (.Rivet Networks, LLC. - Killer Bandwidth Control
Filter Driver.) -- C:\WINDOWS\System32\drivers\bwcW10x64.sys [141896] =>.Rivet
Networks LLC®
O58 - SDL:2018/04/12 01:33:48 A . (.QLogic Corporation - QLogic Gigabit Ethernet
VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533912]
{330000017469DE108B3765A8D7000000000174} =>.QLogic Corporation
O58 - SDL:2018/04/12 01:33:49 A . (.Chelsio Communications - Chelsio iSCSI Crash
Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [143768]
{330000017469DE108B3765A8D7000000000174}
O58 - SDL:2018/04/12 01:33:49 A . (.Chelsio Communications - Chelsio iSCSI
VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [321432]
{330000017469DE108B3765A8D7000000000174}
O58 - SDL:2018/04/12 01:33:49 A . (.Chelsio Communications - VF library for Chelsio
® T5/T6 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vfx.sys [29184]
O58 - SDL:2018/04/12 01:33:49 A . (.Chelsio Communications - Virtual Bus Driver for
Chelsio ® T5/T6 Chip.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [1836952]
{330000017469DE108B3765A8D7000000000174}
O58 - SDL:2015/09/24 01:03:06 A . (.Qualcomm Atheros, Inc. - Killer e2400 PCI-E
Gigabit Ethernet Control.) -- C:\WINDOWS\System32\drivers\e24w10x64.sys [156744]
=>.Rivet Networks LLC®
O58 - SDL:2018/04/12 01:33:48 A . (.Qualcomm Atheros, Inc. - Killer e2400 PCI-E
Gigabit Ethernet Control.) -- C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920]
=>.Qualcomm Atheros, Inc.
O58 - SDL:2018/04/12 01:33:48 A . (.QLogic Corporation - QLogic 10 GigE VBD.) --
C:\WINDOWS\System32\drivers\evbda.sys [3419032]
{330000017469DE108B3765A8D7000000000174} =>.QLogic Corporation
O58 - SDL:2018/10/15 03:34:56 A . (.Malwarebytes - Malwarebytes Anti-Ransomware
Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys [118584]
O58 - SDL:2012/10/03 16:14:56 A . (.GEAR Software Inc. - CD DVD Filter.) --
C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [33240] =>.GEAR Software Inc.®
O58 - SDL:2018/04/12 01:33:48 A . (.Hewlett-Packard Company - Smart Array SAS/SATA
Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64408]
{330000017469DE108B3765A8D7000000000174} =>.Hewlett-Packard Company
O58 - SDL:2018/04/12 01:33:45 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO
Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [36864]
=>.Intel(R) Corporation
O58 - SDL:2018/04/12 01:33:45 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C
Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R)
Corporation
O58 - SDL:2018/04/12 01:33:45 A . (.Intel Corporation - Intel(R) Serial IO GPIO
Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel
Corporation
Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576]
O58 - SDL:2018/04/12 01:33:45 A . (.Intel Corporation - Intel(R) Serial IO I2C
Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel
Corporation
Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592]
Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128]
=>.Intel Corporation - Client Components Group®
Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152]
O58 - SDL:2015/06/22 05:42:30 A . (.Intel Corporation - Intel(R) Rapid Storage
Technology driver -.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [1455552]
=>.Intel Corporation - Rapid Storage Technology®
O58 - SDL:2018/04/12 01:33:49 A . (.Intel Corporation - Intel(R) Rapid Storage
Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAVC.sys [885144]
{330000017469DE108B3765A8D7000000000174} =>.Intel Corporation
O58 - SDL:2018/04/12 01:33:49 A . (.Intel Corporation - Intel Matrix Storage
Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412064]
{330000017469DE108B3765A8D7000000000174} =>.Intel Corporation
O58 - SDL:2018/04/12 01:33:49 A . (.Mellanox - InfiniBand Fabric Bus Driver.) --
C:\WINDOWS\System32\drivers\ibbus.sys [526232]
{330000017469DE108B3765A8D7000000000174} =>.Mellanox
O58 - SDL:2017/04/13 21:26:50 A . (.Intel Corporation - Intel(R) Wireless
Bluetooth(R) Filter Drive.) -- C:\WINDOWS\System32\drivers\ibtusb.sys [244744]
{330000BBD8C011D30F92827BED00020000BBD8} =>.Intel Corporation
O58 - SDL:2017/05/11 17:27:52 N . (.Intel(R) Corporation - Intel(R) Display Audio
Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [825344]
{56000001C94B6CFC278E455D830000000001C9} =>.Intel(R) Corporation
O58 - SDL:2018/04/12 01:33:48 A . (.Avago Technologies - Avago SAS Gen3.5 Driver
(StorPort).) -- C:\WINDOWS\System32\drivers\ItSas35i.sys [145816]
{330000017469DE108B3765A8D7000000000174} =>.Avago Technologies
O58 - SDL:2015/12/07 19:53:18 A . (.Intel Corporation - Intel® WiDi Solution.) --
C:\WINDOWS\System32\drivers\iwdbus.sys [39920]
{330000B7E741A34024FC3AB6E700020000B7E7} =>.Intel Corporation
O58 - SDL:2018/04/13 20:21:15 A . (...) -- C:\WINDOWS\System32\drivers\lpsport.sys
[61304] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2018/04/12 01:33:48 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver
(StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108952]
{330000017469DE108B3765A8D7000000000174} =>.LSI Corporation
O58 - SDL:2018/04/12 01:33:48 A . (.LSI Corporation - LSI SAS Gen2 Driver
(StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [124312]
O58 - SDL:2018/04/12 01:33:48 A . (.Avago Technologies - Avago SAS Gen3 Driver
(StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [128408]
O58 - SDL:2018/04/12 01:33:48 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver
(StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82848]
O58 - SDL:2018/09/11 13:18:22 A . (.Malwarebytes - Malwarebytes Anti-Exploit.) --
C:\WINDOWS\System32\drivers\mbae64.sys [152688]
O58 - SDL:2018/10/15 03:35:03 A . (.Malwarebytes - Malwarebytes Real-Time
Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys [58400]
O58 - SDL:2018/10/14 19:59:08 A . (.Malwarebytes - Malwarebytes Chameleon.) --
C:\WINDOWS\System32\drivers\MbamChameleon.sys [200232]
O58 - SDL:2018/10/15 03:34:54 A . (.Malwarebytes - Malwarebytes SwissArmy.) --
C:\WINDOWS\System32\drivers\mbamswissarmy.sys [260384]
O58 - SDL:2018/04/12 01:33:48 A . (.Avago Technologies - MEGASAS RAID Controller
Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59800]
Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [75160]
Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas35i.sys [82328]
O58 - SDL:2018/04/12 01:33:48 A . (.LSI Corporation, Inc. - LSI MegaRAID Software
RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575896]
{330000017469DE108B3765A8D7000000000174} =>.LSI Corporation, Inc.
O58 - SDL:2018/04/12 01:33:49 A . (.Mellanox - MLX4 Bus Driver.) --
C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648]
{330000017469DE108B3765A8D7000000000174} =>.Mellanox
O58 - SDL:2018/04/12 01:33:48 A . (.Marvell Semiconductor, Inc. - Marvell Flash
Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63904]
{330000017469DE108B3765A8D7000000000174} =>.Marvell Semiconductor, Inc.
O58 - SDL:2018/10/15 03:34:56 A . (.Malwarebytes - Malwarebytes Web Protection.) --
C:\WINDOWS\System32\drivers\mwac.sys [110424] {044E3BF58976880FFD074448A8F7A058}
=>.Malwarebytes
O58 - SDL:2018/04/12 01:33:49 A . (.Mellanox - NetworkDirect Support Filter
Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108952]
{330000017469DE108B3765A8D7000000000174} =>.Mellanox
O58 - SDL:2018/07/08 03:49:07 A . (.SoftEther Corporation - SoftEther VPN.) --
C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216] =>.SoftEther Corporation®
O58 - SDL:2018/04/12 01:33:45 A . (.Intel Corporation - Intel® Wireless WiFi Link
Driver.) -- C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728] =>.Intel
Corporation
O58 - SDL:2013/03/01 03:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6
AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [36600]
=>.Riverbed Technology, Inc.®
O58 - SDL:2018/04/12 01:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID
Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150424]
{330000017469DE108B3765A8D7000000000174} =>.NVIDIA Corporation
O58 - SDL:2018/04/12 01:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata
Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166304]
{330000017469DE108B3765A8D7000000000174} =>.NVIDIA Corporation
O58 - SDL:2016/06/02 05:03:46 A . (.NVIDIA Corporation - NVIDIA Virtual Audio
Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys [50472] =>.NVIDIA
Corporation®
Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58776]
Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848]
O58 - SDL:2018/04/12 01:33:53 RA . (.Realtek - Realtek PCIe GBE Family Controller
Flight.) -- C:\WINDOWS\System32\drivers\rteth.sys [65536] =>.Realtek
O58 - SDL:2017/04/13 05:37:46 A . (.Realtek Semiconductor Corp. - Realtek(r) High
Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys
[5721080] {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor Corp.
O58 - SDL:2016/06/02 05:04:27 A . (.Realsil Semiconductor Corporation - RTS USB
READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [411712] =>.Microsoft
Windows Hardware Compatibility Publisher®
O58 - SDL:2018/07/08 03:48:25 A . (.SoftEther Corporation - SoftEther VPN.) --
C:\WINDOWS\System32\drivers\SeLow_x64.sys [51024] =>.SoftEther Corporation®
O58 - SDL:2018/04/12 01:33:49 A . (.Silicon Integrated Systems Corp. - SiS RAID
Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44952]
{330000017469DE108B3765A8D7000000000174} =>.Silicon Integrated Systems Corp.
O58 - SDL:2018/04/12 01:33:49 A . (.Silicon Integrated Systems - SiS AHCI Stor-
Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81816]
{330000017469DE108B3765A8D7000000000174} =>.Silicon Integrated Systems
O58 - SDL:2017/05/16 23:55:16 A . (.Synaptics Incorporated - Synaptics SMBus
Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [69184]
O58 - SDL:2017/05/16 23:55:18 A . (.Synaptics Incorporated - Synaptics SMBus
Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [72768]
O58 - SDL:2018/04/12 01:33:49 A . (.Promise Technology, Inc. - Promise SuperTrak EX
Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31128]
{330000017469DE108B3765A8D7000000000174} =>.Promise Technology, Inc.
O58 - SDL:2018/06/09 23:04:35 A . (.Symantec Corporation - Symantec Event Library.)
-- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS [99920]
{7FD62B0634ECD1E133979DB26C1EAB75} =>.Symantec Corporation
O58 - SDL:2017/05/16 23:55:38 A . (.Synaptics Incorporated - Synaptics Touchpad
Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [940088] =>.Synaptics
Incorporated®
O58 - SDL:2016/04/21 11:10:04 A . (.The OpenVPN Project - TAP-Windows Virtual
Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tap0901.sys [27136]
=>.The OpenVPN Project
O58 - SDL:2018/05/21 14:34:04 A . (.The OpenVPN Project - TAP-Windows Virtual
Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tapexpressvpn.sys
[45024] {07A0ED6DDF2FFED5914CCF4CAB68B414} =>.The OpenVPN Project
O58 - SDL:2015/07/29 05:37:20 A . (.Intel Corporation - Intel(R) Management Engine
Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [184608] =>.Intel
Corporation - Embedded Subsystems and IP Blocks Group®
O58 - SDL:2015/06/17 17:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.)
-- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2017/08/21 03:50:50 A . (.USBPcap - USBPcap Driver.) --
C:\WINDOWS\System32\drivers\USBPcap.sys [50224]
{6D4606FAF6D69E1D063390B38AFF8F82}
O58 - SDL:2018/04/12 01:34:14 A . (...) -- C:\WINDOWS\System32\drivers\UsbPmApi.sys
[39936]
O58 - SDL:2018/04/12 01:33:49 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR
AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166808]
{330000017469DE108B3765A8D7000000000174} =>.VIA Technologies Inc.,Ltd
O58 - SDL:2018/04/12 01:33:49 A . (.VIA Corporation - VIA StorX RAID Controller
Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560]
{330000017469DE108B3765A8D7000000000174} =>.VIA Corporation
O58 - SDL:2018/04/12 01:33:49 A . (.Mellanox - Kernel WinMad.) --
C:\WINDOWS\System32\drivers\winmad.sys [32152]
{330000017469DE108B3765A8D7000000000174} =>.Mellanox
O58 - SDL:2018/04/12 01:33:49 A . (.Mellanox - Kernel WinVerbs.) --
C:\WINDOWS\System32\drivers\winverbs.sys [64920]
{330000017469DE108B3765A8D7000000000174} =>.Mellanox
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (19) - 9s

O61 - LFC: 2018/10/08 00:07:36 A . (.Letasoft LLC.) --
C:\Users\GP72\Downloads\SoundBoosterSetup.exe [7045416]
{09F6F084764B3FF5686B213D91D8AB64}
O61 - LFC: 2018/10/14 05:48:09 A . (..) -- C:\Users\GP72\Desktop\Bureau3\Tor
Browser\Browser\TorBrowser\Data\Browser\Caches\profile.default\startupCache\scriptC
ache-child-current.bin [1563938]
ache-child.bin [1278320]
ache-current.bin [5917985]
ache.bin [6205903]
Browser\Browser\TorBrowser\Data\Browser\Caches\profile.default\startupCache\urlCach
e-current.bin [3179]
Browser\Browser\TorBrowser\Data\Browser\Caches\profile.default\startupCache\urlCach
e.bin [3583]
O61 - LFC: 2018/10/14 22:33:38 A . (..) --
C:\Users\GP72\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1
h2txyewy\LocalState\Features\du.bin [2326]
O61 - LFC: 2018/10/08 11:30:06 A . (..) --
C:\Users\GP72\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [8379002]
O61 - LFC: 2018/10/13 20:42:56 A . (..) --
C:\Users\GP72\AppData\Local\NVIDIA\NvBackend\Packages\0000ca00\DAO.25079716.exe
[3713456] {4FBE0A02426EBD20C26244B5ECA652A3}
O61 - LFC: 2018/10/08 20:38:05 A . (..) --
C:\Users\GP72\AppData\Local\NVIDIA\NvBackend\Packages\0000c8e1\CoProc
update.25053413.exe [812360] {4FBE0A02426EBD20C26244B5ECA652A3}
O61 - LFC: 2018/10/08 04:11:07 A . (..) --
C:\Users\GP72\AppData\Local\Mozilla\Firefox\Profiles\avsi81qo.default\startupCache\
scriptCache-child-current.bin [338668]
O61 - LFC: 2018/10/12 22:41:16 A . (..) --
scriptCache-child.bin [1135770]
O61 - LFC: 2018/10/08 04:11:07 A . (..) --
scriptCache-current.bin [4168478]
O61 - LFC: 2018/10/12 22:41:16 A . (..) --
scriptCache.bin [5190508]
O61 - LFC: 2018/10/08 04:11:07 A . (..) --
urlCache-current.bin [3027]
O61 - LFC: 2018/10/12 22:41:16 A . (..) --
urlCache.bin [2971]
O61 - LFC: 2018/10/15 03:34:44 A . (..) --
C:\Users\GP72\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2018/10/09 19:18:30 A . (..) --
C:\Users\GP72\AppData\Local\Google\Chrome\User
Data\PepperFlash\31.0.0.122\pepflashplayer.dll [31308288]
{06F04788031055D31DEFFEFCD026D6C5}
---\\ Associations Shell Spawning (10) - 0s

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft
Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft
Corporation - Lanceur du composant logiciel enfichable Ob.) --
C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft
Corporation - Internet Explorer.) -- C:\Program Files\Internet
Explorer\iexplore.exe {33000001797C2E574E52E1CAD6000100000179} =>.Microsoft
Corporation
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation
- Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft
Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft
Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Menu de démarrage Internet (16) - 0s

O68 - StartMenuInternet: <Firefox-308046B0AF4A39CB> <Mozilla
Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) --
O68 - StartMenuInternet: <Google Chrome> <Google
Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program
Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet
Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.)
-- C:\Program Files\Internet Explorer\iexplore.exe
{33000001797C2E574E52E1CAD6000100000179} =>.Microsoft Corporation
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command]
(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
{0FDE84F0D55D8D3368325DC0CDC4A979} =>.Opera Software
Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox
Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla
Corporation
Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) --
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation -
Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <OperaStable> <Opera
Stable>[HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet
Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox
Corporation
Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) --
Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation -
Stable>[HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet
Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox
Corporation
Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) --
Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation -
Stable>[HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet
---\\ Recherche d'infection sur les navigateurs (3) - 3s

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) -
http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} -
(@ieframe.dll,-12512) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {F949342D-4FB6-4BE7-A0B7-D17D54DA2751}
[DefaultScope] - (Bing) - http://www.bing.com/
---\\ Enumère les services démarrés par Svchost (48) - 0s

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation
- Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation
- Service de propagation de certificats de ca.) -- C:\WINDOWS\System32\certprop.dll
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft
Corporation - DLL du service Serveur.) -- C:\WINDOWS\system32\srvsvc.dll [271360]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de
stratégie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll [1267712] =>.Microsoft
Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation -
Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll [990720] =>.Microsoft
Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation -
Service offrant une connectivité IPv6 sur u.) -- C:\WINDOWS\System32\iphlpsvc.dll
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL
de service d’ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation -
Service de découverte iSCSI.) -- C:\WINDOWS\system32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation -
Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll [109568]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation -
Service du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [889344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.)
-- C:\WINDOWS\system32\wbem\WMIsvc.dll [224256] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation -
ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [396800] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation -
Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft
Corporation - Rapports et solutions aux problèmes.) --
C:\WINDOWS\System32\wercplsupport.dll [119808] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft
Corporation - InstallService.) -- C:\Windows\System32\InstallService.dll
O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Fournit
une prise en charge de l'infrastruc.) --
C:\WINDOWS\System32\LanguageOverlayServer.dll [199680] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation -
SharedPC.AccountManager.) --
C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [195584] =>.Microsoft
Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft
Corporation - PushToInstall.) -- C:\WINDOWS\system32\PushToInstall.dll [262144]
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation
- Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1308672]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service
Assistant Connectivité réseau Micro.) -- C:\WINDOWS\System32\ncasvc.dll [167936]
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft
Corporation - DLL Windows Management Service.) --
C:\Windows\System32\Windows.Internal.Management.dll [827392] =>.Microsoft
Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft
Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service
BDE.) -- C:\WINDOWS\System32\bdesvc.dll [402944] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) .
(.Microsoft Corporation - Service d’authentification naturelle.) --
C:\WINDOWS\System32\NaturalAuth.dll [824832] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation
- Service Configuration du réseau.) -- C:\WINDOWS\System32\NetSetupSvc.dll
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation -
Service de compte Microsoft®.) -- C:\WINDOWS\system32\wlidsvc.dll [2248192]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation -
Gestionnaire d’installation de périphérique.) --
C:\WINDOWS\System32\DeviceSetupManager.dll [235520] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation
- UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [1027584] =>.Microsoft
Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du
service des thèmes Windows Shell.) -- C:\WINDOWS\system32\themeservice.dll
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation -
Xbox Gip Management Service.) -- C:\WINDOWS\System32\XboxGipSvc.dll [58880]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation -
Service Informations d’application.) -- C:\WINDOWS\System32\appinfo.dll [166912]
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation
- Broker à jetons.) -- C:\Windows\System32\TokenBroker.dll [1395200]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service de
géolocalisation.) -- C:\WINDOWS\System32\lfsvc.dll [44544] =>.Microsoft
Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Moniteur
infrarouge.) -- C:\WINDOWS\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation -
Gestionnaire de numérotation automatique d’.) -- C:\WINDOWS\System32\rasauto.dll
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation -
Gestionnaire des connexions d’accès à dista.) -- C:\WINDOWS\System32\rasmans.dll
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft
Corporation - Gestionnaire d’interface dynamique.) --
C:\Windows\System32\mprdim.dll [497664] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de
notification d’événements systèm.) -- C:\WINDOWS\System32\sens.dll [73216]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft
Corporation - Composants de l’application d’assistance à.) --
C:\WINDOWS\System32\ipnathlp.dll [604672] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation -
Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation -
Agent de mise à jour automatique Windows Up.) -- C:\WINDOWS\system32\wuaueng.dll
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de
transfert intelligent en arrière.) -- C:\WINDOWS\System32\qmgr.dll [1374208]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft
Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft
Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856]
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Paramètres
de vol.) -- C:\Windows\System32\flightsettings.dll [858112] =>.Microsoft
Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation -
Service du système de notifications Push Wi.) -- C:\WINDOWS\system32\WpnService.dll
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft
Corporation - Xbox Live Networking Service.) --
C:\WINDOWS\system32\XboxNetApiSvc.dll [1148928] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Mettre à
jour la session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [1375232]
---\\ Liste des exceptions du parefeu Windows (2) - 1s

O87 - FAEL: "UDP Query User{8DB3616D-4532-4A6D-9095-95EAB3F9443E}C:\program
files\adobe\adobe dreamweaver cc 2018\node\node.exe" [In-None-P17-TRUE] .(.Node.js
- Node.js: Server-side JavaScript.) -- C:\program files\adobe\adobe dreamweaver cc
2018\node\node.exe {452FE397C722A729B58C15488C644C76}
O87 - FAEL: "TCP Query User{6D05412E-5925-414B-95CA-0C991B2C20B1}C:\program
files\adobe\adobe dreamweaver cc 2018\node\node.exe" [In-None-P6-TRUE] .(.Node.js -
Node.js: Server-side JavaScript.) -- C:\program files\adobe\adobe dreamweaver cc
2018\node\node.exe {452FE397C722A729B58C15488C644C76}
---\\ Scan Additionnel (1) - 0s

~ Aucun élément malicieux ou superflu trouvé.
---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s

~ Aucun élément malicieux ou superflu trouvé.
~ End of the scan, 34354 items in 00h02mn16s (1246)(0)

ZHPDiag

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

ZHPDiag

Hochgeladen von

Copyright:

Verfügbare Formate

~ ZHPDiag v2016.1.31.

23 Par Nicolas Coolman (2016/01/30)

---\\ Navigateurs Internet (4) - 1s

---\\ Informations sur les produits Windows (8) - 0s

---\\ Logiciels de protection (2) - 3s

---\\ Logiciels d'optimisation (1) - 4s

---\\ Logiciels de partage P2P (1) - 4s

---\\ Informations sur le système (6) - 0s

---\\ Mode de connexion au système (3) - 0s

---\\ Enumération des unités disques (2) - 0s

---\\ Etat du Centre de Sécurité Windows (7) - 0s

---\\ Recherche particulière de fichiers génériques (25) - 1s

---\\ Liste des services NT non Microsoft et non désactivés (33) - 2s

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (48) - 61s

SR - Auto [02/09/2015] [ 77104] Apple Mobile Device Service (Apple Mobile

---\\ Tâches planifiées en automatique (44) - 5s

---\\ Processus lancés (70) - 5s

---\\ Google Chrome, Démarrage,Recherche,Extensions (10) - 0s

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (5) - 0s

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (16) - 0s

---\\ Internet Explorer,Proxy Management (2) - 0s

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s

---\\ Etude du fichier hosts (1) - 0s

---\\ Browser Helper Object de navigateur (BHO) (4) - 0s

---\\ Internet Explorer, Barre d'outil (1) - 1s

---\\ Applications lancées au démarrage du système (31) - 1s

---\\ Raccourcis Global Startup (81) - 4s

---\\ Modification Domaine/Adresses DNS (4) - 0s

---\\ Protocole additionnel (27) - 0s

---\\ Liste des clés Explorer StartupApproved (16) - 0s

---\\ Logiciels installés (152) - 11s

---\\ HKCU & HKLM Software Keys (114) - 11s

---\\ Contenu des dossiers Programmes (278) - 10s

---\\ ShellIconOverlayIdentifiers (SIOI) (11) - 1s

---\\ Liste des pilotes du système (96) - 7s

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (19) - 9s

---\\ Associations Shell Spawning (10) - 0s

---\\ Menu de démarrage Internet (16) - 0s

---\\ Recherche d'infection sur les navigateurs (3) - 3s

---\\ Enumère les services démarrés par Svchost (48) - 0s

---\\ Liste des exceptions du parefeu Windows (2) - 1s

---\\ Scan Additionnel (1) - 0s

---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s

~ End of the scan, 34354 items in 00h02mn16s (1246)(0)

Das könnte Ihnen auch gefallen