~ Rapport de ZHPDiag v2014.8.25.124 - Nicolas Coolman (25/08/2014) ~ Lancé par mab (27/08/2014 08:01:43) ~ Adresse du Site Web http://nicolascoolman.fr ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17207 MFIE: Mozilla Firefox 31.0 (Defaut) GCIE: Google Chrome v37.0.2062.94 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8.1 Pro, 64-bit (Build 9600) Windows Server License Manager Script : OK ~ Windows(R) Operating System, RETAIL channel Windows ID Activation : OK ~ Windows Partial Key : PDG67 Windows License : OK ~ Windows Remaining Initializations Number : 1000 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système G Data TotalProtection v25.0.1.5 Malwarebytes Anti-Malware version 2.0.2.1012 ESET Online Scanner v3 Windows Defender W8 (Deactivate) ---\\ Logiciels d'optimisation du système CCleaner v4.16 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 14 Plugin Adobe Reader XI ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 32646 MB (92% free) System Restore: Activé (Enable) System drive C: has 163 GB (73%) free of 223 GB ---\\ Mode de connexion au système ~ Computer Name: ASUS18 ~ User Name: mab ~ All Users Names: UpdatusUser, noyoy_000, mab, JPB, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\mab\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\mab\AppData\Roaming\ ~ %Desktop% : C:\Users\mab\Desktop\ ~ %Favorites% : C:\Users\mab\Favorites\ ~ %LocalAppData% : C:\Users\mab\AppData\Local\ ~ %StartMenu% : C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go) C: Hard drive, Flash drive, Thumb drive (Free 163 Go of 223 Go) D: Hard drive, Flash drive, Thumb drive (Free 1596 Go of 1685 Go) E: Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go) F: Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go) G: Hard drive, Flash drive, Thumb drive (Free 295 Go of 304 Go) L: Hard drive, Flash drive, Thumb drive (Free 177 Go of 183 Go) T: Hard drive, Flash drive, Thumb drive (Free 181 Go of 184 Go) V: CD-ROM drive (Not Inserted) Y: Hard drive, Flash drive, Thumb drive (Free 272 Go of 310 Go) Z: Hard drive, Flash drive, Thumb drive (Free 49 Go of 107 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 41 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Explorateur Windows.) (.03/06/2014 - 17:46:32.) -- C:\Windows\Explorer.exe [2373784] [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384] [MD5.2EE102DF0EDD8A1EDD3D1E9B99A91BEC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/06/2014 - 23:58:27.) -- C:\Windows\System32\wininet.dll [2266112] [MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.18/03/2014 - 11:13:57.) -- C:\Windows\System32\Winlogon.exe [562176] [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.18/03/2014 - 11:14:00.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.03/06/2014 - 17:46:32.) -- C:\Windows\system32\Drivers\DfsC.sys [134144] [MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.03/06/2014 - 17:45:09.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312] [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 11:14:02.) -- C:\Windows\system32\Drivers\IpNat.sys [142848] [MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/04/2014 - 07:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624] [MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/06/2014 - 17:46:32.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.18/03/2014 - 10:41:39.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520] [MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.03/06/2014 - 17:45:09.) -- C:\Windows\system32\Drivers\volsnap.sys [310616] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/4335 ~ Mes musiques (My Musics) : 1/729 ~ Mes Videos (My Videos) : 1/55 ~ Mes Favoris (My Favorites) : 1/6 ~ Mes Documents (My Documents) : 1/2319 ~ Mon Bureau (My Desktop) : 1/62 ~ Menu demarrer (Programs) : 1/35 ~ Hidden Files: Scanned in 00mn 02s ---\\ Processus lancés [MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.4228] [MD5.E2C460BE430173E81995BB1484FEEE0E] - (.G Data Software AG - G Data Security Software.) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe [1725048] [PID.4660] [MD5.53742B73F45ED13B63D8B824E2814FD7] - (.G Data Software AG - G Data Security Software G Data GDKBFltExe.) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltexe32.exe [868472] [PID.4160] [MD5.63A2D767B9261B4F33F97BF88F2FB197] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [276328] [PID.5756] [MD5.88354CCEE11A1621B5C7951BFF999474] - (.Microsoft Corporation - Send to OneNote Tool.) -- C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe [195248] [PID.5232] [MD5.0B6307FB3D24EACBB86A51E285E1F384] - (.G Data Software AG - G Data Personal Firewall.) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1756792] [PID.2864] [MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.6120] [MD5.2FB757B35C94B1C1C65BA35E4E7EC0F2] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [174952] [PID.6336] [MD5.F9DFC08677FC9AC81DD5ACA5EE879E47] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [565096] [PID.6524] [MD5.B2F0B501A7C017F21C4B4417623895BD] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [367976] [PID.6860] [MD5.836017731EEE9F923DB83AEB2C316F90] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8097792] [PID.2432] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [User Data\Default] [aapbdbdomjkkjkaonfhkkikfgjllcleb] Google Translate v.1.2.5 (Activé) G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 (Activé) G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé) G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [User Data\Default] [cjpalhdlnbpafiamejdnhcphjbkeiagm] µBlock v.0.4.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [kgleioieeffejophokeklefchfglgmnk] Malware Search v.0.1.2 (Activé) G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [kngglkijfekbhidmchmlfmpkdffmedob] Blockulicious v.5.16.11, (Activé) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé) G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ---\\ Liste des dossiers d'extension Google Chrome G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [Google Translate] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Docs] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [µBlock] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgleioieeffejophokeklefchfglgmnk [Malware Search] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngglkijfekbhidmchmlfmpkdffmedob [Blockulicious] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet] G2 - EXT: C:\Users\mab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail] ~ Google Lines Browser: 31 Scanned in 00mn 02s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M0 - MFSP: prefs.js [mab - gu23fcc3.default] http://www.google.fr M2 - MFEP: prefs.js [mab - gu23fcc3.default\{91aa5abe-9de4-4347-b7b5-322c38dd9271}] [] Clippings v4.1 (..) M2 - MFEP: prefs.js [mab - gu23fcc3.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.23 (..) M2 - MFEP: Extension [mab - gu23fcc3.default] {27c60876-b5c9-4335-b4f3-52b26782220c} M2 - MFEP: Extension [mab - gu23fcc3.default] {91A6D6AB-3E9A-4C00-A3CF-B08CBE803A2E} M2 - MFEP: Extension [mab - gu23fcc3.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} =>.Adblock Plus Extension Mozilla Firefox P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ~ Firefox Browser: 8 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17031 (winblue_gdr.140221-1952)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 15 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.dll =>.Microsoft Corporation O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll ~ BHO: 6 Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe O4 - HKLM\..\Wow6432Node\Run: [EaseUS EPM tray] . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Partition Master Free Edition Applic.) -- D:\Logiciels\Easeus\EaseUS Partition Master 9.2.2\bin\EpmNews.exe O4 - HKLM\..\Wow6432Node\Run: [KeePass 2 PreLoad] . (.Dominik Reichl - KeePass.) -- L:\KeePass Password Safe 2\KeePass.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [GDFirewallTray] . (.G Data Software AG - G Data Personal Firewall.) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Wow6432Node\Run: [AcronisTibMounterMonitor] . (.Acronis International GmbH - Acronis TIB Mounter Monitor.) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.) O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7069F582-D883-4865-BA98-4CC7F02A6E47}: DhcpNameServer = 192.168.8.1 192.168.8.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E6CD2BA2-6397-4D49-87AD-702681405BD0}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{E6CD2BA2-6397-4D49-87AD-702681405BD0}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{7069F582-D883-4865-BA98-4CC7F02A6E47}: DhcpNameServer = 192.168.8.1 192.168.8.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{E6CD2BA2-6397-4D49-87AD-702681405BD0}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{E6CD2BA2-6397-4D49-87AD-702681405BD0}: DhcpDomain = lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 311.) - C:\Windows\system32\nvinitx.dll ~ AppInit DLL: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Windows\System32\AdminService.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) . (...) - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: Planificateur G Data (AVKService) . (...) - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe O23 - Service: Gardien du système de fichiers G Data (AVKWCtl) . (.G Data Software AG - G Data Filesystem Monitor Service.) - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe O23 - Service: Service G Data Backup (GDBackupSvc) . (.G Data Software AG - G Data TotalProtection Backup Service.) - C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.6.) - C:\WINDOWS\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) - L:\TeamViewer\TeamViewer_Service.exe ~ Services: 12 Scanned in 00mn 05s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.88077CF32319BEE612C82EBF54680DE8] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4626712] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1072] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1072] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1076] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1076] ~ Scheduled Task: 6 Scanned in 00mn 01s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll ~ Active Setup: 9 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: oem28.inf (Eve) . (...) - C:\Windows\system32\DRIVERS\eve.sys O41 - Driver: (gddcv) . (.G Data Software AG - G Data Device Control FSFilter Driver.) - C:\WINDOWS\system32\drivers\gddcv64.sys O41 - Driver: (GDKBFlt) . (.G Data Software AG - G Data Security Software G Data GDKBFlt.) - C:\WINDOWS\system32\drivers\GDKBFlt64.sys O41 - Driver: (GDMnIcpt) . (.G Data Software AG - Filesystem MiniInterceptor (Mini Filter).) - C:\WINDOWS\system32\drivers\MiniIcpt.sys O41 - Driver: (gdwfpcd) . (.G Data Software AG - G Data WFP Callout Driver (6.2).) - C:\Windows\System32\drivers\gdwfpcd64.sys O41 - Driver: (GRD) . (.G Data Software - G Data Rootkit Detector Driver.) - C:\WINDOWS\system32\drivers\GRD.sys O41 - Driver: (HookCentre) . (.G Data Software AG - Security Hook.) - C:\WINDOWS\system32\drivers\HookCentre.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys ~ Drivers: 48 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {FF21C3E6-97FD-474F-9518-8DCBE94C2854} O42 - Logiciel: Acronis True Image 2014 - (.Acronis.) [HKLM][64Bits] -- {1627D0D3-BDF7-4C04-89B9-1124F9D620DE} O42 - Logiciel: Acronis True Image 2014 - (.Acronis.) [HKLM][64Bits] -- {1627D0D3-BDF7-4C04-89B9-1124F9D620DE}Visible O42 - Logiciel: Adblock Plus for IE - (...) [HKLM][64Bits] -- {fd97d1e2-368a-4cd9-af63-8eeff938044a} O42 - Logiciel: Adblock Plus pour IE (32-bits et 64-bits) - (.Eyeo GmbH.) [HKLM][64Bits] -- {2AB7FF34-79B5-44AE-B59F-F9E94CEB879A} O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader XI (11.0.08) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: ESET Online Scanner v3 - (...) [HKLM][64Bits] -- ESET Online Scanner O42 - Logiciel: EaseUS Partition Master 9.2.2 - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master_is1 O42 - Logiciel: FileZilla Client 3.8.1 - (.Tim Kosse.) [HKLM][64Bits] -- FileZilla Client O42 - Logiciel: FormatFactory 3.3.5.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory O42 - Logiciel: Freemake Video Converter version 4.1.4 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1 O42 - Logiciel: G Data TotalProtection - (.G Data Software AG.) [HKLM][64Bits] -- {6715BEB5-01F1-41AC-B44B-0A78CD50C433} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HP Customer Participation Program 14.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities O42 - Logiciel: HP Imaging Device Functions 14.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions O42 - Logiciel: HP Officejet Pro 8500 A909 Series - (.HP.) [HKLM][64Bits] -- {49C2B7C1-A4E7-4770-8E30-255795AD4712} =>.Hewlett-Packard Co O42 - Logiciel: HP Solution Center 14.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE} O42 - Logiciel: HyperSnap 7 - (.Hyperionics Technology LLC.) [HKLM][64Bits] -- HyperSnap 7 O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: KeePass Password Safe 2.27 - (.Dominik Reichl.) [HKLM][64Bits] -- KeePassPasswordSafe2_is1 O42 - Logiciel: Logiciel Logitech Unifying 2.50 - (.Logitech.) [HKLM][64Bits] -- Logitech Unifying O42 - Logiciel: MPM - (.Hewlett-Packard.) [HKLM][64Bits] -- {8AEA6737-8AF3-47BB-95CE-AAB62BE68985} O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Mozilla Firefox 31.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 31.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Mozilla Thunderbird 24.5.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 24.5.0 (x86 fr) =>.Mozilla Corporation O42 - Logiciel: Mozilla Thunderbird 31.0 (x86 fr) - (.Mozilla.) [HKCU][64Bits] -- Mozilla Thunderbird 31.0 (x86 fr) =>.Mozilla Corporation O42 - Logiciel: NVIDIA Logiciel système PhysX 9.13.0325 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {427867D2-9459-4C7B-81E8-2CA570596645} O42 - Logiciel: NVIDIA Pilote graphique 311.66 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ O42 - Logiciel: OCR Software by I.R.I.S. 14.0 - (.HP.) [HKLM][64Bits] -- HPOCR O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE} O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE} O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE} O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: PhotoFiltre Studio X - (...) [HKCU][64Bits] -- PhotoFiltre Studio X O42 - Logiciel: PhotoScissors 1.1 - (.teorex.) [HKLM][64Bits] -- {664FCCAE-8187-4EC5-B191-758C040C999C}_is1 O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller O42 - Logiciel: SRWare Iron version SRWare Iron 35.0.1900.0 - (.SRWare.) [HKLM][64Bits] -- {C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1 O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 9 O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: VSO Downloader 4.0.0.19 - (.VSO Software.) [HKLM][64Bits] -- {A0D0BA9E-F1A6-44FF-AA14-03ED96B3D56D}_is1 O42 - Logiciel: VSO EVE Network Driver version 1.0.0.26 - (.VSO Software.) [HKLM][64Bits] -- {AC0AFDC9-4FB1-44FE-B3E1-82300BF3D756}_is1 O42 - Logiciel: VSO Media Player 1.4.3.486 - (.VSO Software.) [HKLM][64Bits] -- {59F1E8E6-60EC-4CC1-8C72-E0F38E585215}_is1 O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst O42 - Logiciel: ZebHelpProcess 2014 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZebHelpProcess_is1 O42 - Logiciel: e-Carte Bleue La Banque Postale - (...) [HKLM][64Bits] -- {11B0F8D4-FD80-4800-ABA8-50D28FF769AF} ~ Logic: 56 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Acronis] [HKCU\Software\AdblockPlus] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\LastScanTime] [HKCU\Software\AppDataLow\Software\G DATA] [HKCU\Software\AppDataLow] [HKCU\Software\Borland] [HKCU\Software\Chromium] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Digital River] [HKCU\Software\EASEUSTodoBackupTime] [HKCU\Software\ESET] [HKCU\Software\EaseUS] [HKCU\Software\EpmNewsInfo] [HKCU\Software\FreeTime] [HKCU\Software\Freemake] [HKCU\Software\G Data] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\Hyperionics] [HKCU\Software\I.R.I.S.] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\Iris] [HKCU\Software\LoadTool] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogiShrd] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\Mine] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PDFCreator] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PrtScr] [HKCU\Software\QtProject] [HKCU\Software\RegisteredApplications] [HKCU\Software\SourceForge] [HKCU\Software\TeamViewer] [HKCU\Software\Teorex] [HKCU\Software\Thunderbird] =>.Mozilla Corporation [HKCU\Software\Trolltech] [HKCU\Software\UnFREEz] [HKCU\Software\VSO] [HKCU\Software\VSRevoGroup] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\Acronis] [HKLM\Software\Adblock Plus for IE] [HKLM\Software\Atheros] [HKLM\Software\Borland] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\FileZilla 3] [HKLM\Software\G Data] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HookCentre] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Logishrd] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Wow6432Node\AGEIA Technologies] [HKLM\Software\Wow6432Node\Acronis] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Auslogics] [HKLM\Software\Wow6432Node\AviSynth] [HKLM\Software\Wow6432Node\Borland] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\DRWDemo] [HKLM\Software\Wow6432Node\DeskSoft] [HKLM\Software\Wow6432Node\EASEUS] [HKLM\Software\Wow6432Node\Eset] [HKLM\Software\Wow6432Node\FileZilla 3] [HKLM\Software\Wow6432Node\Freemake] [HKLM\Software\Wow6432Node\G DATA Software] [HKLM\Software\Wow6432Node\G Data] [HKLM\Software\Wow6432Node\GNU] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HaaliMkx] [HKLM\Software\Wow6432Node\Hewlett-Packard] [HKLM\Software\Wow6432Node\Hyperionics] [HKLM\Software\Wow6432Node\ICE] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\NVIDIA Corporation] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\PDFCreator] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\RecordDISCXXX] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\SoftVTU] [HKLM\Software\Wow6432Node\Softgogo] [HKLM\Software\Wow6432Node\TeamViewer] [HKLM\Software\Wow6432Node\VSO] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\WinPcap] [HKLM\Software\Wow6432Node\e-Carte Bleue La Banque Postale] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] ~ Key Software: 243 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 20/07/2014 - 18:45:52 - [] ----D C:\Program Files (x86)\Acronis O43 - CFD: 19/06/2014 - 16:50:54 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 03/06/2014 - 13:43:59 - [0] ----D C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 16/08/2014 - 16:39:56 - [] ----D C:\Program Files (x86)\Belarc O43 - CFD: 02/08/2014 - 07:59:57 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 23/08/2014 - 13:49:50 - [] ----D C:\Program Files (x86)\e-Carte Bleue BP O43 - CFD: 19/07/2014 - 19:51:21 - [] ----D C:\Program Files (x86)\ESET O43 - CFD: 06/07/2014 - 18:48:44 - [] ----D C:\Program Files (x86)\G Data O43 - CFD: 03/06/2014 - 18:45:35 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 02/08/2014 - 08:00:32 - [] ----D C:\Program Files (x86)\HP O43 - CFD: 07/06/2014 - 18:14:02 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 03/06/2014 - 13:08:25 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 23/08/2014 - 13:49:54 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 23/08/2014 - 13:50:23 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 02/08/2014 - 08:18:29 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 05/06/2014 - 16:04:55 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 25/07/2014 - 05:53:24 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 05/06/2014 - 16:08:17 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 23/08/2014 - 13:49:50 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 23/08/2014 - 13:49:50 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 03/06/2014 - 17:50:12 - [] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 23/08/2014 - 13:49:50 - [] ----D C:\Program Files (x86)\PDFCreator O43 - CFD: 23/08/2014 - 13:49:50 - [] ----D C:\Program Files (x86)\PhotoFiltre Studio X O43 - CFD: 03/06/2014 - 14:51:03 - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 23/08/2014 - 13:49:50 - [] ----D C:\Program Files (x86)\SRWare Iron O43 - CFD: 15/08/2014 - 14:58:59 - [] ----D C:\Program Files (x86)\Two Pilots O43 - CFD: 19/06/2014 - 07:47:52 - [] ----D C:\Program Files (x86)\VSO O43 - CFD: 03/06/2014 - 18:45:27 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 18/03/2014 - 11:26:19 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 03/06/2014 - 17:50:12 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 18/03/2014 - 12:33:30 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 18/03/2014 - 11:26:19 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 18/03/2014 - 12:33:30 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 03/06/2014 - 17:50:12 - [] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 23/08/2014 - 13:49:50 - [] ----D C:\Program Files (x86)\ZebHelpProcess O43 - CFD: 27/08/2014 - 08:01:28 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 20/07/2014 - 18:45:59 - [] ----D C:\Program Files (x86)\Common Files\Acronis O43 - CFD: 07/07/2014 - 07:10:32 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 05/06/2014 - 16:08:19 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 06/07/2014 - 18:58:45 - [] ----D C:\Program Files (x86)\Common Files\G Data O43 - CFD: 02/08/2014 - 07:59:57 - [] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard O43 - CFD: 02/08/2014 - 07:59:57 - [] ----D C:\Program Files (x86)\Common Files\HP O43 - CFD: 03/06/2014 - 17:48:17 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 07/06/2014 - 06:15:54 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 18/03/2014 - 11:26:19 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 20/07/2014 - 18:45:59 - [] ----D C:\ProgramData\Acronis O43 - CFD: 23/06/2014 - 09:15:16 - [] ----D C:\ProgramData\Adobe O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 26/06/2014 - 08:38:27 - [] ----D C:\ProgramData\Auslogics O43 - CFD: 03/06/2014 - 12:41:14 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 19/08/2014 - 11:11:27 - [] ----D C:\ProgramData\Freemake O43 - CFD: 25/07/2014 - 06:00:56 - [] ----D C:\ProgramData\G Data O43 - CFD: 06/07/2014 - 18:49:07 - [] ----D C:\ProgramData\G DATA Software O43 - CFD: 02/08/2014 - 08:05:20 - [] ----D C:\ProgramData\HP O43 - CFD: 02/08/2014 - 08:00:23 - [] ----D C:\ProgramData\HP Product Assistant O43 - CFD: 11/06/2014 - 11:10:01 - [] ----D C:\ProgramData\LogiShrd O43 - CFD: 22/06/2014 - 17:24:13 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 03/06/2014 - 12:41:14 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 23/08/2014 - 13:48:11 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 03/06/2014 - 12:41:14 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 03/06/2014 - 18:22:12 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 03/06/2014 - 17:50:13 - [] ----D C:\ProgramData\NVIDIA O43 - CFD: 03/06/2014 - 17:48:03 - [] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 27/07/2014 - 07:28:55 - [] ----D C:\ProgramData\Package Cache O43 - CFD: 03/06/2014 - 17:50:13 - [] ----D C:\ProgramData\PRICache O43 - CFD: 07/08/2014 - 19:50:20 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 19/06/2014 - 08:11:29 - [] ----D C:\ProgramData\VSO O43 - CFD: 02/08/2014 - 08:06:07 - [] ----D C:\ProgramData\WEBREG O43 - CFD: 20/07/2014 - 18:46:52 - [] ----D C:\Users\mab\AppData\Roaming\Acronis O43 - CFD: 26/06/2014 - 13:03:48 - [] ----D C:\Users\mab\AppData\Roaming\Adobe O43 - CFD: 15/08/2014 - 13:39:32 - [] ----D C:\Users\mab\AppData\Roaming\ArcticLine O43 - CFD: 23/08/2014 - 13:49:51 - [] ----D C:\Users\mab\AppData\Roaming\Delivery O43 - CFD: 28/07/2014 - 07:30:50 - [] ----D C:\Users\mab\AppData\Roaming\FastStone O43 - CFD: 09/08/2014 - 19:43:08 - [] ----D C:\Users\mab\AppData\Roaming\FileZilla O43 - CFD: 29/06/2014 - 10:29:47 - [] ----D C:\Users\mab\AppData\Roaming\G Data O43 - CFD: 02/08/2014 - 08:07:18 - [] ----D C:\Users\mab\AppData\Roaming\HP O43 - CFD: 23/08/2014 - 09:42:52 - [] ----D C:\Users\mab\AppData\Roaming\HpUpdate O43 - CFD: 06/08/2014 - 15:24:48 - [] ----D C:\Users\mab\AppData\Roaming\Hyperionics O43 - CFD: 07/06/2014 - 18:48:21 - [] ----D C:\Users\mab\AppData\Roaming\Identities O43 - CFD: 26/08/2014 - 19:48:49 - [] ----D C:\Users\mab\AppData\Roaming\KeePass O43 - CFD: 03/06/2014 - 13:29:11 - [] ----D C:\Users\mab\AppData\Roaming\Macromedia O43 - CFD: 15/07/2014 - 08:33:34 - [] -S--D C:\Users\mab\AppData\Roaming\Microsoft O43 - CFD: 03/06/2014 - 18:22:21 - [] ----D C:\Users\mab\AppData\Roaming\Mozilla O43 - CFD: 23/08/2014 - 13:48:22 - [] ----D C:\Users\mab\AppData\Roaming\Notepad++ O43 - CFD: 16/08/2014 - 12:37:24 - [] ----D C:\Users\mab\AppData\Roaming\NVIDIA O43 - CFD: 09/07/2014 - 14:10:16 - [] ----D C:\Users\mab\AppData\Roaming\pdfforge O43 - CFD: 23/08/2014 - 13:49:51 - [] ----D C:\Users\mab\AppData\Roaming\PhotoFiltre Studio X O43 - CFD: 02/07/2014 - 14:57:11 - [] ----D C:\Users\mab\AppData\Roaming\TeamViewer O43 - CFD: 10/06/2014 - 13:06:57 - [] ----D C:\Users\mab\AppData\Roaming\Thunderbird =>.Mozilla Corporation O43 - CFD: 23/08/2014 - 13:49:51 - [] ----D C:\Users\mab\AppData\Roaming\vlc O43 - CFD: 19/06/2014 - 08:12:33 - [] ----D C:\Users\mab\AppData\Roaming\VSO O43 - CFD: 05/08/2014 - 17:48:18 - [] ----D C:\Users\mab\AppData\Roaming\Wise Uninstaller O43 - CFD: 27/08/2014 - 08:01:58 - [] ----D C:\Users\mab\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 14/08/2014 - 11:44:11 - [] ----D C:\Users\mab\AppData\Local\Adobe O43 - CFD: 03/06/2014 - 17:49:41 - [] -SH-D C:\Users\mab\AppData\Local\Application Data O43 - CFD: 25/06/2014 - 17:59:14 - [] ----D C:\Users\mab\AppData\Local\Chromium O43 - CFD: 03/06/2014 - 18:42:22 - [] -SH-D C:\Users\mab\AppData\Local\EmieSiteList O43 - CFD: 03/06/2014 - 18:42:22 - [] -SH-D C:\Users\mab\AppData\Local\EmieUserList O43 - CFD: 19/07/2014 - 19:40:41 - [] ----D C:\Users\mab\AppData\Local\G DATA O43 - CFD: 03/06/2014 - 18:45:40 - [] ----D C:\Users\mab\AppData\Local\Google O43 - CFD: 03/06/2014 - 17:49:41 - [] -SH-D C:\Users\mab\AppData\Local\Historique O43 - CFD: 02/08/2014 - 08:05:20 - [] ----D C:\Users\mab\AppData\Local\HP O43 - CFD: 17/07/2014 - 16:25:42 - [] ----D C:\Users\mab\AppData\Local\Intel_Corporation O43 - CFD: 16/06/2014 - 08:54:09 - [] ----D C:\Users\mab\AppData\Local\Macromedia O43 - CFD: 06/08/2014 - 18:45:38 - [] ----D C:\Users\mab\AppData\Local\Microsoft O43 - CFD: 29/07/2014 - 08:04:34 - [] ----D C:\Users\mab\AppData\Local\Microsoft Help O43 - CFD: 03/06/2014 - 18:22:21 - [] ----D C:\Users\mab\AppData\Local\Mozilla O43 - CFD: 26/08/2014 - 13:07:00 - [] ----D C:\Users\mab\AppData\Local\Packages O43 - CFD: 04/06/2014 - 06:56:59 - [] ----D C:\Users\mab\AppData\Local\Programs O43 - CFD: 29/06/2014 - 11:22:00 - [] ----D C:\Users\mab\AppData\Local\Temp O43 - CFD: 03/06/2014 - 17:49:41 - [] -SH-D C:\Users\mab\AppData\Local\Temporary Internet Files O43 - CFD: 25/07/2014 - 06:40:39 - [] ----D C:\Users\mab\AppData\Local\Thunderbird =>.Mozilla Corporation O43 - CFD: 28/07/2014 - 08:21:40 - [] ----D C:\Users\mab\AppData\Local\VirtualStore O43 - CFD: 03/06/2014 - 17:49:54 - [] R---D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 23/08/2014 - 13:49:54 - [] R---D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 10/06/2014 - 09:50:46 - [] ----D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 28/06/2014 - 06:26:11 - [] ----D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake O43 - CFD: 22/08/2013 - 17:36:32 - [] ----D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 07/06/2014 - 15:55:35 - [0] ----D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 07/06/2014 - 18:48:17 - [0] ----D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X O43 - CFD: 03/06/2014 - 19:32:45 - [] ----D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 23/08/2014 - 13:49:54 - [] R---D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 03/06/2014 - 17:49:54 - [] R---D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 15/06/2014 - 07:14:46 - [0] ----D C:\Users\mab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnFREEz 2.1 ~ Program Folder: 132 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.535B92E36270F5341D8FA8CCB386D96E] - 19/08/2014 - 10:14:57 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.4AE6183AD8CC716C92EEFCC7B7875B78] - 22/08/2014 - 17:26:34 ---A- . (...) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.7241BDE75E87FB77F270C233C8CFD242] - 23/08/2014 - 05:03:52 ---A- . (...) -- C:\nospam.log [16085] O44 - LFC:[MD5.7A0571FFF780591856A6A07B356EB3A2] - 23/08/2014 - 06:36:59 ---A- . (...) -- C:\Windows\PFRO.log [79642] O44 - LFC:[MD5.8A50D5304E6AE48664CF5838EC32F647] - 25/08/2014 - 15:34:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584] O44 - LFC:[MD5.E95E31ADDF4F219BC1B027E5C36B67FB] - 27/08/2014 - 05:13:42 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.9A88E1AC61989A414D79C047418AC73D] - 27/08/2014 - 06:26:47 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1148938] O44 - LFC:[MD5.23D2EBBD2EF3CD8FABE5C719C4AD71A3] - 27/08/2014 - 06:32:36 ---A- . (...) -- C:\Windows\setupact.log [7819] O44 - LFC:[MD5.4DD46719675C26B6BA3D238C6C4574E5] - 27/08/2014 - 06:36:49 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1734474] O44 - LFC:[MD5.A86740CC2C37EE902ED12B3304901831] - 27/08/2014 - 06:36:49 ---A- . (...) -- C:\Windows\System32\perfc009.dat [127812] O44 - LFC:[MD5.46C889E5F95154435F4A5E9977A0D181] - 27/08/2014 - 06:36:49 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [151632] O44 - LFC:[MD5.74AE5322A6CB590963D4B49F701D6282] - 27/08/2014 - 06:36:49 ---A- . (...) -- C:\Windows\System32\perfh009.dat [687180] O44 - LFC:[MD5.966D4A361477E080E66713CF23B62D9D] - 27/08/2014 - 06:36:49 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [775930] O44 - LFC:[MD5.1A243DAD23BB639D47F25AB9EC51FCAD] - 27/08/2014 - 06:59:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [92888] ~ Files: 14 Scanned in 00mn 08s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 17 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPath"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1 ~ MWPS: 19 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176] O58 - SDL:20/07/2014 - 17:45:59 ---A- . (.Acronis - File Level CDP Kernel Helper.) -- C:\Windows\System32\Drivers\afcdp.sys [367200] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424] O58 - SDL:22/08/2013 - 13:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016] O58 - SDL:09/10/2013 - 08:52:16 ---A- . (.ASUS - HID driver for ASUS Wireless Radio Control.) -- C:\Windows\System32\Drivers\AsHIDSwitch64.sys [20280] O58 - SDL:22/08/2013 - 01:42:10 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3915264] O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624] O58 - SDL:28/04/2014 - 05:33:30 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [599240] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296] O58 - SDL:04/09/2013 - 10:24:10 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver.) -- C:\Windows\System32\Drivers\eubakup.sys [61000] O58 - SDL:04/09/2013 - 10:24:10 ---A- . (...) -- C:\Windows\System32\Drivers\EUBKMON.sys [48200] O58 - SDL:04/09/2013 - 10:24:10 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver.) -- C:\Windows\System32\Drivers\eudskacs.sys [18504] O58 - SDL:04/09/2013 - 10:24:10 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver.) -- C:\Windows\System32\Drivers\EuFdDisk.sys [189000] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024] O58 - SDL:23/01/2014 - 10:19:36 ---A- . (...) -- C:\Windows\System32\Drivers\eve.sys [41304] O58 - SDL:20/07/2014 - 17:45:57 ---A- . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) -- C:\Windows\System32\Drivers\fltsrv.sys [116000] O58 - SDL:06/07/2014 - 17:59:03 ---A- . (.G Data Software AG - Behavior Blocker.) -- C:\Windows\System32\Drivers\GDBehave.sys [55808] O58 - SDL:06/07/2014 - 17:49:38 ---A- . (.G Data Software AG - G Data Device Control DevFilter Driver.) -- C:\Windows\System32\Drivers\gddcd64.sys [78848] O58 - SDL:06/07/2014 - 17:49:38 ---A- . (.G Data Software AG - G Data Device Control FSFilter Driver.) -- C:\Windows\System32\Drivers\gddcv64.sys [58880] O58 - SDL:06/07/2014 - 17:59:04 ---A- . (.G Data Software AG - G Data Security Software G Data GDKBFlt.) -- C:\Windows\System32\Drivers\GDKBFlt64.sys [20992] O58 - SDL:07/07/2014 - 07:37:02 ---A- . (.G Data Software - G Data Phyiscal Memory.) -- C:\Windows\System32\Drivers\GdPhyMem.sys [18160] O58 - SDL:25/07/2014 - 05:00:54 ---A- . (.G Data Software AG - G Data WFP Callout Driver (6.2).) -- C:\Windows\System32\Drivers\gdwfpcd64.sys [67584] O58 - SDL:07/07/2014 - 07:37:02 ---A- . (.G Data Software - G Data Rootkit Detector Driver.) -- C:\Windows\System32\Drivers\GRD.sys [106272] O58 - SDL:17/07/2012 - 17:12:08 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [62784] O58 - SDL:06/07/2014 - 17:59:03 ---A- . (.G Data Software AG - Security Hook.) -- C:\Windows\System32\Drivers\HookCentre.sys [61440] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352] O58 - SDL:30/07/2013 - 19:47:35 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568] O58 - SDL:25/07/2013 - 20:05:39 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320] O58 - SDL:10/08/2013 - 01:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000] O58 - SDL:01/10/2013 - 12:02:30 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [4177920] O58 - SDL:22/08/2013 - 23:51:12 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [39320] O58 - SDL:22/08/2013 - 23:51:12 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [26008] O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536] O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784] O58 - SDL:12/05/2014 - 06:25:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:27/08/2014 - 06:59:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [92888] O58 - SDL:25/08/2014 - 15:34:41 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840] O58 - SDL:06/07/2014 - 17:59:03 ---A- . (.G Data Software AG - Filesystem MiniInterceptor (Mini Filter).) -- C:\Windows\System32\Drivers\MiniIcpt.sys [142336] O58 - SDL:22/08/2013 - 13:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840] O58 - SDL:12/05/2014 - 06:26:14 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216] O58 - SDL:16/07/2010 - 01:45:42 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344] O58 - SDL:14/05/2013 - 17:16:14 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 311.66.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [11093792] O58 - SDL:14/05/2013 - 17:16:14 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 311.66.) -- C:\Windows\System32\Drivers\nvpciflt.sys [30496] O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368] O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288] O58 - SDL:06/07/2014 - 17:59:09 ---A- . (.G Data Software AG - WFP PktInterceptor 2 (Pkt2 Filter).) -- C:\Windows\System32\Drivers\PktIcpt.sys [64000] O58 - SDL:18/06/2013 - 15:46:17 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys [591360] O58 - SDL:03/06/2014 - 13:50:53 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsBaStor.sys [313048] O58 - SDL:03/06/2014 - 13:50:53 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsP2Stor.sys [291544] O58 - SDL:03/06/2014 - 13:50:53 ---A- . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\Windows\System32\Drivers\RtsPer.sys [465624] O58 - SDL:03/06/2014 - 13:50:53 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsPStor.sys [359128] O58 - SDL:03/06/2014 - 13:50:53 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsUStor.sys [271064] O58 - SDL:03/06/2014 - 13:50:53 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsUVStor.sys [331992] O58 - SDL:22/08/2013 - 16:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896] O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760] O58 - SDL:20/07/2014 - 17:45:57 ---A- . (.Acronis International GmbH - Acronis Snapshot API.) -- C:\Windows\System32\Drivers\snapman.sys [269600] O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072] O58 - SDL:20/07/2014 - 17:45:59 ---A- . (.Acronis International GmbH - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\System32\Drivers\tdrpman.sys [1464096] O58 - SDL:20/07/2014 - 17:45:58 ---A- . (.Acronis International GmbH - Acronis Backup Archive Explorer.) -- C:\Windows\System32\Drivers\tib.sys [1120032] O58 - SDL:20/07/2014 - 17:45:58 ---A- . (.Acronis International GmbH - Acronis TIB Mounter Driver.) -- C:\Windows\System32\Drivers\tib_mounter.sys [198432] O58 - SDL:25/07/2014 - 05:00:54 ---A- . (.G Data Software - TS4nt sce Driver.) -- C:\Windows\System32\Drivers\TS4nt.sys [98760] O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808] O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800] O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504] O58 - SDL:07/03/2013 - 08:49:18 ---A- . (...) -- C:\Windows\System32\epmntdrv.sys [17480] O58 - SDL:07/03/2013 - 08:49:18 ---A- . (...) -- C:\Windows\System32\EuGdiDrv.sys [9800] O58 - SDL:07/03/2013 - 08:49:20 ---A- . (...) -- C:\Windows\SysWOW64\epmntdrv.sys [13896] O58 - SDL:07/03/2013 - 08:49:20 ---A- . (...) -- C:\Windows\SysWOW64\EuGdiDrv.sys [9160] ~ Drivers: 77 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 20/08/2014 - 08:02:15 ---A- . (...) -- C:\Users\mab\AppData\Roaming\Microsoft\UProof\CMAdj.12.bin [946] O61 - LFC: 24/08/2014 - 08:02:13 ---A- . (...) -- C:\Users\mab\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [125998] O61 - LFC: 27/08/2014 - 08:02:15 ---A- . (.Malwarebytes Corp..) -- C:\Users\mab\Desktop\mbar-1.07.0.1012.exe [14349744] ~ 20 Fichiers temporaires (Temporary files) ~ Files: 3 Scanned in 00mn 02s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {0E323781-815E-4402-94F6-76E68C407ACA} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [208896] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [323072] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1308160] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1063424] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [903168] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [109568] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [107008] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1214976] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [70656] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [220160] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [324096] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [81408] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [339456] O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1576960] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [50688] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [164352] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [101376] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [534528] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [223744] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [71680] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [433664] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [306688] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3463680] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [1017856] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [629760] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [183296] O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filter.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464] ~ Services: 36 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.DFF72B75746001A9060AB2B80310012E] [SPRF][27/08/2014] (.Malwarebytes Corp. - Malwarebytes Anti-Rootkit.) -- C:\Users\mab\Desktop\mbar-1.07.0.1012.exe [14349744] [MD5.ABFE8496034CD94E0E6FBD2AB40B67B8] [SPRF][22/06/2014] (.Nicolas Coolman - Security Diagnostic Tool.) -- C:\Users\mab\Desktop\NCDiag.exe [1223680] [MD5.ABDDEAABCBF55C9C529B08EA936D210A] [SPRF][25/07/2014] (.Pas de propriétaire - ZHPCleaner.) -- C:\Users\mab\Desktop\ZHPCleaner.exe [1190912] ~ Files: 3 Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE} O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B} O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA} O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C} O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0} O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} ~ MNS: 6 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 18/07/2013 1143368 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe SS - | Demand 20/07/2014 3898360 | (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe SS - | Demand 01/10/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Auto 03/06/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 03/06/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 23/07/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 04/02/2014 7151024 | (syncagentsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe SS - | Demand 05/06/2014 255608 | (TSNxGService) . (.G Data Software.) - C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 25/06/2013 208384 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Windows\System32\AdminService.exe SR - | Auto 27/05/2014 2250360 | (AVKProxy) . (...) - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe SR - | Auto 19/12/2013 914552 | (AVKService) . (...) - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe SR - | Auto 20/05/2014 2683760 | (AVKWCtl) . (.G Data Software AG.) - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe SR - | Auto 28/05/2014 3832440 | (GDBackupSvc) . (.G Data Software AG.) - C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe SR - | Demand 20/05/2014 3203392 | (GDFwSvc) . (.G Data Software AG.) - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe SR - | Demand 20/05/2014 700536 | (GDScan) . (.G Data Software AG.) - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe SR - | Demand 22/08/2013 37768 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 22/08/2013 37768 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 22/08/2013 37768 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SR - | Auto 22/08/2013 37768 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 14/05/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe SR - | Auto 14/05/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 22/08/2013 37768 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 02/07/2014 5037888 | (TeamViewer9) . (.TeamViewer GmbH.) - L:\TeamViewer\TeamViewer_Service.exe SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe ~ Services: Scanned in 00mn 05s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by mab at 27/08/2014 08:02:48 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by mab at 27/08/2014 08:02:50 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13026 - (25/08/2014) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 ~ Additionnel Scan: 195001 Items scanned in 00mn 17s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ AMI: 4 Scanned in 00mn 00s End of the scan (1118 lines in 01mn 25s)(0)